From 68225e8100a39fc43e7657663c692885d7e356a1 Mon Sep 17 00:00:00 2001
From: alexz <me@alexzaw.dev>
Date: Thu, 18 Dec 2025 08:34:48 +0000
Subject: [PATCH] Add full dockurr/windows source with rego customizations
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Includes complete dockurr/windows source (not just FROM image)
- Added openssh-client and sshpass to Dockerfile
- Added SSH key for Windows VM access
- Added VPN automation scripts (vpn-login.js, socks5.js, vpn.bat)
- Added Windows setup scripts (install-nodejs.ps1, setup-autologin-sshd.ps1, setup-ssh-keys.ps1)
- Added rego-startup.sh for script deployment and network setup
- Scripts auto-copy to shared folder on container start

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../devcontainer.json                         |   19 +
 .../020 - Windows 11 LTSC/devcontainer.json   |   19 +
 .../030 - Windows 10 Pro/devcontainer.json    |   19 +
 .../devcontainer.json                         |   19 +
 .../050 - Windows 10 LTSC/devcontainer.json   |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../devcontainer.json                         |   19 +
 .../180 - Tiny11/devcontainer.json            |   19 +
 .../190 - Tiny11 Core/devcontainer.json       |   19 +
 .../200 - Tiny11 Nano/devcontainer.json       |   19 +
 .../210 - Tiny10/devcontainer.json            |   19 +
 .../build/.devcontainer/codespaces.yml        |   21 +
 .../build/.devcontainer/devcontainer.json     |   19 +
 apps/rego-tunnel/build/.dockerignore          |   14 +
 .../build/.github/ISSUE_TEMPLATE/1-issue.yml  |   41 +
 .../.github/ISSUE_TEMPLATE/2-feature.yml      |   37 +
 .../build/.github/ISSUE_TEMPLATE/3-bug.yml    |   43 +
 .../.github/ISSUE_TEMPLATE/4-question.yml     |   26 +
 .../build/.github/ISSUE_TEMPLATE/config.yml   |    1 +
 apps/rego-tunnel/build/.github/dependabot.yml |   10 +
 apps/rego-tunnel/build/.github/logo.png       |  Bin 0 -> 247480 bytes
 apps/rego-tunnel/build/.github/renovate.json  |    4 +
 apps/rego-tunnel/build/.github/winboat.png    |  Bin 0 -> 22156 bytes
 .../build/.github/workflows/build.yml         |  103 +
 .../build/.github/workflows/check.yml         |   35 +
 .../build/.github/workflows/hub.yml           |   26 +
 .../build/.github/workflows/review.yml        |   66 +
 .../build/.github/workflows/test.yml          |   11 +
 apps/rego-tunnel/build/.gitignore             |    1 +
 apps/rego-tunnel/build/Dockerfile             |   68 +-
 .../build/assets/win10x64-enterprise-eval.xml |  439 ++++
 .../build/assets/win10x64-enterprise.xml      |  442 ++++
 .../rego-tunnel/build/assets/win10x64-iot.xml |  448 ++++
 .../build/assets/win10x64-ltsc.xml            |  445 ++++
 apps/rego-tunnel/build/assets/win10x64.xml    |  442 ++++
 .../build/assets/win11x64-enterprise-eval.xml |  472 ++++
 .../build/assets/win11x64-enterprise.xml      |  475 ++++
 .../rego-tunnel/build/assets/win11x64-iot.xml |  475 ++++
 .../build/assets/win11x64-ltsc.xml            |  475 ++++
 apps/rego-tunnel/build/assets/win11x64.xml    |  475 ++++
 .../build/assets/win2008r2-eval.xml           |  304 +++
 apps/rego-tunnel/build/assets/win2008r2.xml   |  307 +++
 .../build/assets/win2012r2-eval.xml           |  327 +++
 apps/rego-tunnel/build/assets/win2012r2.xml   |  330 +++
 .../rego-tunnel/build/assets/win2016-eval.xml |  347 +++
 apps/rego-tunnel/build/assets/win2016.xml     |  350 +++
 .../rego-tunnel/build/assets/win2019-eval.xml |  351 +++
 apps/rego-tunnel/build/assets/win2019-hv.xml  |  356 +++
 apps/rego-tunnel/build/assets/win2019.xml     |  354 +++
 .../rego-tunnel/build/assets/win2022-eval.xml |  351 +++
 apps/rego-tunnel/build/assets/win2022.xml     |  354 +++
 .../rego-tunnel/build/assets/win2025-eval.xml |  361 +++
 apps/rego-tunnel/build/assets/win2025.xml     |  364 +++
 .../build/assets/win7x64-enterprise-eval.xml  |  283 +++
 .../build/assets/win7x64-enterprise.xml       |  287 +++
 .../build/assets/win7x64-ultimate.xml         |  287 +++
 apps/rego-tunnel/build/assets/win7x64.xml     |  287 +++
 .../build/assets/win7x86-enterprise.xml       |  287 +++
 .../build/assets/win7x86-ultimate.xml         |  287 +++
 apps/rego-tunnel/build/assets/win7x86.xml     |  287 +++
 .../build/assets/win81x64-enterprise-eval.xml |  312 +++
 .../build/assets/win81x64-enterprise.xml      |  315 +++
 apps/rego-tunnel/build/assets/win81x64.xml    |  322 +++
 .../build/assets/winvistax64-enterprise.xml   |  266 +++
 .../build/assets/winvistax64-ultimate.xml     |  266 +++
 apps/rego-tunnel/build/assets/winvistax64.xml |  266 +++
 .../build/assets/winvistax86-enterprise.xml   |  266 +++
 .../build/assets/winvistax86-ultimate.xml     |  266 +++
 apps/rego-tunnel/build/assets/winvistax86.xml |  266 +++
 apps/rego-tunnel/build/compose.yml            |   19 +
 apps/rego-tunnel/build/kubernetes.yml         |  100 +
 apps/rego-tunnel/build/license.md             |   19 +
 apps/rego-tunnel/build/readme.md              |  401 ++++
 .../build/{scripts => rego}/README.md         |    0
 .../build/{ => rego}/id_ed25519-lenovo        |    0
 .../{scripts => rego}/install-nodejs.ps1      |    0
 .../setup-autologin-sshd.ps1                  |    0
 .../{scripts => rego}/setup-ssh-keys.ps1      |    0
 .../build/{scripts => rego}/socks5.js         |    0
 .../build/{scripts => rego}/vpn-login.js      |    0
 .../build/{scripts => rego}/vpn.bat           |    0
 apps/rego-tunnel/build/src/define.sh          | 1944 +++++++++++++++++
 apps/rego-tunnel/build/src/entry.sh           |   49 +
 apps/rego-tunnel/build/src/install.sh         | 1336 +++++++++++
 apps/rego-tunnel/build/src/mido.sh            |  834 +++++++
 apps/rego-tunnel/build/src/power.sh           |  241 ++
 .../build/{ => src}/rego-startup.sh           |   10 +-
 apps/rego-tunnel/build/src/samba.sh           |  228 ++
 98 files changed, 19672 insertions(+), 28 deletions(-)
 create mode 100644 apps/rego-tunnel/build/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/020 - Windows 11 LTSC/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/030 - Windows 10 Pro/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/050 - Windows 10 LTSC/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/090 - Windows XP Professional/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/100 - Windows 2000 Professional/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/110 - Windows Server 2025/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/120 - Windows Server 2022/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/130 - Windows Server 2019/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/140 - Windows Server 2016/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/170 - Windows Server 2003/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/180 - Tiny11/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/190 - Tiny11 Core/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/200 - Tiny11 Nano/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/210 - Tiny10/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.devcontainer/codespaces.yml
 create mode 100644 apps/rego-tunnel/build/.devcontainer/devcontainer.json
 create mode 100644 apps/rego-tunnel/build/.dockerignore
 create mode 100644 apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/1-issue.yml
 create mode 100644 apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/2-feature.yml
 create mode 100644 apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/3-bug.yml
 create mode 100644 apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/4-question.yml
 create mode 100644 apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/config.yml
 create mode 100644 apps/rego-tunnel/build/.github/dependabot.yml
 create mode 100644 apps/rego-tunnel/build/.github/logo.png
 create mode 100644 apps/rego-tunnel/build/.github/renovate.json
 create mode 100644 apps/rego-tunnel/build/.github/winboat.png
 create mode 100644 apps/rego-tunnel/build/.github/workflows/build.yml
 create mode 100644 apps/rego-tunnel/build/.github/workflows/check.yml
 create mode 100644 apps/rego-tunnel/build/.github/workflows/hub.yml
 create mode 100644 apps/rego-tunnel/build/.github/workflows/review.yml
 create mode 100644 apps/rego-tunnel/build/.github/workflows/test.yml
 create mode 100644 apps/rego-tunnel/build/.gitignore
 create mode 100644 apps/rego-tunnel/build/assets/win10x64-enterprise-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win10x64-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/win10x64-iot.xml
 create mode 100644 apps/rego-tunnel/build/assets/win10x64-ltsc.xml
 create mode 100644 apps/rego-tunnel/build/assets/win10x64.xml
 create mode 100644 apps/rego-tunnel/build/assets/win11x64-enterprise-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win11x64-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/win11x64-iot.xml
 create mode 100644 apps/rego-tunnel/build/assets/win11x64-ltsc.xml
 create mode 100644 apps/rego-tunnel/build/assets/win11x64.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2008r2-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2008r2.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2012r2-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2012r2.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2016-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2016.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2019-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2019-hv.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2019.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2022-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2022.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2025-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win2025.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x64-enterprise-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x64-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x64-ultimate.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x64.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x86-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x86-ultimate.xml
 create mode 100644 apps/rego-tunnel/build/assets/win7x86.xml
 create mode 100644 apps/rego-tunnel/build/assets/win81x64-enterprise-eval.xml
 create mode 100644 apps/rego-tunnel/build/assets/win81x64-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/win81x64.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax64-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax64-ultimate.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax64.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax86-enterprise.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax86-ultimate.xml
 create mode 100644 apps/rego-tunnel/build/assets/winvistax86.xml
 create mode 100644 apps/rego-tunnel/build/compose.yml
 create mode 100644 apps/rego-tunnel/build/kubernetes.yml
 create mode 100644 apps/rego-tunnel/build/license.md
 create mode 100644 apps/rego-tunnel/build/readme.md
 rename apps/rego-tunnel/build/{scripts => rego}/README.md (100%)
 rename apps/rego-tunnel/build/{ => rego}/id_ed25519-lenovo (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/install-nodejs.ps1 (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/setup-autologin-sshd.ps1 (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/setup-ssh-keys.ps1 (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/socks5.js (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/vpn-login.js (100%)
 rename apps/rego-tunnel/build/{scripts => rego}/vpn.bat (100%)
 create mode 100644 apps/rego-tunnel/build/src/define.sh
 create mode 100644 apps/rego-tunnel/build/src/entry.sh
 create mode 100644 apps/rego-tunnel/build/src/install.sh
 create mode 100644 apps/rego-tunnel/build/src/mido.sh
 create mode 100644 apps/rego-tunnel/build/src/power.sh
 rename apps/rego-tunnel/build/{ => src}/rego-startup.sh (91%)
 create mode 100644 apps/rego-tunnel/build/src/samba.sh

diff --git a/apps/rego-tunnel/build/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json
new file mode 100644
index 0000000..ab221a9
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 11 Enterprise",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "11e"
+  },
+  "forwardPorts": [8006],  
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/020 - Windows 11 LTSC/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/020 - Windows 11 LTSC/devcontainer.json
new file mode 100644
index 0000000..0c77cca
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/020 - Windows 11 LTSC/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 11 LTSC",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "11l"
+  },
+  "forwardPorts": [8006],  
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/030 - Windows 10 Pro/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/030 - Windows 10 Pro/devcontainer.json
new file mode 100644
index 0000000..27ad0bb
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/030 - Windows 10 Pro/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 10 Pro",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "10"
+  },
+  "forwardPorts": [8006],  
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json
new file mode 100644
index 0000000..3306e88
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 10 Enterprise",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "10e"
+  },
+  "forwardPorts": [8006],  
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/050 - Windows 10 LTSC/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/050 - Windows 10 LTSC/devcontainer.json
new file mode 100644
index 0000000..65ef8a5
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/050 - Windows 10 LTSC/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 10 LTSC",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "10l"
+  },
+  "forwardPorts": [8006],  
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json
new file mode 100644
index 0000000..73d95c1
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 8.1 Enterprise",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "8e"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json
new file mode 100644
index 0000000..8149aa7
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 7 Ultimate",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "7u"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json
new file mode 100644
index 0000000..7621b74
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Vista Ultimate",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "vu"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/090 - Windows XP Professional/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/090 - Windows XP Professional/devcontainer.json
new file mode 100644
index 0000000..77eecdb
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/090 - Windows XP Professional/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows XP Professional",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "xp"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/100 - Windows 2000 Professional/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/100 - Windows 2000 Professional/devcontainer.json
new file mode 100644
index 0000000..d226c19
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/100 - Windows 2000 Professional/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 2000 Professional",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2k"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/110 - Windows Server 2025/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/110 - Windows Server 2025/devcontainer.json
new file mode 100644
index 0000000..080ad3b
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/110 - Windows Server 2025/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2025",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2025"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/120 - Windows Server 2022/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/120 - Windows Server 2022/devcontainer.json
new file mode 100644
index 0000000..69727ac
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/120 - Windows Server 2022/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2022",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2022"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/130 - Windows Server 2019/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/130 - Windows Server 2019/devcontainer.json
new file mode 100644
index 0000000..398aeb8
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/130 - Windows Server 2019/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2019",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2019"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/140 - Windows Server 2016/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/140 - Windows Server 2016/devcontainer.json
new file mode 100644
index 0000000..4af1e15
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/140 - Windows Server 2016/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2016",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2016"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json
new file mode 100644
index 0000000..cfc372c
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2012 R2",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2012"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json
new file mode 100644
index 0000000..f3bd07c
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2008 R2",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2008"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/170 - Windows Server 2003/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/170 - Windows Server 2003/devcontainer.json
new file mode 100644
index 0000000..71f14ff
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/170 - Windows Server 2003/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Windows Server 2003",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "2003"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/180 - Tiny11/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/180 - Tiny11/devcontainer.json
new file mode 100644
index 0000000..5ce5909
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/180 - Tiny11/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Tiny11",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "tiny11"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/190 - Tiny11 Core/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/190 - Tiny11 Core/devcontainer.json
new file mode 100644
index 0000000..16da776
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/190 - Tiny11 Core/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Tiny11 Core",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "core11"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/200 - Tiny11 Nano/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/200 - Tiny11 Nano/devcontainer.json
new file mode 100644
index 0000000..db9136c
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/200 - Tiny11 Nano/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Tiny11 Nano",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "nano11"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/210 - Tiny10/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/210 - Tiny10/devcontainer.json
new file mode 100644
index 0000000..e96308a
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/210 - Tiny10/devcontainer.json	
@@ -0,0 +1,19 @@
+{
+  "name": "Tiny10",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "tiny10"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  }, 
+  "dockerComposeFile": "../codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.devcontainer/codespaces.yml b/apps/rego-tunnel/build/.devcontainer/codespaces.yml
new file mode 100644
index 0000000..85e3f64
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/codespaces.yml
@@ -0,0 +1,21 @@
+services:
+  windows:
+    container_name: windows
+    image: ghcr.io/dockur/windows
+    environment:
+      RAM_SIZE: "half"
+      DISK_SIZE: "max"
+      CPU_CORES: "max"
+    devices:
+      - /dev/kvm
+      - /dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006
+      - 3389:3389/tcp
+      - 3389:3389/udp
+    volumes:
+      - ./windows:/storage
+    restart: on-failure
+    stop_grace_period: 2m
diff --git a/apps/rego-tunnel/build/.devcontainer/devcontainer.json b/apps/rego-tunnel/build/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..47a0f5c
--- /dev/null
+++ b/apps/rego-tunnel/build/.devcontainer/devcontainer.json
@@ -0,0 +1,19 @@
+{
+  "name": "Windows 11 Pro",
+  "service": "windows",
+  "containerEnv": {
+    "VERSION": "11"
+  },
+  "forwardPorts": [8006],
+  "portsAttributes": {
+    "8006": {
+      "label": "Web",
+      "onAutoForward": "notify"
+    }
+  },
+  "otherPortsAttributes": {
+    "onAutoForward": "ignore"
+  },
+  "dockerComposeFile": "codespaces.yml",
+  "initializeCommand": "docker system prune --all --force"
+}
diff --git a/apps/rego-tunnel/build/.dockerignore b/apps/rego-tunnel/build/.dockerignore
new file mode 100644
index 0000000..154d44a
--- /dev/null
+++ b/apps/rego-tunnel/build/.dockerignore
@@ -0,0 +1,14 @@
+.dockerignore
+.devcontainer
+.git
+.github
+.gitignore
+.gitlab-ci.yml
+.gitmodules
+Dockerfile
+Dockerfile.archive
+compose.yml
+compose.yaml
+docker-compose.yml
+docker-compose.yaml
+*.md
diff --git a/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/1-issue.yml b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/1-issue.yml
new file mode 100644
index 0000000..87860c9
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/1-issue.yml
@@ -0,0 +1,41 @@
+name: "\U0001F6A8 Technical issue"
+description: When you're experiencing problems using the container
+body:
+  - type: input
+    id: os
+    attributes:
+      label: Operating system
+      description: Your Linux distribution (can be shown by `lsb_release -a`).
+      placeholder: e.g. Ubuntu 24.04
+    validations:
+      required: true
+  - type: textarea
+    id: summary
+    attributes:
+      label: Description
+      description: A clear and concise description of your issue.
+    validations:
+      required: true
+  - type: textarea
+    id: compose
+    attributes:
+      label: Docker compose
+      description: The compose file (or otherwise the `docker run` command used).
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: log
+    attributes:
+      label: Docker log
+      description: The logfile of the container (as shown by `docker logs windows`).
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: screenshot
+    attributes:
+      label: Screenshots (optional)
+      description: Screenshots that might help to make the problem more clear.
+    validations:
+      required: false
diff --git a/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/2-feature.yml b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/2-feature.yml
new file mode 100644
index 0000000..eb95b34
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/2-feature.yml
@@ -0,0 +1,37 @@
+name: "\U0001F680 Feature request"
+description: Suggest an idea for improving the container
+title: "[Feature]: "
+labels: ["enhancement"]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Is your proposal related to a problem?
+      description: |
+        Provide a clear and concise description of what the problem is.
+        For example, "I'm always frustrated when..."
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Describe the solution you'd like.
+      description: |
+        Provide a clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Describe alternatives you've considered.
+      description: |
+        Let us know about other solutions you've tried or researched.
+    validations:
+      required: true
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: |
+        Is there anything else you can add about the proposal?
+        You might want to link to related issues here, if you haven't already.
diff --git a/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/3-bug.yml b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/3-bug.yml
new file mode 100644
index 0000000..f614f27
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/3-bug.yml
@@ -0,0 +1,43 @@
+name: "\U0001F41E Bug report"
+description: Create a report to help us improve the container
+title: "[Bug]: "
+labels: ["bug"]
+body:
+  - type: input
+    id: os
+    attributes:
+      label: Operating system
+      description: Your Linux distribution (can be shown by `lsb_release -a`).
+      placeholder: e.g. Ubuntu 24.04
+    validations:
+      required: true
+  - type: textarea
+    id: summary
+    attributes:
+      label: Description
+      description: Describe the expected behaviour, the actual behaviour, and the steps to reproduce.
+    validations:
+      required: true
+  - type: textarea
+    id: compose
+    attributes:
+      label: Docker compose
+      description: The compose file (or otherwise the `docker run` command used).
+      render: yaml
+    validations:
+      required: true
+  - type: textarea
+    id: log
+    attributes:
+      label: Docker log
+      description: The logfile of the container (as shown by `docker logs windows`).
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: screenshot
+    attributes:
+      label: Screenshots (optional)
+      description: Screenshots that might help to make the problem more clear.
+    validations:
+      required: false
diff --git a/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/4-question.yml b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/4-question.yml
new file mode 100644
index 0000000..9094d6d
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/4-question.yml
@@ -0,0 +1,26 @@
+name: "\U00002753 General question"
+description: Questions about the container not related to an issue
+title: "[Question]: "
+labels: ["question"]
+body:
+  - type: checkboxes
+    attributes:
+      label: Is your question not already answered in the FAQ?
+      description: Please read the [FAQ](https://github.com/dockur/windows/blob/master/readme.md) carefully to avoid asking duplicate questions.
+      options:
+      - label: I made sure the question is not listed in the [FAQ](https://github.com/dockur/windows/blob/master/readme.md).
+        required: true
+  - type: checkboxes
+    attributes:
+      label: Is this a general question and not a technical issue?
+      description: For questions related to issues you must use the [technical issue](https://github.com/dockur/windows/issues/new?assignees=&labels=&projects=&template=1-issue.yml) form instead. It contains all the right fields (system info, logfiles, etc.) we need in order to be able to help you.
+      options:
+      - label: I am sure my question is not about a technical issue.
+        required: true
+  - type: textarea
+    id: question
+    attributes:
+      label: Question
+      description: What's the question you have about the container?
+    validations:
+      required: true
diff --git a/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/config.yml b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..3ba13e0
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1 @@
+blank_issues_enabled: false
diff --git a/apps/rego-tunnel/build/.github/dependabot.yml b/apps/rego-tunnel/build/.github/dependabot.yml
new file mode 100644
index 0000000..f08cd93
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/dependabot.yml
@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: docker
+    directory: /
+    schedule:
+      interval: weekly
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
diff --git a/apps/rego-tunnel/build/.github/logo.png b/apps/rego-tunnel/build/.github/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..6c572f0b7ab1912288326afbdc815cc0e9dff549
GIT binary patch
literal 247480
zcma(2WmsG5^EM14#ogWA-K|jEwUlC|xJ!z=ySt`Xu|f(I*WylbclY2y`=)#E-~WC-
zz8^RiD>;&^v2$k5nJZdTT>%4?6cq*r217|vRvQKeKH%>kG9vU9WtJs;=;e*Iw3;*w
zOl^YSlU6G9p4wbdTMY)rhXDpAC=>?f;ScnB1OwyF4Fhxh2?j<q3kHVBImNVJ9tM8k
zosz7yuGjKuhj$YFiu?L~n?Z;3%-YNv-?d;3ts)G)v?4wWCn19twRDgei@n)UokgU@
zXoiKt;+9L;AGa{N_ApwDa0_i|o!s7(C<<!9=@i9eWaP9r?FilQ)G_qn3<KYdwyLYg
z#8w0Mi<Sc`y-8oJ8NLfY9Emj@W8?Jf^mO;mr~GUG3E#wDpSX$95kvo8D2;VJkpKJt
z?<ETO|9LYGLh}FDTU&F3VH9wGzps7%uzf2suUYA-3w}Qs;S-M^5NW?}ft?%AUkzSo
zYQX}M10y=6Ptdu2Py<WVdEcWi<d?5tYTa#n<BpyecA+q}U<MIIHhtQXl=SOYeBF53
z9vrt?`TM*elDvMAzmL78NA1o@t9N;i`Qy!Z_^PP|-XFM~LZ<pX3nkPJ`G>Wv(%Y<;
zetNRBrY!B$5##rwv@s3T@t2bwZ;3sFj4%Ds7BNi?yR9J0v6Oti0d$f7C}P_h`V$cg
zDXRiu_Oy@3ZxEa)nqiI5Ov$$FCH$%p^f(zEQrg{380tI>v=XV~-8Hc<B0yqWPiKcG
z@0-u)nNw;-mjtwJ{_2%3;O{pQXKt#=o~6!g9ms87f^R=idoT1Z#D9gpsBHMXwM8NC
zcgHe#N}nS@6034^{4JbwIM5W)1a$*ThV5ACy5qh-@&5D&>HnFeT@uBFY3w(LZ2cGg
zU=SYtMQzmT@Pjbj7px5G0jYa97C(_k9~QqC6B`zZr~@ot(`PTo$SJ7a{<Yy&GL5%$
zE^HI2)$x0or@aLj4Y|G=txLkQC<(X4_}O3bG|&E<Y{BdiBJaB9p0+^+OIy7ECra}v
z{Y7qo7viA6RLn!fTW}3V*K-U-^@4zSGY5|pgcf{J{C;}H%jv%JhKDZnukd}7e=UX;
zx9fk6<q22o%UkZL0UJo|=d7wX9|9ZuiyQMU6xEB1c=$PhI+W{8IGC+Ff1OCu%CYGG
zeHw%_l?&eq3mE{v<n~V5YmxVaP_Xn?#dR=8Y;%GcHe<U3Z908SA&V6hjDKD4UkhFi
z8|TS2!TIUf%spFess)2NWTg)%#OxwKysgPvV*%8`laUvu$f#TE)V{xGrT_1P@;3p^
zsKI-9G>6Y>QwvSujpIwqpMT}?V`O5uM<objSb*<?t%E0Ffe4aV<l(|G*MA>3Jo0a_
zT=M<(9E7D@6bmOzFFNp9cW$sVMs==^)`wOciQZmBDuhuWA_KVPEgTRtW)sK7f#d&)
zNy$*OQ0_h2jn{1mKkSPK<|uTW>6ySt<i&B2IlK?Wg|xgyl%g<_^$a$)M-%v;Nx(mn
zJ06%Nx5lOCe9a-PRtiI(x+8-g4&I3!TK7ygg#r$1DQN#sw#?*H$1t045YnqAwf6?H
zpJUb(^pP#eVY|?t)osvT_`$y2XdPUB4l|hlK*K)*At~K;3R)a=kU%CjTOS0z9h0Dg
zkSV=Hb`f7O!Jts{!_2?BkM;2Se=a&8dvT^C-TyTIyYs==%;^I0hYj?>ywrZ+S;3mZ
zNTP`2>HgZd@ZTyv`2T(iH)SEKS~ZfrqY1I-9tnQR5am1%8st@x?>>=v;Xs<Yog*86
zZ=fXObl!(2esnd5I+px1^hXQBPdm2GFb8Fa=6&hFk--<3j(KD>{Qe^eX}?@pTuAd|
zoZ*0|rd<@YbQ2Xvx1ARBzyB8w@7_T=_s(XdJDz;RH_)Dw!3~sA>m?Knp<CKJ<ifB{
zus|5e=p8(167h41KT~{SvQV%52N>HWhu8645WLVKol&O}lsz+I9%<+ik(g>$pM;u2
z0(kxW;hN!3?+Th)-u^ENDBbJyVeQT2FMNB();-}i@P`V1ee$|-A*_S@<47G0L><|D
zf8lM90JZHuVr^;B`svFQtT(}LVEG||8Alh|+J8#|{r(Wqy>dTo1xQjpHA>Q5?9aA|
z9GoJww+p{1K#Sn+A_;hPyLd>XTrA}I-xqDs`{pzIY(2@8KMKL?pB)-u@*a?TX<zN;
znHSBN70ndl1?uVDbQHP0T;x~w=n<p?boIgkPGCJbDXf;f*r>wZonOA~k;}gA_p|Qt
z&H)KdC%4D1_pJ(`nhM{Sm7G8KJ`$~4RSRdgRK9O)1yUeyUB!0c16Y5C1k~I=EBpzi
zApAciVD@-YKpKA!JPZbdumHY-_4j(z9-QT$CPa+%Fv{PT&6xSvrBn>Fd}Auh%E|lW
z_V-4Kk%{qfgNZ3CC&!|WPpNF@P?w@oT}}_7NNB1M4|zT4P(Z2;RbP6~NOPO~h3ct-
z9OIXrSH^v?mk%O6NCU30=1I!;;<BOaTSSiJ(ly3I)n&s)>aYDq6Sbyu?FE5@HA-u1
z>pai4JfOSCiHC@o)WP#}-b_7UVq)@93J9DzxdmhJP&%l*Q^PPt$V0-*+JJrS`i=YO
z09EvQ{X3{9{sXSPrL?|Myl8$Z+}01Nh4I%uQKsDOBjuIyT4*KTE3*#2WaVaCSy@G7
zSFl)Ff6LA;Ftf6Xf!=&8D~n(?nfqg+=kE@xBu_uNi8h{NN|1bBNdiXbVoEmkOiqMe
zY&1+=X!q=fF7FqaLegL=sggpGT;TU65WXGe#ZuY5^&q=?FQRbf4}ANW;{;NmnC)>g
zo;kTYe8_2CC|)^pb@LcGIwBb?E6dBvb9M6}4UpVAyoobuBBKP+WK%vp2aNw9+NLQ$
zp$DgSXZlPA_8CcIAco>dK~3icBRh$J;7kHZ45_<+=}z4e#8WmIhQ_4?Mj@G>+Lx^S
zY)dnzjHM-#eQT?%{CrC%kBFtC3TZ<ty<0=>r;;BuQR?mNEEQxwIHVkszTg;=C2?8$
zaJ7x26%lQiP<y+pvKM!qq;@D$ppRGZkeuRaBF!azop)c;r|<Pg+9)2RqmAt_0fDFy
zZ-3NCxPu10L4%jWEDB6a<P;PDKewK#OO!|j1@ip7>62UG3-_a2y9r+jKVu{rd*B5K
zTjCRwaOf){m@9Y#l`o`Y{hF#4-r;{XvsZ+O(l}pWy{WqorLpj*%xa|j5{wnZeKSAS
zt){NZP0?V;IX1x~B{cYa%8mvAjE#?T3-R^t?#h~;o#^V`tcc`?j_8GowC)%8`vSGV
z@;EBiXHi2Y6C28>;|hIf;pn(cUq+-77mGY4X~NZV%QuVRwV6n)RS$O&y)Gi(2wM4a
zF2AXb=WGQ6(D6H$Bk!~?F5SnMyfb%F%`p=-M1;k+!H4C4UUsvtum5_ah}ebO`Wfc3
zf%#`gVlt*~Y3hJK<Pi5w&)`(3WEE%N|H}=>IGrS)SjNs?u)*+V9?qoYr^rXdW2<sj
zOnCX2sX97i>KZ(J0^_Tv=xEmf_K9&Gu@(L6eJks%th__Kuiw(A^j;8Eg>-)mFuc7y
z1rmLqz`?I?zMZyQRRyy|-rs%-0BK>FTXMd_>)RZqJ>mR03!?O%_D?{jpfuW>?#0Hd
z+P@Ds=kw}JgJ*i?7Q@6zb?5Yvyr?*Nz0Lyy0bXCmriOWtA_vLIDF7~BeV3O!gVrw@
z)AjZBzePp)LBGbV<O`AV;7rj`HwS~to|b~<QSJU`H8vW*(QX}Rj3K=<w4NEUC9oSK
zdj4_yLq|^+Dq23~3{<+wab6*b-qlrf6*M&H4Udr6_~{sWJs%(Zy~;)s=7#<+*2>_V
zdF+t58#(%6lmXg<L(;3%u?-Rb$j87FTx(S(n<S$9%o1L$L%)?vvU43($Zh}@$_kjr
zKTDoo`+`(P<-3nylgj73bEBG9oMlZqL2|b6Y6~)jGkfv`6Jvm%-?TG{gvi$BX4FgX
zyM%;95pihDL9(F8(%Rv)QTVe4Z+K?iVaaeJ@-1WoCV*oMu5;1%mCpB{toTpl5d*;z
znC-9-oK4?%^u6sABoP+0*p=#KpX>O3^;vZ30h~NC`X5?4V}zt8x1Y)D`DRo#)cE-L
z)XFLm6ViV>PdSit;58^5b;J$FRifLbP==(jSa47dR`r{=Dek7AvoL;y<fSo|Fw?&8
z^_I@0m<c<TD^ZhtFOMHR`zv^Qd4tOJCSri!ZRKN>y#r<O6t@yggF)Y}C#6s4{>@EZ
z@s4?d#^j=u@GkYw*mDX>H$S(rr6uo;Y<}V~VWj|!H}A5ng8~V3y8}0%ay6a(_@8fn
zP3{nS9n!Vg@M8mGZi-#{6|?xFe?}B9sI1J&&Y={x=Hwhh3K5#z?h(JPuUD1hL4gP0
z1JP?S(%YlD(G^vqq{@-b(sr-yafWTv*iE0p@Q0_`-P($=lF^dkt=F7>PnV}oh}j*F
ziOae4#hr$CM-*1F=!r(W0o}O+sTDxIo1JEoKPoH5%eaRC<2-81avd_O)Vc6!^x`@^
z6cACnUl^cJdeHDSkrOC%c<g9Nq^!)EJfFNi(53rT8i;&OMG3{wp5Y^sGHdJL5*5^!
zR{8iHv~Fj3Don?(T?<do3O*h-(BkADD~4UfOYxH7cTmB+%0eCnP6|%tI5O&I_{JtD
zxS_x@-2<mjNQ79qetN^7ikJF@@ewmG-lxoXT`ygkhGqPZIRW?k#BH1K2p4`?ZXJaD
z8f}K-JbRRC9po~3=2XXwN}vM?K?HZ`hIM@~OZLcYmls*Fxe#^qHe`U2ciCQR3$Yp$
zO^YlNj2|ZM80~)CBkkIi{(^cG`Q;?%+*>LX4EgCyTOatPZ~Yb47YT`+oYM7++t}ri
zt(zZ4JGO4ODSQAP#OUH$5DD7W{LOR`3rt(NNS#c(=P$0CWIfO8C%Ir)zSLB94)!0y
zQj^D51Q~>cAF@u`?A5V8<5j{=k^T%|t@o%MNlO;JYLReUA7^o5t6eTjR`Cv8Vr3y1
z+<swk_FPr2V96x;r6jX&Jmt=>wP&P`-XNk7|GRahV#H4LBJ-x!YPZH!`j+F3#!6xs
ze_PsDtFW9r@v=#t=UzsQA4H!SF%uGm#YL^Goq=Z^5_ecwOJc&C-&X_(ek7`GZoqeu
zl1od?K`o>He}1@y!{mEW9;COKi0C;%^`-_E02+;T`NWl9`PtSic&}9MJ&3*5XHR(}
z$r75jvybSpKrGV?B+8TvEwU)7Z>mZl1WG`9I|e<}x{O{L>o2UsK|@2O*#adfHX6do
zHFy0bOm3TFLtkauOX_W|i!34pL(uI8<tqX2nzS>;P2{KX7c`ehSr2Xyn_>r*&&g8f
zWJasRrRolf!&em!-WvP*tWge@F~RdTH`I^bol~wnJ)KgK-=RF7h$(NwG$Z)oLxjO7
zpFsByScc?b|MfnUEImRfMo6z8vNoQIyHUAseZ&a$^t40<$7cDf^lMz)-Lo6^*x0!^
zcqJtIXLs>a@hIkC>nvtzhV$<Oz6#p*x$x6)G|4mW_Oe)U(S}kd@ckYNT^&dfQCY1~
z{MPy~rp3qTwkPsyOWa(Zy7zJ>O-TeR8~glF;Hb)7PiB_?iV4N8!ngs$?J1HCjm0)&
zC9gRvqo9YV7$5I5)y2Jc)98_H;CmNe&rDyjHV4OxA017T!w)2qvP$ikuDDRF!1SXh
z?pZzYf9*ZEQ!@L{<su33oc#vb!C@C{zEY%akc^<{h4JwDmd<OdIWx0>g4?R9?;Kq9
zjjdzPtL!>|qewKmPOt8HA?^DZp$?6`9nJ+yrCds$Ek{BMv0xxom8mPetjuDG8-s4S
z-CJgairFZ1O1nD0UlGXt1`)Mz+1QMw`2tIgpJ<C4#s>zKSS@O`)B)nlCh#N=zq3wk
z?2P1h@%OZHiybCnQ?3@|Q<6tq{G7u2Blex4l!m|BefyyIecns4xnPrLb6dlB$C)G4
zJ&$gEZhYMB7;g@D$QLn3HX@Crh`?6&*Hn#yn*Y_v;<{nZG`knjq^-V*1&fyGv*-g*
zJJTgdO-&tB)u?T69$G#|)z8c{FmCBtb&wJQRkAizYuk6R;fN^lBg(aSzDp@Ier^za
zdnST*7E)`A)-(2wH8dxO5HC_Y)=b_Z{mj+X_wW;C4Jj^8X4@A#My8Y@n>QcmRAsBH
zmmN%G(B}yCGqX3#`J!kUX+;Egl}#L)L#LO;sEc}*>eHWXL8gAs16gbgb~@*C1-->|
zjg9w<%S&75^MqngNO=YMx5aeFkGCmQAK=BhyD-(ib|JRUzC1@Jo~HKw*CS_UgE=A;
zBRt`p;a@k43%VBYcc1}hWtH==Wbi&C18%9U=lBX2DldsN=^vCZQTmT8b8yDC{i$7v
z)?4zDo@QNDm8|j%=*!|O1wxF;?!jS0?{!Ks1nBH@g5xv?E$lzHa~!+sF5At`k4?vY
z%_E|hVl<E}npCoVmUxeEu3bryD|lV7`;bRfp8Hh+VDa=;)cL5Lti0AW*1mBFhXXmU
zpr95SaQhP`)WN>w6!%bxS~;y1BtI^~OA=VYNTK?*JUw7hEi=Xb7jm3rTTlCMApzVL
zm*e8c7S7PN3YwVNV$r^v7<~4358o?g$RH%j%F9zE5amFmro}O^D%g3AHLgzov8fqd
zv}h5gCFybVq-|elr-;j9fKo`~2#71j+XXO?xQEF0y<w)ann+jEktbf(j57T_WXi*B
z9MM?J3{3XPW=SndulFt((R&at=8eo6S4ntxw?`Ygf5RH(deox4FFkyT0r~^2{M&qy
zPERjfJ?(SP)+9Xcv4kZ>N)LR8MZi(p*bpHc*k^618%j26kp9mP6?=q`+8Kx&pNErv
z-7DgD4!rN0Ir_mZG&+*b_MOwz%+WHOE%pU`GaMbA96?Zlx);Hjp)|F&_^hC`*Xfis
zmE@PuJ`zjvLq3{L&jPn@iMYTbAz?~zs*jiX&4>U=$h-ZcyvX2~-6CT6!k!14Z<v{m
zsdk@e1rx`-`jH}kHzU+{&3Pfsxn%rMMlL0@s<5^znR(M}6BuPOx9{CM$=kh#L7-6i
z%HyI|0Hm+oYJP|y#-tp;3dB51jxM&ldA4gu92eQYZTTg`X0!THT)6A4Y#jDBGolFf
zQ7vbAaQvf>hsVV0FB)H@$knyw&%U0C<7>tVi5iD@K8dZkUf435QkZ_|UK3U@|MfxO
zIYvJnD4jvky%M@C^rUFQ92`B20&RJaWS#xpv-=;s_xG)IEJ2vnZaC7^j5sklg1eqF
zEHTLXqC#bTn8*Mu4lC)L3~t&k4Z<1MpE9KN+^a%V0b6zA5=aO*DK-OVGW*3c9qg!j
z{+z4{2D^yII(x2Pg=v)_<rryZ-ZE<FyPj_mkw6AlR~9V+DEA9-%Ec?gJ;%ihGCUDx
zVRZJ5pSIFkCch&rVKmY82{ljCe0j%t%%3^)tI<2JN?1Z{2eKQs77Bmvc<$otn_HbP
zk)WX=eBnX0r*bX{76(gj?s!SgKw($ni5^P&{beC~?G+&FHwnYsP4^y~gTc;zy4DbA
zHx6xN&D@Vr$?U7XSF-~wZG(@7Z5bKG;B#MtX{VDo4Ir6C*!&&pwp=$nT1j%vpDW?^
zh@*BZj08TRXGg~Xc=)0eEq8t!WYOUhw6mJTv<Y^N?ytrGJg#aZ6lN6ev8AzaD&)*)
zoSIGX7nORnQJLbId{%#`B`Y7lSxUy*$Hi5sv%zMIsO3=0Ma`~lIcz9NT4RdNl&_n)
z9?}w`xxTtLciV%IM*)S_GKcc#d?zN`^70C5>$@iR=P{d_1eey=b|597H<Cq*2%T@*
zxtN0{zerh&1pP<vc+Cy1iy23mdI7Swo@_VCLR1cl0n%T7SBQ>{kNs%>*>`*USMd6}
zpMA5l^!e%nS!E-$?ce&G!su{ztL5K7%(n9O+T|=tF{?vAlFLX?vmw`&TTBi+NEyts
zC8KF$klCchNGlob-VeXE8wdU*vr^Wb87FN>vC5lf1AImf(WjPLCo)9Wna=&eo8M9C
z*sSGiC-V~!J!>hu%JQtpY8O+L$mIysyg9yccW!LjB{X#NqZn{UPe1sQp&>yZ`hL>q
zH(XWME6Z?teNuUo*g^S8&b3KqeZ7+umy2)Y$~{yAD+f?-SY8khDV^X1%WWE)A%bJy
zf}UDTYl|lS1L}LV$8S(F5(!-2-6XCYHW~i*_Namd3enAtjUx?ndhg%Ya7zfxB^n=o
zkx6C?qs+vuhuo{3d^Uax8?>m&<aF+0L&(5dte_IrV)P5=x!Nk}*&&ci5f{@K{hqp8
zuJuM~2=*pijte<q-6ShAHWi0yyp}QF9q>+%OVa7mG22zWFtN_tHe`l@2Zf?MC3@WI
zD#Xk5<PFIZsghZsCVrcjVSlK1TEOa1i*EB5##k8j#vmC2<l@R!R03ZA$HI`xs@TgT
zaq-1cb~#j#-?L6VRY&VS<R-29%-CsTWp`p;P|VjiuK;*YM@vZo`3?7o4jv7L>HPh&
z3d&nz%KRU?D?<w21PEhyHbrDiL@vt}(!9x6kF1DB`CH|h8gD&5>eX;^@d=5&E30(T
zORwNZc9Ui~qjvj7-YVGoi`{VE=g?pBI#YZgNyXyKW4ke>2q`3$9tVykFp6*QqaloO
z@Ea?>5UtT-i#0pLLSC4PI)nTpQGrF1l+rr)QhqtxS4l=!|J$D<a~i*uD4CCK#Ww^I
zgURxwc1x69u}ig{jA($|xkBzOW=Yd~l^udSDD<{k69h{oN}fNcFoxqyDs2LH)S?ew
ze~xNBKYIE~U?wKCG&S^&``$M<b@Z<Pf?adUG<g{c>t6_l31G#B7W_^gQul1o>dWfC
z>PxU^0VV7r5wYjKqdPsa0380=)y^%YWr<`yBXg<QC*9t@ihW{|M?fUI%DQDTLNkI^
z`*6BBLRVb*;AdURTz|F|$F)WA)ib_!>HI^EOU5;Dh#{q&ASI31(lJY&MpTmOGg%6y
z=>%ok%`bb}>`{+-6`g$9BtWIPm3+yUE<%AuYC4sXN!PYg=Z|J8EpZ>&n2;l<MX@Rp
zt@(4aJ4LYq?in!I<33o3ancS>W+JyN%#K~Ph<YU)N{B5kNUQLR2H#7jcJAEmE&Hl#
zObQE&ZqKjzuCA|swztkKPVHnFquWM54)*QtLgo0{MS%Qu90oda`8&X&q4Q6K-N1OZ
z-Fyl@!SW@LMJ53P^DVt?ljG;~YCxdc_MhEjH#c7w0n5nxWLs`UXA{ZUPKtb3OBDya
zdkUo9Y3`g?Wtrb%9%`u>ic`L7(}rymH<!O~xnjGEJScvK?fGs{DS!NpweI$(@WsA@
zS1te3v5tHF_y>j7ya87PHy-JUTY~!I?Kl}wSSM3<Kr0H`RNgoA^31`u!|kK%Y{{W_
zTMQKoiw=*%EQTE8D2$b#Exc06`Mf`m3K}sq@i^L2bYjVDE7k$s&qO3eETMIGuBT8-
zTSNc(D{SQ8V4^mEA6hpE{trGxXl?Rk1RA{1p}=48hsSgFIZ$>veg;S%J+(&WfWuFg
zXJ_&C3HJ>Q4YmdzN%i$JvVpl~b$o@S7@}V(Ef&+mO3H;5CbahYxp;<2@i%#FX#vIb
zXkF^IF&g+HTc{)gDMjT>q`+7M+jp$9Nls<~(|zyxv1nF4m``uzp}8XR{?4c0hI#Ol
zq!ml6d)i*;D=Yc=2}P6|eMGfHexQA5<2r_Pr987{_A$oI&(98~q#>S>BqC&K@F0oa
zQR(h0wR)1zub?4mdUjOdJs73p9Mu8!ivy$tpe-j&HD=|{1Ih^B)=w_{!cBa8ypFIL
z8lLNCZZ2N4&Ild8iN0cDr%(>VBY?8*4b|i56H#y=>@(ix(fL7u<%Z<tzy7dws|2wM
zzJLipgwSlpC&FzRW&zC|y|YhF?7xG)LzBbM?5qW^Lb`{2t3#=jUf~dadm-~wS4WIB
z$O40{@}#+*Cy>%0c{D2|t*>O4F%#e2ElVCfY21t^k5H+IjXu=H&Yrd<I4%S45Kv6E
zWR)ErJ;<5D+x7!nBWP%b>`lUgB%rY5l!mWlp*Gj<Sri#lht@ZzB9Z(e767h1e9fU2
zr1sR~L)MRRciB^wNUmbOS2(%j@Io#HM9>QHI31;(HG4l*s4V*m>}YeybC1f;Vt)BK
zG<`A$t=;SE+XmOpD4f<hMmzE;pfKU8*Z*$fk59LCuqo_1mbg74_rH_|_>smBubV6g
zh-~2J9I)8CAg0%UwM|QAukZc5EXt;zkp;{z)zOQFNj8E>%}_D31rpot^SohhyzR3y
za@`$9xyH%tC+m{~rJm=r^0<;1jG>fJHye=p%Fd^4*jiEi+`F<hyR947%o?+?P-A$n
z9$n$W$v2!_T`qYNJ#LztVxZEv7KNj_Cn&;~<+qONcIqPS_&!1JXII1hQBH`x^Ukc)
zR>yiEyFsZ(Cj;6Wbz+M2{nz$sM74l|vMS-J9)!n{kPm%Hu>@{3eX$F?E8{M{poN{y
z!>qG4W0Q9G$hKU=Q%Z8}r^o=^a~LmDFD@|6rl;d8be#Ejyhy3nbH7hj4gL-*MHpw;
z$wu5Ho=3!uq?4-iz1nE2_SW6W;d?EV3Awqkz-8k;=Fv`O7Z`C-PB4&}b}4EbXFBt2
zxVL>WonOkB0AQS*hQBFNAtrfXWl?a~JrvbXa+qaCE_5PLjHcT9!dlE(x5Qr<*1xOO
z=pgu{)8dz)?)yC=9xILS;ucw4;DZEkj(nfyn5(RHC`hz2<0|!ZR~MPFrS*`&jUnD(
z+9vtNVk}LaAD%Mp<+g=J1$T<u@ArP=m&Q4k>gkppYryk~#W|lR*4+BVG{;<~6?yu*
z4dR|t3UcsOe%oq$+i=GjMQg`-Zvk2}L7Zs-2?RM|?c7?*;th0&_Kzw^dXV_Ksjvn(
zoUy_{*P7=Vb7nq1G4}fU-rJ7?HPyzJ9#%Qg>IwqQ?WWo+7$4fd?J_u2)fVgT?~D|1
zhpUQ9)cevK{I<WRy<~rwdt1O%UZ=vmE4N#j_6?a~BrC%vNc3aIn9H#D5I?&Suy9P5
zZcCojxtad?Ym?UT)|nO?T}+j|O!>`$3w+(jWyB@Uim=|nWNh>U4wV{d6Wi^yn2++?
zDfP<YfwH@gg(sIAJ~)_E6UIn-U&NH<si()}Xabh~Q}0Wc_wy<DoSH_bhFOFzR(DEQ
zJexZjhL@H^IwFOLevlz=A_WB!Mr|70*HhIM{ZIDK(?WP3MFI&SI?%ao-#gD*w}jzn
z6vF-e=1z}vrW(f|wT;SUGle>OXRy0OjD7*%Z%~OEPHba7eq^?%+39I6ouyP(598ls
zW+bmY>*Q}rD&b|2cyM(==;x_j$Q&u>x@jBvE}?{*{sN#WA8R=E%rP$`*|4d%WD$|B
zjD)sE+_n<BYxK8DLN8(lD@EvynHHM)ZK*uOobE$uyZWp?O7ow;Qwl!iU|0C9bWAI=
z5h*K&sdhHyo=wc&m&oy%j{UwmZFq{K^<{u#*7`dM<7~Qcyxgu{SzTX-jvXLo?_no{
zHqiFDE)Y6rUrr;{p^FUv*`2dzVfV5F9#a3S&vM^vWXJyFwbeI91A~v-1Iwa`#-`Sm
zw#k*1bv@NT?SO>e>e2z?A^NSlc8MpvI;b6))0W4Yy?5GlsamX7GV);|42C*7gCnc6
z4B0EnR#ZFBEpM60;cW+O<C@DGhpQE|`uK^4qf|#1v<uL-vn&QpRcM%7Rpp(&^O{b@
zuD;7Q&9Yq5@)Fo<H<GW9D2$mnf&cb7h$mVN%y9W3Y~jgkUh6e)9jig_qkaCoVa*JQ
zqH%R>G|(faA)R}N{WY!?GtG|vLSoG%u{s|b{{H_|$V*b2r_X+Go2h8MHksda|JlKY
z`BPUB_#XheBy|dGCc*?t{`9Po)YXf+{~}6ZRaVy0+CFA}VlUoUI|1dc^#m}r?15V>
z6(KuGzaWxowZ|P)4hzhCG|n0`(dL4&3U-QGa$$@NQCF|(0&T<}P6uh0oQRLU_N&rg
zo6$_bnrgEP<f_V7eyU*2)F~ESDq}}>&EhE^Ppp9VKt)qurrTMN)CZJ$$1YDFxz!yO
zH};PyGF)>jW#{s@PPP0TEynXp%~dQew5rAK4Mzgz6^HJ@0`aOE2}iXq0BY`4toM}_
z)};r(YY^_AnmbI!p%nqwMoVvX+x_C|+RpAxnu)PgTy{_s+~pHew{<J<<#(fh5$V63
z;U2x;Ot+zo;eiIs23QkE@>5aehpc?donuxZ!TF`;){*Vi(;y!I2KWpWxgBAS(w%YY
z<Z-Uj808vrD=W4`JG9+|(n{WJ7CRqiA%xJ}LecUlGX$b>w-4>~!H$k8%=>&J*mQf8
zOAZs-7UVXl7A#Vdi6M#?S;=o5n`oT(;soDIM(DbhvS5wOq|J89{<$Uc2c@qRuUH=r
zFgfg`h>oi@#BVmdaPraEJw3HrU2G<;7#gm&0}{mySI8--q`toa*V8<1Npv6lm8-?S
z=YMk1_?uGIK>|3Fx>_P5z}}OxWxY^_eqrIgw}W|pL%Jn&LIz%EV8kvq7F{tE70`1o
zHxh2}BG;p@<V;7{lVOc;ryv5^8gT9~lBQchguH93CqH1QSx2nQkn4kRbuzJ$X-kuT
zi5Gv{ePDL_RNlE4xA+iJtJ+A{d)m#Y!cF71G!gk?I}vPQHDf(V5t$)$9oOrqPB0|8
z3UcGjja8jBUHJK{)lVH{cQ?Zjd~#Gv-U#@HnJrr%H!i4|6|56ghjd{S^?1VOOKB<`
zxwF%=>Hk6WVg>m<VFk~ANUXzDMxa<t<%e*RO~~t|Z)ZYOwmdn>)D?@8@tH)V0+WN&
z1$a7NY;|e%^B-`O$(rvX@}?x%Ip=N?3i~%H{?q^I37)}E$^!vHxyc2$fn*fu)wr&s
zNAW&`u%$L2eNa&FgTY4&4=d4p%<I<C{bqy``PKoB?EyWB0hSQsU#BHE<c`(lAGPu(
zacO1RI({rHAj7j>j_qJ74wVV&WV3}c1LF5u1m_<3V~wa24Y99n<x(kd+(5}D{=DiF
z9fbv;iqA?#tC$}hW0#V=9flOUmf0hU&r@%0V7H5umtT^qW7{>95AK9x<;FMc1NoFK
z$>n70#rraL_T@UwPWybmxb@skNOG-p_EwLpLD?`F%FTCjFs3lC2w<$>jq`xJ(8#-C
z`+s+OOpSXEWRRbL2mz#!Z;`{*^*VarO<H=)$zC2hpfiGRj7+g3p|AeUIatd^t1krK
z?p5GS<BOVQwHsPWa7kvfgPa{7;tZ8Wtps^!ejgC97+i!7eWpfBO9UWUify|faxi@h
z%?e`g7SmHTm#LI<w>fzG@aN%j*6MlNLu0&F8yKuQS#~FA((+P)N{*KY>EJzHor==3
zr+%r@N@9*#ePQoO8?t*fajS%r5}&;N>gkQiG;4J8`o0GA8(5HE+tD;Q+H`SswWj8A
zcZb*#hJ`XA^K{S_6!@3NT*CSYYx|#^2t7@3?HCXhnlS&%!sbmFy|UipX<7}Vu7UV?
z_Y5MUtgJ)yc=@`n-v>$J$s*B1Dx<L<W>;)&5sFL0uU|jYo`W<g=j;S)?6kCzR#r6_
zE|sD)$ZFU2emFSZxk5-&`w{y3J(k23oDtXuv3J8XRsv*SjdF7t(x830f}Zi7fAd><
zX|hWewjs5I^+S)t1=3P)1LJ<Djmg(nO+WD$zv4YVaP?AH^gg?Kt+bHS4ZvJ=R^sBX
zfGSV{r}NvO45yBixIqx*B76WmgkjTkd+8!z0{QE|n`rHiB^QQ)4y2Q0e_;!n2qS63
z{GnVew3%Z9neJTLld*G*%^ZFCZ3k#@apEzjSF0q$#rMN4NUCD=#+iu9rmy}$Ip^Ua
zCHLrWI*WEJU+KWFtX%^azZ3P5Ho|c?+96|_txpLz@yn|gt4C;8(wnB5$cd6|BUTFM
zc%yh)M*KVuuFqC(TG~X;`ZGOCRyMp7A@VCSJuj@z#mkv0Xqcol_P&$-*EN?X`4>nC
zb!Vd&50EV7x-xb(TNdgEuBXJMliS7hlcu0fuM^BRBqS^yVm~2^KOJO{NZ|m`(<;*B
zDc<tG3EG6B=OD-(Iy#p^@^iL1X}<}jg^vA4W6{K2&qy^)x(24V#q%pui4+hbUulj2
zN{1c-3ALfrVeoXZW3qCDUwa43D}S!3bGb!tlMm3z?GR4i??jcafvOj|Sb}!2yR?EA
z@IUG_G`_1~A2>_38!+6JWC1GZxQ`4nb|o5-6YuR;HoV>6<sPqAiTBt1sI@i(_$vE&
zZe6=cd$3W?oaUN-ty{}Ad6}WBx3pf(^8M(#4DGGEg*-pCRS!RsV-N3A6eMRSav@Xk
zQO6;x++Pi(Utixe8QXLY-p*fvHfqx+68LX^!<Th;y?LeDG+#TAY_<f>|CgRe6gSAh
z)!nAZtQ!rZ>X7z(RW<cGeyK^k1wpUvWkmf9!mLBp-!*F@vIO5iMMST0HWQ4lr4GoZ
zQOtC8GvMf!s2>ANm~x(WaWbmU7C0;N8OnVwc`G_0qRSGOw5)5)GCo~^gz2L%vmT8&
zF<OHFU5^!JUSF*cU!1|=#;1&B=Y}qdg9Ck;JL29bgzP^HGV`2Q&p&@!W<-5rp(?(x
zIElEhyck_oW9?gZm%nqd1N_v&kH#aEy%Z>+x>@h)yz!A}^t|`lns+p51!RU6(@nIk
zMgBsVMY_)PM1X_%-M3&BEHgFz>)1wlHxii7!eHy5i_X)1j&)xsNBbcMcyJl-PPy^H
z+VTMv4=-QVTL-stCjIK$He3I2#ga=Q41fhzmQ@k5t5H&P$U7*{)X2d}t7L^{`7N*J
z=4bMoj<*z<sz!Z}0cm_TE2kUH^gndLGrStYm`cQQBLm*6t`wA}1ib~!fuQmB-Kqyk
zj>&r(bob{EeJYK!%BAi6WCl6obHk+{l31|02Hd4NR(1GnhZk)IPz@>R0*FCB-wMf2
z`L?c6=8CnodmUgx%Wlg*hfz)!g;Bx6u#z}MRFcd7=b@gbc&q<<^Z>1&lqkk|n+)Sd
zqRCwp;)O)MIungwRWKOGIx*a?9LSJS6D3AfH=0u<f!Xa8pl~dkjbByc?ZtC@5HbJ4
zi5fqnS12wk!R1t%teTT3^f8)^ECk*8nzl=m>vMxh=j`5WRWe%dQh64#E`n9QxVguv
zLUPRX>5g#N5J78DhfHOzcw=RktB6^2%$*hIkCwnIug{Y!ZfifE1_xW+IGZw*Xz4Xg
z%bv^GKm$<@cr8h9w_2tRMAnqPKytL`7c~oj<F<suaFLP+SzO)aOJNV(`8MNonEH>e
zq_%f_nh$+}#r*|deC_wmBN#<;b%6Cjk@!M7X<~x>0$^=R$0!u!z*lR&r&JUS-l3Vq
z(3TwS84nCRm%J~m@h>9#r!IS!eDea`24V`9f^H3R`$w}-P3W<YO<XNLl4`6jZXTzz
zjj5{L#vU;X`)F>aamwR}+?X^Pjd1=h_vd3{+Y_fkz0|xqN1Rlt?a+#iWo{8p&@Z-^
zV~d8<)|>mf8B0MkV-xNsX7TLxwSt|2Xhi%Pv>W$vSwSi5co{40s}{hVba<w~ChuV=
zu3cbd2M}&UPM7AY+pQWO*VrarEY!K}JLT~qzWo4X@UC&UB^_AyxO37Hd3KS^zr)R7
zZ^E2hOfC{0TgE$?JEktLY$)%r(?Q%pIUN}HVGC{HM=bNeFuI#p%}hPtIkZmc8DCjl
zUfn(1#SeS{z+k-tKW!jMuKJ(D=iUuF{hQQSwsMiD&;vQKyHu*LL=Lj@3-$-*s>E*>
z1^#lj5)ve7;yhdn^X?25`DS8Pv!6-uFo8r$@cmy)5%`ZLVgg+_ZFk}frH2m-+4fN~
zLZ)^;0~Qfk35ZbBE!TSp#VC}+<ved@({YvPXI_SkJ(k^W=tbIr03`;Vb?al}74mgq
zdev9QjOxfqe64)lZ-a%Zb_48>gL#o{Lp<|}$@G67>_zN+FQl0G603%yjRQFC?ne##
zSBA1;ujuN3MjSqI(?&!QqizeiB*agY**Gok;BA-TwC#4%5%!aQ_VM!>SgUsIbh{>O
z5^DN8;z`kWri5<G?sYy6TDMO6e;xRj%Qra)n}i(=K7Hx`dNppm9E%7g?)#Uocunv7
z+y&o*?odqiFk+aP&@rRZn)Pq`DvOAcDf9&uY(M_^{Hmiz&;W{LyLK%+_^hDGMK0r>
z+1XxQQ{AkV9#NOOWfOi@6sDpRtn3}_N>g*tUdorqaO;w%_$KXrTczD+VjIWt*cE(0
zQF7y5dQ?$OT1y!FyIj)cjFZf+b&=@z6O}SzE@YRpQQq0&Yf>#_OkGK;JX{C+mLT9G
z<qRRq5dHvcw*4|Eg5G!Y@QJ3RRvaj4iN+~>`^W?em27~;SjcJL<C8>GW4ng#1PWa^
zUZrO`*R`|_9z8r*{)rNU2_S>`b}Iyho&%_U^!(eswsR_N$hw?9w|u>+hM%)!@PiJU
z*}2%k4T&3@wf6R7>XW}K$g3&Q)M|I8dj>0T(1=14qchf%1)CF<WuWUptjFOmZMt~Z
zN3>?hp<fW$@mM8F44E`VlBX0c3%rqb@b|q>Hu|G>6?dMB@NAV4m*dUplarVXRS_)=
z?ep$4q~u$T9~v`;d~F*s%pk>bXmKMKY%C3!OjgD^qVH(D+P_dfCRY!CB(tvhJ<`(Q
zb*`5p;N2)2HrU`$p*vNq`K9EFimi3x9mj;6bh|~SbY0Ngb_g30P=2pt(0p{c=)H#|
zq_E0GoNO7o4=E|J*PrVNxvDliB`2RgGdb33r3B-G6NCN`LA0T1<mNlvzbrq9X}Spp
zTK}<i-@{yIx*I|{z4UN|g4TfeL69?a@T*X!6W!zRfuq$G0(%yKq3-@H+reRv!Qh{_
zD_X`9S)@4gQFrFkfsAV;H^Z%Vv^FEI9$XSG9W&8(%Ga;0)cc91y!%N26Cy3b2EoC*
z`N7p-Exv2!ew&gotlEnQa;w#zr7?B8`zdn~Wj^~BE#*4?q}|(xo&Yw!vi_$GLINAT
zBl(7}joA%D;Ydmu9k?#%m%n}}VT+Fd+&(JH$W-q3D40<;w{)exF`%;wKS=@k&j-}J
zIC}Wo);4HydGoXs%hf>xH?i#8`wkQHpVZn8$b9K79;JlqLV6Yjdj@SBOWp_5RlWI#
z>+LO8gLIw^vTc%GJ`WZ)Tvv=%Ug<$sLB$5+8}tfVUGwMm7)0|Yx(Rq#bd|NIqWlDu
zN#))jv~Hm`JBX40R1PotNfR7hsL--jnN2t5uqvl^CdXziBVNiUTbMD4dNk12ujgGN
zN2qzGyVu83V&3i*k|sWKu&{jnvqh%bYA(tqH#@FI_DIh=8<|k@aMrsMS9-*nenr($
z-i-VjIJJAVJ*l^eHv9*Wn)%#EHP+6`hCkebUEz*G0%(QXz^?j*?mS}>%|$A~z~@@z
zXz0`mS}_IfdKazeHWI!x;d16JKRF!Il2^Egn}29G7F(A|cPMCEIl0C7WYRfaJ<gG!
zuF>4rV2t611Cb-YIFoz|-e{`q{wEoW7nNKL?sxkOfir`pP`(?@JLcyXSovFKm(>`X
zn>(f-RVZl{wT?CD5Hi~Z>y&Fos{2|>bJ#ni_7`y3Fmr0xx_lPfeZ4{RcVsYS(A>Vz
z+rwE?>>2(pLjxy}3^V;@;7K=o7P)%#ysQG3lg-oEP#~X$z4UuS8n|?j&Rx5dSPXli
z%VgZmK9Mcyo6xY6EW$(5;=_=!pjJVehi2Gg<@n4IqZAR7yQRWtA&pjP){70(C!d)9
zgLH02S6g~H%6_eVo^hjm!FxheuJ*f#@b}v3IEui@McY_jNmLb$kFq--aJ-u}745&%
z4%Cv9PQ7CSEjLVMa+>Tl1jhjj3JRe86bF<l%7rd5<>dj5tu7|T%=Rx1eo3wQ&&zCJ
z{2d<k(#bsrY`bpe`%fQqz3^80t@rNAM$VNo6hJfaUz{1A2#agFg7e+GA|V=Ys1Y6%
zlIJQ!dkADTh>Lx(5;J}uD2H$azOz{I4<xMZVF>|hILzw_E(;#-<I^F9%VN#8jWG0;
zWU!)+#A=DQ<G(>D9dPft(e+p5xh9s<DI%30qjo}}Orq6a{{ouuZzOkcWSR+;WCmAZ
z?`@)@<_0KU6Sesb(J`b$H1R*`qXlnjZ*d@HCo*~uQy%6?dUnJUvP7j_%F5j<tCUcC
z*omX15ykLdr+v&OBe0H6Bm(UE)iQ};AyprJo+@A5saz*)VCH`^96ZZ40m7;#)RV~$
zqbs?!cBgYxDyC+E7oY<uanb$$6;H3r31bgT%tH@fqiIMNXR`)u7mQ!~)9Dk(&Dy{2
zg<EpL(QOJB0Oz$`=X5arOs?VJ0PY(QRf$DYRsB+w@%`>=aO3;Q0OOMz+OCc(E>@fA
zF$>K_-$eWG)T4wUy=BfJ8A#y<m5D9QE*u0-_(ib!Dsi+n2A5R$b3M96edf4&B`BE*
z+a0Xr4K^4mhU&(Gz|!n_n|(1$03{H=Hiu4qbD_6UpX(L)6E-H3y_I8Mxt2FwKD4jW
z7;P}6I#1cq`Olph*yHZQ)O9-JU0#L&Ntfm4kewlNtNL!w3Tg#<xH;G+R1%lq=c2H(
zr^fUkIG)};zK{agtr7g`zEk=~4HeCI&#!4`837Pl`8VES7~kuJr{q=fcvl)fZbw|l
zOPXM^#C;JQ{L0gtJRtRO!Y7V-e9LY0XJT@4X-RA|92+Lk#m_HWiZ+nQiwKO>I@$RL
z?ft)pJ|ZI1!5nab=n%4QPdKzpM=}X+F@gTSsMYKd4_*FK4R2KE2=dXKZCmv)5j}2+
zQk=`Vlr!@sk8urg7#>qxNZM`r0Hvva)E(dfLQ@vetuRzN^aBnNS(}(DCjEXbX^?6v
z>W~$Fv*}ae&@SC6Co{8>_O0b2Sot-n=9>7~i-ur4IELl!mv8x1hJ+HYw%!6;<m%oa
zbq2U@<J*B<bouD~%FRR3o#t{vEpdd(MC#2;+E^#b+;6m7X2!PAYlWmiToID=s_X{q
zBC?vH`@_vY7=>IMH#TP}_`I~r0N0Vv>J@9PKl_5YKaw20e0`%xzW^-s$(*cc1idRg
zQ235M2&&>*gtz6oRzeO6yqu?Sa&!bh7k*6ZD@_qj;kr<sf!$0{m2JeC{)_d{qd-R7
zjt?{4K%~x62}j7UuR87@I_icNpzH^9-2++@XtrGLWE&Ti_kWiM0hNu4Z>WS=D-9yb
zRN6d1f23F%+NsuJDsgpcFA!Ax%Y^SmGVw}9@x8NS&Av?^UB9*4?AZ1hd6BhFGwIWk
zPsPysEweCn&j1Mga)y~WzJv7<H#S8}U3G7xzdB}F(2~P9WsqPjY<q`VPc(kEDf#fj
z5rP~|=cM1QLs!53#fwV<28R>fbFPSO1fHZV$e~J%|NSg$a3QV~J}(hfy+ycEfzWWF
zO?HH%)jLC8!X1v-gD50Kc{eIK-=7{%Qxi+q_7-O%qLTZ2ZMl9A^Nt>OShxx+Dq)mh
zbg)XdZ_vt`^@g)t<v;CZ^K1zSz8wW(-<=3YmU$k3K@Q;K6ZduuWvZ#J|H-XUR%tS&
z3>H=o?~i6K%MBgr28b{r*b*A+?QN~7XI1cfyz;JS(1liq>C@mtaN5Xpu@#PGa*{*~
z>32(dwQy<b%ZLOVuS78(+1y`qu!ouv>K+2gC#tbo<}POw6=__G7aNPxu2=&i8pim2
z^ab}ct+}|aj6%L-;Ex82*#ahX_s~bRF5!=9;k?OQ&+Lo%WUz~_qKPLr1<p!yP|y$>
z-W$_vlG`inVP~vQhMvgguZzSZDHV&_xGJd`yRQHUMtMkxg#AC>DbcmZKOOuf!B>wb
z|K#W88_VBoV6~&Si}gu9JKZnc8}36-#X`?CHm8+1qd<axFF$m2&swewKzBjr^)nw@
z$%H-_8k>DCBE^62ST$0b{_2Wc_;Y_Uw&AY(2qNMx{i!*GQVKNo<yz7+n7+=2YOnPJ
zZHzfptjzgWjS!H)?X2}+a1{Ty`sfFK1E=OKUAvlyA-1KMC31ZkVPfXYuT5%|j>V;_
zjc|o&CAzrWN*`2MjlbRWsaJD4tEuUVDtL&yMD<5{;D+MD6jT(ZVFZ6}5cYO%XkPPS
zvi_}Im9zinnCHf#q-$gSL)C$3;dq-{>!WIwy{)&jZQda9#F&y!zEN=JqH<7xb_J-(
z&Cv%sPlz6}t=ijt+I?;xJ*##M__LS0y0TWf(vjAFj1LjmbcO|<N<O{5tK$AQjx1^Y
z6T{~x{@{D<SOU&YbqUY_e17BcC*qBr6VIn(Kgt0+0)Hwvd_g_!QM%9CqPRrCy|k5;
zBX_TRtWrR!G=Il;d)Vpp3Cjn~AJXMo-rFd<NzXS{U?8#fMX>kE5U)~a1?hC~bqE)%
zFC>e`C==tsaqO4uihnRK-dJtARFRGz`W^GfHLX)HrNrO4pv>*#2QMGsE;)X6p&g_x
z>w^5$^OSR0mZ=YsbL*amCjBA9X;YmQg}36#+)5Fb;>+H1a!tMx+n4E>!}Lwx7k9Fz
z(V3^47q;PejgRK(wqgP@y%oEvrZzI(n3>G(#a7qLH3Xf%ImK83fV}q_sLH^*zzd0|
zNQL$<2b`uY?vcGasfueI{D-hW%xd7pIaF1??`{9tuZTcWfpoqwF$GBl-3LlEdziF2
ztO$!q^xszLdtWV!>g(%2B9yuSzi{*`kZmQ0s~EaK*cc-AL`bW<r)T9oO(%Dh;UlX1
z*-(#W8#(kX=$Dus4Wsiy3--P>m@?Yw4HNfcL~Bt*ef1FL6Phk(5{T|sEYLvCEfo&$
zdH!^b<YrNo75(k!uHBA_dj0{ux7roIEYSlx3m|>?P98N^rdbo7L^(f<BlV{;X1<@(
z?MqIQwS@RY(@!to<YZ>7b`2{671plTfZ)b<fbsMk$__K_N2kl#AtS;251KmzddJI@
zrZ2t%Hyx+EvG+H}Ic<hw?Jn2Q?K^0jD%IscWlHIV0<jjp_YC6l1bUms|GR7@4g>8$
z{G`D8!BmK%nMX5jf9YB1%)Z7Mytu6Q&H7s^Hh4f%s-ZK{YKM6t7ZlF7+FZ4RuS&)#
zLr;QJe%5i<TogauGM}B_{QJfv<uGlkZzNit^QWeZ!L@Cl5L1;mk11+r0+cX`<V%b4
z<JU*so!MWcMW_h$Es>P#jsB=@!b3WhE|Q36kuV))=GM)bWgCR6Oi3}msu~uYlGAAM
z7+__U7AWL(R&0JMAR~oLtHJk&UneEa>xdqDUXo;AdHyJ_TCn_xk7*;%p|m<FKz7Bm
z^^n(ZSldnCCorARXF1B)R{Er9*YUf3qn~)KRwq6HwzZx0GbOJjpN~PJhPv0$goH^m
zAakwvosYZ!(&~_U@ICw=A}|z_*F7t)S^jHI6dvb;ff&{Kf#A9pkBJG@Ysj)*!Q$d4
zZ`<GzJ>{{WJf0Klw-2q(wHr5;cNF^_>$uAoZK@n&#Upk}wI0EZzdKP>hRCW|(+@jR
z3}nwd)nHe$x=J{J7Fzfz<Tn=wsHlo7t3|q|M*OL|*0MT{6$4>zACkm+%tk*RJSGC?
zBbEF~&~yZ7zyXWr!^Egs)8{#3jVxNI4U>61x$gvZ8F&0`;LxhfJd9n&hQ}3(sJkMF
zTiCA*!%ze#c~+etcrj<c!vQDmgv9+RbakSCp&NN=%#Uw`nTy)65G3za0LpuHtkrYX
z%Lm*!h%|FH9-=hUi41-MMEP`N0@>pyOJrxPBUm}@ooiCACG}^t;g~iC@eSE8CNbSt
zPd@q~E~Hq*K3O7FiJauxJJfS)FKp$o*K8#h<>4&%IEf<tGwk(;>N(OdH#aZOSo9Wz
z=7$TB+YE)Oxyd{|>K~+s*d=v>;9uRcj-GNxe>&z@ZXZwMYM2-vJkIHT`&O1hZ9~Fe
z&C1*pM`w#Pvn(OkpH2|Zspp7&tyHY|sRDbB02R1<-5{}FesHz)>LpiA+_kGh&~tYX
z^@pl0Im7V79O7_@<u}b~T?AcyK7nnqWrXxNY?E?r$`kUbHBCcP=c4&J8$H=v*x7lp
zx~5Pjd!%&QqE+=e&j@;+y1gdZq~&EQ1&XfKY;FB^7EY722@1}Pfv+i*bypW$pJrvY
zUIvgu#9k|i*#_0mL%(q|1)fCw*>_DefN3XMQ0D@f%CK0-J}N(pL(he-wl@vOHeJ*K
zT;5)|$w_%_dIkj|Kfj#wUHC4s;{J2+8T=8aQ)#ohI}oECuh}iT(b>r=XK=peYPSJ{
z@ZjL^i|FI`<XJg<y>}VKcDuD~8(klgf=F{HK@Lp>hD46l+T*&iT7ogiCO3^*5#0Yj
zroMqY53URLi5v5YZKtu>*tVL+wr$&HW81dX*hypCH+{c#@4A0s*4Ej3W=^`4nRd@f
zHvtOFvnyGITX8&63UHw`T>P&mNBF?#a0-P|Sfa0~N#we))*r0ZQ4E+_`}0B}>t7u>
zR6iBavBD)4Gz763lZ%4A$F~NJDT*Khnne6}?68W?ip~?Rx8QAPPzReF8Yd~uahcRK
zZD(|g?FhKD>nnqZDI_wT-^ZAq8rZJR7R24pUx(3S<~5nurYfF(N@6HX7OAFvo;!Q|
zBf%tTxwN#l4t^0qj9xi5!8d`L{QO&9f4y|d<^Pw4<q|J{{hC2OjZ#lDx@gz_lv1mv
zpu3&Cu(GMDeJPk}qdX}Oj=zuT#|Eg4=|`Arwlba99fs9!1TQ+QyC?HT)9wS4ck)$B
z?ecGj7zHSio7tSU^8@RJKO_-+_J&N3NT)<%a?0tfDyvGUHQI|h9qhEqWUmT;4wn=`
z=!_PskN$qmj&EE*X7b|Q(;jy9DcX^Awx&3gYU6KnAf=m%L4%W#ytS?pzuSG-xE42l
z&UB@lkfcZ975Mp3(@=T9%+gKgoI9yfebfq5$izp5+owL16o%f{sn!Jc+GkdvL$OBM
z5g%cdwV!hWi*ud)H5A#sZleF|Y+3#N<LGbRaBt>>KHallm{6#e{;#pA1>Dhr@k70t
z5M_GpDt7qUeF<0WzK8*GI$Qd7-h5d^Fc7W%K^k<&2x%xdtlk1sF`+dF1Iq=C+w<6K
z!sCRc)T!$Z`c&0CQ~GQ9`SkR=XhMN={+i}EPLjPG)(wLqCh%BFiyfgi92dVvHA)mC
zvX#9H+gMoq>_{Z9J}fnuT}lQW8qzLFO-gUa&adre;GDHlv;?KHi<CPZ6;l$JN`EIW
zkVlm$$uoxxQMZL_o2${&A($SHlyI&_{6Q$lWRP0RqJtWEL~b5WAoKWCN*<1YpS{K{
zBN!YCUZR9di#dK6T3Rr@V<9oUW<{U%W@zV-g!NQRy6j#GhQ;Z>a?fG75SiX8xA@vK
zJ&*lcQg8k}JIj<(=FA5BM0kSO*7>S2CT{=ZlI(axZ^^0jI9>SwpJ3l}7{vJWR8(lE
zr*B!8*jt?MsS^@VPeQt+64_DwlY(^-E0<{0$e#6$=HnlP<eN~;9F%JFOQtKRM4D`W
zM6Q)<QwjZyO*_2JS3viYwBrcx8~6>U^1U4^1nq>hs56Sr`%R5TDvmLqQ<N&tE#kNF
zjG)4-U3j^%Ia)z$R<ygyDjvnHv=}?nT4jfvcVVBiLOkiH1@q;zBx7{E^v???T!=Oz
zrB$>7L=1&3p&S)*FlfK|35EFKTQ3LVK=ac^1kjyy?1TZ3uo#tgLu5k5k9_#pTB=p2
zYlG^vCO~{QVsN!WHV8F0SMb^o!8iiG$Kw?&_RGyZny<>^<LH@Y|HU?h?U@dE711w$
zo$#n^Vf{~Xh(YMJ^`Ml%v5A|H{XzTPL!-&c*gpO~$tb(6tM_Kt)3%FtTGb3@ldxj_
zz;D^@LtPX6kluR_NOdAYsrtIxrC@*Ro>H+d7UX0o6kr^eqr7|MrBd}hCLwOblT8tu
zZs0EybkK}(VB(7CE>AadG~OQC<&BetMGB4x@%(fDwX{8DQ{nGgkYmfACub!_9DnKJ
z_YS%bs_lAflNmKh3VfY7$I)pV3KIE5DI3T{Y&-UNH0>Vfo^1-yVNZ^@P;l4=58YOw
zk0EWk4Uq-K$24i&1Wm_f$_tCAjy>4jrU$EvuUQq03Au_<ikl#+VezCz6WWgYlB+DC
z6;n{TtGO;;k}Y&UvTyI)S=ZWMJ)a-&F3!*F|8%kxIDH+vKR~WvUAq>%9y)o;4gXh|
zOy?exbJ8KY2&VNQypQT8ZdImgIoQV&a89+`+s4i&9FvvMhl7Gr8%td6&1MV!GDU#0
zS@Tmz>3y{<Hj>nMHn6Z^LFK#qwdW2;0^q|lV_t-tZoM9{0Fe#r<b?PbBpD}Fq}G(9
z5?oFR(lf0_W_hUMji2}1{*ddXR+bEFKHJngX({gglO_#4Q$Wm)PoY6#9QMHbz&YI+
z{WM#I_hnXpV})wTc>=^iswc1DdGLc(nZ1;;c6vxjDp?q6Ria>V-ErJ};uxa}F><<i
z@^X!s7MkLkamJ&7BhbtPYQ)1xS;A>x0^VfKdHn8@c^=JB)QIc$th2><=up#-_D>!i
z|K=b{8qI~J)|(;jVZy$lyAJLn)i7?`LEp|SV>27O+s+g(f}CutaN|DF6$tLv$*k=4
z&SUz2&LY9+bIsqrj;d<D{BY8IM^-mI$|nAeG*UdRwL^;sMqGF)`<i5Ifm37zbHX$y
zx@i02MboDzV%Tjm1|D0YqzhP0$*qEB^72%Wux7o7b$weBz|cIMf?IbfQ(Dx!hz?gH
z{(a0~E%PFPqx}?xa(G#Jo-!RPFyX0DL>v#M5i?c#sZJuoQp|$tLMq5HjMP0(QL>TB
zd$U4^!BQ<_qvI{>5j&0mxt{(n?*@l#*sl-#pYsfKZwdjs3R*EzF_on~RzL9=se~sg
zUg|c?!jc-TG5WR#IHNkuFSi${TuT(;_kc>&za!U5rzlHI+?goO=2fpE_nYa$q0x_K
z<%C;f**M6%Mn~?<r99)-!-hqV)2~7uBtKonSB=IGJ6uDAtqQ(4V_B6}Uqe((<@=YR
zROdK~u?OfI`jv}cjB}26bz0Z|nB+-!m7t#zBS){l$C1V^{DRWV@b$FzURJ4L>zScf
za6CE06mwL;DXe&BLtKcFsgs6Az;Z>nSPI3O%w8111IM*5S;V*`=))d5sq(M<OV~(R
ziPQL|EN;81d*H)sk+id8)yBqmIKd+S28sqL2^%gH(fi0Y(TNV1hTC_iuN`zCccCrN
zMHuhoQ>&C9QC2n9jh%_gAS-TQ;IPl<O1i6Ym}nhBi)F-&v_wC>a$v<5pde|j85f){
zt$K*XS9=y;*yw-vI2w6gkZ7#Q+I$&km<v0V&HLnH^cjPfFHEXd)5EAe68?E0)Zkjs
zSUC)nciO#F|M=@{0{b!;5n-e#Qj7t8WW?mX!D`}L&W)n!l0aQeNMa^uC7w#$dJ#6i
zK{zKTrIXG-5%#2qR)?ca!d`v-xX{Nx=5;sxTm8lSC2tMP@PE5e!1w3m9Qz)n9v}Qn
z?rNRjb8|TDuPQk8b<IOXMGZ$OZUKZ(TbYUEY!W6_w&dE=z5l3E_mC)PY00t?m<ff~
z5gp-{@W7TtK13_3fnfxe-T-k5(6pL%hcU)}YS;XRaMavuYbtA~^iM)SmW;3W)Rk$>
z<*nnr$8@YKnKq$d6;p4FVxTu<t^dY3PL>5BhJ?3BOJeR;I9MoZ5vLqx7`9Ap6^B7=
zSXZQI_n9JmO5DZUW?}O&gpIPrBDo24J+!SA$VqXq>JZXdK&G}t_uEb|qFV{iYQ5Z5
zQA}#~KU^0<AxZKL%Tn5iTpUi=iCujc(*t(MZv|)J@||zpy{i<qWHBGcovVe-`d3fO
z#QWA;r>teHeUS+0+r`9EO7Cw61wKAzpXV<-jTWQ79DBZ0_;FnbSEAe9-^l4xh!efc
z4g4+2$9ZbIrsn$If--T2J8jHbx+TwsL+A?ZuD7*|lz($dSX$6Uj&oaKQtR@@B(;4h
zEW>#qeu;`gThlW)jY?%1KggBf6038o64a|Q<e*A7;wnXWDWIdTt!jIOJ7k!d3r<+x
zPTuWu{7x4%BtaXEG#l6BAImEfPvppdo*a_pC(qyrsXn!|Fa&fs6pSXsG|`CSp+n2B
zE8)y77)KL<o$P%c_FlJgWl**RC9ro+UnRxDqIHq#>_!B#Xh>6LI@iXgOb(-?l?z6=
zgo=xQbGv&@-8Msp+G{h4w#-^+viq)=-drSwAEFI4BCfv%A*qoV5ms$EhO}g;IpXC>
z_Xu6u-c1=jcYf`*R_<|jL2%voMfqOaIC#6k>|Tfc&ESK$?!)2p!pr&}sb=S1{KeZH
z<>_L3{aIH3!>^kPZ$eJ)cHjk@{ZBR1m-HtdR%DTK<*a$-I;PHy0UD=O#>Y=C5lyU!
zj)h*Abd;7hkz%m%hv8}K$WxK*XAE2a-hh=g4+UT244jCClK9`@#bX%oAfwMFD>E`y
zp(>?p$`!WR{IaI9Xxsf!MYj0!NWBc#A#+paYDU;ew^@o?g;l9!nuWB{UqY5TTw0>p
zSXek@oU>zCh~~-YTm}k|MmR6XP(R`oJdQ_FbFeuN88lc<PH^M4|1?OLM9_`phsxmz
z-Q6l%v@hHsi?zrr+E3G#+KhFP#_Wl3n+RVpJ*w?b*f}EnA?_0#v;4(awys4+=5Ujq
zZK9HVOEwN(Rg&J^A&b2-zhUxPi^#CCv47z4_;qe=r%m(m=xP74{Ax0l;~m54js4Fw
zp_+M)9pdY{dfM}-2YEOpt5RFn(xZfPTA{6xKVJ%&^E+KbSQh&p@sh1RDSvM(6prh>
zHN%{oEh(%#lO?c)5WUGM*_bVs5oEkoNd>}4P=iViqORo%_SP<mW=O*DHysA$Q@pmw
zob!@jdCoYj0lVZqRl_jCgTUR*Xc|xPJ|RNR5>&=3bsJu<VWyC_640Kbn@rQFpj!@C
za}f8}5R-6>#joMZ{j*fD<$zpqO?o0ZnFR^F*2s9I_~maUDt}a8OlCa-I&U;hh!v_Z
z$wZ~PbO^1ZNM<IaciE(joH2H)%Hz1KKnxQjVld`3Z#HQrmqlVKsf=}XGZHgn-cEMM
zVHtJ1J&BH*Si-M^&}9ce|CAghDJ<DVUBPFmj$6&d@0+#8N2(WaT|O+Yuk6scT-18l
za;T5E_HclIa9%b0Zt;8t<Dn`v)_-^+&ap$ifnTxvUINJR@7QGIWb0}>1`=>^zRX@q
zZj}=Mdhg2z8(auV$*SYj;@tQ0%Nnb5{UKAUYplyNWX^l6IIxoI_h>1!QfVkB_E|Cv
zX^k`)f)Uh~Hiro-qc<1Mwbcr{Bcm(M@17V(A05Ki_2Si*WD-`@{1Kn-AWzmhCau3Z
zdvfQmmpL)ok*4&V&v!%V@Tq;m#?9egdnr3Gchk}Qrmb@RlH{gjg@#%LRAoLLHCaac
zHQ8isP8OiF`CC*l5{I~o$LH@=`FV?hE)$2^sj^q%Z|?pj!HKvR4!LSN*&h}@qy#(<
zd^qCP%`LMbv3r)v5={+ngKYlylDST{kp;W(p~h(;!y<cEpAcz`*^C?fJiFt~mo=@;
z(<{$Krtdspe9&()JOunce|d{lk^h4(hUxe<I;RWt4U5NTkBP&D3ktTreqH@b$@sNm
zBPU0zhhKzYc6gKn9qQcuQ&MSKehu$N#>3Tbh1>5DWeT$v7y9it&GIU!*QlG4g&vS*
zT}G<ZQfD%_e{2UTO)uKg>Aug3!mj7ets*GXDPKo{7I?jhIBCU%nwctJR_{-;ki}7e
zw9)B+iIO!XN>0~Gw=>72YWSU-DnirXo(b_7Q-nteLX-L@QQI$p?5tIRbZo0o2vEVj
zy*+G`;XxSF-=;=mEKjBx1|ns5?#-<tk|c?2Cep3dtH@DUiN)(&R6x!wtCvJ&D!SiY
zSpjJHh#RhyB=i_0TF3e6@w3p?q1%nvC_q&P$69qvT%ZdZyXj3=CB`O=)nN4Aypr|C
z+Wz0aY+@$G+WvL*klBOR-5>-!pA#Mkl}t?kO#bj?=9&@SAhxSP<amzGOUuF+2O+Z6
zwSF1d`N<Z~OD5MnP%yR=A2t>ihssW6Vk>4(SQx!qRxNw0!<p01kS``B+V?sl*KtzI
z)d(9V0IorN680mn*MGnq)XLSNt<g-YH(K7RO=@ct)t4<nw;1aX<ot9q$EC8v2L@AQ
z0kfFuQyTmgl?f=nv5l^q<OjAIAY`_^A@S-08v*0D`S!KXq51M*5PowBV<Sm{r|=V&
zqOsUP7|;mG^tlUT6>2;o*u-p1it_TGT8D^x4s8wL0Vm-JS!-VPD8##L)~^K<jilzR
z^v%);?6VPU(xNS-MV$HmZDF%gSdVc8zj+`@c=LjnK2r(DEG!nr=ryJGf|wa(G0(Yj
zXsHd+YhJ=;PVZZq>&GK9GQJomy68*OUw&zb+bPrhx7k+ZvHxgl!D112UUXL}LWccd
zF&3#O(lt#T1E{AKv=ftL;030#Sd-#zFAk<rdqhHJN8Ebxbhi{%=9|!)MA$QZULCNv
zvQCL^A(w|6Dur|j#0wo(_!Q9;3=qPF;o2+u#_GzPnYUx+uA1qpDk3_FIXdWp0e#hD
z<rnds{v>)<Hk|+(np?9BGuvuh=Kd+NL7!D?&9IugHY(`^;%No4DVlvYf?6|CTeYb3
z4=AhVmXFi5GrbWS%c&JZpMKG$@bFWR6G!q{=#<32wdQ7p0Ycw8ht*~oA7)?6?EB$^
zq#N^#&Y6(I&29)c^e<|l!yIe#*Cuiiri!^#e&T?Vv;8JArYB$6NnH#Q3FfmXE8$rH
zGd`12bVsq*gJPmQ_9?rG=g$4QS=_Q-w)ZxLJ0Gy{Gh`wy$`e&u<iw?28(i)!kvCn(
z)jRnIgfmxsVj>)#*yemR{>ImadOb9fX~-HqXjX6@Y!qzJY2S9{R&O(H;^kuRl&fa#
zcQO6UI=qI7yDw$7!}%3~A&-ViDRJU;%ZGj_<~e!1$m$Ui(&6foFxko5)+x19eFNOS
z1bjZdF<-WtCB^^qKD?Si?aHz1VF&Ypc;eK*7qpo_TR>x1Rcmo}3R)>GjU+W4U`SI*
zI2ZYasbC(ihN3G=q|WO+imURTk4%<Q9OSXF40@AR#kQ!ZhTNG?{xZU=7_U>r+N8e2
zk$1MQ;Vet#DQUjfGQ>$8Cy`eBv5f3D0n-@jYCIOB>>GHZ@xoi17fC_Vr!i6}#K9z#
zfBq|CG?1pT6&Ot+v{7{4(uC=|U)klhc2(nK|AgC0B&o5|Y2(UEGTVGGOcf{?-*;oV
zI@ruH9YQ;aI*b+cyw#jZTxvk~OJpP;yx#d`?(J~o4K>C+QHlAFr(O9&m(!-&&?XDW
z?f1>`>#|97^Gm(wuE-A`NBglaevI|ynXSF^LvAr0z#60*{B7$n$L;Y_bJ6ghGLEOC
zuo`p|^i8ctj`t{%?+`blzMjX<DQS@=LRwaO|85kRur$6ei)N2uw>J@re^B%5+y<%X
zlD;-gc?>rt!+gK7JCfLTP_^i;*AS-yBPfIhlRuG!X}2>{1*DYHocRY?K(=D7CUr;S
z+L(idI}t+!?~*}<dKr$C9U(Pi=#)|ML}Js2_Hs@Oo-(|a4R;R-=m)(}UnA#==ik^_
z!OPv{Q7>Vl&?;e9Eo+<*o@4_(deK!%`fo*LE3S^JHixvlYF)!#Oat<*s>F0o$wwCn
z_7O+$_e7qIlgjC@PfRv+%-_ivZiuUk3A}2waHWSiBtXCH=~|oXhov6bIC*$G;VN?;
zeSJXRc&^@_O*X9tYyXR%*ng9Fh~FoqD|gKmVRNy4^goi>y816O?<$+9OGg*sNupS`
zIrjAVq%aX>Op0^I*h!|*ZVFX+v0BLIb<N+&LZ+n1R?IrKCui!~E}<(Kibk|ghC-c5
z-&^Kx&HGfk_hj*vQYJ%zb+q(ovYTvRDr0uE8)8wAVN=~r-;mTyhjE?tlIsv|4HlwS
zB-d0^hlI<|FK<ZW9Je}e)Gt5_+lBk2s$vSn&5!SK@43ub+dSo>*tlnZycxn4vG9Z?
zHLH)}w4J_Ohe}dqu7{<u>P=Aw-J}bDbm-a`scklCcobRIT8}Exb^1tEd&NZp7doGC
zWzml8j8kA?X>=uYuCe$Z7kH;1dcW?>8-|xxio$$nfJ?9swyTMMI0;_<#~u11^g=Gg
zw&er+2Ce_#XDwIUzdDB!Q>|xYZLDcEuhicIJdmM*TmJ^;pr#K^B2h$nMpM-3SOGg3
zO6;V}s2m<ii8XQ5>@m9uw9zu$R%jKnNTy*5;9y{AM6pW?3tWe6jF^Qd-`6yg(H$`h
z=KOMAi`V`x4sBY{6G`Hl)W)F040eL4(KA$S=AhYxEboSIcI%0zjG&o?ffaxTKPnX_
z&g$THk0~2>gE=%zgzclGg&`JN5cK-e%VXiDV1O3%R|qDRp@9t{n&P<P<_O9`=xu3@
zhhcXp4Y>vV2DnAR_j@n)h^_BWa#S(vpVwsA;cec$*j-^NhAi43=WW%xDEt7$%u`i*
z{H`ia4!)ftj||HT0`1_|Zm(^Uo-Oc?jsFj<B62UA=QJwZFUrfM@1@5~?-{d_(z<$U
z-_RJ$yi$VE9=gO(1GNGbrX<@LJwfz5Z1fOqzSUnTqSQKZ@$e!>6QspYnrmbxS9L2R
ztJ5j_R^r&!LiYiOlSZUCcgl?qfeLGkCW$7y(n9_+$N79!lGwgj<9#8otyHpFy)R~O
zT|Kjt#6*}~H=*@6eTgDkD&FUILUK{f^W|NcIU!xc&J28Rfvi30up;HEhCNaYT+dUc
zD7I!*Z8OSvrXkZDQl(T2J+U$Gu9EG=M49*{49s*gAlmIjf(Tx=6h5a*mbCpx;t?#&
zk2&u<C!td=(<<JgApbf4wUS4I^zt%C6ndRVN#Ux(o~X5S4b92hhIGf#*9UmNxoI#>
zzDpikd-tKrN;+$sOZ!!?Z8x9co@$U!?ra~gkGuBv|LyFh#9uaFnCE-euHGJdTtE^K
z&n6G_y^Vv1)zma}H1&xmZj<V2l$q2#&xFRY8XiEnW`CT#ht}9h!0pW$3x8|<!-dT)
zIYgfzffFCg8UIjp^cbD@V}FK~cltN>nz{&4NYNTgKZJ}?;?A8ek&i5QY86k(!9r@}
zNFc@7L%=dAF$G}G+8YxorltcUaPc%fP}xY4IlALuoKr^-+lGEFs!CN0OQ4Et?txN+
zJD;WjRMNxyAn2CUj5;ergO1?b{YQ<`oVqolszf4O>5@nz`oo_FrDR<&VKgDBNuqoX
z#gu7#{8#aKvTDY?*!sRvwKiFx8X=6;s4SzB{R-RR(n90|B3#NUuE}lY5F2QUp+fYL
z8=hM_nwy#IkLh-uuWhTHgGWX|f)c*1lRL~CSM(?FY4TPM=b8E6Oh}J){CaF=dkOvl
zwOvU>x9yi}A5G)nz~g;SEd}c!5mET&_-Bo9O&Nz>ms<zLHw(S(qOaA#%Rs4>dK@K^
z#&;oZeoyE!J>@($D4E)-Nb7Hqk?M`)YXXLYVPx*NhQ@^GmAVm#XgeGYVZ${dhy8e~
zn{cN5#@>@sSFTYJo*ae<GCm3$gUI5X=v=$tUhfCGYcZzHNJ~m9-_Sm$Y%*F-<`=d~
za-A#j7`yb*zryNz>8+x*@GYH5Oe#rc>u-4GxPnc&N+-(>v#?4vX9Tg(&)!l~!^%z;
zBzl^shW3e__(a>lJ=}O^Ju^gfd)sU%O!RE<JbTG*(=dQ>)xgN3oaBv{u_y3c@Fx9v
zcYXjCs{a>emJMBf`H6*M%T%;TBoIOmrR~kdiaF7{CbibfwrBinJ|xKDIcn{uzk=TO
z0r_N@;(x~{@%gX(9T0l)b3?q5Uh(^XHbJ%0eQB4<VPU@>DL=o0vdlgRIBjR&eLI$)
zHi_Nou9MDy6EhMCLzzNaR@umsjQsZPQ5vHdnk&&V#6A(AA&6y@u~Y!BNh!7i04@gP
zaUC~8Pwv<>3}X)KGzJM9GslxeT*tB=7NJ%c$8)tQESVL=+4Z>-v0I71h09D+Qze%f
zoczU}Z(86?mUcyjB_&x6(ju>cdClk0;7Td;lXvVjg>lbmnEoA>f&Y@0E_hw}UPITW
z_*XN6qSF$?hSSH~oVvE@H!{bNqjXZ<y}9;}B$T?Rqrv@=VT}+;SSko3$xhGG%6u~m
z$4ptpR&5C@ZISZeeYh>h+S9mnXlC0NS}#+yb@K>juh~O!vx|G;0l9;LM@Gc-iEr-H
zAG65p&CM%(9EEE9@-aZf3#Fb<IM27Y`OCUA{(lyfJ0J;PcUw7-Pt>d6FD#W%QMKFa
z23~GZzN+LP&~wAEumV4FEP+PN!5u`0IHzr|P-sE3;*r^@M4#%S0bW5f$5Sd(;NkjA
zTlMS}nVu!AAd9sAS0qf{ez%bwSo(%{Jz{>=f*E}p9jP^LeTD+WQ;T&>KikqyoFu_~
zf~ev6xnztj?#E`jnriNB{}Q`Zy4ASjytb+qG;4tmfr$>=<+x*x0q{G2MqyjVgr=x$
zSb7=L7ojuq#Ury~wD4XrxH9H>`Qy{%Ql`Layy~XLrpn=>^>JfKRSzPbQsUcu08%A5
zalc<2I0}yV5d;eUz>oy)upO?@R;u6LPsBOb$Tx8z6fO8Dlrtp4<cw`YB+>=Jkz8aX
zfz){AGDX(v_D2?v$+zW=vp-yist(qro4VLVkDHx`XWrGU-JIReUI>N`$d2bXn?WlL
zV-Gy4&2Or9HqE~IGx>pFVSh);3WzC%Mbb&RxqS91G$kKE8V>^-TRl}0imC<F)@F1R
ze=W&7Ad&1wCLF*Jc->I(IKM;wIb?XbIR$uQ_Ix&Zf36kxxM8DSWel-QLEqtlJ{beH
z5Vw;K-Dt(2pj?ltELt8<fD<OAFfH<o=X4T}U~7hNR8@Uwg)8qaKLtwB-Anu+&<xK>
zPK-*&)C7$gfiwV*eSwf~g|JDr@di=l{1DzwWXB>*g4T2kLJeLxq-uZ+IB69K(u(wj
zOEO>u7VXvApsfB9A;a5S)q`1YCke*%>xVSMGl9YbOiysQL6Z6BAQV+Tm!vJ3WbrJs
z$6r<tjP2$FJlb&kGs1#a74^b>H-CQ$sVmuJml2VJnHnbTHcXK7`akySpv8sZJMAFd
z2KV&_s+SCTd`!+lYWD5O;xwh-mV9$~(H|BLH1qS?(aU85hO@h(V|eb-RR4ja1@K1d
z`Q%dh_{|8?Z6^KeGxrkImmToL2gq@>W<W-!r$=`^y0B<Dog<r2JQ0BLA53SF7{4Rx
zeW+S~vZM8aMu@9;dJ-6T&B_p1Htw+cB(xAj#mW@*g$;h73W6xa6eOLL`^hhFX{ZM$
zon;EksgUZ=62_53d6n-cIfndQEeUJjwc6}X?6C?dB>0_WCQ(L8BB^^gTG#f*1Q3o6
zO@=s>MH4oC^S%br5F8c`5MTL4uM?7fNz?>>;e<3K`bOS_yPPb~Sx%rmDpd>qVSX}z
z%*t4H15DtF{2m4*@R$j~4if@C1a050IhGSrYrcDm|MscDP~OFEW=XdI>(MK7583b}
zo*mRsZ*`nb$}g^aR8FG6rFl|4snM3@5@thj-`Zn4%Vv`aps-#a5X*Llp(ww1%jo>H
zR(pPJy?@>6$|kNglkTy>o?k{h;)cAk!aMRfcEb}R?n{EjxY}+k&!TE?#%VJCa=)ws
zOD|@^W*DHQKRs)W6N0I!p~G1R|J%>D{Owe|0iv=c2B!w|sEg)cjP9-^*2Rz}s0hDX
zN2W*UN`n5I(nX}9*JR<5D0p2{MqLQtFPsot&GbIP7EK!e*YoJ4LP)3`G{q{n9^Bda
z`f&{?kmck<HbXXDq$(n`<J}v^|3}5D71Y`lL$A5&5UEGDD`<9F(or22)fH-6^+iKH
zD>9p4URS~_Q);=y<cnf=ZUmVJT%$1e#e-?0<0i5=qIR@|`dL0ketgJ=x56wB7~#>6
zGHVF>II-3fk-Vpu1_N-K@Hm~a;d|XktaIr2O{?ABf&sk0d>!h(vQJG(m@NwWN#+;!
zG{aH*vR~IFuiOlKL7)W&!?s_0)z0qD><mt`MXY#IZdo8F4_*VBq1pVs{ei9anV^xr
z`WYrEYDXPBpO-#Py0z8}hOc;$_tJTUA%A|EIZS}fvjd4SC4{B(<WmZ@tv2KP?V(;=
zJQ1Y=f>|vR#L~Nh0_FmGS&V>X0rH)Gskyy+-b0IziETqf^&Yx_c?@dN)UvPp8rTvF
zrUS5AAkn1U%|)hp9#<*3dWSwLw6`AJSPn+t8pAJoxzV?|q{^M2E4s`FUE9h{bv@HC
zTW*nm{oM+j%<l;aR0{_xkww5hpWS3M8(bB}(8I_mDTX!l^zr<}N<>cLw!z`2I}n1K
zNwcXa;flI#&92om^kkP=5GCkaCbRWA-{8LpTauHFdtMjT!|b_q+P*yebLsPHA3pKF
z9Nl{ccvU|KN9cQl`Cfut)iDpHO|PUD2evcl^u1?=!UEk}U%phpf83al&h;6!$C?2H
z*tTbjhx#m_3Mg||^rvn6;!Z25WeTIxTj~<a0hOj84d25Pa<}q!Llp@MITP?h^K4^O
zkQPg!4Wwf9s9c--zANYEkM=A*N`(QumaEXg4akmV=|geeJ_jDq)SI{Kgq=jRqZ;*l
zL=v<i>78>Ph+HOCb$U<@>Rr=j?6!YJ3~ONCk|W>QuXOP7-Q%6<aRlm&8TfNi?_OEo
z$LDI%?jp}}zyh3LA66uhwuKIKbss;x)C_3PK-Spe@L#pHPRL-qeBa6BA#ccn<eHqM
z<*q4C&TZ857|AqM4kN>@;!^WhYQ(n(g5(>{a@D0rzAYu91R;mg%vQKaz%eq*%BHy9
zl@?#^pC{ZZzwJjqJQonYh@C#ZpB<y+$@~KKo=+WefPJ9{dHOR|e7WPm9j(#Fi@~t-
zQLbj&!XYqfu|(qv`7WqnYiJr~l79sOYn#-BPC48nU3W~iz(PbYFbJjKTL*R(Fy#j|
z`+F9XYEA=sUzzzwq<b(*l3KAa7G}sI`E?`*yTdzCnf!GhsX$N@mOmx*)5LodVHt{n
zDvR6?tEJiQDc7{9$B;z!9DWB(i@<MK3ObUTD`W$S%7|ATrUg(|;N$n@+~APgW7uwM
z-}#S#@DL$QMt=U`F0=9l<qbW23`4g+Hn@VjQ}$`>BVU4kK9!Z7I@F`~S5a4Pm@vDd
z1s!aVFXA=)U}Z8?{fq?c_lOHf?>su%slp*``Lz9*UFH*e_)zl%X^oxvm07E)gWN{t
zg)YpYQ+aiyv~)dC>Co))WCh@d+$NCSw)tNt&E}qQQSj|b$yu_a{mZ=W@yvA5>4_Eb
zEFEOE=Dro`{B1%8jTIXs!@GG^O6NPVnBPknK%k~kYdL=cqdX}3^>NIeFESP#gUnKr
z5U4111q~*;mn#9r00WL<8GD=v#7m$*xxVe>vDZ@VtOdtkRAB>5uV~#Z;YNzni(X7o
z06GYq;Ky1s(0DN*LlcEf7N!-N9ztnK=DGqRUIiQ{fHvdASIme-5SBYl2Zu69I_HP5
z7tKX%=8_Ic%^Il=rW_2=ge#;xq_#@a&ZO8P?Q1Pb0}@R)K8t!_zXkWnFlQHv6scDp
zlXtm`(D+=W#z*<sH<~8}lzAGp;KIk)E`gw}Jwhf+p$vs57qPx@?~o*8u7Ee8H-bs9
z4fRU)r=$DRr{$;&^&Ez$SG+G<+wHGpe*N;T`@i^+9dVy5aCblQ2yX3oM!(YQ4e_ec
z|K!UE(?wLRyQX8U@IMz<f<tYfP^yMJd`okOn4%R*AXOXb!EGxH<doliDO1PgP}~;5
zfUS%@VWu((huHW|MrdMFMt>YeJ}(m%e8!XUP4nRu+5rY4L{#)d-OAiWLVO?~gvqam
zbOGoguwrxo9T>?2ITT(+{Xm(|cEMBEgBC#nApG3~3IZ7ADrF9BhxyJJyB4tX-DQT4
z!k#~_C<v;!4Kz^^TbS0}r*g+(!(@3z{PmDQE4J(kk`wqxJJ(lXlwr=F@NX7uYgzRu
zcv9I-DoSi?C&e6`c2{xMA!go{2lR(FaVT!3T*g|2WbJp*Y9b{!In>od=pPIPB^^%O
zNBks<=0BB%>Asui{7~HtIO*WJP7pS8eSn$~?=w+y*WbThHkfOX`F*!W6zl4;=F;l*
z;c2EYH?rd!c8Rgr*qPmx7BU^xASOv7<4{=SyhI)+iFS}V_@(z)=OhOVD4+qnN1yQ7
z6befU{YHyA$wf{RRJV(}w<?$A#MByLasq3hRzVfx7mb$x{>ZCZrw|oXw_$UA8-nNY
z-Xm8%JiUM94p=>W^>$_!v7S%$-D3HDJt43q2=(H9#dDm6fq-E9nKa(w?iu-P$p(3&
zph9*7q}h+{>;<%2MV&P;@hV%5OO9&@M$nbTAsbYVc3>P_8UZjo$$2caoEpY5ky{(=
zg;=G&d)=@6dGr^6s@3M~P!!TQAx2V%N1KIqQbASG@k8(OtNfF?$pHHn-pADoc1k(f
z|DKO&ry+%?!WmAVReZ;2uq6gfYxS9xkG(o(?E1N!GmaEm_mSE9X9}T6d6RuRv_O#$
zQyLNtUhnYg<>aF}*Kqfaw?#H9l6sNs`SVB<0Z|P)cjRLPhN<~7upTlt_-2)W-cu#2
z=i0hLwuvDYl5c`ru1vXxrN$vgi@E8^Zneoz9-{HLFEt&DKe35r5vBvbCqc=&=oM&e
zRql}EPa7iP@GZgReMq^@mY`wl^`7Hr_xE?}L#j8#rLV+@{F*`ktH)`ATkK9_8i%UK
z?JertA2ca;2T$tI`SS3l@_{%o<{luxX~+oWfLP^kW6j+k_+KZLx(f2uT<-4#A<u56
z{#})iwo(A2(xA8yBAgxn5~WFqkRi3QZ#+gwZHtlKA#214>o{}6y*a$d#mi7ulgO$#
z@Trb~x;cu*d)$CwRaHv&>e{Rx*!(>Y^xX@fY&o!2B7h<vWTO3o1SS$*;GD*M_Q$3B
zrg=}bBPFi#T+*v&n7_G6tw5Th*r|%&=+iJa$K+DvoWh7L^rC^72|w67<L0EZ$g<TI
zgBwEff`38wW<D{a1BVUww#g=0xRxX=od>SJK-u@G9n(U4I?63nDgnCcesbojt+uFt
zIGx|OuAaU-n=s$sqCRB|fxrD`jLP}~X$s^cIGX))%)yN_)b`lc@3l&MsHlL16#1yM
ztA31_K&8!D@w(#f_}rh$yi*7{Hyqu?2IpsQJX<>Api)_H8(fV-b)7=djml9`!V(jc
zXcPI(vSLlxNrmCD7`cVj=S8i+WPfCzK6D9;Zj-W##ca*{&qrSSpI2K78}|7Aqh+(r
zAn#<`ZIj@5$p)4W_2tESlbKy5h8m~_t4;)9i%Ee#I-Y0CH!llKG2$gA5n@K`*+-SQ
zJo+)ks2k(sy^*yzz~*mLKi!ceYG5-VCR}C7lH^_;qUEVhJr19-gNZE&WAkUz>qyoL
z6&5_i19g6|R<2_Ousc<^YObzP$r&W6(y1i7^xqnMtnUJUZccyjn%fUeCMbE{y}++)
zW?7VPe6IQPzZBiSdjHjaF8=EEU)Wt=16~jSo>s#tp9{A&mg3;rd|Z8ADGa+$SMs!m
z*f*4Jo>d?v=Y;iW%OVZ<X8UVuQYABwL;=Uj1>vHze!xH9VeFCR$q3S;?pPTd56fjQ
zBuPqGViAp}46q4Q+ItWvFN8b-!6LYc^lsI>v{e*<VCeU(2j*Oa?y^#TJI-JiU;nGc
znM%R$TcNs9<pJ~CIHHdC>PiOFQgT38lyXPHgbp&w$&ji*Z;#}rtS&9?HrA&Re|)MG
zW@0|pix6`?Bse8))3w3{qY~dlt_X;WdU@ZqH-u$*znW*;4V}E)s5%=4g&G-Kfoq-h
zy7(YW6zzv(1(3S#`db7amrs!?A2N%^rJvI4GfC>IzS9IaRirPMR{rEJS$tTVfLrI{
z9o%EL+5LNb(qXxY)$<B?1Nizhd2dZi^ZNX++9CUQO@9tSVCundhX6buo_+cHk_t%H
zJr0QJY0>jUaT1U&YRK@&3jJU><I4W7Bi9HOg@@+O32IH0mKq-*-Ra~J4-f~yGl8<Z
zvvbw>A&b;54j5cw?gn#~pJ5Fy+2d@s<)hjl_hzECP(s$B<SPmsCiLh~^}aY9y>IGM
z%7;H#c#L5RHt`<u;!ROxNaiSRstp@H>fB_{i_Y055gj0!J}$s|IBvSxE|T3w;`k90
zm}0{bd!!MkMD&DwS9`<Z9XSc|8_V?%?Ul|W$N|4Z&lLmdM(mQf<4@}dipu&?RR95T
z#SnpvAI4&w_)Xd{U6;~cYg#riQI%r{$r*!DG8V0l;rCcL9ZY(stJ;+NM>s$;aILny
zUy$e&MYCmuuT_AvNi>Acub!DG6Hh?js+*M&yQg{SPdsITJesXX>%cE|>)pThVGb}3
zIDkvgtA4__h<gu;EB60Alko3A^k$7ly8u0B9Rgebg44DZQ{_c^AA5+N7Hv}CKsFI?
zay24Qa@F52ya$<jn^vLG+!vKwUZvmHHY3hWm?1JympZ9I@t_B$NZrj*j4^5gsRBd4
zhQaNo%^wDJ2GUFM_vaK$u)3|J;=3&%Y^UI);+t~N>|2H;UM%-r0lF1p#S;vak<5UX
zZRmBFEB;=fB-$18Njn@JT=<r-5rN@FxrDo8A4L;;vecnXl+cPEt*Uua#a~ziH1q<R
z<P{#5zjr`F;524LnW}hN#S{XW2PDjxW!y$&Di_Cv!{Vj2*_t;O7pgd{yzcSnKJy)5
zwOqwOb9=%osASIdyh|vm5cITnmA_?pwB-8t#R`p}GMRmX1~k(eS|Bi(Q={tYYqV;q
z<zl~T2DxHrOHOk6e}k#$j0<4<UPtLJ1(bsWamMAo5BZ|g5&3J?1Cb=q4dBvao$ufC
z2gL|j$%U@+$Mon}0c5ZHDH5fIebAM|y>MgGUMOY_M0Z9G68?719rUvAt$>BOkLsyj
z=a+yGI2`0>Ap|o!>hU*Go$6T2CW+zS@Lsnw3&gw+O%^sNL#8nEgQVE9>4}Go*{#Q<
z5tQsBDM1ox=rcIr0TnVd3)FlcQ5%e0EfE{V-;2X2nsITA2q_?8O7U}Cum4?OSt?rQ
z8@oLIZP}9`1BIndpd``PxBA0OvdBxeNvhOT)OVc%!^l>JzYb_eB|m>I+eu9eMO|-4
z4M--(^=+_{9BID`)!If=@u~f_7){evbCK!)*C>sp3`F~ErnyW+zhcbljW4ghD=wK^
zU<PWe$G)>y%x1G^@&M)8vu}gU*9Guo2e{Peel#KPP5E!P;lg$F8jK~N2fFRi7QSV0
znahA&g@?D3Ern5=IxV>VP*iHkrlh4YTDjj=wtWYJh806YB0^V*6)YY-RO4oOLm<=M
zB4rc3CR2F~Eb<RDO~HeT-S1n2+N2gZjy!Jjr9o64m@0@GonJBqr$%8p$b`yi<`7<`
zH&ud1u_Q<-e7S#h8c|jxYd@9LWeK`H(h3py$b0l){<AXD`YKzPDfU<QLAe|Ei5UBb
zv)MX&!2C9hhLM`T4_{yuk;+76n5a#26ZXRMf>X|zfBw2^B6!XDW(H}tkA%XlKMwEm
zxIej6Sqv?5kh-o)*~0k=Wr1R>#KH`eEqfyF%Oe=5^vu--h=2h$UxA;6OHSQY8;&=h
zw=hjv(-M8e?bknD5<26%t6^n%Wts7OaRP*epBkzXe$n3M@#vN8c<_AD+g&C|N9$sO
znQ<E3VEwPepwHJE{Q^#S1AYUyEECO~V5PSrg)Dc>QrKmU&+^^F7y2bW;Dt=Km69r;
z&b)M~oEY#fqBZ14t-S9VvtnX4J=g1IEDmQ|xHLRyuDp`wjg{ZWNoBUWdXzzplQpSD
z`du>#1{q_o_|Lo$Ur$pVT%-rMAjq@VoI8OIBio%}*P8W43=IxWmyF_snN>?q%avNL
zFOFdj;cjw(Hy+<^`28*Q?#FYbZQg&iXipZxYbz1piSK&}d9?_j&-~hR4e+MW@8~B_
zk)xorbRSFp$efC)#E4`7J26{{8&bRCUYkYnqi&?9%0|LNZ&HjbDWSx`laYYio<Lng
zXH}LXT6`3pW3>V*rdg~-vPa#wGs^clcMJY7n@fsB>2A;`6WruqxhNMVqDv-gwj+(;
z(PCK0FQ@4!vd;Y>FK1Hmv|!W^Vt8(Wb)TqFJqY?^PMMezDHz)QN9!5%C`3+cs8D3j
ze3i6Wq<*ycZen)p@^o)l{=!x-T~37O`pENo%DGnL4yWWLb>yM$we7OXm`ldq*dmMN
z>?ufOw~jotD*qncQVKPX3bh9=@zth-xpwF~`@N^m#piw0Z`(s~^?T(3eAXZ+QcuhF
zJ-y0*2(G!lyt#i^gFfYeyy*bCJH0RE<a!@j$hX;}xDoD<eWw9eIiOF?Ah?&Wn8tXW
zx7mBYCJyUk>BS)chsuQ0zH)}HR7-s$6`BE3IA@%T2pGOv)MfC&@o?s#f_@LKJR(u~
zn<A5^YX(t0JFK}TREPBm_aY*9<YPBWz6L(<4&W@X`qkp+%qfZwtPe?}N5mq^+}(8G
zGV)wAGRpG2Dxfr6yK@FyCXbx7KQ*BNNWp{Ob=?hnntb#MemO}N|LqF~&G-FoSBzx2
z(xR-0NESLN+dJ#3lODAgPuc$D+>dRZA(;hx1D2B<k3k`AV?i3L2&z3h8n~+nazz9C
zb|&jr;r7QZZ>hxxKKXB?73FxHz)KEU)^~tG!d>qB{Jk0^g);fng})^-`%}<y5R7?>
zcm6k8qXBmgWgZnh7S8WjApFp(YXA1ETSNErDobiDkJl_;&Ztk&03Qy&?l1jxs$7ab
z_Tje|U6Ac9s4Lb(h?goIjy|2?;nZnGF`Q#+Py=4-(Xht|iRzCL4G)J}iQ^daK;Cg$
zmpd7PZyGZx+}PTxDu}+Eh=L?ej#BZC;wsNrNw~}|Wrg~)>M{O5m|_m|LAP<mQYYGS
zXv{lt(9bGBzXewpD&)SIdR2~K2HYl>87j-1QK@|Q3Mbj9dSy0gocwU1q+GX?OQL}g
zg-jjCv|W!rN-9rfXC|(Nn^S?nsyM6wv!Yri8siTCU|n~)I0{Fe0g5f?q520{y(h#4
zRq&cX#wQ+ylxjvkcKAfEJ<`RjQDX`)walEZ@)m0&Xs(#9-^E-kkE1_fHBH!pO)Tpv
zMK1AXLM?Y>w^s1=K@f_AWGT$S6fi`EjQbBwuz8&Mn;KV{wZL7*okLyt7{6}4IYoJF
z%_w{;zomMnUYmL3l>a%2n^Tk;)g)WHVZDEpP5T^n-dZ;#{b!)li=nechGlraLM4Ek
zuSmXz)h3hUB0bFOE?c-yW@1yQ->vlFb7~RJ7u1}DHwkF8-UavGP8c&!9`@qFA_wh)
zrw2&2^=jooymA5du!FQfY<GiRjiABH{@VIg_Ekzce7Al8KCpeemt}%IpuE&#qHUK3
zNpK4_TCU8}vygEKEwGVHvW$%M&z=M7slG*x1dzL6{o=62>fDCN1A>P4jKU6q8xRP(
zC&~XT`9rNNK=z4S&MyketxC%T;pfV<Y4isQE>F`C4qvJ}qND1}L7`0EGONa{oe*9a
zsHi(h%R`ujfm`3spj|R?1e07Wsu}j275PalsW~b-pzJR`vV2*`VDby}2khAgod>_v
z0|jd}%NeN&%2xkwJvl(=^Hs5tGoLzJMSMRk+KLUNXphQ2N;00pm}EddOUV7_=xcn$
z&@IAS>Y<#!B{vk8fZVJw<iR{Ux%qNQQ*sOzf@e~MQ@EJ{53){BCt(wc>{cI2kQD*N
zFif`c!rplTEiU$IifQMs&wW?@)8D-b6jIv!I@xLmmj!?ieBV#w_stw{gYa*~|L!#%
zErMGZp7TI}PZ5~+;~CyvQDAvUNQ?8%H>i3ROv2OL0`$7Y1+ri6NT5aobz7NvBSDm6
zWuzAsIR;b2s_u@Ra#=OfGH3FzRZjq8ju^bV*+!Hi1lIx@G%;rdQWQc`YO3;8xUS}2
zc~*&=KIr&-vw)dI$_i<&*k7Q>`8m7E7Fh3VWMH6I;o)3AqclxoQeadmZ~8{2vxCqv
zK~7e2q_vK$iog*rpS%v9$;*1VrJiyGv#whKCbRDq@0KYJ3MbVf+yJT5+mp&9=c+N8
z8v6#PC#!P^qzT@iqBAciMhGq<Xm?X96w0N7VwT8(zD?EE?X3|=b0p(zI8NZICnktK
z6jdS;_vpZF%y|>e382Ev^h7+bJm(_%Th{K-$+~Gy4B%-R<Zb_jm*0y?B>2C_i*7~k
zC9!WeVA}(Pr^RJPERaSlq~-ML+pR_!l#XyMMrIyKJfn3;ZZTYVuHs_Cd%iK*L#eSu
zO+bVzBCX~NTEux=0hb6H!Vaj`HxH*=$sh+xWmc(PNe~UiGMqmJGfSv`s2klTr0-z-
zOgED(_Z95Kg4s{lUw_h99+UUARkcwv<Uoivp&%zIgSzV=2Z}648}#*3LWIL4Lxfto
zOZT5+BE?IK(4N@IK-vZ#kxD)aFEuH8_(^D^J*u2Su;M!l^!Bvp8dG^dNHKkAC_5l)
zL8$IM$Xjp4wReh#l(PWez#_ts>9tHOrQjBNF8_FHLv#yghnqm^{^ea0DKTk&ULz-o
zA}B<via!+(!>3z9-4KIQbD{xZRMRl*H>YBej4rFSw~i_qd)X#~cbjK%wQuENxEcn0
zVD=z_xW4`alS?G@e_$HsUS===o<zT-%su_Dn?A(mG+tsMsl|l{k1|R6rxCxvz+q7=
z`a)QLP|gyVPJ)>OdQ_k(A1oqZt<$;o%6VDtnDT05&i2=efm=-=Q+?<>9A)69*qOrq
zWbF!E5rBD0DR-i9nB@)8dpO}>OL>j;zv$bTqiqPoT_Ur!`CE#G1mn$8_{H7D3J_7j
z*&Glv^$k>4eBLj(?L92w--RVZB&A1J>TGxF1*cQFDTvMtc!q@#`$t48u_fxNyP!h3
zPe@d!mF^G(C=>H{7yA6Jk~knYy;0~vQ1R5@-&)J8N*zsK=CnaYRi0a6*6*~#0B_3{
zWl_UqgX=Jpwk3JMl}=NDaqm*qPBz%cLz=L3R#bc{Zo%Hk8|f?b%BuE=1rFo40nrxu
z&ZL;Lwo%ucJ2dt`r?++PPgcI(fF6d5ty`sXD#gtI783>_ULjdJ{fL04%=$Q#9Gn>!
zBRk*rXavTb$py(H|I3~j_(t^>!kXM5-64@;)gpt_al<mYhn9Fn@I}(nmT++h+mWO(
z11v}DCDR4|n6><-(PxiXSJfU&yqt%+aH>T7)TqvE!zv^AlGU-FjdiWRb_I(Yqk8)3
z&FdlbTgOdYHil;A6Gosyg0}e}qrT(2KqBW&z($ryB0K>B+#<Zc*>Vy2wCdgcDuY|`
z_4WKzmz-g@R{g7vcyI|(NJvN&>_?*%RctIEXedMez%TA4vnKD#_TCm;{G7Blgvvz)
zK?Xm`-fRPCjrK4KEZk;7I0)2cHKb0g(K(QK;^!T=zB~-7NZ%i_Eh>AUX}Qb(q?z_>
zGgH5J@!eG0`ia8vRTSsPf!0;*hYHW*fKBLaF~Hl+S3owV5fA<MR3W&`y#(}}f_U=#
zGJt*OMx0qvd(mDeozxAGHUqgvOTMR+r<4Cn{C*{LBo79_g^{VbC3V<>eGw-tiyXZ(
zO{6jWu5qf#qGpQ-*Q@{)(C!BAt_7~PmPg5K!+aK}^1~%dG52pMsFf2ehp_M?9DPxz
z4|0#N0ErVJ1h)F!T4V1$0K7-#WS#y{11x&Y{V5xHq1sa~y8!Iq<U6ar#blLPGt3{h
zpSdVCOyp-jh5S$7wTi}0G@_G0uL&S_>!9K~O%*qR+g1|am%B7YKpYdkb1urj90rC$
zYMdPKW=P9PM^#i}SNN*Omo<S2j73ZG|IN|_bHd!APCa1-!!OL*SzuA&e3)HpYsCx9
zfT2hJpi@Y44OC_MK1$Y<9kgM>E;BS=4z#ZL!x2*A3crm9@P_O0_;dMO$|Dl}UrO`o
z3hIGgwc;JUQUgL>A-z%{j_Q>WwOVflb1o|wdQ)cBWW(TGx7EX?OTal`JJsWK1WJK2
z_e9R-j<|lp;S()R&T0ygkXJSBIhcL4FDw3@hjJ#B==M0`qua7CP@r9hwYa%IL$*|M
z<>ar$6G6*XT`iF}WFX2Q!Zk}Ze<&11I$IO)j;{>GUjS<q(AX5ZOztAlXsm4c%M#I#
zT8LX3Khg&+w2m<939TsPJ7`kjndFMfY{YYD=cob>SySa-1_ajoG1e#m(@E}>HCh@O
zVCF`6smzyrE=lCK*L;>>0c)kHFblR5+sl%9iTMU#?STgYO1wx2mV&t4###^zilQnQ
zMIZFb!od)Bwb)hNkVuPDAIztjc3zErlQItY4by8`y{}uKSAO>%-sUh<|FvV!b-%9v
z!_qglSJHLe?$|auwr#Vcj&0jX$F|Y2ZQHi(&W>%nPwwYEf1p0Bt7@)Mb7;Hr+6&-)
z-_!kuio);%e`jMC^j^%@kyRRU>-E_d&b>Rr0|x75TllG01mTyKybJme?Ko-vS;{OK
zz)ER<W>(Y2z6$%aHpI%okPrsJ%5@yqdeXor{sb|aIIB*E&O!mTD#AkT&PsZ@?I+Rb
zM2x!1KhZfY(DWYEP=AKd-9~<QL-&pfq&K6G`3-JMEnL{o+>+TyBjFg`{%Ev=e85z?
z-heILk**L{)cIk~Zny-DJ^~#z-3CF^32&Ly2^IjQoWShg%=&u)h#NKYp4SvS8%Q>>
zFp0Qu(S|Kfytu?O%4K3pAkC{R+N+e>4B;*B?!71bmhzdO^YWYjNnLX;LP??;4>Iiq
zdKYTG!hEcw(b7U61la3<D6h?!>YenpsSY+ib;W1bF#g)IC+;PMxsHB~W2NOx(38iH
zzJGvkG5pI7_*coTcl3Cl5ALk77Kj_jOO4u`X>VQ}bQ|0EZ<<kTy3Li^$b#=Kj_*>v
zl?$N;V?IAFk~xYy87vizE^?Y`9cSoIHP=}+sAUozzK0q7%;^d&_fu2Rbt9M*8&dCo
z{3{f*IF1kfLMP+HB&?ZG{n5-srpn`nD=spYWBh5aES<8vQumILeC4jDV_-il-KSJB
z2z2|An^-o(2Hrl%G-BRE>B5(0ZRq=wfQB=+$n-U-m)67#nH<`AQ3Kt{k-m<MB~7t&
zzPmnol`JnhCoyOkr3nqo3-mZ|Jf^Pyy5T<N+^8x%n<FbBJUHq>_U5N_`5WIn90I6f
zLibr_iO|s2`6hcjLjh#-J8mobax)h~IxapVpC`v|Y!&8AGLh_^!9jk4Yvep6_m5wn
z@tX@~7dG3fYS+yWUi*APHS#k8nWWmnnK?+;XjAtC$PvjaSD|6YLbNJ~s<Tsn`S_o@
z5c9J9vz&{?BqAYCVegg3)n;z%X`;a_bsFShP@@tMWRk+CCbmhQikj|I<oe-zLKMln
z<(r7go**L7x%Ca0LY}W*qM=i<oNsX3n%6HfpFAM?@Ibub`}|;bj?jPp+UJgoD~$xQ
z<-|GOgaDoD@6X<6pKRxH06JN-j>WYPk04>=zn|oN3&Jx*L!#Z+ONgd+RwKEV^|3so
zt47oBxxSS+d51&DG*;oH!^w%Mb&}=$qv3NJ`M5aVT(7pYhxRP%4H}ho^qSR3PB_0a
zBg~X<3-Uo<rr>J|&qT`^9jiK$CMO?#rIjQ`J}>u(`UnJ}E)y{`Ce8r@h$o6o_ho|n
z7@6P{MC(11Wk$HG<Oi=x8tpXCp&OoISI=7oxM*t4HsaXYAf_%^Uz#+-(_df72ahtY
ze#=P5IX`q`Cey+6rE{y+YKX=e+7&Q=_5bRzNmvW7^mn}oqC-RZ^o`EVEoLLhu$NUL
zZ$PI4VSE<Ld|jAN9S*r|p)U+i1Q*|aZl*|6^4x|ytxan^y)d4jj4rsrKvtQnu8L|X
zidfQpWTmV0PmI!ONYFoy#;atvJN72v_alV383gz`eO|T7N$36_1Y0w{{XXKMK0Lq&
zk$>vdV*sQBU+(VN9stTxO`}I-NQM4x$SM&XGDIt8vFuj$;I%T;06j?5o~MR2TPb$C
zVtdr^7?Ty2rt%79`5F#S$jxk{96ZKnWD7Jo&?@L+w`m6|r2zH?Fwf7?iDLTbLtXjj
zZSX3nvmTU3`roGS2(!ZlE#edEm=GuY_C)>ZiV)w!XG79StmoOb@UlF$5G0B_Rp;}l
z6mJ=ZX9WX9(r)<1hT3<qF*q4Cf94##Jw%+1jn11j(Yq4)+FeClPa;NC%1}he8te|8
zQX?})M^azil52T|HFZ;7O`_R5Qi!A#B$6yNrc_rza(_uJ!scxnhI&0lzPXdDbWfZ~
z8mdY;N6=4|PMV4q78n#*e&)y@sW$JH(~Y8?kGq!())s<<)u!UK&<~jO!VAOM#Q1Y~
zxiW~ko4!@f-${g!rN>}j0)QPTm>0>)Z)e|sjHEkAP!EK^Um=)J?k2|0(>)WKLz3rQ
zYM@ZroPK|Yx-19<`k&ky$=S!?I<+-?s@Qdvx~%}7<#ZZ_$hY7YaWZMop8XG7)x4yB
zp{8yvVldNo&VsfKBiit_{Kz(I049W81&_gGmyy0<o>s?$$%&Rkto}TG;Z(bn<)1v1
zK&8}2GyjhLT>%G{#7o^WNI)SM5%*hG4VNM`Q+Sh87<j@ZaZGP1_@#w;g+c|1cwtm_
z&5g^yl(MaEzA|+T>KgO`73)Gb?km>6R}pGp&x#n6&#}0D!cED67eac(FNkrXAV?Lk
z7fWbAd=epO77Z*LiU*Xay6u12d8^C3{Nb6$$)1}ppitbCnNukz5-FhZS|KPDT5NSz
zT)LQU_NqKB6jzFn8gi6kPgO*JDbG|)(^hVLb-1P!!F9JBXmS3%J&v67_xUn}S^#*&
zf9}^kfy2p(kn#@YhX?50Sm*oDuXO9RZSeR%b}kUi2c{3pE$@03lxuA>2!6*Q#lciy
z)JQ=66M<t9X%#7mYmO2Yl$2IlQF|L=t+9!gHjIAfkNwMYTL2ZTxA88lN-%>ooXe-y
zA6BlGcO?F%{KiLU8l&O~lJ&JofAt?I^{@Q2a}<rckqj_HBpjVdFfHx$i}6K>{sfue
z{$m=AU3yB9#ZV#m4_bFOAZF`@t8SXV`MJ&<ruk1YSHzMSl(EUmNB=(J1t}UTG0-Gk
zazAKGi4to5b6(#pnf_T+7s6aYm<T}E@Xpfp;Xrf<8dA_S;LKBh^AKLJw;c#?S5mBC
zYOi)Oj4lFSYsSRbOIPlTL=l|r(ry-LC<u?I6z|<EP{8+W6Yd?<>=9)sWu?Kx0*Um}
z<-cLgk_+ibGGj^CbK<*i=elEUniZR;WTld@_LD1n%WIe|0|;Z!GX^hn-h13nA^O}*
zF$gA;+jax!!m1rZoV4CF=hUYRs+>luDU6dnfIHXdeT*&~NWJZz&zmLw-#4zO>>k6S
zJHsd~;KM819M~`5=ADMhFnwfOT$`H(F)hcwz&ht6D^nfM5qv4R=?tXL8-l1%Q@J!Y
z3C}C29D%oHi1RB@Z@_O@)(mfn#_YJnRF?e5lFY;5hy<3-(r0#hec~^AXmMjJBh451
z6ELFZMr5gZ8^FL}GNw%o10PV#TtIQlfA=MAQLEt<9nr@fL=_<QbQ%N4N~y;34_Q-_
zz{0?Im?|!Yn?}JHhRW%^JPWl9%OpM-85H%NXobkj79B%2a<5JSR%OCf*MchOM6W4O
z<MDh<va<K8L2Kwu3Ova1`4-fTkkP@LX|Q=P*hHvbkp!QdV91d#CKc*1tdtYG21o%W
zPmfo{x?i7Z&F9g;!Y{f1E(TsyV{h**jBBdS+ygD803yXtS#7WP+|$q&dO+(@V#hbv
z(RROmPTd5?-&UzY5e4L3rjYRJ)#e>UR3M$JImunj8g4h6r=`t#h^|qhB|y71pz;I~
zr6n|z&_`{XRu-cmV|r#7WRTN?lL7?M0$AdlbC4;8iG~J4?xIwYRfU_o1W5Xh?0WEz
z&<TKofU)d57U!#@eLJ-Dpl#DvJ=Y~ef<M$-)9RvEMVpM_NrwTbnIy{7!B``wXndEK
zw!lh0KBy)6LJ^CorLD3G$AL!YyzWF~n*6Jrx<BH=f|gItMW~#oAr_wU6IcDyNuB31
z`@TYUHS<z(1gN4XLoV(b=E3M_$~);6Y~yL0zCc;6HgQc!>;%&GyeGC3GOFIKZLdoB
z7y*PM^uW>CC$@74atABF)(!jm1L(fqmB)`yE`P}qCTCpbVS8N0BrD)&cKoCpXj|8+
z58CdXckG~Mpc$W*=096Gi#H(eJXVl?as@wbcE4&06Wj570jf9wY<LxXAYJcNeCX(*
z(g~?*Tv^v<o~OdZcld%^s*<ol^Oc2srzZoX`h>c8nFC?5eo}c)vQ0luw2&&10CO?A
zg{l-z`X)dEbh|Sa%l&2og@8+-uULGbn0uGW6yG7pqY;FI_T~;;Jr2>~@dOa&Jdhm3
zTy~WkG$_VJcJ-25U!#wA1J=qC&wKPl!D?59TZQ9(_k_DD&zZLl&&4B=GwmP^w{;L4
zmu<r5<Q#*fFW7&n%BlhlB5{@zrM5-x4h;Y3EPLY^ma`+(7#oPJn&9$e@)nNnvrQDH
z>6JJ{K@1L0(ohKCHjp*I7XCwK$pp2g$F*39y^LNxHikHo(GxgPfNDb(8zS8*?HPWV
z8eHaG9=gP96C!wVKD|j}#?DYw*5U<{Yyf;L7Ew>7xsR-vLNS^hHSl##?i*mxn9p~!
z&|_4&T5>{*Bo~IOiq{vd+U??fIcvgRoIw#d);TJ<J5jIv13#xmDP1+H;x+81#=Wm*
zR`pECDG0OE3%Jp*-TrJTEe&`6p9YXSsK>q=at8=;!wJ}Go%NZ8X<G;oKz}zV;38M!
zitui?X$)X@TXCdG*CPXuFP!9H%>u>6czc&V7AwImF0Wb>)&rDDC$9;yDYWO)d*x^J
zh$D9`H}SIlC})jr$;t;%osD3ls0ab=YujL|K~Fg_BG9A%Vc-1RA%<KwwyH+jm^h{U
z>l2*{bVhk5oW1D_bR5GgTHNHCpw-cvaya#Oi1!x-JsKi1naV(zv+2uZ=VEoT)3SWb
zN@!Q~Hz~6^)cKBHfsN+{>jlwx^!2^GMrFzkvJ92WFboOa#M^nJ*&lI=neK;RlN@am
zmV6nbzTuV6+CdWd4OcGiQ!<*Q(qIN)Nvz?`1DshDO7(`F3B=QnLcJn7Sw*tjDy-hC
zHi%MRF8dea>gDG>%Q2(<K5?Xf&2A?UyrwAxxKe?OB*f`l=$d!2Z)AbF5a#`Dxi^PT
z<V=t!k!5V{rdCBkamO_&648WA7b&8+JA-SM<bw3Qg?L7@oinz`Z6}B?H_zz8i18t5
zF9S#y@KniD&2T0qJ678I<>2808IFvcD8IvZa=Q41E=E{bzbls-|INMX|4y21t=axu
z(N;d-{vXBXEd<2!Ifnq~!|l9-cy9<i^OFt~Cpj3V=vd^xdCP`2sC+j1FzSqj8?VwB
zHTg8k{f+7?5uAW3;i1QS1t_6hjI5TD;amr?ch*f-pmPtJ1h$?P*UgB8P^IcB>{jC!
zm2(VcDtEpQQH-&WgV(H~X~4MR$(EfjLRG>iCmj8HWnm^Qj{Ob4v)jqIw|Lzf9>y^3
zcr6?>Xa>>YgN8M?^Fp-i@QbS`ItkC98`55FEEAHOb0=%_A0!}E+hFcNaMsr4@4RwQ
zhTf#t_7}hlBu`8<E(cw#fDLRKH5^rmL_s=_O*ChEz9@Jx)WJB}F_8Q2u=B=+X8_6`
z?D}I7&;4Sh!?YZQ_&6mtdBYQ*%5~|~Hy7Q1AU}1EFEe5bA33mIZ=Ja;Bjgp9v=#`o
zD0j#JCu*>^L%Pe}60jMNg6s=6!ife|F!uzyBqQX<Lnj-SDoZ}T!&lgcj#x~e%Ba>V
zZBGUWJN_`S&xA17K@P9aqXYHi08wRm3qQ9${6;5KW*4y1JoQyBIo)YeKXe{d*49Lm
zbQ<8rGZCyI&}Iv_pML7IBYtp32{8dI73B*$^!9MZX7*V;FPg&ksj(@iES~TLSpD^{
zZ3wpO-<n&0{r~@iC&V{1fF9J2J?P7V4~;toGQ$k?XrpH5M}vCbL0_s=0RhC`#cT`R
zQP~nkgmiz>OifCEg&KY|%cEN8U&xLQ3k_!Cq~y+?I7&boiaR+?3Y6+0GYzK=h8)aE
z2~&@ELI=ggEXlRt;^+wtnn_;|%!uR$Wu-qK-kBmH6`j&RKYW_2e7{WXkKKF0TN*vz
zLx9^NE)?Y|^Cq2R8np97nj_?4N%fj7$Cw=4l~bc-fX<>nC!T}dznGfmiqcf48Dk84
z_3u(UftJi;39ngYP$jsJ4L`R$W^x7TpN-%OBGRk|9HM{BG+1|^Lg#h5LMbuTZ#y}0
zu0L<&_<mc*$g<Ko%P@yLY^z}Ov8iY%151}b{h>P)mH1MnAUjdVcz2E=upb-ye_2Qf
z#-XUsKNY{a5hre`PeH(x1^UiesNcCYtkR*X?xBi1Yd23s)Yznp!Euu$)6uG&;Exmm
zidZUnO-`2+TeORhaZwU`kP^5!-lC3jPcnvlUFYG-Fn*KP*GJlW86q%`SBG2S{=$T;
za{PPECe5Qb%*+0Shah_*{*UkigDtA!-a@R4Y-4~757}d)&vv_WO$O}01s$NTw$}Hu
zS{Wc1!x|^GWr{m%#<!K;)cd<OFV5c>ltBTPFUx<MB0sYZErI~#uRO6ho68fghRQ{5
z0H{fl6n@b6vg8^9LW>zhDIkBQ$Gm0zaH3({m-*;dnJ6R$$>RQ-W7|7-s><5|JBqNP
zqBLHIWDIwnF3%vypP1B7)xDth(x1}y><a-nncF|G!kJ(W+j_)h{U_C;z?3K?jux~N
z(u9A2$`OQ+DSdBTvi9A7aRH12qF1{PaK9@pjQN_zxcIsedAdWmvq}CMA#?7y!rip3
z6WMcE+(B}i-*|$t$;r%4wPXC*g+DMuZ`{#U+;mQ|-zHBo2DCHl=Mz(vB>At~sDR7C
zBxxCzR7MDK{&K|P4^2herM=E2)$a)vES7mmMxwucm#24(#IdW!X<eBHfR>kfp$4$V
z{{ab=4T>|F?Ji#W;(y+uiHl^5C?d>9-cn5Pe2-Sp5mlXWB#p_0+KocddG+PDH>w6n
zLEQ)!qZJ#L2|3;J1QruOOVQ9rNh4-nvv@Z<3B@Y?q_q~tQih>?>Z``WQPd#us!Zln
ziDX-Aymw(-DFS4iaaun!P?sPBV#7Qd)O#M6Wz?QE{dr9P#6vhVBvXM~$0_2u_D$ao
zhnb*N8N}vCH_A#^yz+Iz=b&=#>a>zasDyC4UwyX$WhWihZIsXkU%qX7X*Zk_k`w3%
z$|=du9YcYT$NnL))BS<Q2)(jCNB}Te64)F}19?#g@h$@MBg`0>vy{c?wY;d@a1->u
z2D{M(V0w8Ofankn3@1U-BwsiiDwA(EcTeG3pNG)8T4ktAA*Lu*CPrEW4JMc=ok>2#
zd@7D?Dweb)nT?%xrNL(3+f<_aTB)de2(~nlh?^~rhnvD%*#=k@k{tdNmk?<WQ-pL<
zQZQ}1@|fC#L(UX;7y{J%V04(B$CpfUeDuF<&vn4a^#Gz=4Wc$?$_Hf1!38^k*>UVV
zLVA=PxpuqDEq<kD=3A{Qa|U3&<J0#M&3&c6{ac71GDLQGwBze(3w`GA8L1Wg9l7Y@
zKl%$to}M!=_DjykHNhp92=W{TR~Ef|k=quHtNR3=dK0=1Yme%wR#R2NucU({g&Py1
zT-Z9cTC+ezcG*Fo%p&O|!Ku^gU+CMh4{fuLuowcoxfy#sB&C*xR`igt5m4@W@HA1i
z$(H<Xlu#2I{kSL3T<f_nUGEp%Z`q9e4<d*9%_g!e)cFJFQfOLDX6Uj%icw+@A9hjv
zu8E3jMBI?+XYPAY*@OE`Qn>e6tI88R$Bv)|?f*32F#U4@H)xgmUgyfnVm$x5eLWz3
z?AsP1+i%>!+OW)>0=(3AiDSbZvrx?j3|f&#Ps9thrjA%H#SVh7vD%VPHG`!mb^H32
z0+GAAN2dr~6pv<xK{>{feCWC-wONSPa^XVwJ%4Aa%}JbZ$D?wA<kN)go@fvQmOp91
z<-3(A)@^LKp-U*^!u(558<x1i+;sVdWNHX@H$aT%t8UAmf9yLGw1q>N;Z4csNa*E|
zaJGZFor9blPJ04;x0+P>9X7)_$HwK1FM#JlgpWycNkWa9GK6x$F5Wou1bTyBITkm(
zt9X2JVK0NFoNdh;1}XkH#kXH*Je`R>1*sDA*?KGbFpc5Q1%q4>iD2Ant}G8Ow6B#2
z$!?KA$IWw<rzegFSw^CPxo$UbIgeQihgOlow>8O3L|cK{Pe9O2-`lMulfvUUM(N=i
z7Bh0Hk#j7dU0RdPygaDo;W_cN3;i`Q8nvLJqe=!j(m8eMKD?ihT4d8pl$UXpw4a~^
zG`)2Vf#=KyKmm1IwDYVZs{}5el-jJy?*aa|cI?nbxQy()e9RM0PV!v`$FTI+gUMeI
z;$#%iW%_7s-_B2u|G%|c4&#3!Lu<f?0_9NyRwSis3&N-YKACnl>E9^f%?r>8rIpA9
zEL^x$gb7ibReIm_^~X(HRY0_uHmI1UD*jfnBr__B>niwR1<tj@y{y5RdcCJa52TB#
z>hgn*f`YUQPh^(v6VEZh1qfCg;!VXn!(RVBPArE^*8$gVBSF_vg$;v!0e5$d+247#
zRoa^l2#@x6w9J?S>n8%^MXpKkcphnsRo*pKun6czO_2_FoVXGh_vd{)?_kEAxD=S)
z=a+E<ocRUe#goA@Pw?>wN)&PgLyHg1UE3eII>vi;mR>?zleE3|jt(B_HR&p1pZYzK
zC7#GZ_lc@hv=_UT8r5yIG6CpEG(rlAA1pX#F$aq1Nn0JZf!AoxpSCEq0%hSebM~xq
zPQOsMLna36HUy7r`>%cyDS<A}f`Zf!Po+S~J=Kp`8Il+p(FBnzSbG%>ZjLL6h$b}H
zdS4gf<^pRlSndWm2xbR=NBGbCJ4gpF`#SA>jsdneBf3BSEZ24yr(;H1Ua*u9e9MDe
zyKwvTA#cjxFV1-Z`=HH8Hoz#<=1fYfpr_x8D*|F0kV0p<3FirLnf<D{0GGIEZcL7-
z#Wm6WQ`+IF+Od&8cWY;F+*8Nd2~NF?G|#ZH5ek3z3qc7`kFCH;=uh0B+uY%Oo$M{D
z(b4~4*-)Li#>rvO>$Y6dPGo<#Rk{#I_f+?DBFq4F{~>ABg{`c;BtPqpm<u?-JkPAQ
zZDj4KJ`?Qp!v(`-275cfWuD9DYt}kicMES<^;NRpnT2#+S!QO=Pufe@@I$>`ZdD|4
z6w>l3f||h~OvkHPZ^_B;0Qqzbd~RvJPFzBf@X5WAQ*XE9a=t~{xc8b?K(DiyUI_A}
zCII}n6IO8xQj8Pf1}GRb+3iT&tkz7S6rT<IU@N9Qh$OB{nHAz%v1t)GjN-e_v%T`!
zy9rLU;_p?z%mg{)8BzN!swcyvu&VQ~pmui-XFKZll9~ue`u0p9<PDi8*fNk8?7B{A
zB7<UfVQ^uJw*r;Ck{=(iM8Jh?jiD5ak?&!EXwn>0rv$&wIA*w4Y4OVSkkx43>cSaP
zY#XB*rS_XePt&DsmD|l4WJ!3uN3CVnrLRSCnP2mkoW5+Rq}~wyv*9{cz@lWQ+v(ik
zw?B(>mC=xjUFEMa4JKmcfzT(&FD0xvA1r?)(3eZg{Iro@9!uqWoH4qidr`ofi5bbG
z^QZMyPAG@ymC7lzJr_ZU_7OiIi^vMiR8#;qVtHY7%0gQHF=1pPu&#N+C?rmy5i`0X
zv}@X`pvb-Be#-EGMYtkTikGGkQqj-=5vj09{i+)FlurpKLDRh78BYy=22Ef;-`f2V
zY_yFQI06<GovNd?gIXQ1$vIcGvR0*T(IHJxtM<dEvDmf%r3Gej?VctD^39wPmo<~T
zXb|oNJN9Pu9PDHKgW)5WP;W2cTxQA>F0wzzsK{TUJ77a59$n5!hE(Hcxfx1Z!!1Ni
z#rE#A`|7h~l(y#m&6pB#g;svST$HqHHKx9W72&ywg50td7USK|>Q$A?-}yo;$SSpG
zYGB(3zTof?XKW%z(&8~P0(>hl*&@<pmsPVSWOmsg-2y(56^1ImEHsFT5gEUeXmyob
zVxlkF%?vbEZ_q1$2DstEeA$FM@W@y^X}|J<+z5ia)Gv2#vqW_N&!Xc#^Q}n-e2D`7
zf%sd$%UCkUwnO-!*L>CgtuOQ)skE>Vstlr|DZp4AtBIwmV~Y<k2yi0nKc2Hj+nx9U
zHoM`N>Tj|Xwfk{PLuAKU2}wVA8K?{9PkqybYovhz9~}^10)1O{w1#2BfIoHfroJ6E
z+j9(Xv$fmPvU0dq94OE%;O6f)YZhtLX-S%1Mx8ce53kF!<jD(*Xn7sboEbU$YXgaF
zC=tAF6tEZs=kCHk7>0B`Ea(w^>qW?m(yw{80ozGKQbf(4l<s}4X~F&~_3*E~0;T0)
z4|CuCNg$c(`Cmc&Ma1?YY8_4YdxC)^ctO=k5(GDTMC4L~I*5NLO4pfSWrZc*jOhsm
z;W!rkpfj5g!U*4%+7{7LqG6M*2{{AD9NdNLl(%N#X(NO+<g|uN;+?0d+UVHT&wRS<
z=;$sv7)XVLXT2qBSMWQ&pU$&!_0!=WP+|M5T?=|^<PFl_!4x!3m@B-Hb-#j@rN^4o
zZ=R|Ad%<=n)vrA#$(~sL2OTtndPo8Kz;P(QyRRV~f4C_wr^HjTU@isQ-$=yi+BTOW
zR$W0&FnN{Oq3`hTb5$B3Ve!rXJkET^3^0GuIw-L?v<i!rb0LGnYSX&rb9dB75`n7r
z5ka|qv&)@&5*}3n?n7<%@EH8a#>_H5r`pb60QygnUbh+Vh>oVOY&AuYqY(*erE7HZ
z^HpkNm4|?bJI}v?T?8i}Xs-ABFyK!;0o26PW@GnYe9Kce^^-`uxdJ&iUvb-ZpCIi%
zK*&RR=|Lclf^<F^=}(zQ3Sg?15;xsO40!HjmbTWO!gw9z+F`KDJX5y{3|ylAE=Qy)
zwX*G|k`Ha*aAJZN2odR-Jwrr}4GQ6@U=`Jy5Q@V3_ajhbUIZJOVE&jTn{3ut&i`mc
zw9CEd!a;a(66a+ADuZoBJ?FXW8qE&;G;IbXKU$KUP}2D?k5P=fyc#8&Y0Q|tV|u;H
z0R*9U{Pere>CY_@{*Rb|7Y4SH19E{<P=4bA!#arE`=A<^3f0U3hMiU&oJYrlLtB}b
zxP2!yzQW>61+weKYK%4^Rt3m04ggkU5uCmqWCx-#cf4d)@)RZpCvIepJSG#WHg33b
zH#{%3^3noH>iaSRp0QKBvvjaKwT{fU&;sIttFEcd*&l>cj^09To@qB2wH<`DJ<kC3
z)K$kiy*+=HIssc+&&fmRmzBzto^);Il!%VkJ&=GUFQ^jmoawqE?wqa<qV3xuknPVC
z7(4c0SF@s|P$(uC0JH&e5{`wJPgiat%4~R$8slTH?$@?&SUbPO>gq^Wv-I<nqtN<=
z*Cue%zo}{+RAy7Om`4qbynJ1Aj7%+sphyLMEuTa~n0z>-x}i$TfHIJ&f9j%)NFezr
zPR<V~AZV<bvivkkLn+!Z7puzq-YP`@XY4^&4Hw3AVW7hs9H5`#WQ*FW;vE;yD$^5N
z??}C8JT@Bx6TWN{icwtu{PjwR@Li$4Qw#Qz{XKg4AfEq+yJq0upoM^|&yVlu&YDd7
zpe$yn;0`}b)`Z62XvBe}GQBQk!`G${Uoa<OH&H68zjXtbQIoC1B)C<H0T_*+30h{<
zTm^xlyV#(0<#Q+^V%Ss;67zDmY$2;6n4auD$o&QfCB@FV0$KZ4`(QeG-(p*DB)#_t
zEXV63o`q9eg+_@hkZq?3GuOy2EyR)2EjF~dPBef43DI;YECFNe&CBrntxO!6@BTPs
z93ze#q|zE3my$p`RA2=ziR>sZ;8jG^n4U>&r(CU4WTRa|>TXcEb&$p{KAu)}TAD}>
zFCMC7kN8%YHYo+*%ry#8i2w!Ds&uW5Gr!S3|5P_BRL?;fRwM=1m-y|bnT-O`<q5&D
z)&3_`AuPG1qw=P4_(uB<n=hn4zTmhewDgBcK0~qZWbOiEy{CUh5;L-ahfE`)PMWo9
z!6vuX1M&t4_LA`5;Xc0qkLcuLz3GJN(}%cG|Gq@szJtnU(t-v@tX2B;m=BbbX@=2M
zWs>bU+^kzBKhB_oKr!T;R$!RrWE6#EO0E)yK^{o7>Ia=S8&D5bjn6DHSuChc%JOM^
zbtF9$#SD}7AxXd2t~gv;Q@1y|qitEZ-fuowH*cxBgQ6~YZLVlrRq^k7-G?w4ht%%f
zB8_@(fppVif4fN41x_*6K%3S>jJ;1z1U?oDqXoI7UJCK>@+xZ-|7mJ|D(4}K1Y3Tz
z7W=DNdLIOBp~9EVi{?tX#?kt^%#a}TEU-5q&_%9qZ(+kY4+}wykD;xnb=GBdjpA8-
zI)~7a4uYL{a>LZ;(w*<8*uju9Nglmi)H~#L;44{~0^1)A=&GrO4-v$#dG9J{7f4m-
zY`D*Q$#y-J%R0oXVLdNx-#e;7c!vwJA<o0paJ1|NFjIwvUZ;}kvIsAfPtgj1*S)&k
z=hK`e<G%mfncL-ENA=JL+{giZn=0QfO{e;}CUBrcb2Ev{z`xv>p_34HJ(qD;^_=8R
zO@#E)3g}_7;^hxh9@U#X2to|uyBH12NvK&HNg(*CQc~uDE#S`cn@9nu1}NSIedi5%
znh%;5+EHpL0zva^(Zk-M>VMsEa@`$6p|EiDpKf&B*NuW)-g!7mOTV$o82_3!{iZa~
zb9uwyA@p=HE%fAERJ}V>w<{WH=6XQzpT)>^HPWq@e3rql;3Z}82#Fo4F9F>C))g8P
zm?a51QuIN9cgdvEiYE5FSa-`evAobI1E^jyp42lK3}||3-Zmtm`nPpyPy5lxTdL8l
zh}|~GOw9MWkc)@#1fQT}og_^s*ZI}6q)FH!$!A6CUSg3;|JE>8;&#V`E_wbq5z>ij
z(6kFHRp^PGK(OlB-$NqFVXq;LU)SAu+q_F3-m^n}joC&)PG|1S_73I;zw=#gHG8IO
z{}o~xoBN-nvL5f|J<<MM1mK6%hjnG08-XL)-cN$ZE^|7K>Cf65j$G!?|J_(N>!Mm$
z_Y^t1fIQ^-OI^fJ+f?xovj~OHzSXRZx73SGTroH3LYXZ<>bkc$FrKYxx;a;Bplw|R
zI$N3uVsjdHI1{h1c$T|y0>H|eF_lI>P<hoGINNazdR2@eaQ|i8b*D7&@q|z%Z(oR#
z+&ygtqem~^yKRyo5Mx_ucox04N$LID8>V+Q_0|ulvD3|oO3>aj)K5pOcqTgmW0}(7
zCSXY@RCMJ*NdyxpY!8DX84W_O2*!@Od{2Bz@;<F}_Cae5TQsRi-P?_Fb93TEr2+ei
z_0yvgBkED<Iw;1-@mO%I?m^B8!G<o45GELZj#1_aI9O`pTB}?%m8A=6t%7cLn_U!A
zD6$Dv-$-{Pgu5I(=)u_sH<*F^=%+ow;GG;-uF8<o7t@YGWyP=h{<oQz)GkiBg&?>)
z{q7}t);2L!=Suyt>yM0Gv@K@;IZ+z74Juma)6U~p<4{i8xF{j%xtU+WPtz-b@{KKa
zDhP2YME;C*_{mrAT<Kh#zJDM)f?D18)4l9+SO1&yEdf2LU@s^DAgBQ&xGU&BlQ~^R
zN%9;fTZ(y8HxU{G)|gVu-^hdqVW=h0%Es8b7L*imn&j=k=nlQM!Y!w1l78<<8JgTc
z8%>m)2#bo{W(4%jDrV=HlrtWd(7wQADZ9aFs2cp;Nqt8o0==r+2Do5#9sWKeSGdg0
z*7{S=$BaW%kL3!dJI_TWuKT50&X~qov2IIVz?Aa9*$JvZJmaozDb{UeT#bWqd%w4U
zwcuvJkRF7J8Ynq(l2p3lZYn5@Cqhzz8+nr$64*|n3oP}c2s)~XC~7$9hA}{cgsjZs
zw+L#l$}MaFldYm(!cMc16Yj#t0Hx3(rmnt|EjYegYpf$YZnKzlgotMQ5k7usK9yE|
z>fTcnl9)GKR|m_7)+vpb<K6-V_l~Vrt3N-`K3s|Y$D!BZJH003>u%<FP2`rnGk>Nr
zd*-F`h3Pka2X?bx>DKc)xVR<oAABqXy!CuK9WOr<g0;EH=VKx|1r=`jvvl_G=8;L{
zWj>m6w5#{hDbmYSxFsg4-a#O$^KPtYjE=zS%^8E*mwnA{-=umxBn2ueH_}*d6nXFo
zrso$UYp!Iy$~N|t6CnEjnm22CxGAr)hH5eg_dcZ*3}^J*K}OmGXY6JhG}SY7KBwTA
zRJQpgpTO&w(xpZG{N>4~`c!hOBPYw&C3Zgyy1EGQF@J&kb-Nh$GCe9^Kg0iYF05|_
zRNsVx-h>OUx3jBWCFxTI;X7*#7k5ARG0!KHV$$|d)Q{pi_>y@~k!pI;`G7=sfUN?B
zEmZ(f`<;rf^>GmzeQtIOos>>okxRhjb=HFc6LqD665(t(AL)%$4z6R&j3(BkAVkJ3
zJ|M&=RLwu0qNmcX2Ju^Xo}X@=eaWuG=nLIT`fqU*D8PC4(~S#d<sO3Lz0tz}5C?eC
z27HY!^Zx4}XDgTgPdrqY#|ZLr5BPc#_<TER?^pbjz(vbrw8p3w5?9ZNZt?D^2O4b0
z3z7)Wp8@|Djmf3lfLLvLFt61yubm7vOxP|z2I1UVoqnv7hc<+M-M5j^O%6PS70D-T
z-!&bL7-hfMO?OD$=M3zHRg!k=&q^E5WZvTDT2_`pcUO$JXXMdC)8(o)5AHErnB4yB
zFF98iJ06W47`mH(x-Z~emvP_eIBcZmSLlMur3dTOVNZT6NmNq`7#D-TrL{gpA!3e(
zNwFvL#eMY1hSZUYGwNPsQO9cozBm`E4d24(M;z2Rg^`jQ8<~x$1%ysd5+OvtbHjfL
zH-tw_xiRU1sh=7LpG~Uer%f8o@mQ9;6*Lot%fdS#ltD#l%4bmJcv=X}GL%yWpmEc{
z;UJe(x)zn?gn*xMfRMo5!7nd&=YoW{=y`oIj+ko-K$#66qJ}I2mjWQQ+)4m|gQU6~
zLIc*#%mqrY7X-jR7=L}e?t4PnsKfu+?m)g>ck2JCh^{6(3`e31r*T;|eJb7i4WS@r
zaR+Yces&rp=M(pj#X+R2m=mH@0WkBpKOvr?iY9(txqmgsC5xLQ<8n)4s5dC(n4u7y
zs{d7UzX-BfMh(~x!eO8{dr1tt9#QYQV7aoa+2^XQvshWn$}w<u3Y@+Je|;!w)?1S`
zu*W@y0c<{#&LZ9%%&UGY)d{-x<?VKlAjiOl|L|mn<-kgVA*d{fygyt2)Fdz0vF_6r
z0+=7;@bpBkQ~jzC*y^+BG^rw>SYUeEQ){%~U0@UK<x~-f!#0pea)sx&hv=ZNuER3@
zZXvnC2jLA4j{mVFx4!s9?xXrBv0-9l0CCVyo!l=2h<wPPq;*r$sa`7V_z~44ovv4{
z2|7m?qAk)#!+@tg*4EM+M^hj=b3`n$N;k(|&r!ejJKI@Wg8_4_iPNnL!9N%3#s?t4
z^zFl&DwSc1vD-r0LC8*<^p)L6ueZR3czZLuXb{0ZV>wF6TmTbrpCzG}Lp0Q?jIk-E
zrY(wa62eN}Brc}`KnsZt?yWv&!#`j-uZUTWRV0F!qjV@kCw6{{MP)xbB<49^SP$jt
zlt!nDWBwk?Xgmoc`!V+T=_Q9XrNgbYbG8eg>wXIGyJ966D%I84-Fb4I`ehGN`QHd}
zc>g~0u}bBGN6)*p%n>+)=+Dw7&D|^QxP9xR)!Pigdt~1u(LSge&bIcM>`zgsGp=T3
zA<D0Tr1(CA86q;1iEQ_ukPT(fhzrlgH!~G`BSB%spl%oZD{Wra=xZqcpaHWPOuy=h
zJ9Cpls9U9xg|j3H`YDC6OC-Na*TYxBxpfw{ZJX(XmR;7spg<A);*z4?jd5mev*5d*
z3bVAUQHyg}A4x_AywU5KkYqYR9A$O%{~eeo3&|Kn6lzlPz>EcSOtgt1atenRya)`S
z7BstPksw+mXL!>1O$IzxR(U(47?5c64y<<M@tIMLkl6@%-ZDdp%dE#;d2#O>H1>P?
z)-l$na{DtveK$TB0RJrN_=c4-{inmlto?ivy)pQE)4+c?<2Yxd#hfb8hw=b#&PL}O
zo5xsa<(m_;+^;rZE}M!!1cO~~t^`m}mgaF+oW{-gRSe3ya6stvARnC^oDo%@Y=%YK
zq)P6*QKlxh3=4)n`**{V$;ph*{SX>SCvAUH&lf@eZH~Eyp*BdpRr_&zQQ0P?H9`K@
zeATc1b9Sdi*%i1&cVfoeLEs8j?VdV^+dh`y)=t8oCl7msokhT#kd!Jw%1o-L8qVWT
zSB&3SZDwtXKVdDRB1!xV=hHm&RYN8FE)5xPnb7AdVoxS`Y;d!+O=^R{vYzr~P$K`|
z6h#N<-{Za?NUpIIzpE0pgs@cP+)$znC0Anv3rn8qQ1h_0!7g~zv>OM`%<41L>v^H8
z;P_*gSAHBu<$)A|4Mpa1gWjJ(RM*hay%fyBE_ac0n_M1nyW@n{rO(z2q+yw)<fPt$
z0DuU4`Z}LynVgFs{NIMWt@^y{7*;?n#LM;f$O!;UWkQB!P7^iaSJ!`rjbq-z8q~o8
zY`qIBf<3ir`Uf&-bQq}$`9i@J=zKWQ9f@E-Wqck~*u7%u=oC(RX`7<ce&Fg?k)+B*
z4IWRmdG7-JUZeCw{XX--*yQ<RAFH)(#qB);kD4m4s@3U}|J;imW{r$u08D0nLcx8^
z_w&D)bH?7zjN<WiZyDrlYzvY>Bd>w=#v)4dm4y#H&BO4pC*%jxKqP}Q!5jSoa$p0n
z=NCtJF3%D|mCB~Nb!*l9$u3NSl?Vw{e<p(<^p?Vfeg$XzTDOlh<QH!RYesF`JnSST
zm^a(Kog$z-1#gHuwgd4riOXas1P)WG2R12f4lsz;#5I44`F8q0vnE~3YXT_pYAejE
zy(ToCm)^4D+TvkX&G5QYsSO*s`pg7?=2rK)U=N&t55Y?P&v&$tBg7wQ%g(spo-<OR
z-0s>RGfqLnW?&N@&^BzW68^1KpLuV~;&N>yv_EIC?BF3Gaa`L04?PkhYyKjILUJF`
z6+RW|-pEoXdz_^4eJxOuzas`2S;%ltH~VB4Oi2u}7V^@na~GiJ>ZT8L>E}M1t^a1S
zxl%Fd&Cnm7IqNxb3S8%Kzr3Mo2)u%;aps6PdxGj!$8(;qX!sO3{o3Dma*+->XV?4v
z2EFZmsMqD~8~xqd7!36M02jl7vGndPKR-T?-cA6?I1J$6>Wa9Su5djKMxV8FPaP-I
zFDQ!pMj-q%uxgG^ro1R)i4Zz<_(El`t)*p{n=>qNqd@gKRD_a(1$E?tiDF7y%aWN9
z8WjzQgWC@ntv=JPr^`n=oW<wWgm>Q6dXhK4xM(!{VkR}hY14g2D00xSthn+LiBm7U
zr4GyF^x^_njIyVHV=cgWbs1X-70=tpRSFeK<9Z31!(X_wc$mm68$*U^ZSV|}H+3=@
zj9AOuwj?3=Yxgh_RHpM+EXF<SM9LzKg7vA4XIh?L<o=_j?eB<ks=qLLdEMyr-bY9Q
zelUH{*OMK@htY%6xQ!(+4J9L?IuBw)Y;YKt=*z9N<97ANu*r{OCIgCP&YC@F5od%E
zIm4*@OLo@a`KDH}b`7PVF;+4VO+_V=5}#9#VMF+hx2(o>En6nu@5jC9ez%JZhOhZZ
zdryUg18+x<E%x?z8<`_fkYBFdX6ek@bT|Dj7}py*gMz*$5t)^cjY*J|P-nCOCgr&R
zPebek6w-(B^0omAko<dvKM~lEIf*FIMvwQ71Y>3QTXfCZGtMU9`4c;qo7W#LaCt*o
zCg>;V9n#AI&wMlbDeF5Bec$xYA$Q8;GSADqvAK&6{Na0D%z`GQtB#FvIBM#}CqYYX
zzhW^bS8RMD>JRJPe8)F>ba#kEM!vxZ%#G&~-@mg08L#-~K@d(GnQN2ZsX2`Pt<}Dd
z*R`eT?=yIo9pG+sCz)XG{QkXloV@~O_-uGn88&7n<E_`u#o6uwvSgF(x#%s}6rR*-
zeIPq<$L5*zKUn&d2>9c#TPl72<)X8r^qLdL%!p704*P06Xx4Efksld|sVzO{ckb^i
zo3+M!(9#l$MVC@%-fIFS)7{NS4&mVV>c)OjuGaUsqGfJ!_Mbn3zm?qXO%(k8mx@YU
ztL}b!$Lu}5$Lzf-gX_H=lv?-A*Jt%-C3FgMbB=8_`5kZdn5TF4#$9{sC+{2NoYSIn
zFcAWk352q95+B^W{K<qPA?ffz@nk;1ypu;~2_5UM<CxzTb8^3&w~#Vn@iIS?dd~$%
zue=YK$35nsJH}rVlETyY1YX-w>fT;``Sg12eP)dl2oO6i*2sPo-nRzwzTqZ;n?Gz^
zeBgPwgMONmy+y8YwXf6z2~~v%Lx{2;Tja#~niAYG^J;;58#YWx8+tjTw=lW`|L(DB
zefEPvuKJi2`LAW?BmsJ$JG=nzx1PWPk42Ycf%dd<9<B8t|H7%7W+iqP369Snfd^of
zxu;HbEdD31olO>IlG>4Rnx53Ah#RfNq%2)s6rEF~QL;yAw#7f6qN@y<Xldag-o`W_
zGNP$c<Bf?s`M>yr05-TI=39O^xsN-hRd#}rM+Y44tdGg^`@?WwX(IyNL4QhbAR4vZ
zUzf=R4qtG6Z{<_l+U>OZ3wuB%EQ@>sH~d)8|7C+H{Q8TRo)nO#z7^9wS>;q%<<d{%
zhZy(^w<ub*p|8omy9@%t#}twV2~Z%W8La{HD@3ydvAr}>X)VrdmN4L~9-K`KS_m&)
zy1<l|s4TFckttlbx+m-a@LgU^k{JXGn0=!hAg6Exp_zCS(e+u8$-Ln<cv_NTs17L(
zuCCU|ywqYED=Hu10mbIzqiIa+(63)8-x^r=*Q&mDXwf946k!E^zt)u?T`+xwpzbai
z?blVz`JcSb_#od=%lgfXH@O**P?@fqtECG)RV=nPi)rDFzCuK_^lPs=Wi8_vVd8m7
zwi4<;(zoq7k~#glc*03M^f)?y(Dj`(M&02isDYnj0b88%DzikB<LRp<UR1eFxPA4;
zdmCqPB~>LM-=m$}P7uubTnt0yJGchl9?&zF8!nGCM@F$S){p%d6DJ|8`1h!49f7B#
zH_H#uUvIQ%0{1zj{@+To4OoMtt80WbJpasmlC|ESSs)TuB|%k3$QT=yR?8YNiFw4w
zY7Q_W<*AxbP2}uS>coa^6>+sRR(U0~D%{{gp1It7HDCClfF8J|dj;m{GuF3zCTHfr
zvy39%#LgavWj-}kK_A-(B@{|dO$KL!Mh4T^7_jxPxS-cg`LlY%5GJhtAMc0xTbl&i
zT<gZCt5oZg(4BPa71?zVk#%`8zSycZHRK5he?rRCb_ZEOy|pb{xs7}DNZGx#@!|m9
zKm2R8yPo8fK`j3BsxZe5pKr5)ozMb2Nrh6MQO3#5@E?pA$U7wBWfr6U*o>W+pC+7-
zC#$lf7X9gy;Yc`F<=Oert~xgNke6Ye|5N=lkaU#%<f0;i1kxwCW|SDO9~V4I4#8m<
z9S;o|8@BWjvJt&-D!MR;`-&GFF@-ZewRGpv%E|o29qhN;+by3pV2$8m_Xs`L>0JJ1
zm7p!4_A8iFN4E%b=Mb_TEMN%)%K-}7^e)WnX7tkB7Btk5D!b*41GH!frsSZCIusTE
z>Du|-Ei*H+_??}f0oI!|?+hgMvkOuOACwbu`P~>vNzSlom2rau=>o|t8yUZLwyhTb
zQdvn(yg~LeySg;*RxYNjw0Jm)Unuye2%?loJp-~7<9J|a_H;`IFkzuIUqK}lfy%hm
zt{FHPl!u}M7p}uejwjLJ+om;qFfYS-)8ND5&sYHcZu>eOn*n+M*iq<xMLzi(NeBqD
zBZF1zg(e5Lo6Sm5<aZnsChSh?pL$IiO=32+YCV+^lcoqmPL3JM4nVqd8SEI;ViO-2
z$$=#If;kwn`z#&<h!HHa1|(daHe^8TNSi?znj00f=8GaTQ>`X6WY-0P(`0U%7m}`@
zGYLgu6)G<EyPQ|bdhZmDF~3Y_-QN6Fzuia$20dPm&S$llU7+3ZN|HGd0Qr?YKQ!^-
zdL0<O1fQp{+Z;Zby+8LL^&W46US5$XKl&HXQ~J{VOKQ20iOGpLs}aBxOo*BWNV!?5
zn4Kt!!~$8Q5LKFUC81Zyd=$O%6qg%{u|(>h@_FKq0Krlq7>LJY<y!bq2R)M91!5c9
ze9&d$s3+Kw<cfk=)*xuOMWbWTzA*-4T1GFgT7(gkFSnTUe|FlS-eHy-Z3RfbHH%y`
z9!*k4q~IzAl(6%}4b{+W75TBLv0@nVX-wcWTbK2av!cQFVa`~eC&b09X;ev+w&kdu
z-C@@kBs{{_Kc5A@<=coWFqOl*0!KQaH<o}NguZJqcM~nL>u6@xkE^_T_rIA8uIRJ1
z;B{-G0_Ji-n!rWz1_$#Aqr2yji60QJob2?<y<={F1Rb*=$ghb_PpLc=V>O;b&>Q(6
z+NWGx=$BKCgS8vjXW22>)-CLu+E_4<lF{AxgBI8d|NUe<Ggur_LEz)ctC>JJhS%XG
z^S(>w=9omYNujhQ<Bj>ui_xVuWh8q$Y~)VCatMhJrYA&ksN?RhwEtxOI-A7py4ntw
z33Il|fIK<LnL@}YIo&>v-eMb*Tihr-;8OxPzi*odoE7NtA9d{fR3U!Y9JBK(7GS6T
z>aU{5Mvkm?7t-2#YS{v@M`1--RKdjP7Dks;qRX$;HYShYPu^xCQ4yKVzf!=m{$L<Q
zPpWrjR0o9D@FbwYf@#gIYGag3XDzDl#@kgK`^*~wWF}3(Iw8Cy^>-9B(E{S(Gs$S6
zR8>E_B0@Y2rX1GZ$GfySEIH>&DGPlO<NuYXS$2<9t!J(sK>+??`q%1qUCCjUggE~<
zY#al6z;`Bjcic?%^Xz-H0yZF%F&`YXFY&Y~z2(!h5H#lmt!yy=g7$$5#!k2zyq4<v
z`vk!xtIQWEMB8W)7hX_!K58M+qFun_sHqvTF!5tHR9Ft;z~<kcIHE%$&#fln2<PT}
z`n`HQB~in$bOOFpr*7tM@g*nm*632lDlsVD)A&J3j&ZTO<KNzM5QzA$H<w^~$w<Dt
zVxE=#BCos7d3wISn>AK3HSDzfOP2&Y1-5%AV~LK3s*Zlj{COD9;sGNn;hu=p6;42_
z-*YG;zz<+ySTTb)*tt7~YL+5C>Q6{4Eq`h2VP8iwM@u4K$t_mJJn>aaXFr>j*q!}J
z&0b;Q^iukiXpCLx*^CH73n$f$zI0e7sS8&k7P&-l!t#z@(v3N2KkoVFA?MH-9G6GX
z5cw05>AY9cV5*1hv4>v?O&;c8-CS%tC}<hB@$+#2xaslk(=Ybg#X2JP*yTJj2<Z9I
zM|n-&XE@^BEpkS~7wKy_?LrP<adx+N<OSfM9(B|_a4IP*4gESYrckC*hhs@f*exqY
zN@nv&p1Fq?2J8vTsnjyCEl9jq(X#29f+u4K>za6%IPSa49TX=-QM6MD`AdkBC-)2a
zU6Lh-!KRx_?VkkzzvGB^9&5XhGXGG{XXOyps+-FL<p)R6%s+K6oo%MWb9aB|o;$<$
zhX|T2`Tkz1FO_6{EEcpo&K&$xdYcSI={_v_ynBp<c>6_(Tg8cB)@YX^6)Xm0V0F4x
zE}!SRnO6^NSHJvmM6>Xl?b6arTvcU&bf+!SRMTUSl~swD9*)Ra;;egos%z-L@+M*F
z-_3oFnG{t8DpD?cdWB)^*-2fI23F|uwjzl$WnSTth}kZ?07(@5#S!sj3w!?>67*Z|
z(}eYNDrrB{E*5W<VgL18GZh@Pc>oWLaMDE;-e2+I7jUkt@t0G&t88#TlNBaPCrEKQ
z@=4T!E6@41G3!W5>hRGJtn3&$73i1W3Vg|KTCZyYq=Mph@1H3$2ZN$F_t)2w00FqZ
z)^Ae<l6=%<l-IZJme+tz@A-#1$eV<J4{F}<eRd1wH>tjQfvznsw`S6q%t3m#G|6Ua
zIR>6sEE^kT!l1yut~#v2c1ikMB+&)E-M=#=NUk<;#-O0k{&atNsmj-Soo%%)z6KHR
zG(E^l|6p;MI(r~$h^m*;OCN##@h<Qt{rN|MCVhgueBZRmzQfUBn_9Ie1%|+TAsNd&
zBUy%t1D)s!A4FLD`R%H2@3FHy`1dzr24mScP?{wW$*Jpw3%pr?xZ)P*D_L)9n$1dZ
z4w}+@y_2fIM@s&k|B}x9MM*0OTBVuWm#unM4C_$({{X^3J-?PI6^7;9-qRfWKh=Ir
zUz<IKe%qXRIDf@r5WnXfC|b(IRAyD(l0C}Bilp&R%o41Me+QSQEDRRSnU48k)+^~P
z>()KLo&sJF%pIjkG^%18>Gwj-4~9ydmE)^f!%3{6I-46Zc~~V~gG#h`UNS}&QQrzd
z3hHq^pCed8#VX%c&_@pRS&ztPJU=uW%-3siL!Q_Fjsf~}0R8#J>%QaSwD?ZIZyF!p
zppO8&2Ee}q;I6$qRGSTEo3)v(&yq8X)H2JzV`2I(@@ymBL%JOae=HiM!Zh`SBOw{z
z{l-q=Of>qdz625(b-Qk|3m67tdO_0hK}00GZ9tw-N8^B|i2_ZCi<Op`rlih;`-z2c
zd7g0b^ah&c63ucs8MdDl^gJ8T5`nx3;GGeCy<n^zB2XB8?b(3mJ%GR-$j)X7oHw|4
z`82)~AHrXH8StvBhuwQ74c;4|(RMF``e%<s0?B>UeAohk6g?-#hTcW0A$wZ9`rKeE
z!?BuhupK~GfDl?nkfU1q1XrAJ<j~5;%&+$MMoGCu>$IS*>S7Os{uz-<B_lQ`bQTQu
z-}br`uD?7^Hh_~00N0zVTSTl?I_(-mvJ$DB)G@YdsI^{GcjXldWm&8ow*`D9JE=mn
zqA8sG+_o|>W47sp@%A$w=vsk3by|cc;5Utr?;!G}AbbZ1pS6!bE#(ID%?c@JgJkSt
z=JTJKD;SXgRLsPsx>`^57_-scPsK{a(T*(NgCz*lr>c4j)j5gn6Y2g!Yl+ZjH(B)X
zMY88?7FpJpL^i8CnyU%CNCrrP=E>&x<S|+B2j(z%lIMQmaE5>7QyxTKo}gL&|LnbK
zlO@-ACic81?^b(P?~O*Iu`dJ(fFvkz0SJJgNNPr+G#bg88AsR_Ns-!qjz^ktIQ+$*
z><@N$Y>mHA+t^_<!jeWIi4-~F5F!ZzXrR~Xs=B$I^ZG+>XU)u8RkwP})6r2?_vU&s
z&pGe&F3%GWX`YKjxDEkKY@m1Gy1(P7{X6XOTehVT7^Fk?^|Bs40g(`ZAdJ#|T)6rZ
z{MzI?K6!eEsFGr-jDJ!_y>e4e3}YO3$r!+3Lk`!G>2s{X6xnLCHuDa7fDnx6S-4)!
zATqHsHJlnVPjtp%Ifg&jXzcIRkhSD;LRzdue&8C`3UHs1<sf6vy>SS<hK^aDTR>;d
z^yEu3ygEhfA=|Nq;C(Enrq;O*qCM}BO$tN0qm~VJP}f!5;;;;WHnt=t90u&*F&Y+Z
z^wsG*=-g20`zd)Gjy3|}6%hXG$*aG4W>}O5;5W2;uuWe5%~b$j1@I*R<E7iKrF4Uk
z5=O=jTk?A#qvk}X9M_pR*#Uy2%L28qhS}%{hHubxYJ22e*|!)qwQKtMiLCXKO$|P_
z*DnL9S!tWL*Oo0FYf~e>lrpqJl4OEFTRDT_5ow3c{>hH0J!}FOOH5w(?pAlVG7|XA
zrA=^_Lk?-4M+5fkDAyv<yhXrQi*evE(jCUmppG=t1E#XJg26T**mmqb;P9}oLwSvv
z1a@~5%x+!7Mx+5grGQfKU61scnsjC;MfsQ@13zseR%xI@)tY{)8|>+TPa^^Wk;a^9
zro`*}>h)}j{k3Ck$>tcfV7@4y#{mXA;su0%x4}(7FuWq-fnH<hi+tMmqJeI`k2s`D
zYo~r%(JB=rl+nRrC|g9&qOp;gyNCY)+3cEZ0Y0n$%!&;Y7*^{jQ7c<(SM;o@sc+Wf
z;O4Cp4m=FoOEl8+3{kD`xAZmz@XG+cJbCpuC&MCrf3|_#<vwlGSN|I#&@*M|{#d*>
zQI;XfvtnvB3Y@FrYkToBy@pg*&T~^Vu0@_Iqo&q}vY6N$xhdalUWphxUOhGo)itlC
zUJPFs-IuH<irI}evPnEs>&ypa?}|co(pc%trHulMKM@uC!6YoGyrN_f-LM<U)X&1M
z6-vxjw^_pTzJ;>fXMGak6z@Z(aUtA3q<Pv7<L=J_pHtU9=m|_{kzMGRx+ECV_kY7Z
zE|dM=lO1`W9>)zF>&S><m=R|RnNpz1D!%u@4$?d-#<D1UwZsYq3qOHLKxjl%%8JyJ
zrVVOGrF2a<wunQjYtczeDr9PF$uYCnie{Z6F{Cf*p;Xj?lTJ*+HHj5@qfBfI3PP(z
zCbHyqEIm8s_9er!%;^1P%x@kB>I%$~4#vx<r!R_X&--jW4-SCTHhBkgjk3xL$ntsG
zPDK3}R7v!)nVRWDSlL<cVdw*rLE6(Wc505*wuoX2#sh3ELR-Sf5AM0w+{eeByfVr%
za1=p~$H#HHOQp8ocL4lwSg`NEHbngH-$#2Iz&8MV<~XPdgv=3TDM(B4)KfAFy`1KM
z&B9g%|ENsQB&yRip)u1{Y;LSsy}CF7lRHP-1>y!HoIS~t=0ns%15BmAlGtKt<^~Ar
zQ8zLf>*{?39H?1e6LYbTF!!kzX4d-(dVg^p$zZ)t!CHTn$FA<lWPWjflI3xxX0d0D
zVb33JDf(n22yZ-d0V3XqN@B<~Ed|FOaIm*X^vGAIXGh0;$LSL(^hWFMejz{dU1guT
z#U6d5_eblq>H7STO#z5A1t}Tg^jTzx%G$naHdD1mDVJkTRpS<=(@dLJ?YW{Jr`3H6
z(&hv<XHC-n(z6u=Ip5jG(9eay{=qp!zvgON?K+LD3FAe8wvC$$Pl6ilKK*<0^JnO5
z3d5Y^EVr5WUd(yBc`oF<Y*loS%?O#cuTe*4T{DyAxUk<*>+@<|aJCorKHRK<)I1j$
z?-`pwO1p0dGm)FXV@Ph0#hBU^nWK=8N0&2d);=byrmqj^BMJyE9&=-bC`}-wJg!Oj
z3jls|`s&xV23vXnenYzl+Vs`02>@RN=${@zLRNQTxMD<U2BDN&;H?YwYMCNbYU{Yn
zW11IQOB1SbjmAt_MdGOD@?xvFn>3Fk*PnGp4t%V0`ZCWx{UJMU==VZ8{$ne5$q~MF
z3H%)51(W&HQ*CdgaB3-?zU9s*N=$Z<hgl=9r{gdfkpN!1d;+A(G|&72uJ5A-B7D9y
z&O_Gz^#^zh<FGqK>=FWnEwzmcrg1I|0*?>?=8{p_c2~s=8FN93#0spWqxa?2@Cy-C
zcvv3243Kce)}6_$?fb6zHS}313fRUr%6>t4|1EO^3gAiEht0pj+H#=Jp9EXM&elb>
z{b}qGcdxm(pfioS>5^b`S<=@fhO3De+P}Fts^t~zdEamvTEt?2zm6O((WkMYOH#%S
z7`E0`Q;NuQY)c1E?|(LG*!_fMgats~-Da#ySvc33k7ELk0Qyw`uMQUV0Q`n_Z?tCs
zd>z2$V{k<kIp`&eXRTpFRiuxcGz+%M*Yt^)N-aDB7vPW@sl19Iv)abx*(7a|HNjq!
zx1ww4*@c8&Ua}IXYX5cP&~`jCU{*-zH6<pc0O{96mB_4Czo9u{ow}&T=~|m2RiD+@
zTWzmhJJ6iRbj)(CLs*@^z7~a=D%&_0tbQpM-Hqu8XD|n+31kw3^9QiLuP;~&uy7u<
z_Rj=*J<!x)0)5LCY+q=<j_BZ`#4TMQaKY!=x1~8FQ^maZx7YWupB0i0U|GzE<wQt@
zMuYY@*K-Qn^MW>>iG4vfHbX0{M@*Wz0gSr7kcjL+o#vct41c5l>$!=IARTF%qUJoR
zpSuA?#yN?s`O6gfZi0o)_pJ4Y38eM;kDa-<>SxllQJd?n)~|+5x}JMm`kuJir@3~!
zf7v*X@jF}J*Xsakx2O5PS&N9w;&Jmno9km^zIW&SYLO%x<+AyC1vZQQNh_l;`$k_g
zUB*oqj$P)))k>DLgPnKEb%yx-33{#N-KJ(9Wf{crtfvIvDF9!azWTMx7}|Z+h8n;7
zFWR>T;9ry}p39$zWR6jm6q71dnH5c~o>~4ut~c4|1h%|~`a)WJYHbmCT?}3mP9<n{
z9|Ti~9lksgf3cuJG-lNv=!BzWGv!sai?$1s%6gpI0wL4uS$Rt-APS|ksyTIirm(Fp
zu-mYCHl1rkFPRKcT~ukV9$5=hldxD&1p%LZ@;s(l3>nWM;~4xPq<K=$h@SoHBGEwS
zS6b|vJm1kl?roX<*3<pYz3S`8&Z@TE{^lX5g;AIfc&Q<=c~4UeB$+~%D~#7R@S~eC
z;;bCoHF!})O&^QWc-KUtRWavMFvCDEb#s|BS##dhf0HGaUV0^zQRmydOvP9ihF&0B
zb9hsKNKU3i9c9uPhf&qWLHkKH6SOYj!<r+@)GLHT_~j#i(Z>aIAf*!)0atZK54n!9
zuf7&~q$>=5t`^CiTC3F%y=OgHM$=@~-)lAqQrKF^*nY?BLu)cc+EcTo7r0*U$vqgG
z^@S+GsWa@f3pSXzjhs)tgv5>R*#K^l=$?-R>8@(b7$pf<L{L$*bn_0tn*e@w`s&yI
zAo;)lhh(s@?~gV_{O&&k^feHE1B8`jX9ExzB27V3Idsp?-@0(_g0`e4<6{^wJ{!xS
z0{2Y(=CRnTiJ(Uf+kmR!HLQ#J$<-HPc2a&wOE<Em9)jG|x-KC6bnT7tV$xvS=$bUa
zd%eGc>m6Iboc&r%uRpep2^3TugY)G6PV=N5ps!CvuV?BZg+fWxGlj7$mGL;Eeg{2f
zSDjzmu>xP#5yHM{oox}pMc)r?3@4d_R0_Ox5?M5YQWmqWp5AHebrKm)Hg=c~HSu>{
zuv<?Tw^<guu30-Sv&rADv+kQ|lMNhl6DEB!63~dZT=E)yj(0Tm*hAdoW2>ydhAoh;
z^&;tWxpqCx6~cHfHf@;Bt>s9?w)|~4LE%a546K<jQv6NFtDVN`?-e%IG0TOh>D5}!
z5e-n90XB<K6&87z;U%#^UdUO~2KqX+_`;y?u3mDKM3g2CiQaPmZ-MY%g7ETSTo1r+
zXm??ozV`LY0R2}0J#ieheNmbsIzZZiopVprZyy^3>PD=iiLQZ65DY5oW|Fr{VVcTs
z{d@ADF%O5DMJ8YyD`XfdbrHH>HpvcXS_YV3u-0G_wTu^i@i*!cHLrR@HLm?@(`K?j
zEf^R_0%s8eS&TfML*0)u4t-Mld_bjR8~s=&py&bi&;s<jK;B`%+)?%8BIoG>gR}q<
zj_1Iw>7gCK`k?Oz0OX31tHL4kAx4N5m83{!WJ)P6B5RfiT3t)6rIK4*hQ{3Ga9ofT
zbg{o@j}xnwYB23=B5E=nxMA0HDvR6dxllw9x%#OCIpcntECy!n!RdruY|VM>SM#HQ
z=y`n(9rkG8O0jZ4tPQFZvqNmDvrO8xY=$0V0PL{^l=br}c7dEB^8hycMFWcL1A%(~
zv-uwDETJ4^y=>TL!68Sgk3_{BD7I`;Fw)mzcZ3`-_ezUo29agQQR^oFdLE#EHGS>t
z=Lai$0DeQeyFg!5>h-;O94Wja%Mhi9kLEBIKLlF~fJ4!22grOn?H)-2!_&(RTbWrh
z$hOFk=LX0StTnyc3^!pVaDRdO4Xs{mr-713*U!=+bPZpVHm5P@H199ldo{rEvrnGK
zrpO@U7&4iI^ZP8#bAgDC10Z@Fr>^x`1nh;Pc?SVdArN|u{}%$I3xdIZb(0hZfgR7j
zcTJ$@I9blfBtr<ocR$?4jX0~L^19xfupB(T2#=w~#xNZ@Tmi?5IEI~?XVx@IfsS<A
z8nv(y{nH(725FQ>VBS^sZfXgw97`+8!>x=ewk(35(9s_?awHp!Izhc8QWHaGzmU1o
z<#pIiH)RXN>8Y~tXx3HF)3*(Kv`8GyJ+?p+dzJyaTPuc9b`i2scWKERnWSsgz_g;n
z@M!iL0MZ2d2J^IUA-o64TNY}HF-lX2<8iFc0DJ|&tJBxMK469c_zmqYYA*r!O#tVX
zekNu_SyD(h9HWih<Fb0oc(JAF<0Dh6OBFn>MdmggFZP_x)B|i5WEcXs>}A4cM|%)f
ziYQygslAZ;Y7&j>W%nlswXN9n5JS}-?aw~4jg5#3HqZ1vV)G0EjledvK-9+{-3tI3
zA0X?oZ5wE61!7(Ou>^t_>bR!P>uBi@Z$xkr5O{#++UNaY1~SP=Glj|e2HuS&_L9u1
zqa#l|#5@Rb;iK21Id$!wk>Wt^&{TT#UK#0%egZ5GIKF%nIBThpz74cgQMTt|KN*La
zBC0v9YS5_>xY((sdKO6A6wdav*nkgJ13|5p&`67Pbq4JS9a)-+HHc)ZE?b*-Rgao!
z3M@|S0i?ka11q&uzgLry)Lj?!_09L5>J9+?AO;m0H#PfanFj^!1D_N1el0X0nIk&B
zHTF>eUjy*;U}_J*Z)kTxo4)q-O#oj7@R8#X-5MqFu`o;V687<OEwEpx*P+qYh39Sh
zZ@-J!TJ!_F*9M5wV}q`j*VNk5$Pe_?Ab%pNW4=L44YJcW&9D)BJJ_sY1SX>h=SLYv
zc><Ztq4MnBUv>{t!`GuetTUCft4<FKMDx%N@(u**meI#O&$lob><I+>g22vHQ23v9
z+q=VHB)Ni=3UYlDax#NK&k6P>m_w5(sDYs&_o4u$5Rrh)Ra1k^l_p>{2PiO96QME6
zo>j+y2s~7FXCggyz9w(cWoFn;sn=;+$n;aej4l~9-dYM`+d^UJx-thte$2kP*mZ)1
zwh8X5*dV*{zDLgc-x6K)U9YyjklBqO-<rTKh%;9la_ivjZG&kg9K1(EY>3^ITI1f>
z7uS3M4fs4ml%>ao6<!ALmFa6=Um2|K0r(B=&Vs(E)LQv<081C!EQH##QmEb5fa1H#
z#}--$R4|fd?iUK`v4#dKLKK2#Xs{=IXjnaDB1WBI(IFw=KuV_R-PM^rb%@ut2pimN
zY<Wo8G9Wxe4f@7PDZKFTDV!Qf<ncb_d=7Q5%Q*BU`0%9zQv3F;V6QbIxImiYL84`J
z7e9*yqm~N+!G-Gj+*DBXc=irp*P2vCs;2<(VNTeQWa+eN^~X#Gfs_d_3NV2xGNgbg
z5_s{&^SF3%qo@xoMc`SJXVB~Sikdy`*a}AaXxIGC+Pp<JK|h%_g*DS77<SenhX53r
z1R+K`shu{cF*)0y$oR=7@Nyz^EoqnjKHyNt1ig^X@qKeJyY+RgbC;$;NLnP#>|;Bd
z#0GpJ=;qdE>e(`2%c%*sR*}6R+y8r;gSQXkF5ibFW297}?Wc}K*!>KEe+l3drB?LN
z?$I{LIo$IjpUwgJbud419Fxo_DJL1StS)<|raS46V=K)h;4ww_qQYI<G23bp8mU>6
z4?{LGB>(E=OIKyPJISUQ*Nm%R{)?ForAt46$YQoL*#@eV8~xf0Ry_tJGd_KJ8|PLd
z<X2*-G`@G!JgMK`)MtD0L-nrXQ=g&Jwcim9JvxqI%>Bk(uX|&6T7rkf#Ov+RhnJl;
z4WHzLrX#1zO!&M=)ibJ$UY*!QDx{f0G>Y&KH}-L5Pe52VzzmQmq#X*m0#Pz~64=m7
zZPEn+U~PSZ*WbE;ci)@h|N3)<pZ<6kg0$F;cRDIAlpK9Oa;0tj3I>e?g<cEiiNvuD
z_^kT2x?Y(*;L@Ith&1T{aw1=C;LQMBY(`@b{a%w_lE?X*-~i4#9aQfR?H-M19vB-`
z%VLm=JgaA=%S0IaIY`pGNRdyU7hYLhLzB_DW)830KJeB@*`;3Z?!zYX9HTTrHeKn*
zly|uHF%bP4h`tBl#$bRCz;9^B+@_!Z#;hcC`7($m%b#E}h&<~8qIZ$yt}jw8*X1qb
zqm~ssU{JDYyy(Yd){H|~wRh}hT881Qr5UL0Vdw?2uU@}mIn_n%8zVzmkk{~Xvzc;5
zFza1}Ae<Xzn8+Nr<9(>?9!vA24lvOYm2C%LhXi@lV~EiKZj%=1k7MqCYV*Vd1_t-I
zcCUt-PwI<28EHD<1qFzabVHW7^U~|fQ9vpc;#^^}wvOw!1#ZU~#!+eXmxj17YMThG
z12b;)K%qt3gdlwMxeI{EFy7q5^PdtJMJsssCkfIlH{@puT{Nx!n4#(DmHM7a>oX#!
z?`m*CZoL|n`hV#0d|8*6(X%TIq84(~C_Th4m3AG&&rnQU^rZoi^mCE#ePfdt#g`_c
zZ`U*B)Ti&~12GO*CAimXJr`z|6&e;xsd1^?Xt+ArFPbD!2)hO3{M_*tB;E1cH=AA^
z>cP}WME5P|t8KF^gNVjZlck%1D*%2Oz@JS&|BZj2{D=QO8!YjA@O>G&;GS-e0Qe06
z7nW|9$-HFoR7X6C_KmL{!kX+ltRwVF3thGMGmkL5Yk06zR@VjnY-Uh<F>XtZu@~2t
ztfPYPuO%NxzjCP*p1W`o7gr;w{e7r7hLZB$8AUxb<;Vy6+S2(tYW9M)dR^Oh5zKhL
zUP#`c@An~X&o-vcqm*yx!)n^uF>e31ZDYI(p}Ih8<JL4_Z7iiZLrH~vwu)?JRg1<n
z9cxN?l2sSy8oZ1mW%Gp>&LfHhGMOWbuHo{tF`j;Y1#7EgD5bzGOF|S`*POB9f(^5(
z3u7)opH-9Wt8vp)3+?ZHKmlFGehrW<#};$137LI@qgwP&k#Zz(3V8-I71XGes~I{i
zy;e&W#|!3y^>BfE;ILPaTb5Cipqeaka>HNYT?XycTJ}YSt;>W@da2_vFKkUL0Qw%3
zMoJahe(G3Qv>yfVuK=7KOz;8t4ec1)^z+|X2k_4Uyml;;N|Hb<#h52AkLA%Fp3K#)
z$AaRQOdvBiYY{BVFj)DVYb%d$`m(9DpE$4(7mGWU(9jg9W{>5p^M$fuu-1~+-u?8S
zQUNbrJb_0~%#hCaA(I$T_W<x~16$;Y^3mY|pI7fK05%-3*P|A%RnR;Hp4vcMKrDSx
zfY&MG&?U;gh$de^u)Yrn?5q()OI;v(vVvM)DOCW!hzK8Mz=v72FjG0@lw*;)9-O8}
zTK+vAk1$=6NL31{GAL%q(Jr<w-oOhlui?ar37}NX`pK-yx<5_Eg)NB&o&2Tc1!B*4
zMWBcrP+Nb`+V@)2vB+;VUnt{PRBpr8amoB%?;k3^t7;~zG*))zYck0vE6u<<?NZl#
zb<Y#Jf7T`hW@}shK3e`$V6ZV)?}Iy8Fq5^WRo7qq-K6z5pKFPy21hj;>w}q^+K%bX
zf#3qzfP<jNv6;>F@Ih%&el!wWJy*^z0r;iq=f5$*&<5Z)v||B%0>H-r{3?L8rN1N=
zb5vccab&Gs#P=u-eD1+LV`%ps)HT_s03Sa6DROm}3@@=i53yld^ONj^2or4WzFJh?
z*pXevJLpXAgfk<FHI*PwV#w?+mvNx($Q?rZZ3h8-AvR9*h(0X<^r#Oo>H>Gv6Lg^i
zP%g>{+65SWx`=%MECSEquprRdz8ASq4LEG!b|6g^L?rOzTXX#5jeQ6bCTJla5P$`k
z%#WFYmp}dpqOn4f#YnRZLI{X)1dKC?jVpNh)m5B5KLZgPk`F}`P-#&xi!4e@<E(W7
z7nu`%%voAmX7!noCdp=`Pp|!B#U|e|vnzm37D<b0_A}N7k5`R!ZBuPqW1b{)I<J9~
zem!MVhLnMuhRlKf^9MHBz)KtgPwd;zxlt{x-`&xS?z-_jn@A=+(7IB7x%Jx7cUgVF
zT9hWB;~`Z$QD&PxJ^lPQ2tyly-_VxcHp)Tw;?iwoB_Wd75W!s>1ub|^YEN6lVbeIM
z8-NlWOkBQRJo|z}vW*K4tnh7?0k;qka1TUks{A=}5@d?B*C|(Aq(nV-ZWB*#Pa*gB
zAd?uJ-NkADT|_L@0{G~FfUgZSAOJG@q;W2omPynjqIM84cTnKH$no1Eh<(A}5rDuh
z=RxPYqmA@xyEIpbQ;BGG4asaBdvWU3DkJ;AB*IRiGCKG4)29%P8F3OL%~Jr3XcS>I
z9)Tu|bo3!!_{<28J-LqQMAWID%vBUnl@UQUbO5=E4(foWN+VR<ZvteGJPcdpTO3Y@
ztmh+3aL#7uBql#QGBs0QBZh80dp#{w1CbOWY9Xu6TLWym7GTZwrLmAUsii^a2Y;C=
zIe>>Ob`|zM5>GjTqwV8v%QoAnhnb0O8HN^6$KW0;YVA0dHSI=yPJPfCDTPrQgZNld
zK3@UwYXHp#lY9VvLtA2-e*U)zpw9#JRe;7vtEB8&P9jacDW1#DpVtj7%jR&6g9VQZ
zp8|zvWpTDW;CaxKlG^A~XN6}!Qt?n<vzKCzEtfDmhCxU=o>(VUAcK)cD#kOX*YWI`
zHDqxN70<!PQ)h5E(AN^>>#XDJ0(@wx-|L&o831~n(KzzUOwa+v-S3*`Mhm2NwnYZ1
zBO2Rr{?2FC8vr&b=vfXZ2GVGPy~!%bTe?Qt^;WVDjp0u^8)RumPbU$^D>-tNBF<vu
zDsSGqkw7#afyO{0ZsGDrV|?;6r?9y>0xJd1W${y0;Ey%%XF8jVb1Sw;p4lw`^APDc
z44s|=<T^sd?dy+EbFX6fv?Uz$z?HHYK&@*qfrbaea(5uhh?ueIxU-o|eH8<2#oAbt
zO0a>DA9+!LysT|ya-E{km^mHn#};3jeZg&~>(8lXt+)QQ`++p-vkW53uw2`aPyjyq
z=Oq9f+5r59wnQW73<$pg!lh-8YmsLdrAatD>zHO&JJrit2@gaH;~08@Rox(q=wx)U
zuZ`X7)ony=F|@Zcj923`Zj5=Wibh!1S|5Y;`{3r@nYDeX{F|HW)|g0*{ei+#ElCc}
zOc^JTB2VU!B>~V~3;J4&al#^Xd@X>lCs|7nTzbGB`lK6%Ku;ThIxP4)dSBDQuL<pa
z(isix3j#gPsgPrVI<}JxB)Nhh;DbcsN4HZ5(EvOmDr6g+UHvRJHMzf1_~>&FVP%yt
zPv=Oo7*ead6(tjIG>#CB1!R<9cJ>-xd2<UFF0NoQ5s+D4MEjHiD+wqGma@!|<Z=!u
zY64lQhAFttgJg6H=P+BZw9YupwOo#q>TAz$cDl0lxjxq!pKAbGXy5C9>wQL!;lzPg
zQU9E^|K)sJA|c~%RsCM}16$SA)!${`*xxtz$VP>Bm3C@YYg^TM?5P;E`c+>S>=ac!
z@@}uw<YUS8NIA5w$z6@_eks!9T<W4EE@iitI$skAPlE94)7O7%3qu=#-_VxUexWR^
zU9J>IN$AqX5_PPsS#2}AA)dvH9n%NcY@sPzgNZ#3RIjiuwb?o~AcL+b;fZo0Ae9JD
zS}bcI&m}2kXa6ci#{SOy$?mzS@Q|O~T)|V@D^UBlk<aJgJiEIJEP99>d+W122E5Da
z5dZ-pU`ZX(H?&+&TVx4=V=fA+Isw@tY%L4?_w_3s(e+~qAdq@I*Ouq6e=a3so=8Na
z5w2#8A70%lKmcn#E%Jnr4Q)<0HBTvpC!Rcs)%6kLbdDrXocWqca48~zXdFQa3AK71
zAN|}IA9-mDTPG%vd0wY{R?)vA6;uLB8EF$-O=|2(li)!8F?Tr7>YRIR?qtgmN6^S<
zJUWYk6hZc!rafBcyIg9KH1~wFYKe>nY&8*2HquI~dONQ$NFa07TnIc)reIcxxdt%X
zQYYlBQ@&bwX7`=9FOs=M)3DDvZQCGsQZjfEWEv_UUB<Gf6rv<P4n?IIfL{dg=3tr+
zz;9?vXw%n!>+zCC_vEtA6=f-+{4T83qPBUpVpLlY{DoAn?fe}I<ngotL)#^(FWlN9
zNV>K=`3mkE<A%V7p+lt=Wa|m)pipP!YqZ(f0FRxH`RW$R8Xl<>9zD5+PhC2JEKZ=3
z7%cO<^Icga9nS--LPB#yb*Yu^t~Y)+wn4kj9FZP+ux9A;?;5~}Ds*!Ipl6?l;DS2Q
zLcQ4mxLVUvgFwnUx3HNRt$q<b?~|-hjVSugs1Fp@s%Y)wMC}6e2a$CQxPR;5FUuK8
zroht~)YeJlxoV;)T8bR$Achzw&1AD-HP%;GXIR~2<eVVM66AUA9pu&h3qgoR5m*3O
zw2KSRWq9$k8+i2bO+>^{Qr2~SRkTl`jQUkIze*KY5Lz8@85Q(8wAd6fb<!_UFtB(M
z)6EQccBS+T$q7R?CqR#)JHNb`giX}Mp^4tQ0k!}lnV^`#E^hbfB5>p6<nqNOXuyyg
znGd`4j#)bfX(H|H!{>IE3YXhj&ObKSE8{p8P-kD3DTjNm6GB<~vv(ipvu@rZ@-fCP
zF9!q?Gombo$kXGv;qw6g#q{;xx`3hG6KxQ1zh^+-H^)U?A6@|vE!7(!^U_;%mr`SO
z<@=ZQ9ORTU&;gFwXk`^*${bdkCL0ZUkfF1G$)KhcMX=$euIcFN>JIjThUOTJkJye3
zXs%q+bhfy?C?e#PR}5^96i$l_^Eie~lRIDE*CxbHJp|Z&>6{1{_Y`oUkp%$Sj?s0k
zKKGnh@V?QKyC^z_lUTxV?PHv=2Z-xQbRpK<Q0h0g0M=?43UgbATN33Y32@-qYQvuG
zYb}SmQb3X^Kmjoee87`p99M$Vf<Po(0L}!eJ`<*3HUW@Q;hCq;Vf*A1ak_&zi=mY2
zjIs~`Q6xYFBx;Ve3mKl;nBc<Yv-sP;xQ@NO%qj3vB#Nk&YP=}5&R{JFUMRoU!tS<W
zDd}^Zh7rhyd!!{u>T0HJM3I{MICCCmeLnXU8p0BvqsHsjOpzRTkJ<kY60G!#7UxHg
zVZb`;GC5aY3dURekwpMR=C3*#4UyS*9D4DM>!SXEivmCOHMY}1M((zE6z7Fw#Xe3v
z@;R7m@6OTP6Dfr#j=|9wES4JMnE-eLz?Y}5fAfD#{`|kYheUiI%r->)?w$5A0KZ-`
zdM<Sm6G^-z&Awx_|BbxKE(p{2c#E34eruDN-6cH~c57o$(@Yrl=DT>3lgN^E2-f+x
zGukjSw%2EP;ldVpej9l*hf43Tj6+AgRp;kjHGFMSYMSv(ebPA5k&@Vloze$l$U>h)
z{`AF=fcyeFe@m_NYhx!xAX^kI`W9VL(6-djmh0?H2W_eGV`e025#hTY=lJUnc0i&8
zebqJuH|DG>JLunWlY)Ke(k8aH#+auuk}QQ{6=uP)jRH{sz+6gTWgn*=kMZ&sHt_Vb
zCjnA5<7b@$T5A9{qVHf+y4}zjWSypjJ?z44ket|aosap2w9a8zx$pWqz*d?mTM;#9
z+GZoOmfOfie9j75d`j%%KnXxr9|YClvB#ao>?En`eaAYb46`Rs)QqOOK!|$)q{Y|R
zyGNMaN1&r+)`0Nvr43wqWCKcRsk}Nzl9Tp)wD%_R93oAQqccvG_URLYsXhR|p&db+
zzW&YiGLQPB%YJ4ePZ8bCbo`4WHlu*UtZ6%-R)bN1!|mI8Qi2*#>PaRt43?%c-dz(t
z`7?T`fw=`0*xqOIq%nn}fW>!;8Ryog_}pVBk;h5F=6NSmgQ@*@uXwiQg(YVP3ox~u
zCs^ZW13vN_hyAtSLXXu&bQBUXUliQ+6mLKDfAqVS-e3?OhMeAMr+yF^1pPfyLGA0x
zrNVwJA)*nowGF&?YY#%_Z6vevSu3t0+ly2EsTh;-7~>U%3<=^ihRidVaW?op4HkkW
zK_DTJs5w?n$GH3niPwJqBG%VOjm(42{K={Sm>T&AYveDieP`5D8*>jl6e(;0H>>to
z|4f^^8qCM_yvu0u$%S$c*>Vh#g)1%pnw|1U4s3N<M?;CD?Lk@&ey(3QJHOjttm&UH
z!*y6t-2q}0(CIrwgsv%7xEnwpTh0PD<SU|xaPgrn{L^1~3@^Ph!uqPxGGW-rPi8M_
z=ObJe8BvxTha-Ok;8Os;G=2S>gS^84{DyWY(D%kS34|9x_$mk+OZBv~Y}lagx27#>
zX6DU7!C#xj;PG&Jfub4xqnfJS!y|4J9B3)1&UF}GSRe5X`LENyUf)8i{kbtBJT#V&
zX$+a%!8Fevpf6;s2Z>t{(BVTjVTaG}5Y(e<BXj8jdme+mRc@ez_@xcp9ZT)ZK|vup
zqH#t9wWV&b2MBb?VbBrX3jjc%sPD_9f*Or5U)!$7H5uu66nNdsG;Puh`m*l!@yAZ%
z(!-mW$8#iUQp-4?R~cy2KUKdAK~RvOS&X%dJ9zaMxAFXory(K+K><n@fUjcttn~e=
z8bB~WT$f=R?4PWxDbdVSVD8jMaE7e`0NKo%pg=&1(LJTJkD1bl%$lw^*aR|`2s~Oc
zmixIT$qSHrb(ZIT6|;xJngS9KHp7m#_Ha)Ph6O;ME7x!*(mdIX4p)GW8PiFGvuD=v
zFaL{|@YP>`7_{;(K798B%y+q{+joj8yLB6n#+jc(B(Y0<di4KKf$+~jcxw8_HwRJo
zySNQCes_P{0`OG;&o0~iiqaG!&+p%!tkNmTsslX85<nW)3$>gNmJtF^i6C1{4)#Y?
zO#|xkyyiZ9VJL6O1vy3x>AdLdS>Nk`qpMiFG8yCf3!4!8J5X^9bthyTLUnQ>O+Gl?
z6nG%k_dYP$T2t3i!`G+QF!(tIY7%?&i~SKT;TbGwM=b;jL$;XDV)lGSWcgt9PGF6^
ziM#KU>~mYX*Y?nNPyqvJR(v^^j34ev6MgIPXX|C+x<9DChN`YjG2{ICHJm;@!<C)u
zNM%}(umpTn?Jg{rUte+t%y#hDCucbK$OU}=uXgak`*UQu1VnK$RV{Q;t0=S!u1I01
zBs;2dR+}g%Y4vpMVehP2i#4I}dM>vnE@EiMZFk#ss@fUZc+I(L!E@HD@5sD1<1fFE
zItKub4ldm9T(R}gdRFgmvU@e(!A%&^^%;$Q17O$$Wv(-k1AwiqUaytN<yZlq`<YV3
zb6Hy*<HU&>KL6SixcuY{Irj1H)%WnzAO93L-ksq6E7Nip<rY@@78yQzOHbq}L^g(+
zOqSVE0>CE#{1X5_0<brj?*s4~+JbHR#<v83kCze-Ys<8tDbEV|hP#!}<;bufSqlmb
z%_R;PTYkftY9=}&k9DH0#vIbL(!cXjaF^F-UpM)z5@+QOEih~>&g?S+*=IR4{k1t8
z<L93_51C#;p3K2nddv@ULD1*>zJ;kX1o(pAqu>4%xSoZ;UJu~u+!`ISf4jcwdwh>r
zGcU4F7a;5b1Z{pLHi$ed_TIMKJBvHXOXTYVfCNYsG7bbnOag!Pv+HJEvZuI^thzkr
ziY=CFKr)?-vA!vgBSxIY$nw+xDvjgHA4#LuZl_vbFjX<4lXJZC3n%gR-%jz)k78WA
zI)_vWM56dFs7UW50+no(bvLVO9@2oBF^BqXV6x^bvbL>(lr2N!Nv@|rJdA^?;jF3P
zu_qeV{Hy?<`wbgTH~n{_@XJr$$=Opbz#Rb4gVsD;HrkZ0ty@+$ikoc0LCn$y`hvqg
z@ZIr7``F<KC;%U0V||L#r`Pb}i|6st7f&LmIpXvtuHC+lx8ME|<ZXr7WE*??F@zwU
zSIu%nQ~86J=GzxiB1#kRXtZpimlI{6;@i_VzV%nhpZ(kW+n^kP-_VxOwgLKO0M9IY
zZi}+?{!H;)tQ)jNuwS~04#+CnYd1=!v2J>fZG6W82Vi-;nufbJU@e|>oqC&X4=h>N
zS)HE^(gNKnOgfG%0jgqP7BL=~NyytVWE>xFn&%>^ok4up6Z9Pf@GSyFgZI_}_BxJ7
zbb!7LV9uoi_O?^FIG`I0Qb!cam$61300^{$Ko5Tt**sDd27tL_%u`h`shl{2op)|%
z2CXKg?WEe0iEOp-n3Rmmk8I<qr_NwM*+ZPikSY(k`rJOUz#s*(yz9A22<+xJaPeak
zTz>i#{{BDS!u9thuDrhs5)8pyu#bYEK!rXbk&({8+%P4R?ua9O-gJSfo37sgE_kco
z7*<TsVy`q{R=elGflDr2X6wArN)#JbN>hr5G;bdJG+wm<QI!Z#&v9?e`OHDzUK>~p
zYRUElWp-q*evhor+KzENpwE-eiK2d1DaPi;439o~0*^njg%@5ri=6hc8(+g-I>+Ap
zHr{*xeO&$Vb*xObpt2dj`#Kww5dcRZlDdqrpU5(ZEQg#-mz}!*Qprj20|2{&89xBO
zq4jLjH@+2>Ve_w)bh%4wBF`WmfM}n+fCN2?2VE{WG>>!RvDZMNzR;1e%KL3ieZNNc
zk88s)C<#=jPq9^-;(DK95sb1&rD7xmKKjrJjOMqIC2^tOcU)<nU7(M;whc>hv_<3E
z?2V%Ze6Sn_{qDbaRL_^PNd31zb}x+YGJFv>?(uwl(ZIm1x*(AK6pB6&=}Q5%0AQ9e
zlw?Q}_;9oi&`rDO)YVoDN?a7zrWE7E)&ytI&G7!tHKbVr<w<Avl@$3TOxOaw6fop-
znIWHC!$)6R!|sP;y#4oMT={8&8`t(A#-lP)S;mgaRL~lP5eo2U-CS5;oIHP%$x0dY
zAZQ?r8G>xt2M(Zm@;__?Dw35q;*xK%M-wk}t@=7bp47__IB>G^Nt2_{>m02sZ6lQ?
z3lD|3TiAd$F2L*q+S=CT;|F}GQ#z%TIJLcwr=K~4hc2$*g%{5vrCr>be~5XqkNxWZ
zd>=R7FPu2>obcYycAIrpp9EN|cQt!$c}piNh%|;8jlj`T6~R^k{1SlwbNa@&{v!Fa
ze|v{Do`yC6zk8=`0r+PCo?Pl#ltPpy5D#Fq&*yz~18)7MV{=h!m_utrQ2U(>udN;}
zbU~P7X83qmJb*1|6I%dL_au`^oM#<hOD7vg_$MEE2*|EM#&f7FTfU4#DB2bxaB%<~
z^#gnGFf?|7CF*%C-uodxNI7UUuMZgP@!5g2_l^qi0YT?SP*X3!X~F1sUmO5vn$>D;
z!{KYT>wnoKuv7|2GYQ3vl!3qe;5HOc3UgQFE&|{}!;b+7u0-vd2TKNsV@xI^Y@8S)
zM}jm<k>(j#DThqNd@tDl2-u1W8qY(^PN+bI0``+Vj7|tV|G8CMe0PfX-(JPr|FDC-
zd5S2C8l6842$IHzW7o(vAgOuass?Oq%(VtkavWy*+{nhUE2dA^83$)>*2f<^kz%tJ
zjjaAPOAE|n_~vrwZwm+(-%)U%P}w%ZzQN#hV%J>SeWBweJFCS2eY#eyC)$UO)X$@j
z_W2`wHEvZ5DHYD1*~CYmKZ}PRUcuu}oj^`|xIVv9g1tS=(>c;Sg_IKWy*cK$V~j^*
zMA0U0-P&&)AGNlnFp~=Of?--N{EPAoDoY`wm1WQ59|Q0!0R9fZ{$S1zz;9?BZTjZ7
zMj(8qERtQiSo<;QyxjF5kU3DlVAlXTVLfxQ){kW`>UElrra#q4Ot=fTckx>=RmTB{
zR!Uk?d&BLuR+=F_BF5vZ3VbsufS+12Ay8M%TmXbo3u<Yt!|RY`2#F9M6!3LNDGv$u
zT7cfdX`RcmNw}lWtzp)czUkbb9fb?L4>kbwVIQ_rtbNA~)B<t|UgoiaVgjwL<3Ii5
zPBZ4UTEoIVBtxtlOyxFKV!C3SKD&mGJa-OpI!BVlkSYt3(lp)TrkL5;u5NUYs!Or-
z-wN^gxw?(bixaG!9^=AeXYkHHWcblPTt}8mkPt>HD??~0nrsZ*Dh<?<)YE_#8PCp0
zgZGzOTOg4NCd&|*3#<|0%ntuJ^?^p81JA!MmD?yCH1!`&Xvu2f1*YHNIoa(W8w|Rr
zl$HeK4hHt%Vfj`$<Dm<ic=_drapwF4XU@;SQG%QC2iQ;cu$Sy3PUZ!9l9cs(k;WNR
z&Y;m45w8P0FGq(cMsn%2Fr1NmoQ^dvqJEPxI9jUtKPiFVzn{MOt^X(a(;@0N0KcJi
zwe>RE_sCN1X{8XQF^GpTiJs}7Rk}<;SinK9`_Qp;Kv;SDjMPexhuPkrT2}3@d$3b`
zs`|lxMnK_hf8o+8%+kG5#vullsS(r#TKa;%McF#rm^!-{I$I-Z)H^M;(=MW(QN2*g
zWZ!7u60jgIdXP}+XNXwEv#&Sm!C}MQ3oe~Vk5v!YgA7J0Mw%%w2<g^oB=Up$<R+*>
z9sM)uS*Qj|R4M;4V`FoIM;_V4)xCF-WC@g129G3%-iII%Was^IYrC}iHB|b2gfz`S
zQHB#28M70><Ig{gx4*ZKAO6ENC|OeeQ%RFj=e!9+z0awM(q^%OGlq=;(3$z*fGrLH
zLZ8FVoU22?t*`T~?|01Ri@EUm0^^Na2N*l=19@Z@-G1hpWtwf>TEnTz!L_YzZ9ZDS
z2P?Cti2g=`aQV_nyz-e#*gOerZI2+4;8y%0_TzoblR4sSjx5ihDs9TLDW#C?rT`dm
zBJuwFy8x8tG$qr);hUI_p+$KPl_rq0=up~<J=&8c`1?x$^TEO#fZxypZTjYKM*zKE
zGI=g_R8p29O4Fg!eG5$6BDBb{`mFRGW<r~34Ia5Z3LLXnaESYrp0Q<eMg)BMxrZ=P
zw~@|caGEYJ&GR6&bJW4uiN)DELs7n744nb87Fr~Vxd`a>pYA{)kB%Dcg?8s20I~12
zS`sLZg?bPW7+?zZlfrc5m@<%M3Q7TrfVWctMN~5S6)cyHSiG(<sS}uJb!DX^XgrE=
z^5hCK>?6q%q<IPjrH2t6I+rdW=#2*U27wC1ggB2ORs<$%yLj>y;F*^$;|G7egCG6y
zCZsF`-$h+VCpE6lGVP6<+)ZYx`=^eIYFv_J%Rs=Cn<E>nSl{U~XKkK}&`@Gt;)3lZ
z0O{i?=^sw2Q(xH+w5V&{V88po$0E86XHq{j?MC=Uk-%sa;kjqd;pbkti0MX-*(xEG
zb6nrMiTz|B^K>6+nj)2Hty5_?nM%aB6GRkYWp)xjyt-S<d^D`zjqWDl&Pm;kk_2iz
z1CN#p0mcA+8NeS+-~8=AOaAoV3=E$G@Ecm7Rnfk4O9ePeVHD4oUz>GbqC<U=WRJ1v
z$uH_$qba;V@}0cZCN+ftL;`qvgCLR=Dw#v&*}Vb!S|W4QmoO!CtiFKnpae1tfIS3w
zY}%};1IsfUh26qEq$4<JgPYd8#YADKn@}LkNF`&g5v3pp)wE=ZYTtEh0xAGWrXUrA
zM1=4B^ae7e%LG)Qr+S#>eThm`ok{@IkeU?Hz7@Ru$w!dp3F0h9E;HvnFoQE*UQZ*f
zv@;qQNC(wxm=zRQF<2#_F#(esc<yr}Jp1v>_`Cn_27dO=ZDff;E)@g`O`f76g5gpg
ztg++u6j0W}P|Xxd!IaHjX_5z+Z<n%++F-92`129c^Z|d3o+4>Al%%;F+Q9GuJgg4r
zJi2M6J)N_1maNRiSXmw66Cb~X7hXIAO!k2&L7K+6db^13&C`9PS&CfcP%S(N3?NJL
zGRhudM4M1@&nhCW{1|<o#}e0dDG?=e<k9-Fqkfl4d57-|QNIEB4K3W>Dw#Z&Ticf=
z5HcTnyK7<M7QHKOHv=21krvAVqN4+Qi<S?BiOY)%dh+ZEtfhNU@f<Rl7fcn$0s4Gk
z>>wmA=o#f}1D?IoIu8l>+M<7SaG=+lw1pNQDhD!@51Lv^RMb6{2jiO6!;`BAU4Xg*
zH`@N9B3<y*&$4-=RHcX6z@E8CnKon>TmZ<55yuKrGNMzbaOM3ulwy>nZx*3S8T}I4
zI4p5c6+s|kC}vD10uNnW#jRwgVDnVU75BECR~8V2MQX+96AfgC{8V=u6_GlIq(ZZ>
zAZL-l+Esk~i>vt9t!@0xUtGiWt0{JOGGv)7SdK+S03*s$1ah!U4NYok2<_VWpaPc1
z+(O{aujk-<DXm%iV6p&piGh{nvF!4*UJRbSCKwJdjdJ}CDy1+UkFb4W1t+&>_~gqE
z<IyM9kzo$0ZX(HI?C;GnPv?j=!j?Xa)vOrtZdy1wB;non_P~lYLf*1ZJHh+$y{}Q4
zKuxAl<E4_uPfOtUM*zM(7?uO@8=5^r-u&(DGAH`vvb{Y+v~K~cmfNRk20IHV7%sB_
zdICCb7A-S{sx3Xl&u~FOV*y@6f}AvzCXtGn@s;Nv!rCZ99>-8=a<noI9nuADHE|)(
z7t-aUKCGE-wS0Y|d~K|u9iXc<y4MF3_62%<WhxeVZav;_5_UG4KZlT=i_r``VSx{w
zHP8m%%q769Kwtr&IADyCM!9Ywy#kal8_c{#ekOxdd0f^6*cBH+D`w=9k>v$IytT3g
zDKZe{Wqq3{k0Zb&Kum?sA4JLE*ogWyW3sr`lP6apX^tdMk>&}wO7je|;dBE*2L!^6
z28N=5@CbY}GniC)%>r@02eCfK%Rj#cO3vZ${^}}jU6r`@;T*fWDTELZBWjtssF8#4
z)%EfrJQK(5V00djrqNR&|N31M)&muub%6U!RK^VNUs2qMp`*v=U6=an;F{4sT3~Jo
zGRSDUd&T>9YI_x@Pp@M8^bD{3+$EeiP1w)&a67w-IExV{G3MDEX__GCtN?uIAIg=v
zM7oz0(f8FY{NUXi^`K%<>HpzHvu~IC>M2GP&%vW{;W%4fy8z%9r*HoDcalH-H-oO<
z0Q`n#&4O=$`K>ZHdT9$yl*A9bSo^|&q!s*;1^#r=bhvJF?t9uUeJXpA=1yA4MvONM
zAZ=eSm2wn{8BeYYj8%sHI9{HNLkQ$70{U8_Yzq;%^kM95BW~$S+R{Uo0_ay)Na$_z
zb=$>sz~|QHn=tg}$X__b+8FTE$2d_AHo+m)NQN5;0pmJ##|T+)h&{@7Y=Rupzo*7{
zCaxoc^*#c1u4$STLhD4pUtf(emu57pK65GG(C|l*1LUe+nN7#|%%>kmCR3zof=p&^
zB&8kYwQs_%1IZv<@zw-35hPn%q2x`3EW!6Y+l7es@%(3}7|E0P&)?s{jrSF<yt|KU
z*Y**O1VkAUWnHM<i12DUdO8!Rp0;ZYt{&F6qg!B1@b0#KKI=M9*WmOrd-?PSyB0H(
zDyS-7@Ui0-x1qDBdR+nwPY7LN?TZ1vMs7%zG7Rf$GdyzX1U9xJJoeZLJoU^;V3c4#
zy^U+TG3IHEIGrQTVx(CLsbm=`Uwlo=6Nx;{K}=X3Zx?Kytj%wI-nU~1gIs7hX9?tV
zWtoA16#%~gqJIbAPX>c>0DeO&+w=>+a~i;}favs6F^tR+rO6QOI}8}%5J+p5AU1@P
zSvN<!MU@;F#vPWldw$YP+sY%$y1}IH&Q@fk_QE!GGz{RO?KNz20#4#W#v#v-wr{(l
zT8prDF2LBS*MjMK&_q4JUS-{qb{t{aSR`6*U1-n3`kg$V1p%Hf08kyrer3cRGCIg3
zgWxM<CHH-7ep&=fb|k$@`&89^mgA!eOp692I#DcrA63ZcRlo;2Agkq9nl$eEngrFX
zzm?MjqKNt_Cd7$EmMM%@*YVx=ZX?ZASyLrIBp^zmJ|f+zL{06m&29-`Gy*PPUdLQr
zN0KLymUf@lK}12w*E|M2N})YOw(I|Vg_xk$?<-&`Rgv1M1cTEUpct1vGRBk7Z{WQj
zk8%CV2HyQ~j4SW$6t8Y1itTF+KopTu9e67ZgjVCIMxn}yh*foME*>OTLxjvRZ@ja0
ze~~jcn6J1c#X;KBa`YjswSyVqMTEOCrxjgi9Ym2S-Jp{P*%3d}ml<@AbgreX(LOKG
zGdr~EB4&n?3Q;8R=p(0a`SK>VPLA-{<0r7WEwG>M;Z}MD$$pABiIHS6lB{r&C?yXi
z8qW-*^9)Kd6a(+Qv#%YGy{RjtWrfr!-FE;0l2Q;!0y&<R*#%2$mjL|I^b5c9m&u>}
z;jO`-9Dv`@in0D#0G}`QPnOoAc!>5LDF}og1lrns&_r#Gg}av%kh}{e3?X9u?3!t)
zeMcT2X;sKyr`(V!5{z<xDH*Rna{;Gj0`f+Y=6NLbeFvy-3xYlz5cI(WLuCE!2Yp&}
zPX~Hrtnb15b5c!x`;q7SP()97?yF4<ekp03<S}eJjz{oQn%il5zL(f%tP{cF1F7rc
z>}}0xRRA#SauHhHn92A_R!Of$y<a;62r5^|GA@SA)@kg&dmD-+1W^^VD$XlP0e2E5
zsSAws;o_L8HXu)(S_h9}q)CD#Pr&8446;u;0NOw$zaxnKekg(+`ZJ%h0cglLR*j2W
zqJh<X#-%=jf&`I(QVJ=h*uFHu`A1iA_Od{{vyPn)3E%zO_mQNs1bqbv<O<bm&w)gf
zD#=6+U?7c#lWa$XU1O(Hb~?179><2^tO&jP>~Yc=B&HxE1>YkEXur~yKg5^mT9dZa
zntSAeH8Rg{tH#!NR$DU+@Wy;F0OONG(Q9t&?^HAP%J=8g$#uN+;zKxbD#G@u3C=yV
zikxHY$G7nQjTlLuB2HtZd5SDQTy)QFN-89`6R1pKWAy~S_uZRNQWfu~F~^a$4v__R
z2?y)A!!?l??Cxr|vP>qq6#!oZ@V^514}%do0KW&m&A#wEXUp2Yi%Z2TSyqU(57EBm
zV?z()r>jmywedq<FK)L!ATyg@S_+BDvtzuG#cfWOCKefD@{H$CO|cP4%;Py!mL7hQ
z=*!&MSE_+J$WuZ9vFoSLxI@o$QXgnNKssrg_MrECeY86I0zB&Hl&GT}y7lT+GS}WS
zT9A)|58{Xk?9RTLwf6K`-~PsTc6Oj91(8cemN5hY|2ZM-EAlu8LI|Io2hIRS5#iIH
zdK3yd(kw<U(?UwY)+6M${_q1q4!wNrI<oY%Q2jXU1=%J5E2gJ1ftMwi2#N?QOOWLm
z)=!Uc`k@(;%Y-wJp8?`E{P24>@%E3dnM|mfN5zjl8brh}BhO^}D?;E-tLbE)bdE0Y
z7a;XwzrV+MErV5Z76DO>&)J&mJeNS0><DYe3aADJ8z0(^U`-RyO+RK14E*wo*=&Rt
zp1+7EpWeo3HN%-RD;P}`_L6;E-PyssjOwLXf>dUZG7m~I9A*v6GleY8z+kLTPa)6W
z@6cR2tb^@{ZIx2bnI~hgSSqLBlK_5c_J!a1+xSoZ@Wx;z4#4k027LtJ6DT5n%dPDj
zm^|+|`12Z_bT}n#c5DJR7WghPd8%pQn|*aqs2JE@Tfs?AKyixvC}bQK1%2ot)qoc8
z6#_|pB^t=wnOZ<1Q3v3&tiE8BvZKEa1@?Npa$&a6keC~J`>O5Ww7|O^1ccmk=y10{
zJK33b<bKZqph_N)Rei1$kY=h#^Bj-ym+#%etynd(3}l6RNlO!@Dy&Q<2xK4<geRXm
z0mZkGWC?Q5{O*gKhk`O}jI_2$pc(SB$xN&78(J#unHvDmm4&FHIEo612gM4x%n?Nq
zPMjY>V2&5gPVnMqAIFD3mH4~Axq{ob6M#j{q*yo~bj3p}4_k3V4#b*#fgaj*9CsRt
z33I!@LPuQX?|tY_^op>Bd?6k(P<zNS`_9xK==rwutz8^k(=3S-pX37kl)8cdAq1ib
zc;wPaeCp+gv2hBRtSHP@1d^PwlU_rzmmo=FBzb~VrjWUWVtKS+PrqsfWb+I%E25Ae
zyq7>qdjil>wY{kzcP7o#cpLHzBFi9Wqh$sLW&qv<@V@}~e+LV30Dcd0I|bku0X(+M
zlZZ5dNaLZm?*i~=8(rQaccU=e!#HSxH~;F(TK$<7DYUPT&A%%OYLs<2pLyaO9@&~A
zyL}TXo`VmQE_^__hEC8&3#4}TW$X+QxAX*Jy|n;wc%k`)qIO-WqxQCBrEoF3X_(6x
zKRs|>=a)V73%$Fs2LS5P!8TEMk71j{1@N1kK7$*#Br=&H62db6%DI53VIlQ-0m?CZ
z_RI!2Dg@i(EQMm_W&Y<j><)i`f)|MdGTiu~uB+z*fG8O`>&@9b6a$JC6bgVWSt84G
zL?T5rjUZMe&aMGpdgd&6e+}RL>+AUGk8eOqAWbD?MVuq3mhd2!8ZnHU52+KxG|!sd
zdocQt8nDA`In_+(h#kob2{ZV%;f`c#c7tNhPd&@zpyM&PC)@F34sNWoL9^yWsB6oK
zFdhkv#}R~JeB{{+c;UtKSlwb|*vD)tp^ziaV(i>ZkmNDqEJl{6$fYdVJk`?IcUFvK
zFGil`SYO@1_rHG~c`l7QWt)7gsqeGvD()QeBc&kXIn-zjj+Pqrdk(-?W?%T7@5X=f
zhdYCXH~_x~uFc;1T>|K%ORw!?2Bir|4z+!E3;5FkpVvET<VJ<r;k+X9x))eqkUfCW
zD6Xf*(5zEP0Z3*%y*<IHDIxwKF48>J0lk7<k_@dHeLcWa8|YgQeEA|*zI0ORTgQj)
z$YPMSv!xFf?dwGa-fQzrRD>l~J=9^RC&yv202pKsNoDBZp-gJ_sJ5^#LKV=pBbR%E
ztiXj-K$aI;e>cPob0h#KWxb&GBI(GHtvo(WzJkjr!e>7H7{(J|cRxX%r{%b%hG~>^
zXyUiW?J?lvbYaJY<$m>mE$pCdkyNrCX(SuCFr<_KNk}FLDIi3Kh$6^HLTttO$g6};
zec@4LyAyoxZ?59U|9BHD1?KxX;v}o<0vm^zkJU9$n@IK?ORnrrtrJOJrvi0=H(wyE
zjlYvy@K;zm)>nJp!=ci$O<k%$1rS0|972og8V?sxU<d#k>r+gp5oRk9o_qEjKJxq-
zj8}7HJO^kGxyq5}DX#COB|%GyR3^yt{Mf*r-f>DQWN{8wjE(7Ou(}53Qj5|m*d`Lj
z0$?)b3f$>Nc?QZ-@Mv|3rG8i~YyJMW*;~K+ALBp%gQ4zd0Dcc#+XCS$0G?XrNko<v
zOrAr#qu|fyX{|lOo`qVEz8PslR?<)?n&%qT+zJ>S5U2{{Y-4qb)1w?woI@t_LdM}B
zD?=y1Y6E@b2U{VnzfdG`q14WRJVOs1J!%7PeaKq6^aiPa9|tu9yNGqrL8@|e_EWd9
z*#QW95#@6GNr?lpcNWm|)d7+R0O~b<d9ILV1?%AVuEqFZUzQ{;aB6bl{MQ*ZYO5Ix
z#>I!%08!NUNtM;&_HO-I^CB{F0|YtHH5Tx4gPYVl3g{0EQo~E?O#y|ed#3fPVunIN
zou4B|L=l9D5JeI8^6L;Q0?&S0;H6g|hTNOs@Bi*9-g|c!G8Ndlm12J{DM()h)%{)l
zt7Q#zcv}$$=^&BV^WK%Lv%VBrGKF$F-&N1M$1Sh29)&Eqa)O``2LO}SU78u*-Wy?0
z)VugVNd?6WR*dOngzZynSX&!mIwidH(!+T4@hxCHN0P-*xPiSaLz<^ZWri$IkmMOM
znL*|`6jvlIcc3wlB{}k}NUy$jHASAW$w~~1rMQ(U`VQMD%n)e;HJJd>QlY^MCHVUR
zfW5&w9Dv`0)}8_IR+;;}q{)dv*%0l!n*g9c`seqg!e;RH(s_r0rEQO~cI>tq#L93~
zQsLv5&f&Q;Ye?r;A(I$<SQ&>t`gDtczAh2-5D07A-;VO3qmIu$ZjZXfUVyI)>`@DF
zqwZ}D);YUSC`53v)B(~D7;*^Mk);qpE!*}uC$qoK4+s;%_|BCk5@{kaT3f^0AEvlI
zmlzvto#c|NcwP|w-p-s}$7qrvD@EH21GuT{g)PoqrqKxvfUq4Aw18k&N+^3`W^CVt
zod&8aA84`^J^<*Xf9e&83@{3^4pI`iB1AL-5kUxnOlA;c!jqpG;f3*eWV;jm@CP?=
z{lf$*kFa|y!_{khNRkXhq6h|(s3kqDBvk9+lLdvE3uoV(WT7DPzCVOMJ`4L8+_8@I
z1(h7~1hiaB5n-c1jb6EpVklN%2}C1-QzzGO`qUaGGs60MglC>Rhleh$LD3v>I>)ZO
zf^0uSmSsp~f;3BOau%f|WXZ<KcbKG(8A$h2WO0t!Yz062PdiA`%&FTY$14fbq0_hE
z`52nWQiv>r645eK_}2k^8Nj~-@cqFm9Dv^g(`Ik|?s^IOo?EINm1l^Op|<Z{0Dm2}
zqvLh<@xBEki!I;|-s>rhv78x~Hz&BbHbQ!14w)o%I?s`UJ~|}m>znr3RZ>CS1TLMm
zd_4f>Lb4NG(Y+3mm~c9&2kaqGySHT9gj*3^;2t_6bfMAW*H-gudpnWDjucR%{*RmV
zw=84GTtTgDAe}@2-vnv~J&l#pD1g)72Qx8DG2`bx`54yL$JkA8Ba<nZRQV`vphyN*
zsb>u)hhwscWU(uC0Y^XHNC)+$f|`9}hC@vN7$$+S(?7icumS-RP*CL<FGSx32?&)V
z%@T-Fgv&3C@ci^7kk4@agE@Zo&IDOZkjV%ie6WWr@83qA7ByNz5J(6uzUg`aSO<J;
zilXb^+2f{GT4V<{^`1Zb$h7x4EcYLs&R8G<SSdsPM=7pJdH~?u*)3eWxQVs(2x6je
z{`?v)T{?l)bwVQdkz{k+*xxB4dRbaV_fq6}j$GzNohPfij*VPNg>;@lW)dg1PT{9=
z4@#yGk?9s;G9$|eE7CqD+k_cW97B!A%Z~be62Kd?w|@8S_>cc!NJkrh-veX*UjpzI
z0Bg$|#0pU|MEmYm@K?JH4{9c}#{#yGuLHam*ClyQp_s8Y9pn6zF;4a|PbwLQ1ygGl
zkuL}UK6KUB^^j`t0!#!LJC7Lbb;>?;fl>76yWq8X-nCkI+)8WpiBlhgO+sB(D7TxU
z-UuhVMyj(jcNoZ49iU!zTZ1$GSfmAp$}eQfNK-~cz)$uSK8OiXm0oDQb5+eR)og%d
zJd^rdit*6H>ljUeWIskGvob(Sj;1~8Dk3uagKP2gs!oj!Aj+W%GmSXY02<u(!mzeI
z8HQ#^F2bZ()r8~85-Qg^rV=DCQUGP$heU)CMaV^tG)*BQfyt=|PoJA$I$D8DM!5Rn
z2sf@yA=C`%9`Mtj?BJbuZfXMW1QG;c4caDZY7R~}1(Liqm)thUXknDry%`^9FDG)#
z1Sna8ZdLUC%E|<fK6)DG&#hx+T|gqi$&)i&xUh-U^#~cqn5T2>=O1FHBsj|QB5IxG
z8FH1^8hgiDuXli!rxIC`g9zB$0rIp-)o$uZg;~d6jdyMG4(h$$p(gS&>KBccd0|^6
zso@_1_~~E~4#4leZ?m_4Z&pV8KC#@HDTf%MeRn$oJOBVBqcGmJoT(ku+2?1!fyb=y
z<k^#W@u4kb``4l7bMT@v4t-J)??uqp1!g;<dj|o0T|_kGoX{c%B67Fs5Q}dGRtG|c
z?Kxyj2Yao!1++OjdlbZW-O)hbKCt8-tPS#<5yujv=@dWON%51LT!07T{h|h3v_=IA
zN6yLZHB46}GO3Ve36zvhV67fY?1@v6C62=6ko&vNDbntZ&4?%bjHaYP1%EndTPmmq
zKS{5#^ymO;khQ2`Z1nh4B}+pJBr^bnNJNN4gqRZS(LSOm!rJKwC(e&C5o6>j;oKAJ
zc=q-TE73Y+8e!)~il6;#2k*RdqoM3?)Xc%&YB_z(b-&<T%kNm_+{<jeLW2xl4wg~W
z=RNY+NnF0Xjm@nIqOk-=8BT1^u(>(Kcnaidia1L!&#z(UR*t-^&&y?wTuJ2R@0GqD
z-y<5s%#19~kj*p9W;49^<J;K1ofUPvK6#e9e%DU(JSNZDVmAj7$KdgF*$khb1@QXp
zt>62f;y?b^8HP3hzx%vx1NenyM*F}DQ4)jH5be8X0ASxm&#tWJz@n|QfgYgRUo!CU
z<^)e|Pm%pBF4H_0c%S;{)`fKXI&}A1vt_zcAbsG+bDmJ094!*%3tfAk+PxkroM9;j
zoyk?R*o2nWNgZ+;{s(l}7rp1Vi)oCxK+qz`rz-hQk9z40EU@b0JWdvUoKgS)S|l(G
zAk8GQRARijg}rnIae5PzQDn0I5t%^Tsxs4`wUP=ieC#4lo?Jna+(MG4kaew<!%^u(
z=Ipe~3T!kmi>zDr={8b%TsBE>JmfGwi3kd&f?5F3lLl%7Kq9ulrbWO~J&RgPPeJ7h
zIc4Sk0+EP{v``@+XdfbquyQiO*4Yt8LV*}KlM)_!b{#LqE0~Vfz}XnLZ%X{^om=?H
zk8faaFEJ!|7zKd|8`H6wt4VriQNs>e-y?@K@xp+ldwc(!Pek5%RS3fQb6dE0@dO@z
zcoS<I5fJ4_WsKSC2<z(;jK_c?LM9cmd=Iyh9pw8GQspJkD?px95|SlYsxn0v$AoT=
z+Pq?<^9*^K<HYtUd?0h=GKPpE6Y!Hp*krt&cPZ#ATa>5ZEQO3_%e=nrGV1rg1GqI9
zfdlZnZ`<sPzc&KmO8{P9Dvpp6BAE{zey@Q)EExT>Il%Q}*doFU9(z2BaB9MsCA-*3
zV#q9AjD{|R9lCV-LYj4bH2V4wxY#L>o^7d(t+R(5gck^Qk<#?tmfFB9Sxk!T*6R6)
zYXYEq0nCO2n47&{ATsq0wBz~1awY^Kn5e<?y>+&#sMch~C0DGESg+{PqJ{)2qfJRt
zAdg!d;W|&sR6+A4CkOF2@Xgn+4?nzt^^FMcT~Cn9)DS{9?up^ylC07^%e!SW7DrVb
za&4Gv(JcM48AcRPCx|gvCecO;!>wd6x>&pe0DUAd?7lS?PiXxfRB54HriD_e`A0+$
zc>w}ria@kqL<pk@lXZdVhJX-r2&7m&3v53+#&fTn#WY&M2s2~}VShKrl`DJr@XBrc
z<R>@EXCoRwtd*=O)ky0Uznh{LI{58lgzHSvA`%d#kbS{o>dtLSDXgxJ@#GU{vAHqB
z_Ni5DY>qKojR28jp6wzU0h39D@mPX{g5n&xVq|iT+vzT3ERo9`Qp!SdL6(f0QWZe2
zOxwIyB6?j-$|B+iFp@oiJdHHjhR|X`OLC?y1KBb}GKZW^m#WhW;O7CnKKtVD{U7nS
z|Fy!<2H<y}w#_oyx4P6p8_z*%7)SRk06gdd=~MC5|1OWsL0L1dje$$2H}Sd0&mh~s
zRfx9d*}?<_ttpQ-kU_Uld8aV@f}pRH{G|opbrQF<NirNp&oHPP=;^4oesaVCmur_$
zuMJ37Mzh{dlVGElgo7`YGk|lM-Dsy7pMocsvPt!8^Z*->DszQ2QHTWLC$|#(;2N45
zF|u9~(kMhof2PevDQ28Jv5wUZLLy_Nc??;B7Ax7%{>6}*@I(ZQGYO-Q>|h^3XdsaF
z9|qZp9tCWZhhQ5tTm4#pX8}N427+rgQ};X^REN-WbIW6v5jq7~zX3!A$x9Uxq*9Yj
z2!SXXA&Lm2kpK$`DfTg15!gIISbqq3oY(P+TE}#}ijkOrR0OcV?v6yBO5D7WU~ex4
z0KE6!O}zj9?V21!kf?#Tb6>^-E>a{Ft41Ikz<3<t*{9E8G#+6xj&SPC8dlfFSXqrQ
z8UqkH6msmR`v4eGBnq%75)h>zVkk&VCK5SI#8P1|laQ<+rG(_X1bYe!vS9BlYx5NI
zJsHXC+wwF=x}RY*8sUR0ySQ<KOL-PD77?;_9W6Fbx{L2oWLY8aFkLwYdziirV1F?F
z2H<z!wb>VcUjXzffH#)u>melvCeQl<{4HQnb3lm6$n<L>A2!j2k9F?U$_US&T0wT@
z3i4zQ?n4sPraRY~u1J1>(%~?LCo0%Ve9{H_JoiGr$X(C+!mh|&C*Y%Y!F7VJ?Z^(`
z>jZj>fV?B0u_#E*NuC?!P$&4(8{y(cFGHuNYuff@ZY9;NQ|7AevW$_=6~-$oxE-(J
z%B?+&B4I@bMDw3SDfBE#;RQ4LrzGRqXV2r(r7gtCO(eC90|JI*2n>?N%;`xDWfK4g
zL7+yq;*A2bKOv!c13c-U25MtH@aL6*AYbhtnr*p3h~DU5$kEm?hE`Cpx{rdiLulk3
zf}#Qpil|H(tpFlnt`bBXmHPqF3Bm}3^XI63YESS95VpZ!jKm1D(JF)x?tHCz2dKRH
zB%dRbIaoE|k4k1zE<qU49sov8K*p-n`(r2}i<-4umH?8$P*6%iDh0(7xsrfVkaaCy
z0q*Wbw#{WXW+0tsNarcGH@C5m5t3vF(I|4~Won|x-HX88cB2YnK8KpDEHmmi0`MgO
zp91jbgW)#-zx%PRl}w%|mwA$CzCT3!?hEkO(`m{+i#6~Wb=L3~?~o8Uvl3w~-@|Sa
zL#D}MENgv8OAeyb*CE%?SD&vng|q{R^<nJntu@$}9n{7_<na9)7eaJEpm)GD&x60%
z<oTGq?<IK-!-0$R5{cMS3@&$xag;XgG_Rw@x)sGho)v=C*>r-P$vS}D(jKIO=G}@8
zgu1Ibl~Rn8r>0ojh_HJjL6)ap0w+DHMFA*iYXvqyiQNIgX0jn^sgj*y?BuBf^wa?M
zssHoIKvd_o1>p7c&-xRxm`N9%Yir}b08Tm_tc-i1F*^!qY@nh5i4h`@peAxy*Vc);
z&N3xnp6``_GW=px0IvY3s!kiN`dD#ON5>_gt4LG|P*+9hs?X67tyKH4YHDJK2BjET
zoEKvB*$65dH%zW}%`T{!YsjtJz1y28<-p`@sZqZR0KPo?;_rVa{`P-6NIML`@4jm<
z0{8-e@zSt@%t2{9Owtb;`0H)41R@qjhA89Y`V6l>bq@LdE>seO)3p1YY5{801^Unq
z`h1kv)B}{6*Fj+-mM+joJs3OtlDANgl+GaFvo6p}f<rCjIURs*X~1s@`Vf{900++L
zqipeA3AaT6xdRy5V~GGIfh1NS0bENZzJDu$C|UoS6iDl(sX>F5MXFuj*5(Sfw#Ud+
zj5JH3R9*rkJ4VVu2@JAAlrAX?X}Y0iswJUf0OdN`R2|doKRpe!Jp$-z0tV{;*xI5l
z#Uw*6qRHMQ2jPXIf9;XKeqgYOtjXYu)<|{eW3{fe)R|T_@JNA_KwWa90cmb}Ki9X#
zHJJ|>P$hfJy-Kihr&^KbnIeiJT)P(I!w<3|GE3$_vW48;y5+kc08&-!H=P#p6w7I|
zvexf^2JqLz8#VyH`=-s_`u!0IKM&xMWu7OB=MaN#-~9*vmVI1JbV`A-F%|gag*C{l
z*CFR~u*??&eW3^(xpA4c6v|$8eiRmg*LU!6YPj2TfWXBE*tpEl<8n>Z{`MWW=63L1
zf3>fJRke%K6rXG8KopKZ`kFW#@FTBRA`rn_&>sQx*YR^cQ&z?$85wZ}OkvykQ5wz4
zA`4MrCjhf4-JqjD+kTdkF`wrU(Fixy2;cu;ry$y>BYwpTAw-c5hO$Pe5`1nVg2iE_
zRCw&sQ+WEx(}<JXNb;np?;~H}k^EYRdgmF@I<ref$%<KlF!BGh_vX)*B<FS5`LgbP
z_rBNrGSfXPW&n`D03bjBLqY@ykhDw?+@ycR+(lFR3mgtxlEdL2ZU5?UIKp9tLlW(<
zyo6+iWQL_6!@)%$2oNL&n5}2J`@MT>$;{6`R94oPTix5;?+&KBD<|Icdv~cdt13^P
z^PMB!X8~Oa1Pcpd>J4KBpGYygC{7GXXH}H)>L@|^!O~a;yNmN1<^RdoSb$M)@FKw?
z#V7PUC*4>$i|%`mrv2swXYlsH0l!+KJ!`OD9izRw!oB<Vu~<5DmqDs6CUBBW&b?f|
zJ|vA9)OAo@3wyLa<Ot{EeW3e)^hfo-_^;-UJOjTcq$zyD$vjsFyLz;SYMYtuo7+R)
z<Xu;#zP|5rcZRmDVcWW|9oZN3p#b`(ki>a_KI{N}axh=2ms9&Oa&k26Cqh*QT#3)_
z%Ob*OK5-g3AvcsJz#i@KJ9gwO7C%P;1UQeu3+)36_XV^(;%_D8gwlsa)Vz`kC80_Q
zkeA85N2v}_X819nJA<yV!15TI#dXx(n^>x9WCN)0Jo$M7O5ijz<MP!bT)VNtn|I$q
zr(0*=AK=(TPMOCB5nBw-<o!{?mX0z{<qwP!Zk5C&mcjiXSc08cYB|JgWa1#0_jLi?
zEdkBRKM|x0@&ncWeUJn1N4hTNcCO7@M%Q$(#-hRzmg)kC?vMBEcvg`VSY<d{dVKbo
ztc7YC@bU<(4#xUj0`LtG{t19@&pmAheosiFuLAgy%$)oAVav7#X+0n6xjj7U1LI`5
z#DDO~=fKSdrryFlh|F^b7^4E{i)Akl1^Q?Q=%YPcJ84HQA0Dt4k@l2>#`~yp-=}hD
z`@UeWcuw{mkn92U=n+P!^x%u5oYB2t@OF}#h0Fo6`(HH)B(~^59|0Q+d~2fw+ZO>V
z8swjpn7NGOf5yql3O8;ZqvIN_?x3v>>V{HwEdqkk&WD#Y1z!wn@+b-z7}@Ah5=w%M
z<1r>8z)&Fr=cS+}8E7^LJ`VDrApb8hfT2|WnHVRRoIfAMVR>#(9`Mr^%~=Z~!o7Pf
z-g@Iy<n&SC&Kpk*Ny+EqAoG+vpt=TDufd07{VD)I2H+=W;CJ|@=0kA!w*L8Fdl|s5
z0=ROxJCcEFTYzVo=iDA1_c4I=lJHY6UV-g8*t&Kx4toyNch>n)85r#fXFn9^qul}X
zJGU|8U`p|_<GTL{d&HmZ4Ip@YGg?M0LEZO<qMs-_E{jIV|DgP%+|RzRm$oHyT>LUr
z&&bK2;dN<_iO4K-c#SAs?(kVs;XVqZO~3uJ&roI?hS#iRY&U((!d*@H!@s#B^7}Fe
zpCk*I8bMggc<$C^eCE@)(X=(%u7+hDomX+5L>PQ<jH62=f86CZ#a)9StIo#pY*>$`
zF#fIFFeA*6qa;_6qIJgKq2L}OATotBDdC?Ko-=tT3a)v|<UGc+F>`y`n{GAg(+11s
z5h|?l-kme3N~IH<66DcDFzjPO{gKw7!>h?|0r=(h&;Q!3xu?y*?{Nox1mKGRK7F|3
zO{m%is%sxF4Z++#lmPJ3QH86zH+9kVwk-49M<y5*yvH9P?Dss}JDeTU&YfA%hm7QO
z0tn{7T=p1bSiYEbNx+vH?7!Uyl}eb%y#OD|U~dZO5sd?C3HETnAGvKR`kBI`pxq#Q
zpW{R^u=fMD3>cqajAb7+hSAg(TrJUEeg=13R$I~`<NQVO8A*^afGbyy@ci>9Xu1}y
zZeiI59ASKpLok*BgYhBC?jJ?<O7c6Qgl#+qA$`WgP(GR>0{|&AIYb01)Z@kgFue9C
z`I91sB>|5K_?)<p&F$%ZG;$C8tTtHC66?hk@1jbX8&Pn*Jpr9awJm6B68O<u1>g&A
ztUR|F_&wI`vUBpheXuoH)6d4t5e{>EMAWya6u$nM7g2SMbMq|pD=Lm-r?co%e74hh
z@`1wHV<VRmOGo*9KAHps<qW^<XG*UH>!K0xQRel`ApMcRUKu-u`>N={fZINdo(eon
z%3v+Gj$Op$K5XVb0FWLM0E+jRfVQ!)7SI5`YuBP~jH3KSiX0uCJEojjXW)3X#B;YV
zp*0({T?1`8FIkjK-?%){Z)8j$CKy2!CM0qoFarQX5J@hNPynz9gl5@43V~hhT||_h
zBcc?2M)#u>{FMgdRM?go{5|DQN6Tn7Ex<t2Fy48y5jV4_pUDd-l2p^<MfQzgLHB{~
z2X3zb`0D!Sf9+)MaWn9HoZD*vzH&%Y7uB`B%yVvYdq}|Nr`!nm@=I5stcIz#uw6G@
zq_rd3p!E5D1KRfvXD_*RX4Xd~5SZJS3E-F;fhGnqG~p&n@CGg<a=<(|cnCS?-e6B2
z%a~#lpl=^QC--;Pc1g+Q6hPc-d8J+4hv|Gs0Eis`a4=zQYTFMKned0-yXS$9=K_fO
zLqQY(C=i4sbf~psT)%dLpZMZSj_q@9o}jcVQYgKY?85*8hx3qQ11Vz^n`b#GWuP-M
z&>_T}#P=k~RWuC%A+{?4r5WjG?q(E%KT7W>^4!XEfdcTI+f&)JHmFZqsHy_-5`X>I
z?+Uh_^2P1`eoDI>vmOWJ>sY^o`bb;=@Usp8&TR&Mk6&AV{nu9@`Z7QtJ(y04d*DZA
zHg%cXqv1Yg;L7n5&+r!9)-cT$oQno|kgPY#%$V;P(4Ls7?D`JTH0Z+)XHD#3#!|}U
zqaAY89OxTr%9PMKQa(arZ(v1v1zdn(l>0^P26_4Qg&*4IzsVxQJ?anxFsRa>0PN(b
z)u4uM3U!tMV3@0xWprIL#-iRBFci8A*YM|W-b)z2!OX??+aQ}!tjArKM@I_J++L&8
zEjr!8`dV%Z09V4kQ3ebOi6ccdg>wHUYXXD)nU;Y{*|75Kro7}ix-exmUyhZG<6-jb
zU#v9GOFvUaG2D)HHfnB974T~`^j4#y1un0z!&(mep6rm~-Wb`?KE{$y>PZIO9#;Dg
z`ZS2Xxc>UDFXvu&m^Qn59=5#*;On5nnYxgt-+3-XnA;<vKO*3(Kl&Wjrh%=uy|Ifm
zWpG!La!!S`@9A=x#2nCW&<E@eX2(7Z;uH(HkF#io7$BMNM*^fqfS9lcDBi~eCnpW{
zS%G6V;B*}m?Z)?yqJZ;;LgL&_+{WVl<(;LclnG_0c=h4-WHJ!OsDQA3j5*xqA=|F&
z7`kIH5#C!}1L(|U{>ALtD2EIVfs1J9x1X_GR(R>9YcO1+)h)E?f-v@cG8`qjePPT)
zKOkj_JVb*~^u9h1NaG@6Bh;}YuuN<S(){FcBzN$bM)%KtG3>#v%*Y@SvM${}<1Ukp
zeUR*F5c$AC{6^04Q!XuW`#eO}-`qZ&Pe%*1+ZNXLO#YqwCYW>ypF=ShPkV-}J{|``
zH4V&a4XEl+Yk3C1F9P`A0DOP$eKYWTY})$kzpem${?LW0s%t^Bsmt6R8TR#<;A^j5
z$BN!ZU2kE#HXI%oz(_8Ojxu!JBg;GY31=?=zG7Sh<w4S<F^t-SIgIy1(HIU7!L*?O
z_V$T}C;&0J0VKoUgOGTYE`xTVyaK4)@im?Veq$Jc$T=tmwsQ=ob8pB<0L}r;%s#Uy
ztBZo!0|4kV!DS%)09FXr0&UH(%rFf6!T0XLFbCjvkYI9<g-8JlHUt(h11Bd-eECbS
zqBFhBQybmq6Dk#C)a3x+7?Ms|Tpy&^Ma()g%d-=~C{7Mh0OCDZOp!c+U4CEx`DD9&
zS70#9?c(tSP@#8m+5>y=x@YJ+lfeJ%!7b4U{(=b$!VCbPf@Y0DeZK(#SXL|i`FHMQ
z)C6HjJ7we(ls+IIyGBg|(i(hJ9db240pPXu*MI#7_5b=`&R5rY<A(VV9IRb;rY_GN
z>;g0zs;TEAJ-2f~e(Pn0XRrmF%+pHw@Q!GONmM}C2_Cax2|Jdb3uk{=&^Kkyf(am+
zWezj-V9X%mK+;(>Y{`I7D%2t7w#BnaDm00KqQnY+SN$8&L`|OB5zA2g?kI5`qY`MZ
zdcnLZvk-SdnOZ#(>xw~89I1fvq&+45kQ`IQ*q#}%W#G~^{PFki_d(<oN?yt3L=dS!
zp2~>is!Uie6rO+K1fAAsyV1>4Nm*zVxe@dcY5r1h5Dg@ve)6O&4W(>MLZ&8=(uf8`
z0$@dvAlTOrQbq!rI)F~Of95Af(%6So`iYF|ClzjMv+>K5-gIZsZ95PYE}h&!z3qJb
zNPNSKU3zJsnY70V__0CN)Q+`3SbGJ)&jGkN_rCLQGvjx-_5y&v<t%Cs1pLeg;j%Qh
zCmr#D!OZySAAKHINW*Sxn7RfVyA$l?*s4-q-=qw4Dxe+vM>fz7Hj+yDeAu)0Fvlz=
z3>=R&bQmRoJ@DEg>D<AFX2!4SF{QXjt?(U8<t^qj;~#4LvTJsm3;iiHwk&LfW2KnE
zkg`cmHg%Br#V(IAN#tdY9DRTRC>}1EP&()qU^)xkT38V7pIk?6e&86S5qPn5@C2Y7
zf~Kf*5qfa^!V6bnX$x&y=jLg{<HaE`;Q@qtMiGHDayTChWOBJk>=%pEM_yV>UV9m`
zYBBj0W}l}rO(|3zrL7}0X0N7X--Vdd0Qi1?Ioe0~WpNyFA8I~>&#>FKIPhH_9Tq9?
zQFQ$LIC&DEkPLKN4QqM^zCK+z1~|HID6G?sAAIz<m-vaMnk~%91)w?@gjfLh8i4->
z!2P)wp7Z&e55f7j_1Ayn7@(gA=re~ZfF)~DZO;xJs5!T%2L3UA>ZL2VydZSV7Pf8E
zA}ZPqJ|;uju}6K{M6i1dW+vsBRHzf20(~^iIA$`p(_`WdQ&<d=RchR_hgr*%NlTI4
zQemjvE>^F^*3m<_h|&-`Km0rV?7<3RhmlOoY9TOc8Ch0}a@vwujESg-_(11B9|sM(
z?NL3T>l(&T7W+r<c4%#XEEwDa8P9fxbSV%2(TJxQjH8vpSHJvGFih{}X*wst#6*4{
ze2BWw&!Z@uKFbEC5HK-{QKS28%mC(`K})%S6qu@vA5clAN?0$Im5>L(GMaD5FnHM;
zSccUjDzJ*Bu=m;Y<;i?DT1LHTV2y>s0^j_zw_q6=$w&0C8!yBst`vu~hN^2(8+(wS
zp9JXV)?fdPqq!H(!0$1*DsTgYuY#~V*fn7-sF~Tmxji!C12eE(RCu;(Q0cmlahQ^M
zKH$vdKA>;XSu^vY9OxsO27R<6l)VfzcRO|l16<~DFs+oQ2BxH$py_Cdth`i$JvFQ=
z3Z~vO@`3hzJ&{>bMyI>y061?F8rR0`2RMuG2Pg620pLD4gF}piF&1ilf`9q#chMN@
z%G{K!QUf!4z|=EZ&fOIuakN}0eB>jSVcDS7EexA7kj@;_LBguMqb7~+orz4dBncJY
zVL7Hv`&tqYk-I)50E|H9cy02?5DuodZn!coE93r2Y4#tm8~p8d{mf+u&fxE9XvP>c
zr!8QCn^$k)Y}1APgEHamMByaC!#p@Y<gIG9Ahw4z_*{YTbD&x7IRn2Bd0YR&Z&Uz2
z>xxqkG+1X;^#)|ke8A`S$jvh2^;d7<*&~A9Zef}l9LIx{B%Vk!v37yHU0|}D2S`QZ
zmAyb8%AgO}zoxHf;u0}IL2N^Azo#M@a)2)fMilME?(M3-!vvTpBep09@Sz^=`GU$^
z>Ov6bKofb1DmwORsJT=j130`Me?D<LrE*+`_}3an(^y!;Fqdy&YZYLl<@kw<v@^xx
z4I<!`m#+hh2CZ(;=>`_I2l$!5!$}~B5Lhc&RVUfN;P_KkVm(f3jLS?W8$>Q4O##4c
z7(9FpqpM_e%2IZ(s1##S3dnMXzq#RfHogP#HA`9WN1&n%eQr<0BtCSlVRe5Y>t;1l
z@+5O1Gg*?}P>7$%8c@<5RM#B%=;JE@UR(ddZ_HTb9NS#ucL3}M;BN!CeXy&+TBv$6
zAL+S0>I_0ZqsffdU$}y2Pb%npTiB)stSwGXQV|FiToq_~Oho%IihC||67<oYpl<?1
zCTyG<qY*qqp;Y*N>@W-2#eljgI&V%$R0ycv&nPEvWKnqRB9jpQ(9iIRw{lLJkR@tk
z?Uj=}^tE!#-u*JL?c~ral6kDn6Z2<bg%+plW}jOi|K+i6%;j`22wiJnIs;<HpWY{I
z4HbgJ3p8?aT@b$Z<&R;pAe?PlXsgBfcI+WZmXLyDK*aHUVFG4I6y>q2tMm1690D8W
zq^fC*Y6xod5)0I%29U&<c!)+Iu^pq+E5bs`s16gv*}6aYeR2CC;wLB<`ydJuefgq@
zd>~m3NFhikA4?I%J<MeokN*?WFq%yVqYad*@SShH4`Vo~qb7MHrdUEiJ6(_;&lzJ2
zwcWt1jt@E6@scx1{C^Nmqs?swejgIV_Y1#C0KEwC&mQs;S8W3_^EEKHbHROBE-Ktw
zXsnFJy{3lMZGM*WVI-ap8r`r1^c9zhJYzQnymr<IPGt>}kfh1sDrGYAO5k!To*`LJ
z8kR`AG8GFojeDE5PzHh0o@YLdW=jJH2G9l<lx5xD!=wZH%&h)3?w|YYK;D4T9H3*i
zBY<Hs0%!kX0_=R!fJI`-&ny5{jQ$79e-XmYtZ?>DhqJe9K&|k9|KL5`YdCM|P9+zj
z^f2Cf{urPRt!`kgaR5dD{s0iMkdt!kJmVt@LJ$~6BLt=<0;#cQDI-&up`UXK0Q<K&
z$pwr7;F#H$*#>`Ih3Atg27dzhQV8$@@Rl)U3Beymi08o{1hAuEzofBFHtTN&e~&k|
zF&6Enh1C`}t~`Tpy?qas#dV$7A45C`N)M?gr%~5|bO&A@tPHQ}i4^*80eo-nku&i7
zFt!T7&j9q=;RfprwLL4R7td{O4}kiNwfNMFH}K-c3VM6b)%Tfc$s-Cbp1b6lQ!buU
zpf8ivmo=8zC$d52zZLTG;`bBmqvQ_o=%h(h40JC7$SG%3qLJpKNLIFwG&b|`VoXLZ
z43H+=TQd^~!5_>3Tk!B>ZT~kIVC}#eJHW<(b-x4t-vA6s04LXFGY+7f+cpY;UoQ7g
z0LHANCuH6qI{?_9AKL+EZ`U|`dxPZ*AHzGfMQ0cbrGj{Zo~ffzBI)B7LI#kT@#@Pr
zQ7ttZU86M)_yq*1%>CntcMshsC5ja!TW}DD<uL;m>_nDnv?2unGa=)|rNKTck7-=T
z812U)(>nle*>3|pJ~AyzW(hKdz*j7v1b_^Id~D}B0?Gj}k9mJR$P7U%`H7z->rduI
z2Gr)<9xqhmVjP<Oes!cSfoKClCxYAK+&(ovuOOLd^<>IDjX|~DLN8Z`T7`0@Q(syC
z!f*Z$_5bo;%ooxO{62JT-2*=yZ2CiWEl79sk)GRm;64~@@#D{5!7EqR=-zx2wiPl@
z?8wtAKQA9Rx}gkA3Rc)T(1$%h-yR|9Ww0v((cyCW5V}j!gDh{?u~HBNj6DG#6%XMK
z;77%C6AqXK%LWJLtOZ-`fSPeY&4AgAfKIY>u#q&AGXwElr;7W^c!C4zT_LocGQdyD
z|9VSJ@!10KBNhO~u}+;fXd43p<NLUT4XvQ4j+`O;j;ee;P&7b{+E0A(B~Vr4&i!}s
z{^`4@+s37WD3DU9sB-moD$Ldc(!UWMhrwmkzah`R1AUT}3m8Txqht;uA~-phjt8Uh
z_;SPoPD((B{a^ufA!8;eJXuUW`hg?qD`8xByk8>YL9l-#Jt%>8F79F2NAM{7OfdJ%
z{ylz=NXzJI-OIO$@YmnDhpw|p@i8S44pD(JKgl_d>=bAke7I<b3ohE>e*)0XJ#z+r
zA0EW_jo%~?ejLD851HLp)n_0xo4U;HoM!Au;fCsPVr$%QY8V;gP*V6!uzmZ~@KLGW
zZ7Mgf1R@^*^nrG-izZE6c$(##*!G=3H!+c+P|jJBa_$58rhwnz)F?~m2Y}{5o9#gy
zEZArV@))qjGj{A`m?2VPgy>>iv6lqO{owK>g-|1gA5(dZ8m$e!(91JL13N<_YZKM2
zl_pC9<)J%VZDY~Z28(5dKYU|@x6TwQO6}e$se>&K3ZJ>Xgr)}fw|8-Gdk>wP@EaU8
z6)7+XN>!+wDNUsoJusvSO7);nks2k5L<x?EV73MTHOiQ!{ILf$1J+`qs2&i(G4^{b
zfF?OsFU|tYN<cBPc|%w<M?je!vq(bzndJTjK&=0p1lh<rAQyu_p9?qv{zM<jg1@;v
zX21_<&Kl@O<Laer__J?r&~>_xVhL`i(qN1BELwkp#t=qBH8sqIgPCtGU6}i80RCw1
znKSVF@O1uu2=X-mHxITBYe4Nh;W4-KX~tT7?A8^0;+YfJ?HNqH1#)aM?T~nuo^KQ3
z;3dG442nyP9d^|4?O9{EmkCU;UUr5q6vQ+H%TgJjx??O5ID<-i`KgGDoLlL>=fP|J
zY(FSBj<o}WO$S)*7`q<a^}r57>&S&ZlA|~asLU%_Mdt{}zjADQINT-(yOk^mq{z@e
z1P~NS87cH8;ZbwQ5w0ZySTmZ9L9;Pf-MEE!-&&z=H5QdL`B7o!U=U}J$~>RDeFe)^
zhi-85bWG~-z6D?gS7(F3KAvTS168P01%g6VEl{b-0YfFoY6_S@2+$SRg)&E{IjYY~
z>H!6H*MlbxjbI8jfShB@z!Cd5pxFV~+MxDtWdA4$d{4k1N_BsE@aKW71b@EPumJvM
z6!=&T=!~(@jR9MW_2M#^?*fC&GiLpg=iGzVML)*P8mP90J-KiwlNSQ;Jb<qpf8)3Q
zc>DYRc)p5e;P;`qQ`~kk&%=qGHycoFvp=`FJ@{N^f4^qN$8TQ5CvRRr`}VuAO+6ZG
zJj5jBJ`&Gt4O*5Iq69RNDtxyT>5v1iY6s|3Ilw3!Ap);_dN^q(3SiXj;M9JVjx9~e
zRz3UX2FKPhcx+&G<LdA<Fx*?1BfaD<$?pS5nRdl`1TRwn)N&LGC7&rTo-?n@@;6`J
z#i36KD0G30mt`5yZGVjKuCC#1aS_0o$n(m$drlkxYZ+ho+zYsR^$7Rd_tEJFfW;W|
zM@em*yrzd!-CxOF@Ii$>?{QHrK%}rx3&#@nAW;n<(1BFR0uJ*M>;RoK+>D(xB><HC
zsg!FDpe(7S8yGtd9r1mwt7rcP2xgt^Q}ugIBb&=X1!Cw7E1ft;P*(zf<8{WdjFq$H
zf*J4^e|T;m=0~J%HFT>%M7Z-#hqkd<ldWtPk9dznZR!&{`t4e%wuN1-54DPmZhZaU
z19*4tpfm9Mu(a1*5$a*`Mwmfe6V_kNZEg>b`@kSvTQaUthtqls?wZk9BR4cHv3;~d
z;yIP+mjyLc1~Vl<N97zoOx3#4ME#(!w)afU9+JzVgXz?INtFq+eE=WDCwHj7lM>CY
z2YaS<(#=8Yh;U@9_QPxeQ}+=4FZVK0zP^t*Tv1Mp>7|C2`xpj9wRsuS7LsL#{xu$B
z1{?|`ClzIfXh?t}-C4A?#iCO9_wQT0ac28Ez9_bV24fefB!e$VnIppO=hiq{^-{Be
z+4Ia?AY~MFcM&tqkhOab7&_NfW4gdJh(M^S3W|DGZ~%sCkctvTf$ao#wVG1^kU3)i
zf;fip%R>xAz}RJg+1T&K_mtT8!Ayogurx|};hkEg>t`nNVbbxFNAL#`_dp|)DC_-V
z@E3IE8T@^?ACb&xHyzq-hm+$IeD}}qVYBI+%rg)4#tA#hI7L6<z|R;^Qv>Vuq5Ad$
zz~|i<`~R4G=nVXR=<WC$zqNEhlUEM44%IfGZZ>t9+xb1%u3uQ=)vHI~%{|z*hV8mA
z#-ZfK8G*hch{GO1?U>HE+ZnZhiTbvZ)N&%yA;`E39^kUBZyNL!k6E^sQ0?C4qCw6u
zN_DQ8R`)=U4cKb;(*ZC(7GWId59{NA!NkOI+-175dvuTkew6+;HE<yEgZ2RDO5+Sg
z`BjxRAyMIxXPkVFACYqqRT!sDTzy~7sLwQ(7cb(w_XuyD)>w!v$E+DdVSqTuJdZD1
z)Ov$fJK#r|2nUSb5uTGA;tH9f$qo{=cs!c1I2Tn0V6^GI69z_05f-#SRrPg)3$*~0
zLZvEHgH$xmsEz<2C}#hpj#G$rOYC0^{t(JbNn|Rrb0Qt<{szz`rJBNNk;8mGM9d$e
zIEZrGg9LkJ@E1m9%;4|C+^k`Ab)VmN>B@C1s0MQv3C2l0CnySWe{v%nO2mZfT3CHh
zlb2@!{N(XBe(PUufBzrP(zhA-{m|P-0sJ(8<AcqpG|epYoZETap#c}#{_4#O_*);j
zf$r}2V44~n$2efRhHh$bKdEflN8*Wc-XE1%G1>z_?X?^+I3FsCgv2ueeG_GEIe?e|
z$cg<)kEL_Pv>LD)mL1qLodbDJwi(sVg_6S@2ruYSX@`t+AC+fX025@OVUN1J;JqyV
zqzKS)x?EZ76~ebzP?`sdN*bFwDP+fJYXjR^G}mt6th)iW_xmSn0QAy9BE`~SS9klF
z*KXta+m~>^eG`ptVA&SW56j2`mWNnm*U4aX8BZuwkfYhl0K9r;u!RBZx*z6JZzQ8g
zVNoriNcA#NRXJmsD!q0&lz$F=${%SSK^qm=zqsxX5&Ji~i;h`(lC2$1apL$Xz~A_p
zkX?*{VdC~Fz#ouz`phqB27e#sX0(NFG>CwE?`zcc*incmGc!gLh2~F5>snCTfRC4l
zDrUXx%oG1R0N<T^=?wgSxQ*!ZV1DI53kOWs%RFa0=((K_?gKO9%7XFS(x7Q-*rtJH
zlLZCoAfM9DOv(?V`n=-uDGS!7<dr!SlwfhW^~gvil|I8MqEv`Pann@2U<BlX0kDE_
z&lH9LB(@>g)=`_-vv~&0ZU3)r!Nxd%r(Hc0htf;xS4c%9iZmM#d4{zJ;`e<$mR%wo
zY{xU?v2RG?rpYB}S7!9Wp?Caw3YJABMo=uAZ2z}07VU;nRfKPzGXC;DLn(yyeNf}S
zI~Y{9j4RhFtd4<qwhfH!ddqZ0p4A*+hGeGtKE?u{C=Yb3H{}^tq5@+gi?MDFiXw+j
z?)MddWeaP1DR`r60EB8VkD<P9uu>IBRaiK8(J}8%$aER~){&@z<Izo33HHwlr%pv<
z)MCK?C6Nz2%7z7q%*H*4C<qj!rTN&u6#OA#^^yw1OnCf^{63@@X4|3Nv{<iJc;}5R
z?%mT+DktC06>ejK{d<Ck!PY>v4ea{la3(KAp9Ju!8Tie>?}yrsfAP030r(n-ZX5_y
zLe(vlp4~j>c0Q<&nQ`fOg-<?v32J*Erm11tCK>7EWsp?<ObPT2;~TX**qx}%cI^s$
zC*+yD;F+9d*GR}YDSS^+CTgJ|+e998hK`+XK&moew&z(u#=x=$YzH<iV69{GT=4l2
zoj}y%JH&30(E+1Oj6ibEs0jRu3eQpv3l-2{WZp@L;~4@fD*%V7(MKeEWWo3)Qqa+n
zGbx3XwSM9?zib{ECcnMJ9>{ksqdwJGu8;Bk<_LfF-WHWoQK+*RFG9Hsff5kN%((T;
zWn8~`ghp@Bbq%aBF89yLP6d-kQd>Dx|IrvcK7^$!ADzJh<BTRNYS=)Q%o~pmmWsTg
z%fO;B7|aY~4UE<O+Pgkt0!|`I&O~Np2dlA`bvQ%A@ue{%5dzpL9-KZ&bOGVeNm1xK
z%TKY7>L89XI0W4}xQiz2WWbJ+xJD7^T4gjv67ufr3q`%345pt0-amBB+Fs__H5ym0
zK7;oxq3dc?i-l+GdskfL1KUYn@5xP;pC0hnHc(o_u2zTY)6WC=^6@YJ_W!m0=l^Is
z_tqKs{jl1{0etaLq3vWXRNDY^cHi923;r?V*-I;Y?PE95)jxo(x8O)dyw_u@B>#NS
zhyld%$`tfrq81M&^On-z2|LH(>@A^O&xh&yLCS$Dfk?yc<i0)+0NWN;cK~-_-T2%*
z@+>Te+v8`SSul5$2XqC-FL;0QGgIe(+Tf)WPENT`M0(GZVaa~1*l&{ox&t<WBvQr=
z%7_Mz92yycRewJ~1iHq;bQW~^GR~@-(E1cdi%Lu|NXz#jYQbBi1Y2ya#m7E+1Fybv
z6;1m#THS)#il_#WZ3hnIha7VYp1BgRnn;YrI07^yzzW0E$BaG_b%DbN;+i<i25bPs
z+M`oN3JQd3vBXhz<k-O@XMiJPBPgiV^tEw2%wIz6I~u<Py-a9cW!@iRRp`#Rhmgt3
zxy*(+e}x>t_^UJd_u+Xyy81qVp_>X;t8qdwH_2IWH=`#zzAt}Y*Bz*<fuo~Ct>PHK
zmjJv7;G1)Aoq^v6-j09qx5?4YFCXYK0_k2iJ-4|%`V-9!&H!9o5MDV3^xdYf?;A3~
zN=}mLA4Nr92^?kz__<=gl6ed52x+I3F-*2s<ySjeZu1DD9v1Yem?4yoowl#pvKDL_
zSiN;p&bI$o4YEy+1{+kU2UKM@(v0gS<$}X$;&e>ZVU}v`iqU-~6v_EcGX?PC%?sHR
z@gB!Ddx8yOBrIfhxiS890KytZv#}ro-f1iR<z|6OrPMP`TE5E(8Q{v*B`#i8xOb<4
zwjDqW1tD?tb$a7+tT%QMES6;Gef$CY)6P*;eE<SQXkS<t$bvbhe$pax?Ie;3dko7A
zV>@V9ve3}Bmx#LBz~y3zqiW?`Mf-d~CJg%2v2HImf8jJP0g;50cs%;nMLs0;gX7)@
zaSt*0Lm<<P!C$}Pa>#pP9h3=ppON2(rFE@Fv+b~`7I^EeGraW{M0RWRpo#9$Qs()9
z)2L6%tTL#nLF<!4n!Nl7fRD|<Zw7uptac5+&pNlE!;I9s7Szo$&$*pnpIR>$_|a!C
zLT&HCHd~mk&c--ohuFI^<)&)=cGZN@?$6MJ0+kF%O8}d4BeY>*Dr4fZ59mt(-9RG0
z_IDUO%G|uVuhG+8|1WryieZ#(lA;M9E{sBofRBrz_n`!IhqN;Wp2&g4>46Q=evUxA
z>k|UlafAqE>|n@Bl|Y;TfV;q6#1OI@;8|_aoN6qNmUyG7@W*f5@1>6Nz!If18I+pl
zFf*=PKE^Z8tkLQ-bX^N$I|nu?_&7&3drF*W4hkSyydKG12gxCkh%g92Ad{~q9A%%*
z_@!sslxNbc1AQX^>~~Z#gWbdjyUzjEIfxRPZVN>{0IXDnqs0n}7JaG+DaQt8q8|bY
zCufXVr0eGx`Jjkkd!=q4_kgiJPsTmOS${}s^zz^@h>D27-yHD%Sl||Pbzk3i`NCzi
z_tw~M-$%8m#62^77?D(SJgtCF?sePt3bpEBCND1o_}cL={`SAx{_}ryI``Tc_<hh_
z{38H9eX#64YoMBX*8k7#d?pdxgYEKqiEn)JIoS4Xn0o7C9Lj9p&Kj>Nm;b3{QDo?X
zJW!!M;u1>Pd6R(6=kkriVp0>^P5GL>B&vbg0cn??r|TZ@!2-4m%v(aXlBV|^Q5|0b
z_`*NJ<3?owU6OgC;Oa?x0KVNC(dk!-QV>`8Y;5wfGqORNv|y}l0}Fh?p>fD??JzSG
z6D%{@)}pNqXmuIe_48=DQ!J{n10_;hR|Av_aktjsr5CQ^wNE~ay1j$Wv<^rp5Nxos
z-u;qNgO_1jErk_v#PNqn7DNUhF!%zKI0zg>DU2wF`rvnKgDgfK>QGs3cn`3MMnI`q
z!!#No!WnJ)96?oKwLI?4V@QFh3a()eGW2LN^G`-TSo9f-78y1#8}|?av?=hHn7G8?
zFE)+I1ia74?}rTh7+r1pzH1jCy^1EVO6D!}^tyS*cQa$4ng(XMI+V#v1>g$+ZUgv>
zx!2CX?*nVczw|o_gx4J9e4q<R_imnZo7?%|J}`iF1$^ux!M@YLN}1=bVfwzzUFP@E
z(J})tat@xz<mx5BW7<hOYXXy%cM1azlw%eqrIBoVu*V&&>0oWw=j!RUci)U1KNEu(
z%CnLIxKk5#ic|oCh3E(r<h&VUnD7)+p{8-qoR73i=D*8G;M}C#lhXOI5`!1w7xEHD
z-ZAJV5s|?bXto9f;I6Ll=k1Y<Hy;g5C}aePkw`U%<9hY#64!53c=P=Rt!aA}4G1nA
zmNk2W5etVvhdm3}@2Cx&a)yxe!T3a&tboId%mKhr20GN-aZpbex_}N6(ZN-deGMWB
z@WiqP(c@4CETgj)9a_|FgT-Qr1u0b30+m{Nw@{^&M_8Q6$}72kDySa(ft+J#6a|ru
zdk9T+%HS_{`i$AU#MU#7bs(B2dVh$`bO!CVg;Iq3cRRfG=9yE3WLUmL>KWW6pJD*W
zP;CusFMt;ZgBYIz@apj|{m!?x|Lh;m7t9R&KCpHTz}F5Y^JE5fElAJVeRDg<sWL_Q
z_%oMqRNsScYM7?(T`C@x?VB=m!H!z7U0^aNwJiOO3@}0=aw2i&r2PJ6T}Jy_JhmOI
z?PC?JuEC}Q*!W{Q89NcPeA#tQ$T}mymjK)hn~I6r$s7nHLdxwW6zBe6Prgop*?olh
zXqx3ilIceytHl}cD8Uhj08qfRr1no@qQS|N0hrEWd(S|r3h&z${_wk}y)@CAx%BmF
zqp8o}=BY%y!@!IImoKjI(o0v+=rgpsg|XW84HdZYlK74nXj0fON8gv86;u!moIe0G
z0ziaWekAe%c?tjqHGtwsI+GTQ(JTfC0U)Gt3<a6)qs$VFwrkKj8EK^|CktI+IfTkr
z%W*KC$^6SjElBXkL#?7Pe93{o=+`i&A;|5^XZ%GKe$n^ih0fsbht+he(VR6{E!U_w
zM|k(nDXN7E9~#M|SV7YL^ddh{+kkX;NZ|JpfS&>IuL0bjd+rSUKB#sZz-JD&bZcjs
z=iJV125$IwwOHU+KKml5y94WFo>NQ*p#Uxl_-ztgWPk&eg3753ShC^nB{LVwfj|mf
zGE451Ip78h)*9@h7HqfeBNu42x*y#7ON=A=An)lg`ZS&)4VupaK1dmBDT^@$h~crL
z0QgO!`n{&NcUZmh6u`^dp~t!QJUPaaA={J)M7@=W2=X4n@`BeKo;Mw%-5Bt4h0XDc
zxZj+P^?fC6G38ZZ%#0g1FXHo`dme3f2c2oaRtrbYa=u{jdf>(>!reK%P>0v-s2h#c
zoul=O1UE?xf(U(=0B|sTQEuPZM@z6^$SJrx`F-VpZ1iA}0d&>?tkHCh2ZF1`3X8>2
zFA1%N>_G0NryPc=hfbXofM8<Y0shK4f5BPUH{d<4_lt#|v+DDMe@ZgYH5#TfSg$W&
zRbBF!!ZZ0aUe{R@u%{gGjR(_!ni^QG4<+{mfX_PuW(IyU@H>1v{-xik9O(Phq1K^{
z?qeM0Hn(%aeat{bj89x5*n2HZvxPMpQt=oJ{-Z%Zl}t`@Adn_NUm>VH0eu<SBcU*^
zp2+wkngD}wZXX08;}He>xCJ&X*fd~kz*hH>3%;g~@^yegj#~r_kpqW4dy!=Q<ru!;
zSWJM#EGVZSZh~^4j3T~o68L2XJX~_*iN3>`E-MDc6nK_om_kmY3_Q5-S$wYF@wiS;
zMhTEHGJ@<wzkM8p>T|x@+69@j!Z+(<5S<3ueWVCb&IVro9=LmsZM7y`xkh;Rev8h<
zIH>3|OcZ7bIv~oTFR;_RS_<W!VVz&kj42K!jM6PLmNt^FarES;hbrvr=t9gwAh7E5
z{_;%O0P5nYrx2Qt%NyYlvqfhtI@6(QD<~Hlzg+epa9JIBhtWayIp+PbaP*YmZ#b?Y
z$n`aeg`B?_t#Kyfj|bq0>5RXzpGS3+b31sm#-csz007%FjrV@Aagih84^iyU8~*(?
z#yI509KGCAgRAAC*75}apE&-d-}#&EKl_Jv?!hzgJ8+}R0KV*I8xAt{L|r>)_s#8G
z@5DrePu#wWllBzch!_XjPvTj8opyk}DaTI~fEqF&6FZnblo&1X1<9sSDHo7kaerT@
zXS*$IH`GF!aY!nx`-!M5OO>yyX&@^@zmens7LGGz!q-b?H-yL>hKh_Q<)*TWQ4W-U
zSy6_Ko9bMgw~djjWlASC3f)x7L6gir5`d3G@W>o8WPu8=W7MYx3WO~$@dw|&8y?eW
zKuA=!tz`z*$4mUk$8MmrTXe>`c~ZEKfmMqD<E)T^-#8DELf_OuvPlwebH)OdLKIE}
zSYH!30vd`AcnFR%0$u+Z3MoDrgf8nBV`t2$e`u>gR-;7&)zwf$SX4(?E!S973skBC
zIS10%@iPp2AB||T>|ZJ8FJS+KlruuQK07dud60Tfit|Ti+2;q<OlMHvZ?LE;us*_@
zKe#u#D+lTq3G$}ooliIGM_mW%I&gKcOut)h9R3FY&gLFG1HVJJ>i~ZIaAS1a)8sr)
zV$ALQTBQj8;cL%f$s6dlhUwbAuNAQzmBHAq+&=7C*GGk~({%P<Dcrp%@04aPxtcxz
zOtxqDbPL;VyquG*?vInoF?uQJ%dwR?Y3HP@Q>83l0_0S_J}?KkLx)aEL0}9FlVh8y
z7c3QkW(Go39J`LJQM^n)@QxV4tlW`!tQsuT^2P8n2RWs?tu*BrO;os-d7c`us!(5i
z5pUgZ{VV`wuNev_9U>rf`QjQs`GuFE&3$yHfw3mAh~ZGL86F54WrXm|7NEq(IV+bP
zT|0eUo+yMI*u^0_VK}x5<NL59QVs#&z>Ybll!Tbk134BDpPi#<|2az>WbDb>Kbb2y
z09G}`RWQS{fw7FvXtcWS4PmMUjutB{7f0?iRO2KIhsTA7Oui)OJ)iR@5;Ky1CV^WR
z0w4Yots(8Bv+VN&X}ZzSt;SJxgrn6pX!8b?QbN*6p_}JK#_iljS9-fTIh5R!0K5+1
z!VLUo;CIk={L6o@0^!F1{Mez^q4X^CoZC6iCAgv6r>-4A>3cBs7Tk6D3Cc%d`!E66
zGIf1G*>y9!&H@{ld!J-2A7UBkV0h7kJ!^Wf2i?MQ2WIWqARcq|5=kXx<dz~Np2{&0
ziL?`xm(Wfaw@@+CA!ZaQb^b(Z7?XlPDokci6ngH>?4`gk&ihNbzZ86qekBe-a8@~r
zu*yn=lG}0QPL}<^-ya{#AzR5n+Zb5OFtot8%vFHi837b1Ti`j`$D|Cw(MsXwvkTm7
zdYLD{Af?>?aR37QdOG&I>}_&bb|>niLm=HW$s4qccZ1PYbC4U7&jOTGp`=7dkTtNm
zGE-szfZn9VXY7srRgzlXQFRDFkIY}9&ftId^3vh>@+dhSj<2y6#@1*xVcTx8sCr50
zdU=9nwS=Nxek;vnNPs_oItw{}aW)@Nig^g@|FS@@5K2FXyMI6!#WLEu?c*FYuzlZ*
z_wroCP2u75bh~+G#<EQfG8()*sND0l<6r)J?`;3+e?BuMGw?ec_5<)G09Ow-MDLne
z<~g@>?^ZW1tZ`YNg4+hR*%o6QCTB1oiS3*Idnemh2v1KyAc@>Dgx?t*9!<~a=>}{%
zm~I1D?TQoPe7)RyXxhhP_^v9{Gse<RWNIt3IeuYX;*=X}zfP6Dj(B~!I?jx99nu;>
z6!Q17z%awwkqBi+c^DPGEi>AJm(uVD&h+b`eo%>8KSe&W!ROhz*I10y+f#;RLQ4z$
zi*MeAm7{mhqDH@GHI%@js_^kwZb0)E+H}yi8|8&D@EvmTgt5xN(viSm{iZ04a3(T|
z8Q3_vEwY}>g{Cvb3}6TV{d#*1=qS&W7NN296G;-ih<<=z|K#cBtn=p>Fh7D(9%}Xc
zcia)M294EyXnfn?XmNz2#R^rm5cPl~_yeil?Gw42zXJFx#XLyB7sWaRl218Fk%YU?
zlFx$zKVwm!_7kDDQ~35@zUz*8%J#(*aM`TW8Ts{1>)ze-aKP^wHy;1j0A{vi27U)?
zR~)^3m@C^dRK1;Lo^v}t#ODSTzwp@?aj9aMW((6cVIO-0wl98dD$b$E_F=!c2HGcw
zZZJ^@Kp#71uLD~Ht83VH3s?hob$dj4xhRlf3#SZd9Pp%qi4B!N9~A&+%<`2!gE*Rk
zQgD}H{DNbu@@_p@;}?`bVj0;}wia;IRu;4R#6~igyCO%+45Xf-j*r86fpF-}IsDp>
z>~&{RpBh+8u-9M4_y0fLFH02)MhlY!LtCvD_{vYc0!E9@)UZZ-<CMt!a&+Ki>!q^;
zu=GiCg2@~mB*!=h5`}<+jFJ8ILSZc-_usX!Lcu8jp!YywkOC|ZAbJE{6iGiv`Dp*1
zwc|+*+&>8cava#n1pGzWd7}Ymu1>Ij&9cF^+oJAjDAgOm93QPwQ3WNOL8TPb%T6Wu
zix@skW&B0ud}+9QuD%buHOg~4AAHgpw3`+cRk(8b8T@Jc12O3$bNgg?`^3X&Zo`cT
zs@}k^j}IB<{*#W7nStL7{La4}|MKrDfIbP}vxiy-X${r2^TD3m`QbhQmMuQ_%o=Mt
z!?xbQcI{}djvZjH<lI>r<L?>pPE+5Xh;P6S#&2-W97c)Oj3zCn-S*5LTQB3xgRB&Q
zO7K(+TPJ`Nr_QC6SytA>MKD=ZFmORBCPFMM!ybm`E|#h8VeUc`?w*7qg-b}ySV|ow
zXKE6EFHl}ah>th|hjGnb5!e-$$wKbOfNmMq^o-EA+AA=4KNGPbO&{VDufhlLQsMUP
zH9EUNXF3<LpgfR>W9xeyq5?$A<9x^XX@ww|-FhjlNPPD|YuN8R%23Wh#)|NE7Dgyz
zXuP}LSY-dj(obaMpQG)nXa87+*E@D{aMw&S|Aa)86@jcx>hmZzY;jDYu^qJO&~#f6
zDXbQ2td=WOY5}DPN>zSaIGL>AIKd(Nxj5jx<mrN-#xMESjQkGxi0tYPY%E|E>ibpX
z))_vCDEq*eF<<`Rx;$!Qz>9;henXw#$B%#ccmM77pZ;evV=@E3b8kxkKLy~%p;n;U
z2C%ctb8hE)@5PNv$GFK2(AF?@4IZS#xjHdW9_W>F^>SI>nFt5k1rQ7B!eBiGz!w80
zW((-9XZB1B)-7O~aiCQqXmYNhfjpARpP@orMaIYl6V9C>kffb%sU(+)e7pnYn7<el
z=1{#nX(}GjmQZ|th9KkB8A>#1dafX!VMp2b5(dx{T^yK5N`OZbV{7gwuhDD_tY%<w
zg#Z0pr)UiaCr3&<$%nV+9Z!h}AAR`-xa!?JJJXICbSNa*lk}maED#A1L=SwFzZZn=
zog9JSfiYvjW041dq1lXg*OUN|0Yx!np(LNr%RiBK{T#Kf!V*^G=}AyO)FK9Q&tVHi
zeO?~?^<dJn1+#^2@1yRvST0srs0z!)ku!xMZ#Xm7^-1t2A~2*Z6)Bc3hr5T0&V0S!
z+|K>^Xe^qu7Hk=W3g7wmd+CFSa`m~9JMylH&!@F%-Mf1p4){Im<evX-KG-wxJ46>-
z19%-A4uQ_^4rHO4t<b;BZEla=tYv)lN1wyZ6~UZtVVfG(IS1}_Tjd?KeV71q1t2&T
z=a6OlCIDlwEUjT#!{{2^ZedO18IC?vEkj(XXkV)s>{3$XACNc0u~C#ac^Uqv`jz>0
zviKZFHGOKzoihfT;Q^&cUPw8>=ko%QktRy8CtM?y3|!~wP<D!w*eL5vnd?t}fNL`l
zk48D+xE&Jcg&mdz$YPdIb7Y;sE)UP?5C<tEE9YG4oGpz7+D&ilf~&Xjoj-12tgELZ
z*CB$eKIKlX8eJkrM;0uq3P1DH9|Kj4u5MtA7UnFWv{T|7dF)9c0EsL?iKugo**Ic?
zg=42Z@a_A#WfxVTMo?qDm&;H?XJK8iArnJ^VA(>cG55{_fFTEF`*r)S&K#aA;mYIR
z7qxZ6_731L7qdV_J?OL68@<>dvZD<CWX~~H!?YSi3aYJev|M4eSfNrCDz)%ZZeYyk
z1Bci<1b-=iC&6D5{2s+a1b}`<fal(fwrI~<FauXE+`yl{_pUo<s%PKhI)lK0c^^lz
zr+nCK4OFv%Jw86vu~~xf69E2em$x*x8Tg$~JN}j5B>+DP;EUO*>+`rkv<B%}<~g_X
znn>tJ2nLMLK68vKM;3Lxg>Bn@av>|d+_UB^9=K2B#^qf#^WUSQ%raVbfG-$qHEdVI
z>Kd$Du<80|0FiUrr;_2~xST8lNNK>iO1C*-*Hq-F8Rh4B@JHhSKFQXb$U__rUMO_$
zM9BD2B2$t;mr{vrtiM%A4ov857bElteC7~)q$uR*b^i?&ekZJza>#iIvJ0f16iPiY
zzUP4+q#LAA6oN)J#?|f(K+1F)rtPJe-=}LZ>J&uA9cLQPi&8!}&QB0f&Z(90!i#G#
zok80c3=5@%0gJEOQ{r-toGgPw?_v;0WY;^eGXQ2aFrMsYFP(XXG;&dHU+f^QBo_}6
z6jv&!UYP1(je-j5>XgeF3`5@s7(_zOD#<$nv-NDEF9AdkE(6ge3sV|N5Gv)FKNWO=
zIGmjVwo*Eo_O*Z(mMwJMp;k4P)dGuZiS^MM3$^fUybos=0q@KaX({BUGTeOtp^!oE
zQ9UC>xceOJe$J0b0J<?SodKAzuonTm7nMjWFWnv|c>=H9L{dMua2!Hi3$g}W9RzX=
zb$+h`__O(d&%p0IVVQDt^36l7LA4FY7$=#TZ|rkBk9#iT^6?RFQUld!n0gCqy22b~
zZ0}zHa!B7Ve>Ru@wqqHk)BuY2&46_WYdhHbv<G}-ouzxkP*I^AgEA7*SYip91cq5R
zPsDkGl(20j8E6)q=472T74S|`)*zBvl~RshnBPb{PD)&VxW~vR28o&9a(QT}>@$^;
zGV*<wBT&hl_JtCuLe$GVyPBc9K5F6r{Pq^7EsI)B5`#l|E~zL3`{=9BU~#0OO^433
zKJP7Hz=9p*F*brD;}_{}3Bjl(!Rp~@;OI@6q(Cy<kfORi$UKQ?;YnzG#P&+yHE_2)
zf}3H*g9%K4q6CO#Vd9i`{2ac*V^$#x<CzF}Nrz4nOdErtO$TE;psi82Tda@PI9jZr
z91DnuHO&7@;p|2v`;7fPXXfvNc|NwA7S{Cr@H^jrZ<Ip^`J0q~NM-8}=9ZEg9jI%;
z)xqSR&$(K^8TjpkHReO`Kp^>bH@k3<SrOGV7`(xW=9|gf9(69W&$9Z7SD(epmsil+
z4NOz_F%DDNc}Pcxk7Vc~6<t#%Ed|v~;P}rBW&_i1pzq&tKkve}TQHk(1ekN%jMqa2
z32N|JnsoS-OkEn;Kv~e2Fn=@wB9W1GD$2Tdl4EP+a>z5DVSORx+)GuzY*K@2k@9tk
z!!nfW^X3$R)VN*}EU5qSpH-tIQpzLcx`yS6pYRwF6cH3?+~47tD5<baLD_Kp{BnnF
za{DoSr+-h>j9Nx>YG7K6#nor=7w>jxwJmgZN&$1``uNJ1Ud7Rhpmp2JJPCbZv||>O
z`x&AJ6qMUv$51MF9H@Vf#QVefP)=Mte9r&p7|G#0sp0(j+Qfc|{jpYV`2(9ho>w(&
z8HuDq63g<3+#Pd7HM3Cudhq|!uzjPvm*hl?>*q>TPsVc(@_QtlX+tO5d=NLq47g|Z
z7#0?-Zg9W8kGq@qaesRco8}b8n!uPv-b1pUNbz)Asm?m}blP#lo!f&nt1Y%?4U9Ip
zcIhVGe(P)m+u3tLnTQt5uAaM^G5z@VaFZ2l0G~hpmH&7?0ega(x$W0pb#(G!rYwvB
zx;Dxlo0-44JreGNVa97Wk8$fnp?SZCZJX&DQrZvH?P3E1wr`(h>?D>f*ce#T!ZaIj
zd**7NIEYzD*|Ky1PK6pmDrEHKB%!g4a(~d5Ve(YQ#S?{0zJ&Rc_%w8&8!`k#hA-pd
znURDhJB$nixGUxXIfIwX=SYQSE4~9y40A;;V4{4BlzV}*Cx_cbgW(C~-1A4y%4mjZ
zd$#B;x`8v>fYAmrumB|IDBGY8lknn8C#V*TZqvfT`u;LV1!Eu)Z&|<HA%o<XFuXU^
z30e;82bqN)*^Y&2Vj^;!adC1_DEB-Xop8Lx43jgZu~85?c{w&*9jvvHlTKvb;)CTK
zh_r+BGj{!SeSoO!_{lzRP&kEVn7<&vJ!byI%-0}4Woyye7M<>}Z8tbtY;k;a0gI|a
zr79?@5{532d;(!zAI9Suo=Z-gKId$|^BQ#Z^?jx_00ZmlGT3hVGd$!vN+y3FMa<la
z#0I(+U<1%WxRaGLUVIV2U(W}827c$&KIhzn4$@RxgN&Y!^4!i9`>mHt+*BPFt;MF<
z!s-s9c%(QO-zl|x(D(*Svwg+&F~gV+w%LGn1FIXb)ox%ok-L`zds0CcyJyNHL6H+_
z1n#IL$BaKW!SrQ;Xk7mnY>SFOAw_-z5jZQwLm;dL%*r&y0SyA(r<e=Ej*}hZx!5^2
zJ#n%&D+qe0oQvm#yQfqM%D4v}&kH;7Lf*7PoDUb{(6x-kVu642Hx2G=`<k}6^U;*y
zjW`4^+`5XRm4-GNTDN^RA4b<qN^{P~WjV8#K}O2V0=JFsA|3#W{xl#;64`&fK?^{z
z0!s`)i3Ez~aJj^R*$%m7f!xFrQxf9N3@Ame#F)qWHIM^u^1I`<dMRcE{(RP+KznK2
zg9yB54nb60qbIFiBBvG!9!CJjfCcJyi?(ZVv^c_IvBY|@!os<Mrmmc6zF%<5i^Z`L
z-_6;6=lX!`wjFHO*Xh3bgBrSbYsvsTD%J(e0B}#7-L+6%3%fcwM5iSO`aV4azZv+Q
zOFRD6-y;A&4&dZaGf(ImP$tG<X8q>&u+3PDAAjXpymsp%y3M;V^%iXOgNL<0NT@r?
zgi-b*Spdke*7V`(T?1X;2kS<#d!yr|bF4@fP85ZY`x%xzK=dK+ioypvr9Z_QJOR2U
z<((2(sto9he^*LisYv#Sspy9X0DL*HhcwWgG9m3@hTT3h1qfU#LqM3DilCSP4D0<^
zx|EK&ax&T=m*ba=p9eFU!PRoWQI^qdEp%(KxO5eN^6xv`+cK7wiXu1yovU{<O#%xn
z<11f!71yq=Q0p^T?m%D{93E}B4>K3XEvV24>%urd4LmY@{umE{CSuwK(B`i(hP5*I
zJwl>E%^jkwhQZ`T1h;!8&l$@&_s=16VFY0c1RFVTy0CY@-VyxC9rpEl5%|LZ7>DbD
zIUn*Kv1-y(1pyEv@0AK3x7D&i-PJ%>W2-heUY=mJTB9P>Gk~B1PD`CV5e3wj0OE}N
z9==(_Xf`c$YjENCBL4Kx?m%lZ8n}Rxm>enpjVHrq<hNs(Yc!~9f%WmBy6hDIp8@du
z^U<Dx-+8o~AbQ==$>)DTSPRv4vutB-=QouJz*xpdudnfuOG|Wb)UZtr&dNLs5*9hG
zP=&!imDoC(#sCG3U<Y^3t^srl+tt0KGpMH<2Y^z}NK^<Gr|Fmo2@?Ij7J}RpHVsoX
zeiNWiQND%`QvvVczJ}2c8I~^#_>k3{Qmzmw&MZVp3YvUi$4o%J)+saV6(dD3VpkT1
zFr@T=B*y^Cz-%C8|44!(jE*73Fm!D}*5Xce9cNU5aF)ylP{8_Sj3ET@d;W!EtX726
z`yC9M@HBB+6g!%*I2k05u&)O+kwYehA@&sEXY1sQ#6kc-y^L`<E=rAI?HqkBIHp5b
zy8}Q2bc&-6LeR+GG}dqV;Lgd)8LzNEPea(dmv~C^7xDc8WFm0IgpYUd(mmz?bRv>>
zCgJIVJsjgi!f^N=r}y9MOb2c5q3*UgTCT8A3-|9bjd+MM{b)k+DYN~8>tr4~JOuDF
zJ>zFAE?>9-g*!c)J^*kfGB_jGuD$MGbBkxZK*Knf4q`8I0l@3WzxsQZw*T{gdVfCP
zGw^%V_Gth=awsz#)ixmAC3P(jGmPndeZJApZ4&okQ7K%nG}he)cbhG2*QWM{`?7Wu
z@9zwDpTYx9V#db6>K3*+b4D$8d<du6<l|_TCW78ehLr`0rv!miSRQr-yd$c;OWZsQ
zq3i<0AydDXfIbN(6@?PYOuR!1_#oK5_&|-4SBhr=s4!tLd9o?8&MXAGN4A}uS>6cf
zD1dV^Ks#7=;C@LX3pLdB31><_ux7z5GhjMKS6eKW75?2D9lm#$M>7+mlpP>SJB`oe
z18zNg1(z-<7~7&V9W2|xfP^#80g40L9T2gJQ)%e_$eu9_BQum_JVgzja*+i79MCAb
zr5peZq7m4~bC3vMAJ{r_Q5lqR7{vg}lBk73*!!51Ai92>5YIu*p9g;!+2MpGr0^EW
zvd;`anZ|yiR9G@SV%q+UwYopY1j2H$!tv@DN7WIOs(J&PSn?SWd}Wu<i0hk)zXxu*
zbukXac<&tz-EnkZjB0jMYvj4@M{W3PoVunDb3Zx=hf)D}&Bd<$zw>dQf#0LHPXV}e
zm}`Q7u66Z&H2E<gvUi>V;M@wR&sd9>Zd}4ApS^@`a|+YceSKflU$VK|h0HvZ*uG3>
z&DO0U0y)gEx&?PNtZrc28f@BxS<6Nws6vbarS)&1%(FYn-Yb4a1hWUZY$(MqP?i}S
z9XY3@qJ#9aw2a75Mo|zjA2WQh0Zb4)97#PXo6Q)WxGdv`bXnPlJ|Q&_k)SUEXpm*7
zi~u-6uu{Y9{7{!BQUZc(Y`+|bIEcsPNhW6qH}@a64Bc3CwZY=#3jX5Tz&odHFY|Pg
zup#Ifu@MAOQoCra#p|DY3Ab-wKx^)yv;Aa@Qc3_F4t1%Ba^QyTBkuF{FajhQMZi&+
zfCqs-vt3FVM^hD!WRDOGm`%dT#~Mj?|9NI^$P{EaPtb%X^Ptw!5Dd?ew3qscAqOBi
zVlo5P(6NCwx^>y0rdhJNaV8+Sm!pio5jpyB`QhAJYkO%R+Yop{)*SYkfTrD`)eVl8
zD;!lvST6b>^4}Zl6~nlRP|!PE!wexwj^iHYHvN=jM!W6MH5$k36MXNR_fT(jCZ0uJ
z=cUP=iM*m2@QK4ipss_`9n5NdD3<!BBWY&fH$^thhhVxL|LX4@1NZ`f%LlnMtm#AB
zr<@k2*oXOsGq)7?!7}63>nHf^?ThHzwg**1A1h5-mP{FW;&W5sds*U#!PbCH3%$7u
zefJ%7r|-dR?t^uk0<w6$eqdd=CgS=qnlOGr3i<-)MMxl*i*%p~)-T>Z8ch^Ys1GcF
zK1vK_WW)gpW-iY6qaaU?h=S1g*qt<pr%)8cCj>QYGA=<ygP^$9ZTMWUZ4`u_`-laS
zkr4493z@iv@K{n5O+h}If}(ZiV;+1ggc|!88%DQbuwmR&mvI*t1S5#d@uqC_#jstL
z8P7j|0T(YW(CQY}8WFJ|q7VF!643@S!UBGK<-P^ql`#(fHPIi2Fon$Vm+JuJ>*M+J
zu@xdVK}zF>b&UH)NnFCPJxca-M139<)Xq|{4Y}BcI36OrJ&|B)(`AH{92Dg&1o0B0
z-Y=-PMLIh+Y`?Jv+h&9N^*!7@dk^<EchPlCpGg|idBJv+XWHh7hlhAfT1LBVVLF4$
z7p_Aa1!HZ{rxRCdiYBY(Ha$?yJ$J2jVea-&YrYBKbH~5>dq?w0D7TsM+ueg-c2ds+
z94i9p7OHKEGSAXH3da}Otnr^))Jv{Z7FW5(X;Z_rO}UShYWw2%OKjgRmESPQZf)<(
zX*!tt6zm2(S$E7FARCLY%0Mn>#*#dcI0RPmdW@H$$`7@$ye$G%a{Co!GW*2#s!(zn
zGl+54A1GtqQe^p57*heHgJQ}LHW9Of;q-0l21~naT;sQ;2@B=BrC_K+bBieKT_yq`
z(!gbmVd7kDxsK8Jg<v(Ks|~7!!k@g|;hT3fDi!OGC5S9UW;mAN#`TN1a%}<4EwpKU
z|EHishs@jvW>|m&#}0{gS!oIq8`$vJH`oop>~J1=JceUsoAnGT(^#`dF8+Z$!$_j2
z(E4-APDbfB&(W{S(RP*wj!+4wPIwSyEeBbe-c3_TGbMY+!q^8KRM1874ASir<371%
zAP#uX#3;m$q2tjSDQS+GQ5s!inE`7J3>$Q&L)+C@FV{F)uCb^Vs8p4jw-8d3nOwc!
z-1cgwGti9zz-TuWxKrVTBaf3I8T;pS(s6FZ=Rl-+0JSw>46ryzGTIS<&jPp&;Jfq5
zn1SEJj-P+Tb)rKo8>Bms)(?F5pghqtx2Jm^v%j^n#jPtRc>U#TFq>28dJFDKGEbWB
zSo?OuDJM_1uttM*3saxMc3ZGDSzi#M0`2G>Hz}K|m#+iNfkDpia|SF1Vb7&?Oc=*_
z&{z6w7W7dl?JR-5j3l#<fe@~wD*9lqenm-OkwNtm<P{~I`TE8fc;zA+viC90ktX@L
z2G7iKsLBgQ>C!8cqMSd@-%N)=d)F|!jluHxBEI|mCEmER#loF4Dd!CSi`jx<uxS{d
z`NVB}^dr~Mc4yG0b23j+&nA#sTnEQ)*+VAZsFEG)^E}3K2W4>6lqG)DXDamnO1Dd~
z?-t6(6_5jfHj*$x)<-fxq`<Han8}(yk+tW5q<8rg8F?%t6Nb8WA+7AenB5Ef?acWb
z`X31oPZoK89u&&&L<TUT#xTe|Oq@zb^BoRq2c6{5)d4QM1}CcvST2sRP!-6@f0G1<
z%slU0;`d-r$+pqx>K2Q|0)PEi@8RBk>+YA7pVf@z?{mH1-ec4FUDb6Uqrpc<haxOq
z0`QR;_?6o%^_*xYf9LNL0iPt`2Ia?xkM_gdo4RCT93Fg<Wxn~$Z5%v4d+`Xbzjy^*
z)4<kSurbjCZ1>%oCL+o5Y+tkxwqV^tpWQ=u{|>tQ@50n)U}K7L4nQs+&zW~H?<L#B
zl(|bT<UMj~BT!P;mvtqjI2wUM&_@}^(SZ4z0DUslT}f#t5{Y60`XVVPGWmnPbOn**
zGWtE1KjtN!Quc|+=p>cpAqhMW&j+c@I;CV4=`sTOWAp>1!rA)?si%~$G63CJumv{i
z0`A~4tg#U|E;x8*fG#uR)~yp<yM6?%TUguqzU`%y3cj|8<d2hi4mGF!&maL+uFfzt
z|M3#hVYfUm?H~J!2+A)*Og2dACMi)yDrKMJ_f#P3j9v$c?LqW=B>N23J4RPREN9q?
zoa|G|FiDv25Ts-@o}ZxccNxWkh?S4;A7bKy+;JS3##AO6-FP!ETV^y}jk}xoaes3c
z_qO-Yb`31sOul9`brQTij|293Kz7>>&9=kk3s=EriLNv0M3cPlK$aNn6Jq<6g1&wF
zpV1(#`|<A~#?`<J1bp=5@BIDw<P_S>_)WKK0A4?ou?rd92e&hy%WU18`8Q8x4iBTN
zM}(Wypss7!w&`6m_noCHj92!1)^RWCv<9pjnC-p3zHpGQQGsMEMFE5kAH~`}%GhkD
zkq!F;#v%}oYx*%}3dWgw$bNng&_^Mgmu2>1Gaf&pRmp2a`N#{(Njam?`eHsG<p!Gh
z-$~JqE=z?|LcwH)-xdytyyWvtp@U^FeRLAvczHs)2OBacZ2J7Zsv>;nea4@>sj*Nh
zkbmuxf=N@FOBdF-c5MZw7TUJX%~J*9y>X(0qkWgIpYbtq?4Fy)?O(V4Sd3;hR>UVL
zZ^xqK+6H$|Qa+@eNjaIJ`+g9CFbFo`rIOx=#ZTB^3~Bd4@BLpEGI~Ln%{cbXDgtcm
zzA24QDDZL(qVU}FuulfW7y=)=eGZ*Dkdw+g4hO!fL%4hF6dJOX9CU$reI*&Gu?CxV
z1A@Y~-QdFNB38?FFaMNGGDSvj#9=p@hXE6~gV8nG9q^Tyco%Fv$!M0s!*PZc57(@P
zYPR5$6R@fdHE#bRfd3J|9P2OxzXxtFJIeSFun#b%&oznDgwv7y1JAgG_-}p+JU!Tt
zap`!8FT8vWc5@%PsbO@}yUrz#uLqQQPJ%z`4T`LWX*aNK1Ji5(QNx!7S|uPSfzFWI
zryd2o(HH`d3sQHlD@7Sl6)|{ngB7LOeG2)yMgJZ}#vl}2zm$!App-3Ckt8!Rm`L&i
z5jup1%N+nLvJ3-JM)I^r$C#c0P7N`_`xXV`T6jerCAY~@-Z+9n7NdAqVdh!mDEoVi
zeekt$4Bc9^X9m@Bg}>P>@aJ!wVxd&%#uG4*DsrD0JE64}AAj{({Mc)^&~^>9>3Y~h
zp^K=Wz!M?vVZGlt;txzDiGuL=K5hUb@^zB}KAheGsNvvxurmBRI9G~z3rkKODxeDo
zHI(c;I73}6xrhgr($5hV3VA7mSUK?5OE=X3{swU6<fZ+hq#RbbY)UXmV@Uh}?pT;s
zF-eD5SxY#^Jq#Tqm+zMVMRy(sSdDB*eC9jD@#ew#)S}Y{cg_1)Emv4Aj&Za+!cldU
zIBro^#6LgtOHH>1?WRMuP<ZF94c>pBqkE|U>=4&CGA_qYeWUbouzQf&2f14d90vFi
zfR6*XH3PpH_&rSjc?rOC2V1(<F2<qc&+_m$@MK1Ceh@tIkZ%|mUp-#pXFqxq=Kl9!
zn+>?r(V!hW0pHY(Je7GeShrx^!Zr;|dj@N|EK!7<I&_ywOOVx80A-~}-K;@O=96j!
z&e@RmOdx!o$wO%Jff5LeKp*V^`U1n1IA}f5uz8?KS-^)d$4_NWyp%Rk{{8$E!jv8u
zQ4~!f-XS2cr+f>kc!#5iQ6$ew0ii*Dru$ifZY->3G}Q^-=Ida7CuI7P@b&^O24F4Y
z`t=oV-#)?J?J2C)K7L^O_DsbHmarbu?T-gIDquKmCd3_reY3(`#h-6GGFe~;W|9;k
z9%B%Oh>76nk_TxKQk6l0B4j>{O<;NUC=dP+13eCN9VH8hh$S4;G02~fp$<}-y~s(4
zT)m%#s85tNd{Ibz;H0y|m}LOnbz7s=9oBjceYC=&T4Gr(qkP|)_1m{~O^0^V;$(dR
zZ@&ecp4L!RmCy8{IJ|w9)9yD*yld>+0onkIgPCu>0^nHye=(n{8TjqpPX6vcSc33r
zH*0YImyL1mM#9$i5a4foV9mLIPXX=&z&NRZTdIX=YuKhvYDg&>oD=qtbjGaK0F#V?
zsW&j~1~A>26<7!;FNL88fXdDA57H~|mRZQzi`_7@S$)}U5H)YX?<M9jl1ZxA?wkB%
zypKhY>l1Z@0n4WZ$Wsx>QxULLl6|Bw%TI)kLqszKpfEOt!DyW0>nI1410HsSQ*bGd
zdmfUAz{3*w<0zw#0|ZUdoMqV7p`Y8xxW$Km)5!MOar0$~Xm9G$(|lwd7$iVBqKg4o
zZPA`tREqFdrxt(kof?%wB=ZboCuqo+pcLt!93SD<trMVXp-l&4wd+=@XUK?!YO`m)
zhKUGJ4}{ckGbeb17govxsL@1a04<}Lijqbo(qYo}h)yv(w@n&FpsMHeU;(SR4|ivH
z2F{zuFkpvn;>}SQYzfA7X^RmMG6r_9Kj>r$mH_2Nqt<~b^4}O3LMwoy2V8>#sc;(Y
z^Yun1Rk=Rl*Dd=hhZ8JA{~+;D_Cf9<-%lE}D8brU_e|$VIvP`b0eBqNGfcK{C}r&>
zpl4`wgQ{9!<-*_>)l%GUNm%{Nxqi83ZC~GKjm1%Qf~7hF^H$u}Lb)e7R)3t_q2RMm
zAMHnbO%Cr|hBZ)a4YOV!3P^thz$Z@r?mzf9n}713n7QZAz;EAn9l(zPSRZDfZlT(?
z4A$Zc<q>N4LM3UE1V6VY2K6ykiv_;)>N8OF{odH6ZNvIL+ONN00{`_TL>8v2VK(<+
z+AY{xC&?^CGhm{&FP2ey@WBO^E)N(>^3J3#gZ8WGOV~9DOr_hUO5Hz$V;LK)fKp=^
zWSBh_F?2bJXv7#wa5%bpB43y1w?T=&RTKpwc1Tg08kS@?(jK!1LsOA-inG1C56Bh(
z4nmU3<!m!nnHwNW<BcBlNSpj&>)VdeoEgya2zU50zWIaG-oQhez(k?#K3gzijIFVF
z{`Pfz;j=HI?OJHt!7`5~E74Aqh%RA_Y#M|ErZ@6oP9<mq_=A+c_CUZ&c)%36y81wP
z3V5~=^bNZ?0Bd-(2j#)$*e6)oetAq#P-8f{ySxV$jver1RxZq4IWWauB05Mfd$sB)
z!&FQTCUW4^snj4@b%#kD2QR~v&YcMB@1PWz?O4YL4k8|cyG!(VR!a52(;2?>AWjLn
zy{HkCHHX=#rm-H90cg{qvmM&5LESYtSsi1&JVvFeM20%ke*ZsvZ`LJAl3s`1&paa6
z+Lx~BZF+j9dsfU0AaDo~f<P?i=s_<eBrgAj1SyijU*UuFAUsMs2Y4VT@c|S_0w6HJ
zV41zAtC#Ak%8bq3%|1Q2x!Gr%yGLe5cXem@oSd%Ai16_6a5uC2-TU2}Zn`mORt-SF
z^QSeQJ!K!%4gvC1p&9+U=Qq&gWyI({RK12V23+k#?s)>>=K=gKfT#N_e-HeoZlAMs
z@s3JQHn@E&^v0LH*FyQ!9{hdgw&Qt)-~94J@aA#H#P!!0ZE=wl{>{vQ(J-ckUY%Qq
z&bF({E1EV*(13?aY<NeR{y7?QqRBlsVgosJ@l3MUGHhV*F0qqlCesfwpq02vf<8pq
zdn#ryOQ0`u?2OzBq0+@lHjW`Mm5ISa4?aUGI4ufLCbNzvURX|SD40KrA4#ea0rAp*
z{wU*2Vx*$_jVUlk@ijSy-gKeuHP7+0_6`ic3*X+CI-!Prn&Ia(4BWYMgg3r$3(NWg
zXx)H_k@E=T<R4yw$)XQ3UnG|@LO3?cLp`#Q4-6w^ot&B|$sj<A9dYb^WGI3eq9=}B
zsJVqB(wK$fFG_UKF+qW0oQ%=OGOz`hrhk6ViuK@FGHFi2$v*Qiig_qy^RdhVl#<iH
zq$M<a>0=?J(F=s(jXOs&+b=Fn1-XBeyszt0W`=>mre2|GYpmyMoZ1)&qR5bBkNtwJ
z-89%NHaI#w#Nr9z!w+pi2a$pV5zALBXk8-^NOZYR9830_+7?5qT^;e;*63vq{Pw_a
z@>Tk|of*3@gPI1U_23$uuNeFlZ^S(S{B&=^_~M{qyf$y3&o|JUwU2SQWZ9050kcNC
zUO+F;VcL!D+d<m@Rsecs04OHWz!QU$9<qGzUYxH-DRAgF6*G4uhB3&SwiGc<>;n)u
zb*d2bWdq(bpifcJ4HU?=rG&sR0DUT!DpAz`7coji8E{_8?VHN<#p2M^+$3P~I0Qa2
ztQ}IyPEkJ>BIB0$vJ%geK!OdUS+r0fe6(i#!Cx;?DI^&ol*CfxOdx=RgBc#)KSm{F
zp1uz)Iupc>jS8f#4%}L1t+!SYeO^6l$5w*be?QdeS;3;~O*umtc7N~l_qgwC>kU?V
z;7HV|2kdJVhrM$iH?m`6djlJX6lMNjFD35XLo?tH@ELrtpiJ5C$pj(x5%}xbz$BdA
zgTF9SkRwM>0U#Y4D0&AY@aI@Z5$qoH`w2@MKY+#keuG`7SsqUtjn!s}x~*|MKf&qI
z2`V*ny^4F}CzoA}rf$*JEsjrbK+kTXZI`HKRp{nP;aEbnH}Jf)95eTN-GZ71yt_WX
zx2$sS`}?auT?Xy9Xgm1_|LhRJw{~Xi!VFcfM+fBWdX(r=H(_y~`|VSY{whWIZ@>5m
zv&{m$vHg8nH_zfaJiQdyz%(1^^#aYa579pV2&P$w#R8geIjO>1MtOZnQt=dE7GK=N
ziQF!JA`Kl2QKpX&fxR~gN6*}I38}<02_;Vg-YE@umuy`h)c_JXW^sQbr6KepYcK3e
zll_g#Gkhw{C8R8<L?*WnnT)<T=P!Pqh{I46%2NYGt9+(lHj6K+KSa5KBr*vp&h!(p
z3`7K@fz8qYYKCQX2Y>#PGXd0d3_$q;WoF#JbAn&_r7xms8|&t&p%g(WLK-bdP(g;D
z%p?qR3RR!XM?Q;Ap?|&TCxvpdU8O|6q5VFUd=Ht+N206Ay}wFwD~aU!^LGh}^VMZz
ziqQKYw@-fEzObQOE+7O06JD3{8j>a){r9C1eU2dGFI?P*-y|i4s?aev97%HaL&5uy
za@Spkcu!x0Fj^&a<qi9@dkN_I`V3FbpI})pP`5RV(btZY8rqCuG|NurS+5z3=NuNh
zDEdYz&-BrCBl`x;wJx>>bp*&}wM*jRO#nZ4@(=#mp5ThM{Rzo$w*Y))SHPH<J3Ctp
zIlA%q&3K8(hP0R9a{JqFpB&(GH?vas&9A(K$~-~6UUfz*%)_b_Di<f%v@q)>+RYNC
z*;tbpo(9BXmX8HvmIZ7DX=Ut`m~rx?F<?jA_V#6tPth>jmw->tUaAO{kd$pA_t~i|
z?~M8msSqTOX#Z)be6(0r88^?^2{c{^1et#{p^{LLd5#vKLiSIxQOS5F2DYGUkY)aX
zeRmd)jsQ@Rm3bPN)}X~4?=<(I&CkM!hMf6>3rr7bVP@du<N$BIbr-F93eAm|FJ?^P
zyWTubK#DVY0YE0~>x&4^Zho;0n3uzf%nRzwQcUlT>C8{qt4bUi;@<5<ytb1-8sokU
zkY(3oR06Tj>FW;8nz?Y#)}=0<Vc(r){=5d$OE3GV2XXBLGR~gKqlj5$nV$#OpJ;OV
zeope)AHH|_lu;naNJXV1DI=7Xy6HAx_@*#(GXF1qHp5`kY|ylgi+(shJjJY<?Xe#K
z-Ds>A8&p+=)w#h>e*7df$4Z>e!uhFaQ~lXPdg(BJF=#jVLIR+g8oI1qzY2Wwb=&Xv
ze18Y*f#2A68^D)#Hv+X#ZG$j*sdV#j`QEu?WCLCC{`T7^hx-_SQjFIQ4X~=AH!E=4
zOds3j+DNz1^%~r4VCofgy|GzexqVENd6xekcb{&-@?8YXF|t+nvMXpB)*k$=0K&Wp
zXUeXH;4Dr^plsG(Ea9Z6pD&xsN15Lt`vOyd7(2WYBA|#|EC!_jEe3yFsvc9QXyknM
z9~Z#A40g|%7)qIE?gj{CpcdaWYXf4!+7SNTUoYJ&lsoq!BL<}Gm@mc<9^OC3{Gi2V
z-N5wmJptJD^MKuZ5K0b2LFLMWnBe45IF9$n6Gl1oK*+|n3#lZ8+|^a&sdLf{q6vC-
zQQ00s`#0tK{^aWsIF7npMF*@@XT~Cc78H8}7f7et6#S7K03kE;C;)$fe3OMFGZJAY
z`F<q(P-O^xDETy*e!+f+?t3sC!M7;19$~Iusn;*mq>2!FyHCRg>t>C%ZDE)(o6T@I
zKg3+kuk}>f)Gg{|gQJ6E9G%?5rheDPILNUs?cF6@7r=*$<??N_#tasl9q=Qgtvm5f
zwy*Ai-yZl)y;>jb4EQla)td=14$}bGRp<5XBOpG#0PyXX?%<?Zz--pgoA4T&G88i#
zn7W49EYU2_x&fI@mgOo%w9zQg%S$VrnFI}hyOGZka401Zr^XsKat@%BHH^t0D`lf3
z;^T@9UP6{I0)0UkJ9)qt13bj<8}$Q<7=mPhgS3&-$?}RBenY@-%HKl}mqmL@hO$!v
z;@m==L-QWyjNgo)#aJGi0F11GdZEFru&Hk0KmN^A7vjuTeuyN)uUzRkJw3#4{P%Ce
za0AVq%#%RQ(X*7^6Zy?J=BmHOnK=NB4v<KeuQx80$r<8tg&q`%W=TrTUQ`eUkIc!H
z{da!<tQ5$wWA6;hTb+fE3^^88I+^t0@JR+>z!3U5iXA}i4=wDugUIJ2@m@qebUx>d
z>GS#|s~5U$#@T*Zc23^!_OnQ%7fd7oV`G^7Sk7ongLd6QQH8_#A#NO<Vph#jsp{HI
zk9~}Tt-GUHRMCtPjgh%A?6Z#fE)Du<d@YcEF;MjedcL!w#8&{i2jJcPBGGUA9=~Wi
z`G@~}4$#*DdU=>qxcCn>bytRsZjy`Ma5Tj>@zVR;Z!a?HQw02v-+UD(ilNslE6wDo
zkPqB8ovichBeaV%aNB@;;J5`=8k{3be_$?}z~nCNoT<yyd5NO_y%3~P{%=uNPjGA$
z0a&-2u=^*>4vYX%9N3Q7u`>mIGzR)q%ov8fZ2mdv`AB;QqY%VW|6J6AM&f*jk0I#?
z%(ebe@&|cZDD#uKE&`^N!b~no`*?J1(AFI|_?dYC%_=DZkUWo(Aw*Q;!+fsrwXZ&e
zVGV5>n=gm_IYY=MDvJ8=+;brM{6v491@%hoOZIgJ=RbNM*M9~S-&+NrUEWXOYyGt;
z-plq5%J+5miI5ai@ZUZPQaJE}kTs$OxwH{N_`X5kUO~o8L5^EouaM_Bvp~+>??7U#
zM8a*9;=;*L?;ufO=%nO0<9#wSTGL`(ukdX39E;5ojc%;l>oo#?+F)~Dg8;NO;m1Gx
zsEgZ(Wc0z<l8pIOEO>tU0Uuq`K4Kft7fP>HQ)jBYSN8LH0AD@%hyVQgRXYZ@J>!?b
zegM9<vvb1?)z%^mHU)r;fd%paP~(A{>$2dFuV8=s4ZFIez+k+61DNRs^?D7{HeEG8
zH!h2HJL|TSb8gl!O$~0>K1iD)=0#o?R9NI7GlrM?^a3Lf9v{Qw%47uSiZaarc;p_>
zguKTl4N2g8IV7H<-aLxJ+fguB30b^Uis=`^2>S9Uj&}$QVN#=$@HOEAI4AFn_m^By
zRH}-Xn@gp;CW%M^2Es@JL2<~OIFa4%SskW;4hbS2L>9eM$wk@SrUmMi0UMw-!0&x`
zf!4q-5ET@4|Lu)xq}hzm^7Efn5#iB;n>ac)s7;GjxAxeT7*%}_U$9tm@dwfMNPRH4
zbhG3jr<H*yuwBRrEyKnUQ`JSXz-QI53`sXue&_^_!T&rfMh;N8kD|IvK6WZq_6#a<
zr!ruQIW`#h2!x*Xb@_im#(@pK@1r7s$Y#_!i^hLv&tCe_bnk!)!AQ!B#Ic2a$h%-7
zT{|_Akj1iK9OZLhT~zzOdFNCqag8OPfm^6>7LD0%_r2Qp*KDAh4O*>Hw>1uC2RJ!6
z#;m#?OF-RdY?d2TYKEhuJ9zr+eJE9Bg4$JJ^b}PEK07fES7q1|Aw1gl`D}n@1DKuB
zP)D}U@Baj_+OHP(z;6ineE_ULQ@?p<_gmY5bQ2-A6tZy<-SKE0Wfw6Jw9f#1Vc9+g
z<IA7BgFCziH!B;cu170vrrAJmR?w>jbW?+1#^Vacn7#>8&j7JTy>EkWO(mn2aldUM
zDtYhatLdfp$hmk*r4V8^Ebk7A9B@R2#REl{Eed(h9bb{@LIV1R0blNTazL+S@`8+^
zi!j7cafV+m(~k1v8(T2V(by!+TR>5q14pUbQJ6V1qh9JR&f)MO{^<MX(EZ}xCQPWH
z7l;O>8nd~=ul@2{0JSitfngn;A{un>XD2Wf_d3VtI7x%E3o0RJ<^28XRh#Ux@IYZA
zLobC)cEmD&E@_Gbh;6vK1nOR1=|KxY5yQAJ^9WEyIe%dk1OyoEARdtiuMquseZQX!
zrw4~X%jNUg&m+xVdPGHl175PH&~V(l2Vo+^;W)$$!<?O-lQ<F@&;yUG7t-8HM%#9g
zBAaFnV>Axuhd7)cc14ZPaACArw=fN(A_ZlR1$#_6nL*aE_cP<>Npv+IVH?m#R9uZv
z+k$ihRy&Jz_!@xu9{BBn-_Ul;20!j(k*=BzNSje$b{P=2D_fS}nD!ZfF9hi8zk*-?
z%I9!r4zy=0n9T;z<roKU8?>th^y(bYEsW8Yfi4W<1K_XJ(>E3y;a|+DK@45u0v$4F
z83BwQTt+|)1HrYb(9=hmlSHZGCS`j9dzqen3nliG1AqzBhg8mpC{iLeltCug9jObb
zJ1a4(M`L|_!nh?k=aecH;+#GSk|+W-t|u;ie-@6mfr*P8LhUgz0Mi(7Z2%B{xVeKx
z^EeH1M#S*NMG3LZXA0l`=I21vcG-PKhXn|Ee3^1i_U0qD*>$~ZXD@wZpW)}Y#NNon
zC&{_~I)_$52CM@%1fv+l#`QI_Jx|85XXJ=D*?ZRmtNwlZ{y;+>^mK+ZVfeaI3}gJ~
z>5X9wR2NAj+JHl5w+~K->-+1Y0cFo0A?)9i^A~%opkVgo(0fN5gTJ;sF&KkB2^@Xi
zAWOGTicEV%v!Cw|lo^AetEdNw6c#!%O9T@0HZ!BuEzZ~HSk<ep|L^z)=GDPxvZ=!u
zgUzz;K6h*I!yi9Q`m}qc22&Vk<DIBK183&40qj=@`htgz?%X}+I{|)Vf#2TXWe@!F
z+sSYJb_JrZ0r<kM*6FHgQZML%TZe*0Ky)Jw#4jYkG5Z=^2qLEJ-{tnV-!6VV^>UuK
zZ&o-~8!XnHWHTG%U^H~SM!P(RX=`x38D{CmDgZ;z&6v5k`Ll1vk;gay;)1YkN^`SD
z%|8bwDZ<6u2a4>ZtR|~m4`Ax-88!@&=;Mn(UtsbQ^#~&D4TMrzme1oWu@9sn^0B=+
zmCRj;#t}c4;~_{yALRBQI&)GW^$dKiOn9C2>`VZ>S*(#G3b9!mXbpfAe(%rDv2H?k
zk9w(RP)Sf>)Ppzyw{ITf<c5La2Cc5Wp$a%Xha55#z8{RE2g8tcw>KsyxrDX$XL%#B
zao~aN?~XAQ=QjXs8Cj$v<s#qZ_sW4x5)S0_-?w6P&X*QsD+~U7FIo!zSQxu7Ge`+3
zX>aty$OosBckfiz*)(MI!uyrMA}U0I$%LRxlqoneig92JVW@lf|Ni?{_OHxF1j-{|
zQ7_K=#eYvfZ@+1ygP)^=Bb*$bb~%urCE(W@tj{(e5Kd3-;Ct_%2ZbC8;#urj>-+y$
z34Q&iiSoN_B*Xar%KIIE)1Z~Y7*N~nGEe#~0AD%zt>1oc`MbYk_6x^7@Qb&()dTOy
zVu(R)ooC4g3^a50-Wdc|1c1EVAGR3=z}a8+;P2xDe~g#!oZ=of;MLN`IJDsxWf(?x
z<}JG3pj|EUF(EV#^h%upw57ze7<xYN?;s*=$Xyfp;~lM0Qr!EXh9@_bk!z}<lM$Y<
zB#V%I?^tq7lw-BZpwHz~QRF5X1WQW;nH=ClYDAOk?IRjI?<{4V@iRD$%Sgr*m-!Zh
z!w>)<VgY-mE?{Tm;mhAO&@44fqhXF8;J^N4iMlaRmB{HEVEy7vDZ+35>Q`}apwODu
z$~+mA`<xIxVD5}TFj1mEOvo=;l7_NrlI_jn*gn|qx~`{&02ophaP;h-9V&v8qB=&6
zy6iv~pAg6`yYI#jgIRUp&wU9BfN?BY5B37^C$bZm2}*UJ(};dTvc@gONkBPp*Yu9B
z>=|5lY+cr0obM+kpAw)Z*NV#&jI#agXK)N=VdkT#CoypNlwdTVvr%OIAR{Sx0Pqd4
ze(`Z?qp{koppAhx21f@+IH(S+8PBJG({*=W69~uE9Wc(L`H7-?T#P#^&h7b>0KO~5
zr*wfwhW3`aV0F3HysLA3VAu8kuf0|Gz;AyF65#iho!yd61IR`BRm3Gs0CLm7AFhD?
z%Ob)3wxc3KH)$LE>f4{gYqt;4Joyl2v+@xP%$<2lQ+NG*%LPnZmw{TT$j6z+YuchH
zSY#FH^72jz0^&SAMZ-OTlyT+6v}{26t3ui*7qWe+oRbR2L_yFy(ntg)`b~u6VG8;v
zaVV5vFUuT80FM&a9!lK=CxBck1-dg5sbTyIj{i<!pCICd0U_O#<}pr&$KepwFYvWy
zn6^8fpRR9Xsh<F3M3e@(9zVGVBxD>}?R$Ug8;>xXF*ci~lX;5I&q)WP?^pAo=zeF$
zeIGpo=7ZW{0TfBep92im{Kc7!bc~&{Y?Wi4tg(yg0hBaa@f4lVgZ8QK9h_C%gT@Zd
z#nlGp6u|Xi^RO(NGddADe+tw+UjiW!Xs3dJbO$8`Tn_&lCFlj0T`2jKdoCm`I94&!
zCpg6V2{|qo`uh{sZ)o-nzxF69ewg+1R~Tc{th*wG(a>{^`D~7PH3NN$`9Ef0v#MdV
zfiZ-4ezLTPSp}6xKdeb<w;dl;+?5bsF)zkCCqMaK3ClMbQ*Ouf1;DRuK}`eRjoee&
zJimR4!5;W!x0780Kh?INtm(!eZVPUhaprFe@OMSnY|s9EVz>{Qfj4g`+^RGd^%|yW
zI^bsvxM|R?&Y(9dplyPlrw|N80BYjQF^Sm9uv5XRo^rW)Q?mPp`xS^rr>2ofF~e>4
zuA0TZzMRi|LDoq~qaws}l>9QJOK8H>Mf*~s_e>!Kq>-6R0{SSHbfz%{lw<jdt_KB1
zkfVhbd-+`WJjyE6r8}kUYYNuF5+KIzhjA300rXl!*BVu&@CSdfz|*A(-D`<5nTM20
zbnSNg))8*qA}};s-C7e6%8cj8a5iD(y8|!Y!j$`y;G81a79Tpe5wzTSTNFQkuyCgY
zgGl-J?O(|L`N{%KSg9pBHcfS4uZLX@G*UoC_Ka8#{3Q)*QO+NuV-Y)cvg`L_^1!WU
zC;dMA=TOL;I#yBHefu6mB7!l-{SBg*kfk#aMXaCfyNiS1CB%%_Irm>hz7W9}X8j@-
zld}xoMAmO$TGqDrZ(Xl3pB><)?ft9Nr*qA0w8r{;1EU$o2RHCHKm5?Qwi1xZvI*xR
z6%FOVfb>ZLV%l!ry+Xiu<)E)0gLMmP+g$;_%J%sk0;u<k$35`#i0`-l1p)L1z+c?W
z9Zj91C!2A!cWK#Y8T?`JX_rHT!|WgSAn>XuHD<hY>jaPH8dz^^eqRl=Elj;eyIjE3
zYZ%=WfzV~=o2~l;ov;41yNrsxb-WdH8#J#D%v_L>{FElZ(9P08(SA{$b@hzhIw{Hb
z3m81g<naaa%s7O-?93VW7KSn=L<}KC*lh&xO>hIEBplqYu*y7G#0<vcO}xJd403#_
z1STfEGLq4(HFU$E!&~^{AFXh{ZZNB=kP!$%+Y8YacE7*!OJBl`8#8FLvcc_~9bYM`
z*2m9aVRGZ2%Aq4DMGOAO(UWtnm$K->G8zItYRH}AH0+#&GiQHHzQ>J%L-KM{O2D5C
zR`<Pv(vF3F0U!x@7t;)fvPy~q?!)KwCOIN9L!7Tz@`>nNChrB<em#HuflFt^%*Cu9
z3IGvfwbP8Ti^q*Q4*?!qMcB)M(dY)+bn@iG`4LVIPoPMB>g1noW6-W!Ff;C)J_PVC
z$O&_!+&)=Mi=^FU89GA!_|DcklwWLJxw4bC!IzT}=NM~DY(lsDt3P>f1M~`jzud1J
z_rOnH8dXOJ)2*HCzR&M7JZyQ$DFEcsO_VF=WtJ83bBBl&9(di>!&9<;+dF|?&E{pE
zzxc)jy#3%5&DqboScc6S`usWcdI{ZZd_UdTx_m-x10n5$8w7s^){dByT)Sx#82b`z
z!MT%i?wVtf4B0UEa$aBZ9*UxX_6V@4C^kWuym(1yB+JZ7G9y+o2!|IT=Lo@C&|jyb
z-n66#ki688D7C9hB&j73l14rxd61S_VkO)R3Eq-X`G^5B6pn8k9BO#+7~A*P%O&l8
zx^ro|g+If)KWc{F7?5E+Zf;}IE&w#*yH+5jI)+A({dZ^j;N--?5N`18Z+s4?Co`O{
z8|#`IF{uONYY!d_xL5NA5ehvzAnIh83Z9+no@&7M97w*;SfJJc3<JXq1?Ap{oo$N;
zFKk>$qA(({EUjTE>R!!YFm?TW%5+R1`Mp^tvU3SF_OelA|7ICCvYm*g6L|W*JnrKX
zG9X5>$6YgG(t`*9ihY`2&#195d+E(=O#g<im(aS3_QpA(C1-bFF(B>1tB`ym&ifOl
zE^Noc-T=qHKKw3xf1}L$iyc10)02H12$;iiVbNf<S)pkgXx-xY@B|05gKpgVl+2XP
zx`l4LYvRcV8pibIS<3akdXa{T7=9~5RFuwxqhN<F3<K%PpE#wuy6t;UboC?}KWyqW
z0jh1FfnAuq5P&<K!OOq+-tu?<*K5B3-2*?dB(nK^yU{eX9hIHG^f|l<N><F1+&x2c
zfT8{7UQDB}<4fIrjJ*@+72!S@20nkI!b^vY#p5NKXHU^Q{Q!Ek1e>-9&}izHHRNPH
z1P)6eFlPLQz#?6wZg_#$B$HkNfo5cSluS|?_qV7gE|z&pIh<RNNeQURyru_83Q-0X
z5)el!3Sy6)Jt<`gyZ@*F=p`Uier7722ZZNA0!Gn@<qTRPa49969vs@?!#Q+PDk@Oo
zF%`3a_77rzZLOhe#;hXzhre9nou{pJHWV(NF$+M#4Y0RhwcEjbhMTt(NNH%(Nw29~
z3eQyuyM8+g0iye;q$~@_?m5o1r2mYHgFrs+KQejNM_FB^lHuay9ag)`KuSNm6WR9%
zDuqru>41;2h>or7v%4006PX@fDdC3Mf6=OE*{rOUUDUh%oI&h|H&kI|TQU0!#{Qv~
z0Xu-CEYRs)U8VVr@iS)3i}lB1oJ(pHHBSPJC;faVJA(!uM7<m~RsQ61<Z}!jlKjAn
z_4=h#O~?MV>lU@HadLQy<AY;Vs(RtUpD~QhVguc193CFw2Y>z%jP`6FR3FT#+&xUO
zwv(ne2YehD?aJ7^X$0Sv8q%@n4!pmyeSSuRtDV4-Ie@oC6Yn1Q?Ki;cfWK`2d-b=R
zZb4cXuDXoWGYkF-Qp`dFUn1w2U<-|G6omZ46*UKD^(^~)a`J@Cj60`?_}mc#=TEWz
z;4#)8K1O?f7MX%zs%E3C*vpu^j03z(!~yYE)x2q0e0jExCK$TJQp_yyq`YxVy3e6d
zc7%Y<F7zmtgJN1AAoV6M#XPwTNQ?RebH5`e>7+54C-RP;nT$S?1s_7eBbGAq%ryQW
zAR04@wp8ZngW$rzcZOaY=#2&)-NAPs8+^2AFsoE1zt6IKF?x;`o4@ewH*o*nF<RX~
zo3=A68I0Ku@Ll8|VIfJ+vak;%cUB}K7Qy*oX5_8GuuakOUi4G;=gH$nj<N?Sl!rR0
zrj+u^;6&fI*Pn^tg9dU`_UtA5fOH4TB)LWi96o!b6fkam<OPRWePN~_LeMLutZ}}f
z40ZRC+BgN!%2T5>M$SedS^2C8h3`K@@MQ_WCJD#X;gd$!2XuiJd}hYFUZb($?>CNa
z;9z$6;z~aWFs<%_+qJ>n+Yj+qn~!X-sx;0bdrub%JTDMzyE4!>aXB#MbJJu5nd!-o
z40HN5@(zLDm-j2jJ@AXS+t%1+CybxcEy%Q(Jl<yTRjG-4nC;*RrY;wWg4jh21oq%>
zLJbxGv|)VdrQ7(*odYc1{ab84d=GlHm=>JA!vbRY?;IIpj4MtDQDyG6Bc?FPdyG^h
zhu$sx929g1hKEeU!R--v3W00d2N;616eI^mF=_<#C9Za{$xPfgh-{og(X}%(-OI(b
zUu9Ey++o>28G$*8HHgAoKaPY2ER_c2vfo%U+KmCgc)UKw`zsCbD!8bKDBmMXY4e=X
zj9>WXE4Y8}80+?F7vsRapsZ}rC5=E5tsZ(u%^ql3_{8CT#S)kGb(W~#&!5OHcaPn1
z85edQ%Onxxy+`?*4kWV6(F?#|+>A#Y<^wtwv6G_q(7!)!)w_y1S5i2T$}(9(xV9=Q
zCzUc&fFVgnpZRC^4WxihfJH_g$o1EfiOf`TtY6%N81sN24hk7Dz#E<(OKjm#Ki_b#
zUvAS{V`-MC+Zv~bH*k7%ikYfj$Z4`;^1C(HW;t^g3yJ)`qB)lvN7ZiU(2o=F;Q~f2
zqkp1HEfs>PL$@H^0yx^m8nAclzX{;kbzep9?M(rk{7?Uq0Qyqb{CUAN=aHYz*kz#4
zuC%bF2^E%+J8KF%GkLj9@yeMlJRA|yady8=!hJAcymAb@cF>?cKZ9N^0b{0}_-!7~
zrk!WVp0WLKhMBoUl*82NW@_&N4c$*f(bZ1FmZlV+D=Glgj9aJNKc$YDGM_ID9nM5F
z0BPPFMKKNJna3EQh9)zJTt+2pnd|)w1CrxK79|1l1x!Vm48n+h4f-cDUq$d(^xf#j
zpxtQ9Duw^=`z!qQ;|)~hBOK&sQPSB{f?n~ttBP>%-W>BeJDDe<eE0nMkmsobFG?^E
zuE(%HZ|>YF_g!>`v+}#K634!ised04)!|R2a@R&@zM@1_Mem&HuhV`X{=JmAJV+P{
zg}ITw9o2tU_deqLRSwLOe?J9r?A?AUe>TLu*?r#7z}DYCp+q})r9ZErj7mF=NQqhY
z*!7i0mdgH~XJ>pPzn^%7ie=_gTC^vQh|{MaX0*D+`T7h`&OgMuS$9S~FVZy0K)q_v
z)*7>Fh9CamDK;COov<h{Z=rC^WBwE_PzsInv`rbc{6s2&KAM>2MEUA#7v$a+76_OA
zA%I@%3>^2{9{Bm~EgSTB^_$VQlED+JEi~!2-sXWR6_+iBgXy0C+brT~*A&%fXPeJv
zxK9lZ&Yz%NEnw<R-ZO_LoOrs(cQoNWMDASb!m-U|PZN6eFx@6JF_xjgzB_2uQ<Q&R
z$uLHF8D=)_A^EWOzbXP=j5MQ9rTS9`KPaEe7soY(*?bhqIH?#2FF^stpNFU@dnHvk
zXF=azMw*-8YYLgpfdmQ4$#gTTV*)|14cfH^4sPIwPb+-zd}9Hg0Cjdh9Q5@eEA#yN
zmtV%KFW-RHHH>bf#XKd(Lk`pg|5E|;>rWwdMl=0)5&b=^7bp)BtSOC(!Hhi~WnDG{
zKo<Zt3IQ2S1Aoegl0aGJge;)Ufxn=b(C;H4p($Fbrz=^KhDh#ORpC-n6iPfnNlEfb
zSdgIsfF+KMxlq=PSb9nUU~p}0JIzvN94r&@m!4{S@V99;c)mQt^W}5v0{VggKf|b(
z4Vq1Zd$%8Az0}a!L@_u~@g<JOu_iD@F!jO$zWgC?{RswHzA3~5O?*G0ENB~RrnHmo
z6u_JN)#G03DX+XQSvvUYcWyM$Hkg#ckb9)q+D8S`mwYc@;n`zNedXQmA__uCkrJBg
z+HcmKj}6|qcN5=v?KYaTA49K}Fin$>1i2Iv-)>)2D!nSvCp6X*lI`2e%r%33e&yai
z+U68w3|(R{Lb84)dX|!Tu>=GumxD(s5Tww0oZ|5CT-<}AgsBTwfhwZcC^VT#dJGf#
z3`tgBS&<MKQRNmD9Q8jT)2}BU4rHGsSY;X45DhT$bw)GVy0g@HygI;7&*vbV2f&m9
z#x!HnBeqs+eElnr@Y*Z4(dg$eXaO=|97B@fCuNcHPNzW5N!0g_^#S$X71BFgDt98u
zWg}WA$R7W2Co?o8{%$3Rih9!(FWr>U2Ej1Y_tGKiM<g5IZg;GDF(CuWTBV?O$`mi=
zK7gLmK0-Njsosed<enC)O1<PW^p~|}Gq$Hr_V6j{-8_5gqX(l#oFf?(f~eQeP&C5^
zkq@Q0JBpGg>Qo!?B-;nt7w6sWOkT=Ia)Fw*F<8}0Xw#xn6^;&$FjLjl#0Ons{%Tu|
zwy~`>`Uv0#pgQc?ja6B)AQ0!ZXWLRf>GjEU;}yE(erVc*2|V1cf^0gur!nAaC!EwV
zfG_UXk$d1LXW}pIit!_3pll{i>Asm@xH<4zDn>hGZ%7^ifbtJK(fDQHHCuzfQmJzv
z0|5Zg26%X^@YOprG*6e%t3~JHiSfR>Y0U5T&n?a!6a-{Vo_=UzQ4<I!>(Ucx%DWbf
zOp<E-#FG%`=TXoH7_w@V0bi6-5CV5lMvfWE-9nI-=KKx+F3xHR@KJP}C3+z~$4L*L
z1Z)Bn$zDEqBaMD6paFB2c(6($&j{ewpj~w`&p-cRgFpUZgQ`-3>5HVD(Z7kpYQk(*
z;lYDL932y$o!b}(<n76MpcR&dGjpEF=CC)?{VGD<t*J@;yuJXVAOgdqem=+?J(i|C
zEKFv)+Juaka3Hgf17ZJ#yUsoid$~DSXtV$RMe+jqH2R<?kK|h?(di^iPdLfnBZ0~c
zy!lQpr!S2{3e90S1D_}p<?iNcVbvM*6S6Sz>ESTvW_uqK!IASPruql)r0VnJt!`^P
zU3`S2<_M=pH*hpRbS&>DQ6FvAEt++Us;cnLJLgy~o2WPzvwjpQOFXB{qZ1RQ#m=29
zBroD=efj;-HqW0N^}*TRZqgbs8kp?_njG&Lzp&<e-I3p2fZpDXqbIp4#&()y1TIrU
z&-06mA$!93hNn#R3&rQ=7ShB0Qx}s)Oxy1@-RyiauM{305>A#Mp<S<_>&>+OzT7%|
zimWIH>PB&o$b;+e0~$7Vx!M7YCR|*RQA>tZR9R`KWbKqQe9ZOCB}|_hlGsMZEXvC}
zJs44u95Ms!;w&l`|KKAUC{Qrj*D5I~CI6Y=^9Y^nQ;B6#EO9M?Z%S02_Bbectx)JW
z+x1wsijwS;@}y*NNDQ>K4R@X$;hpnCy!&JWrIbI<(fH_k{KAI44m=p(jaTpE3$Ncn
zYihLI+EDL2$Dk0m{@LG@mxL<U>qahIfP|Z?lR{egr*i#(<U0gi&!CkpL&`)w$W`{J
zl#uiKp2Dzqu>1a%lXLd}RV3a!V2qW>tL(3t?(_D&hbrllQyp+nsbZXhhD{|5ibTwb
zlKpye8Sk$fQt~>Hj*iHR+ESTxt{xIgt+Ta{?7vukEKbK;nmVp;EBCyj&9K38v&7T$
zkML~y40T&yf=j%_G--fl)u355xOL+;o<C`@S~r~(S&mmE$5hpgk1D?R`+IXsfEND@
z$x^})+Vam9>!<u`Eqb3pCPb_ev(Fz}YmP{AlD3Dg)TOlUz~62d<2gWYpZw4N%Z)wb
zx8DHZ3jiMN1XM6XwXL<gF0*;*LvqCCfl{8YK_&smLnS>5ca5>Q2=}D8N;8E$jP3QN
zV-wCQTdt!F)XO{{+&soFy?z_*`A^ZVmeBP^WL{lja;Jf}R+wh&;>Pi)3@v||Sf41B
z0w}I94n^-3`|&cpXT4p#DoYuW@PK(!6N;om!M|dLFQ`J>1v<xlN+f`&68&=-=T8bv
zN0L52<@*XLW8UKO1CcSFQAj0^@|>vQqD8<c_N12buA3Y$dX;Ciyc=UEXmcZ=OsbCG
zrqA~7UvI3NCj(E{bNuA&2$gysTvL5edmq-$)R~_6Q|mvwHU@8h@gctar3Yx+1&nE}
zlcWD0ir$JGl_4l%m0Vnby~`<-|MeYgY%}%%2HT818DG$YKW4VU)SX<D-7Vfd%L+1K
zn7Zc}4&xDfCW^?tqEER~46tG__kUye?rd}O*agOS*>#e~>I2Q$=Jb(Z`jmC_>_50t
z+&O+457G>WCsr|avev|5ltn1Jpx*k(3Ff2_;iR>W5fnk|BvULrKxShCcG2;g?sep3
zxt-Ie6^tq$U15yiGX-PG+_Qe6OK8kO269gkS}!M67gKQsTcaE3l?JoH&Es3BRQ0j4
ze?}WL>juUc9L;WGR@ESCd<G_bZXcwJa$t}ZudjyrRKCdEdWq`iR`Cm41ozS?A($_y
z($qJk^80mTxQ5a#jNx4cxxWnHbpYSp1Hb+D27tqzaEWY$qi3u=$`2ZYYhW%7I-$P5
zl<k)+Kr;9;e(^Ad3=;;617gs-$6F6@MeNCRJ;0y1R_+{B_{E2ZXn(YUSuMbAJD?rA
zM2VL!`J8PHfO5sb_#EW2@=8W67@friKMKXQ`K-Z91h|S|Gvkgq)Fht-wx>}GC`v)e
zHM0dSpxGY2D6<a{t40}s8)xuMlmKNbItY8GvUQzI6{uhEhJAk|>uvrsaT*`Pn$a#>
zR5OL|KQ{Oee|d&V2@{scDboK9KHrZd^GvvVdybnoD?D2?Fs7YucTVZe&OPXn^F<(e
zr$8d><)NAUJrS>vgtSwdnb-jd+w&*-?t1y8jAihENaXRc1YKSZN&>J`7(Ezd1#;il
zXs=`UsiZ8jzrF?BaX{M^0Nf)ifVcf@uHP>RgFs&L37@yuXC_iKmr8KuW+dip1XK38
z2<6DVDUfkS7yd#X&f%kEeG%IQT(Qb?fc;xRYlD;HQyk5Ytkdf56+3OC(X1PgB7E@P
z3X5~&^HWL6<SFumr3q686<1%M+%~;WgD(6!nmosk=e7?tUa$>vcarfd-);bS?YaZM
zz0}hKzoXrhpSp(CY&nfeoW{V7vQ6Xdw#vwY!zYcJf6|sUsLM$<)3>H;bi*p#nH$_#
zd<eZ-La*0gqp>yJN0&YEBh23xfNSu2j`eY)RZ^aC*rEI|aFJBf)I&Iv=0Ge_zS@~E
zLaC!)Txkya^H9k9%VrfseSH$dskl#VD6fh_2^~=icq7n9fjn=_Nju}J8TH6z!G7?z
z8L5zz-o}^Rz*wmp1HINTbco068~E9i6)Kg2UMXuuZ1UoUc*e^w-Nx76euP%n(7NgJ
z`zS3`<bUE*M4_sf!iWJSf0ywMh<cYSx8WloROrg7B3DjCF&&7W8$5@CxCeJ!lJQo;
zt<zpNN?eB&NXq<KRnqCx9&>*(RI~_Hl#8EK;c}HEcn|NJUK&a{DQ9UhOX2g&iUSH9
zMTe@IG5+=-v)o%uNvp?L;glwpxvpl@Mq^of>1U(cotJ2t8O^%JW?AF(<P^`JwRrw~
z?E~5)X(dJd2PDU(l0s#$TKRE-JQ{WJEU&m|GU%gB_k4K`c)3qSy&p!~?$X)w27p(u
zJK)(fe%+Y)hHd=3@|#q#hB9r~Kwog|oLqeyR2>W^zb8XHk2-?-{n2RdI}I+pdH9zL
z4S#_P;FfaIPtV5gyE;9b<JaDL31;~-==Bn2vkn85uex}6k&L}~p-)$(ISt=qdid-}
z!=kXK2S*GRQD((AUD`sRff-XoIY0u;$P6X`fuTW6!VCthVM+@l6!tlV{eeh(m<oWe
zi1<s30Y>my+?Xd-a6n*s;RCk&YH-9>P{{0|^lyZ$9~+?EXn+~#HQ_Jcn+M>R;vN(x
zAM26%Y=#-Hy>c7h{Kg|R?FyRPEiZY0juYZu7;%x1fRd0Ka^Rs9rrY<jMWQZb92`ZG
z6NIc$nyB;)7px4BtQjYJ(;^6l&@Q??Xt8sKW8gX`PqtvxkazM_1Q=EzGS-;JI&4}A
zN{|;H$TR)4s=zR89YrkzYlwp^`NVpKJd@XdW@K1DMSyYAN`Lm`oaoLv#q1ylEOsB}
zjv@yrk5AIyJi_z^{yJHvF`4E+Cb3MbTddYgFf)$kM>sw_wmqf00DeHdZed!D;~O_H
zS2Gy1K~;sdE{cC4Di*s3+gNzY+{IgPtCTukZAk=_k7l|QlqNryCJq177ZVI+8Ynis
zf_o4Ac0wRr^X>E>{i|buz6j94)rUp`)EbcCu5oy%;Wy(Rha_0J&?FmGkF(EDOevzO
zd$Qkr_Exq6l*{NUv>1=S=3<qi@R!f12@C_rGvGUqj$rBy+SL+9H&?^vP2I($v76lw
zjm%YqX{_D0N1yG#i)Eo|`!hmAl#=ViqX~{UQSTt7f#--BwM5#PasDhg=;ZJ#WFU3G
zzEK7%lOWn6mMtleXT(#Kk%T4$9wm_z$#IuXE0+@_l8enS+C>W@!sF)#zyGJtLQ@w~
zUEZAP4Ih*<BLP{16%~%Xw{IQd-rYHj(J<`$`?Ad5fcHa?%?Eir;bW4;RV18ZW5!N~
zqKof3$SPDSFgS5}fug{oqKJ?nn@})+D(DGSQ7#_>sVoV`oG8B5LjIFTW=ZB+Z^Mvy
zDdmgJUy@*Uc{z@;epI-Jii_W&48Yu&5<XE;Sj8xj|D{60lyUpxh|g_Ji^Y0@#rhn}
z^#V<9-nxR#v<A(p+xPO^V6`xy%H~`uVX0*A@nn5PGCY&g>u7N8Gp2Z$VBk_}517;!
zAFk18%9@ViNDIpMzfW9G4zF*KbxRJ{ysB$z)dp9;9wz{F0?-#v|Ixp?)}+^7>e)4W
zzPzjQ6PZ#VB~7H|k*D*w;21{tPTMQ;2BSF#WB}tH9#@1~K1%>l;Gmla3U}5|pf_vi
z^$M)bwDWOUFn19^7_mFkzK$tZFKvG<T;zS@Y&y!_ixdRClkG_g9}6eO1k}Z!C}T80
z$?A;KtUaQPtEW6(m8O~}tLWV8DUhV*q?v&vu^@3Ajv9&HV`x0d{d>r=FnYbNHJWt`
zgBhOadwBeGoytx__!WlHBkU!-ed`!sefuFa*J!x`8&g;ns`z5aF4ibE`a|!)sXW+2
zC_fEdR#gzLF3pB0wyW>=uapgWkAmCb4KY*{a!rI3{0X3^lFZ34;GH5?*@4Y?PD+^A
zNFW*)4>H9-c^+kX!u1eFg$ato?p5p%8qI>ytpmu2lz7^wbciHMWSPP7>_qOl?b_k8
z%OQhRy~4BQGc4AN&h_((qYs+8MZK(XaBzU9Pd0e}{Y79bL#j8olIB{fjFTznjrnoQ
zJEzQuRPMl`%S`$-c}|`t2^~KIVgt3K!hn6-R{^}V2Y%Okd&SbfJGjEQi*mT2UYW-F
z_a-qO7rpUEs#{Ygk^%5XmmF-iTi<^c*gwX+QuupsJ^+^IU4P$ZEf$$qXx>6w{+<A#
zkxIgZ;zf~Zn~HFy2mHvghT{7r*;m2PC0cM%PTNYwT7AmYNy%vflvL>0nPm>88BB~{
zMK52ppw2E#bFa@dGf@!`7y56hV7)rY{ywv~9#isWBDUJK1{he@z<>PFOq`c;b=rq>
zQ?x(EgS$8Ioo~O6wr!zx3x*jf?2j>l5g3$xapL;$Y@cW2JT{^re=_a~RHE-M$e9d4
zU)UGdKQ{rX@_9-*@QA4I(DmO1`=mZd!XB*(_nCRF>o=qbh6w-(`5A%>2T`wIxCo+z
zMI>QBLrKpq4b0WKQEaGw!AN5=xl}P58eVDY3{RiP)Y$44&sWd!bnz5*+rY5762)nE
zZ?~w|4NeYk;OO8snpTU*8VYJ);diO}KMwcKQEt8QaezPyW~-8_VjS${AIwkL!$6Lv
z5CEAMj-Dy4yPw_VHs9R?zx}o|;0I<KNXf%1;K^ggw&0H@NJ41B&0n5)Xe;(_g5sR6
zP<uijla6J_fUn=?3iy@RZ$ar6dc6cU_4cyJtt6M10F6@y?QQ2vM%q_alD`mbfBZRj
z&Ow3JR7<94r5G8K1pL9EfdHaPbw+Z7Y`9qD(CJ-2Q!|$+`hie1V97eE(#R?)$3{{H
z!wwZ3hQ7Ozf(2`XX3>HeIBRD3{Xh9AVql{4id<i0$oQQcRe1U3V;IxIaO2z}L*O>>
zlPu+O5nj>$VtJM*LIjMRWRem<DF9W(8VAeF7<@@b-5mH!-aj&tp-{p}6y@+C-Z#RW
zO8FkH&_M}k%f*TkQq~i(<D<BL5;iXf<|L@dq`%N$AuM01kl$JFNlKBK)TF5`lj%oS
zZTfYgr4eJ(Zg94Gj>Tpv+)FRM8DmgenP*c2_1YH^QZtu0ygj;5rmShQ!&^aWIl1AT
z3X)CaIW?NL790Y5L=!8s7Y2Njm#j8+he1Z~vH|rDfQQ!^^z6-Dh+YP8x|3ZShUzO9
zQ%2j^y&zsoXD5oGj6cX$^$Fd|sf!p7WjQ2K5L60*h~galbEpJ!<gDg`38ytkQwA#p
zk9?X;VAy{ThZW&v{Tybqf?lm)+GfJUe^m{CG;P=HGpM!)=~T?Pb#h9T?<t!OzG5;j
z4D=;V;}PUSGwz2788`|hf!Tfy3fY(_sv!)!??I?aWTNq`O);Zq-5W?nU`$HuR0Jd=
zx*+E$nl*NzqW@tqZe(*pdAO$4-}<q46Hzoik#s=eV80@P0H!f$HyQ>CPs{^6{^+qd
zuS)cuD4*p=K2$uGc^)0k@a4B2qN-Y~n-+#Om^e#<mTMU_Ivn*LDK1Wcd`_F3UtC0;
zl7?Z@lBECtt^<#wC<C@xdWHeTedeDyui}+}>T>ydBNrRr&;u4W4C5jtRF^&2+pnn5
znWqnJ=prDD{f-&NhF2<^Q>Se9ov|r_%H^AOrY{O)A0ams0R+>V(2)N;on<^g+`r1^
zBf=Zq^zjt^`BT*G3*>VniN)CAjJWJ)a?c}gl4H$j+#S*96!zJL;<_L)o^l)y;o==A
zxx2y)ztl1$1Uf919v@#kk}(F0P1o<IwZ_Te3Ffo;g|Vk@G&YM3X0r;5bB%Z3IqQ0N
z9g!#ccYEeJ=dCb0ck*PQT!uZFdw!~Ts`%hYA#&SZ56TxhCVgO<sM-m}ZNHdQx&;{n
zo>jZJ^lo2w#%~Y&I=%0X7(Z>(SI4S6oGzxge2-*TOoQV!!`BUSc2!&)0Q>@r2L=fa
z;)4bu9c9s-_>5e@r4*yMtw3NNzkXVR;JXFKcfRld^VM_c)vD|7Gv-31+@vR8hyvuq
zoa3s9#LE??DLY3}P9r#&0a%v4P$m;Ec^y&u{#1I84C2ZGQlR+v*tw39@q(NjHU@oJ
zpj-fbG}uHcxTC&^AyHc?SS;hxnRPYnALDVCLS~@d7_eb%THxRR6;flZY<`G}*a81R
zZ{Iw|um5*%p*1Zucm3SzqCK-wu`3?yNjTXsi=u}QjuRM7gprF}K$grEi>jS<(<I>%
z8b}W<;Ot#MePFqN|NiyPA(O~v=z06rK5QIfJ|fFzIk!vU*og=nK{|1=XdQN$gLba#
zv-~1Z#=^bS*9c^oyLhkoQcJ?qBRDOMQRVgMez)I6Zi15q+`z6jo}ogZMnmS_xqv_v
z?x|03tJ@l_X~Ar8dVB+ws!(kk_|8DHZn0U`I6gQ=Ro%q-;wh?m<;+~lE}pr5W*Rsz
zbR~0o6lA$0UgHA&A2b!bPB|?!?hBC10yMfCXLfVR-3IXJI)k2TE%iM8$N%~iz?-`Q
zz)I_mvL1D3%JlRUo-2DeP_oS*$kC$gdt@A%asx=wRVsCkO4mp<`q?H86c?0l4mLhh
zIiu@^xlxJn8*kplfoY-F3+Q?sEDk=7?t<}&4B>))i<}?2vZEVmGT&BKP5J9q%H&ED
zW^g^1+-`GjZa|oEKzXTWXmyhbz@wptx0ua~vH^?LUdo$S<iK)aOrsGqioq&1P55`=
zf@0H!wj0f;ag6`#k3NKUcK*FdigHFLAp=MqXb8S5#^F(gH$Q(9+O*KR0kgie^ISS4
zOP1N^;sq8T6z1zukX0x485xpD*G>fr{+7r#5xR0BkY+|^F|yZ?LdVV6l~kIyggI*B
zxpLpJLOGIyhJB}Gqc0*O7^F(*WVi@ETc&_R1>Bb0HB?w%Q-s54u)A6IUM2;tseSyk
z`}yJ`ThIPITRg?4*<jlxzhOqRZo!5DQvv$O_JYQ;P8IZ1C-c6L8Yk|`(~R6NFmKWH
zmrVGPGV*ErpzL^EG-)6D>=_fYY0vj#Du_V++IctI5r8*O|M9;*!ZqElJLC5N!2R8j
zG+lq6GG@EMU_iRbMGj-UbQkAejgG5QVL4pT8EogGEW^elRZ2?gZ9MSYZ5TTmIyYNN
zN<TKfkAbQpyuxQdvqrmG!L;qihw6BsM3e*KMBD9u$`gxiGCb1zns;CbmRO{UB?8K_
zeiWGn(C}nF+O(D_j3|}wTN_!uQ4AmhHVdJw6O@mONPt?Vu_$K@Q(A?_x2ROM$I?s;
z>e3R{FB{(%GbZ){({?gXX2OT<13X{78%Vw4AHRrFzR${CAB<U5;q5Oxz-+G3m=*?Y
zl*YC_2aqiJt&~z;kt`QvR*LEJ-yGS+j_L6v61(g_^vs<#Lt(atG`$3otniQlRtnTB
zS2DzuvKfI)1TvDH^UPEyk+dT_87S_v@hCdhP(Imb7WVfkvvCX_i8;!%e%*09R?cP_
z%4iw(6rB5BS%!E^DQA?=7iLUyaO*IWJI`g}&1QuL65ArlEs8+?D#_<pdS<o6luXL@
z`vm7XZ8TP!6&l^3ZclLI=q6@rn$*u|gUzxA5wKiny!WHC&dpO4L}VYQGb$1V2rl_=
zB><i;H=hoXe3v5swv~Erqf;FbdXBib)8yAs|Am5dJE2YL!rLRu{H^zl-}T!b0=Tui
z6}v7(IZR<1%BGqZE8|5>$f$`#ZY?;_Bs?~lP;Mw4dLCt+Kxq(kTwGpANF5trjJjwy
z$^63S@8hIChh8qBSIf@z>Z$?W<qpv<;Cb?U(=fD;t}n_8gGZ$&(R{)Q=%WGWT-wrs
zbZDB)m_`&P$zTyDnTuShlu{Nh%>Sc&ApHQ9Mq{Qb+kn2IuWRU58)~(g$^u4PyD?zR
zFbw?ucN^521`jUGMNRj8csRrV@b|w0kbyQW*cdBY3{@Fp<}Q-`N-sG|O<Kh95(zg?
zcfJG@Oldqon5Wmjrjx>{h{bl#RXO%h1}lWjwgLr?o=DO{dZsaCTvU)Bn97KiqP!BD
zGPiBQUQlxF#SsugHLSQ0B-uC4<yIo@d7{w~Bawb53=TOlz^H5I1>HUA6P@iCP1|6(
zUSYXePL6!gwZ`Urjd^u|)1y0h`fL?Ow21hTxPe>(J0%T>CP|Mjc(&*=^Yj*U<M_g9
z<oSiDhzXz%qo(p@SV+cnZBo12?pc$UYq?!>;71Pty1k2_NMeB6_JSAhMPzX_SYjEB
zg%|*Ugo&<Cfl^@D6>1dzjQ~2D!a800tkc!y3SJUXF@V4O+8vxKhF&dUHtVkPebGzk
zsy~vHL|v#lcSRCgD)*_;MGlA3Rbnhf%ikoak&0YkQO;#ES+%O@y%AY@r=vJ!j9zjp
zL89^^GaXLi=c+vDi!$3rbB2rG*$C(y+gIr^EA!Oaz|2nY`~T$$HjNR$Ocs8W&HM63
z5JU<}RZv7ws{5JG6yAFCHUJH68Zep2rE}VKm-zTaVdYuJ&d6Oa%+|~0_l3@z0Sgku
zA%rfS^7jz@31AYu27v>pLdMX@<)%>vgvIAXrLhclp9*1LrVFSSS$(ik5t4PMfW?kM
ztN*W})Iz^h7^RW<Hn@FNc<zQSbt+fc^0m^jG5X^w23~S&bd9Hrr+B`8jz+hG;Ew?`
zn+B#eAXJ#q4G)fE7h#p@<)tX&G#;90s%s`)4Jf=Qz(XN3eX0|6&SiS5X?tQfAWaz9
zdq@1y^Lyc+djQ?NuE^(lOFan>cE<Rz>2%5$mQM^zI0wZV18*uPPtG)Zm)<4cZ=Tm;
zg$`lJ>qS`(E<E0#KINgT`@_Y+Um*M7Psjv@z4^hL2Q}t;gUxyg)6~1nxVgl^mMh1@
z)n~pEq)Nk8hOkQB%M6V*fv}Q8QbK~LtZ<LmE_&HAEXD=4`^7~6m^}@uZ=C9kc~HR{
zLMUs3fs8COxR6!GH$3d|%XK)0{|?_LSZqfwc9i?lrmQN7hTA!FhQbr&=7VG376ui%
zW$0Q126%6CAB*|}VX#1f+n*BuCZ$j*0;<YB=Fj76FW<%C5yP;C;nrPCbb)I(uySD}
zeVd(f(iVdH^UW;ooY-W=Yx;X9NpJAd8>C2wkkFu{zcswH)EdAj*w0DMM1`q0WC@)x
zow-bO-2HvP)`&$hV63u~z)+-MtiNR-TeQcm6u}q{OjjVBTiF4_PJ(JUynW)KQ%YQA
zn*k3P4^d8?+&k$K=ak0&-z<GMr(E<IFHR>ll>$x@xqm!*qfIh~`6Oo)HdxmiD4gSP
zet_eH;~<RPJx?<>%Noo;(=a}IybQoy9_S%0sAbq$NN3d8teUr<m3Fd>CBJ5&ZQq|t
zD?}Q4_~M^$i(<OcZFm3ghMu~Aof*ID-s873sV5oTMLArBVMsw*P6;nWqpy*p77aRA
zr7oTn^!*LEeD-$cT<Ug-SAvxJEV)%)cx=0L?4;r%_2ZotnSn3dzll4|8O(YKy<CE?
zs=sgBIcv<A_G8V5$^bhNqrk%c901UI_da6`jApRuOaZ{u^(Yy8Pl&~)vI|scM4>t-
z3=svPP$?TMU0EQg2&y8`OhHv0@KaUycr{a~<_c=o|8)CPRmU<x**l_2O0nreMY0z(
z9Eg{K!incMXXcUveKbCP<!+_8hw3u7SGLcO0ln7HjR7gb|NSRxJYOMl>GVJS@W#v_
zV*?LZgJ3M8XUr;vU;pK|Fq;D{x1Fg=fx#I9#PY!q$cT}UJ>xeF07;l^_WgAtMgSow
zbUko3I-!>lx_&^>3nxPg1iEs4hOT#w*cp|8Ib@8bRc16lxPHd|^Lh(S=knRVp8H<L
zB+W>=b9x|4;xqWd9*3`WU^QwFjbcN{eOD~pLVf8nD6IB9jub{~<g!jFj&hJdE_c%u
zkfktm&9=#=a3**Eyf{7XTDLe~ouSc(P)cE59VC5!y4Bd6)leWD%ueyWcb+;1Pcq`6
ztU3<LEHP>X3>Z*yJpUzYBff$;j-y<fLUDEK{-``((}gGOEylf}1CY<seXG<?A|3A8
zpFQxqPTT1}`8RU_uUUtmt6wv-0kOH{ig(D}AU9ZNp3qlI%tU~LVbc`Z$X*6j6aYZx
zsVl+4hs@Fi2&S-MHeovhnDNswoV$2s44QR2`_(T!#KWWKXrC<5ZdNcx@1~AO7km-%
zj^4QBOy*1cre6$d1~&v_x_|42(P{(JGK@wC^w?J7nY-s1?!X@T1#=jd-1R&uMW70(
zDw{>7dO0AwjJ--(HiQ7SQos)I^+1t2zm^$+st)i`5B#bQC{_mw)j`#P!h`Oonk!HR
zPz9(;0To;}A0Y=cN`cV1NC^t@VSIka(A-pq%~CAGw!<JzTvJhMGTUxin8v`&ZsHIB
z>Ku!8i)yBX>^74li9YVa{wM`e5x}>;@e-;E*whUSo8e+MWwI?5^3J@1X;W^2DNJ6h
z>4~z#4^t<pG|V=>&jMI7_V3gguy9w%Fb@2AQ<vUkg+MSpc!CLH9?0&)zMBJ^-D`{k
zL=GH6?q6JQOqPoyD3~tm&oPn0_(a)tU+hd~O==`iQ-m(_j|E`1`%?sHmXSl24eaSn
zL)mzwj&1Z8Z6Ak`fUayZ3A<dr6q$*-gk&2Fp?j1WYh853*c3GRo(pNr7s=j?!Kj-W
z&z8?|G&{mg8~NaBdbLJVw;-x;^Y}iPe+H-cwMDp~-xhs8Yp94IqOA?%lA;&M+)NDT
z^)XVTo>JB#w(UF_k%X!ek+4l%!w7&IiT4?0{EY6h{B{HZ0K9toPyS7{_}~Af#x>in
zG2=%!0eo&}dpE{LISiWAZ3jPS(zEhx7Y$Wt`f4walxw(9Im`@_VgMzQLwE+jQRc`w
z69!+j6%A|VJmI<9d=tSL2x7A+wqLutDbw!4F!07fjT2MjY_))?Yk+yD3X<t_i??4M
zm7ZpuL8nVNnE}&w@*i!ibgwmNYVQ8sXtb>bbKL#c815Et>?c`LUGL8P#%<8?DfHn9
zOmzT5gq4|L!wL-pA1n<vZMS%<8^&M%<Q$qKn`+m-)LmDH2Nhm@aD-bYGvCig!0UHs
zIJ7REih-NT;G{A*z#22Hp;ylUZaRQi0aSIMkY*h_s19eS4ishw3e{l+by%UAb?l+4
zETc%dzCwzk8PbNN#I-c=pvjovM9(X>Yf$D+;6f&!bok_ap{rojnf{Ww{fsuy8v`<o
zpRRA?`Q|x5y1O9l!my8U=;Ivhg%W&^@-seqa09n)DloS&rWF_1gf&kQWS5+qIWRYh
zv4IO0hh(+b!W*{#Pj;=xF1Q^G$6$I<Ig4m9<p2!Ze~}AKR8VZJsi>4l$`z&0+v{9C
zyB<g*j=}W#jxqz#2DO`BVyZgU&%l5zPIG2|CInGX02$BnfjU4;BABrI><ZLdkSYT*
zf>n&AuThPU5QO@5pU-|4=N2lQP386L7(-hWmU2%Y;O^TW0wJf6koE<!ST>q>?hL5)
z5a5-F_7}_88ioxv^|~`qBH(C#goD`u0H9tq-FV+J-v3!GoQr)Pr|i{*z0W}c6vl<}
z;te|;3{pJz<!;=8#H*dm+LUvu-gehC4JgKJ!M2~q0zd4o%>6QeV*uxS;CFqt+q={F
zasd2rCF^uTkXXx80N~V;AB9EfDdPWPVEb^%Fld<@V&z1(DUZoEqo$t;AGLH4+l_&g
zDf?Zr$1t4i7_Z;IiHBIjEYCV)m$rFv?jX5hAe!!Ek)?wCE@8nMGdeR4&1f2fdZp29
zI<RLfuybm@9^g?Yxt!m+3w84@>VunDV2)=k;e!?9oo6+E`gDcn$pL6~08<@+Nr6GA
zp`e-2GO(<<19||AVSIRg)Uk`Pi>9auR26XRgE@}o$}NKl!0ls&s$vJi4isZv8O$()
zf&uF}<_h@w>!*0_-T^*;U*X<d<Cs=BsGkArb%#SLf|?W5yaR#ipu+5+LUmMi3}Me6
z&T>p?2AxStDOq^Xzy&}2y~ZXTJjC2hVC*it>DoZo21*fr?@yL^_o?pO`+^X{$TB6s
z&XnjAfA#Oag_9EnZE6_P1|Z=gMHJ4gkr>ffMJzxFIY}t9ka>D!;CtzMNEi3A5xeo#
z$32ki6YSZs7>=?#7C$G+_X%bN>ZP+Rg3rZA3Wk!nrxD^9<LNAwLCT>$0BR)q$gS=&
zR031<K4CP1i^+fwxQ`Vn%;l*zkstS_GD+-0PR<h}GY|Lz5;<NT(6AuoMU!++-5TBC
zY;}g#w76B>hB6A9vo+W-jt)=oz3)Di6}ik$l)V}m41p+#v6^;APl$M!lIn9cCE4U9
z7wS761bkP2sL9#1A?`ce9sszp2Y!3tcU8F0W{{*+l}p=%P!Zu3rjRMYFdQ%U3b?4;
zM<}~M(#JU&I5_)w<_rY@5EB|6i}p1m0C2l+rFi<Y``wla?4GBM!M9(zjaP3NwC^sU
z*DJ7YKd~Ez2CuY>xp^{o(oAC*S{vvVXc~>WHfT0Lv(eCPCo$_5Knlh#UYQi;4?hRo
zxQnydDc-B+cz4m_Pv1SqvyTXBK8L0`G$}L&s5P+C71s5E?d=1AHn4OD#n$iLqOYn5
zl`IG6`rQDWuUnk0!zuE;voM>J6Kd=j1cm?neud)$#>re`UNI_~L-B1qx_uu%|K=&a
z_VNrb-`e1Y{s?OI9J9)xs<Z`x)cyC+g296h4AP8HRn_FGD^2o=pZM4(1oVPC$uQbg
z3%${x`7Qj#I}M(%TFhrv$^^(C`xu~t5b=Kd*4H25@IYbJwqWQj1WeOTDd*}*97^aB
z^zel;(7sR3XW3clqA+6VO<z**=cS(=PO|KnlYQn^l~yJyC6y$YC`JH=KzYBm$0+EX
zbCOU09*PwV8OK>N8!uOd=y~h`Yk=E)uU~HNbp|tXZgGGYqL(kjQgf(sPe5%_|IC=V
z1pDcjP>Migem-Xh{y^g$2NzQuy_leonW4GM`_o2at`D$T)c_N2pFTw0yzfo1+`a9Y
zKRAb1C5n|Qj4+AoV?1TPrWa;L4uI^Wt77`cqNxlYU)*Wkz1;Awv;2DCckQ<83;YPT
zb_M*1*#_Q@51^MGjA@t%3j~lwjFaaHgKFl`(aNCU9N3CG<TLWg5fqilwjTh1EQcw^
zXaSEe_l;n*O_8?Sch58d`1~p1Ue#i;UO}(dyUw<`U~O*Npv>H{XGSyHhS6%EZ4By-
zMzc29Y&3LZ%`{YJpKqvwW}r3<b@MLh;p_OYx`pqZ8T_Z8p5gi50#Fs03|g+yGO%tA
zp$$Om4%h|eCW@RTe-gl6%G`?ej8vEeiKZ&0!+Ff!0LzWRa%1qmtb5Q5fBm7tAN_cP
zgZTz?WdL)CM|WSwFMstGzWsWIS8kl+@cc23<_3p{!2CdCcF^?<s>2Giqsp4dRGpDb
zwVfrvHrC|1o|m1r!cG8wx;7vf{N(uwK3p^)G)b0Mzj&vtvtPI!9nEm}&J3gsjA?>!
zaO7+brq<mGr8<t8K#qH;Q})kE1ts%G9{hRvVVU{!Or2kQDJB^Aoyx+T2!3aSuoOt1
zK`fZ3xK;!BK16wLq&!Vp`zz{$;MskLL7yKaK<j~=a{0O;%j3JVcyy>1K+Xa;FO-c;
zW->Q`40A8_$)|Iv1SPVEG7mbpozmp@^x{H4*rKS$YO}`q*%Hl4W5#owKXU;hNp>m8
zoDoR2UyZh%5fyLMfwIk2gFBw&&`Hxr=)6H1mmZ?+OiV8e`ug8Zdu3@)ne9G+lRfae
zUfa%qAB^d&XiK(9JiUN^8K}rp;%71gSTfyAakZq8R=mulom7#;q?47vgo-D>U>F3$
zA^aU2w|N4Zo-mwVVmCo$^XAb3?wciOVcEVHN#?l)(9@dHwm{PuG_}EIt+82Z)Ei^%
z*%j1m4l_GOGb5}tqnRC{diWX^CwKAV%^d&fXAAuBoi*q&fpKmnnUz@Z8GkJip{nAb
zb3_XQ%J#A477fXAK4*S1p!1uQ$|=BuirnECz^Y*^oBrmQ;e!?My?38?Oe7f`&F|vZ
zzIg|~_@x<MyK#n_^bu~IXxunu930kA6*@WS(X3+wt+7ntZ*T>(E6a5$A(ZKT0-LD~
z^jc$9Rrr7YVu`<fmpcbm!R(R<<M!EhGH9H{(9Zakzw<@hzjp*}S{S24Mu{#Us-m!%
zMI4U8@i5}Cjh8LP>|fxyBxocr2lYK{p;3qhe}+9M;ttSt3=_M4OhV-NDZg(AhP=@W
z*f`^h^xE*IFx~NZ+fLW}Cq7sYK$#1rK;`l%+;im{5>f|GL{eBO_w0cJ+s_<>Jdk$;
z1_tDwvCNXZ<a650?g6ebg87>&-n;}be9<;z44!=O5zZek@Zi=<c>L23p^ca02lsVv
z?xJLnyDSM(!mCayY#~Rd($rCMi^3_D(b1$=T~6MKt&<5aHkZh6fe27qgV=y+XU?9d
zd*FAiHoCJj#?RV+2Mj{S3GDJ|a~KtIaBg(xkqVatQ`zT6OOafIO4jUUtY6x%Rua#Y
zlF1Fn)hI5EJ)wq%#tL^^x_eE))A1^=uwN_lWX8|EatB|3aD?W`duUh7PaOCqb4_ea
z(E~lx_2e}h#-{FMo12xvX5D3-DI!!Sr{L3LJZ~9irULFhM1AumyvK+5?voAv^8E$c
zCk)Uz*!m4JW`IT*NUc;BfXR^b;L6UWE*BWR031?gdJ2GDu2Y}Oy%laDnvX+CE{%Xy
z>h8{l8BN<s@fJ1kfBfNd{O%tzU>FZ?-^Ooz>n48T4UIdq5Af)g#=|>=8?}a+HJ}3p
zbuh>5(7TH!b8AUn!y~OO@omEsF0370u+2uJ-Lz2i+xXk}6`r22Fh8imP-mOP*#9`I
zcO{9x?n4=7{QS?ojN7*kQ0wPlZhic~NYSfU9mx(6Bs{M;T`CsjpN{=wACKUGngD-r
z{c1g63uTWE5C&i(19*Dy0uRD^){P4i$t>%~VPVjNz;JHJ-5S)pn!58z&Wgqm!$jIk
ziu%TxOrRzq$^f{yr(Mu%@%J)V?1*~yQa_^<zy<w`2w6f2&Ji6GCzg=|5fGQFF@GYP
zZZy_sYiu?f+`4fO?>ENhldAN`=Uqw{Uy4|&_&(;MK~<UM+GhQB!D3rRQt$nXF42CG
zS?AH#k%bqtrpcaCqm%pf3b(z~^Ez#(|MYhhfR}bg^BU7-_{otXo)Io;ZJsR`^F$UZ
zLzxu`yh!pw15(Vubf5qZMN@t<q$UhqRKXo$93x}U!J22ry=GKpijsb2+8D?~YSICz
zk2Z|gj|s0H8mw1K==BQb1(SL9S$T$mre@T&#(Hf~HyxX|S#{ZIRYjPeo<iMwh-bRO
zyNd?xt(UPpeSp7R5&rDG1<rodfN&0AVHbT$xU+fYg(6Vq<xiCS-B*6Yt2%GcBG|sH
zUNLq<qY<XemLq7WYRknO%pCAbkP?Ug?JfVI7>}PD{M$eH2>%wqOdaCyeeE{>n=dN7
za{3If-&^DD*D9PGtYKCg(0m4UG{fw$a#@3<XuE<mht~E*SI>_T2zG9s8VZabJw3or
zpDU1B`5sOg-w=H_RFHbkW(xQ3%`ux9tm>w7nvBQOZ5AmxKqx_e00KEN1`PZESb(U&
zpfUk}a5;0b2hK+~bR?S$WM>!Sqa2um$no=w&yWR_Ie|6?f<5aO+y=}M;FEcMGW6Yg
zXmWPiunwZ^KDW#<RMzFw#X^8OfS5JV4{LO#@OLgH8gUN9#rH%ENKuS+NT&~SyP$z!
zrELvfJ}m@bvuU9l-F-LhO#lrDT4c0GrcKtl*GD@Hjo;Cn(KoVCLDsbE6IM`V5~TZV
zc&yv+I|YoRn07E~>+;2ApXIlc?G}KSPXFoe(Bgml?N1@+y$62VZbtwf?d%@yd;E&k
zosmgq>o?ps{CJuJr-Of^Ic*g5;Z5zQOS%{+&$Ok5&T@Yr!B?t>KYBg@qgeUGP(Q|2
zg}KZFVc0YSI6XYTqq)Xxxj?&K!8G+J$LwWTy;d{ohOydcY*rdg!`Q4fnvDh#Fq_XY
zfABI^)d_yEXz`Icfj)T&KWpdsi^USpe$oJVX7kS#l-1x6qF4e#P^m3~yqM7&V*98p
z+a$_-YbstK&?E=U#3TTjTF{tTkzCm&zjFkpWUzB5p@r?m`uBhK9RKc58MBJ;jW68A
zciyV-@{Ke6+~<L>yb2sQXQ)>jsDl~Q;oJqxcMByH8|*o@El<L^^B<1~*st6ZdFb_=
z|F^CUnnjCQHNzkOpvIs5h*2rw?ne}uyHKC^;lA(?{29ae+S`xt@cuDc)4*^m7VdPh
zB6v>PPLu_K?3gu93riHae~L%}@962lpZ~8kdr23RpfGAf0y&Pxa)=0nT-;s2ruCpK
z4p0xW0R3m>gr%a4fierWE-dZ^{cmE2j=>b6fNuGmuwon(a3yf!Ak1CND^$+hOWZz_
zc_N%4OOfjgGie^;t=AeaE(B!5s24Swy2X4p$2&h+p>4$+B6ItqkoL6bGbP%920$Wb
zg&Qc0i-W4C$qG;su`OHLgwoh5Wm^a*?w<>=d`13~I>ryXbM{m=(rpf)#x>fmC-5UW
zvHIQ}1HVEwzYlfU&Z}iY<(SK65@Q9bL97(+dr+xJxgg@gfpAG($q_h<@mKzFe=0;(
zn+qdsVwo2o9v4`^(N6Edu{M(e5Pp9k7_ITfOSkc@N2jRIK7d{?VVY*=`F*9yhPlhl
zYg@*qHdroOtkwo?W3XuqOk<!3IJ|Qg^H*NNJNf{B@wCPU_wkI5@qN?a@v{xo(<KOu
zN-4}L67Fk~ZHr}?BB(rmEa=k<g7t#$D`x5_2HlB~i%O;kN}M<;ohAo?ANzL+7_s3y
zUdsLC|5E~t*jIadd7uq2BnC*ai^=$}KUm>E{|)2#aE5QZafG)Y8GPYB;qQOz0AGA~
z4zpQ9&%4aP>aYUMIwp`Qbn#D{&qi(qE`YYNK0qD@c)8~@vyE}kFx4&m=;;wYeEtl_
zhgIm_>3(__Kym<(q5wZ_H2%)FUc;*|--OoZFx+;F?!e)7O!Apu=%rVIHC%}^7X#y!
zuyDl$u@v+<cK+TL;z8!1k1qeEhFNupA|Dj7lVSH6ee$KM&qhbj6dD^Q-?iWM*OU9b
zOPdF=4ddg^gsHEg_St?Q_RC%4BOfGwQq%>}d$x{UL9k~8AzVG(9Ou1h{QM-HQYGLL
zNKV0jRv<JYOOz|Fug`uzwx7~OEL@H$lmNCU6V0)ZQ~LBX#n=}T`ccQ`ug^AU>lUv+
z`U2knL1!99l@e~AIoICa&_&r{T;+iuZ+Ad6Gzbzfn(H-)-3o)oRCq?ypx5PM8q|f0
z;py_q|5X`dl`}hA_&fk`xCegMV><?LcQ=b?w)FH^dvG}u@8cM71H0-1DBG_3M@5HC
zmkpJ-Hp@iLCi>0%<TOgtai-^j%BYwxTJO9#XG<CUXh3*$QsGNCXK3GFL$8(}Ym7rL
z;nW6bT7%8TV6oCzt_<3ip<9hs168GPc<%w0_g=*xpBemcO;|5);we}7X<eg!PXjnd
zMZjSYGA=+}&~vAvp1R0vMH+1+1}p;9Q6_kNps$Z|{dq-JPyopIs?1H+BqwW1c27)&
zf<z3)y_`De4|IK8oHAz)__1J*7^+gJW*txPU;bu+Kl&@+*8k7my9G&-o#$cSf3m9Y
zx9ORl`^?Vl4U1iXO9}$8Btd{df`r9@NRyOpD)=Hh6jsQ7w;c|L9_i4NAN0iVgH44M
z4$HFT2q`Fr#EVFfAg)U+c7erWcd_@Go!Ob`>04Fh?fibotju%yPi9tk*G^AQ=f=d&
zbXR3%W@VmpzW@9F?_2ESPhX92`P3Y~{L`y=;pr5M=_c|xD<dL$P<;jTRQ>(1g=52g
zyxh#xv31M`uU!BDXN+u=K@srYmcr||BlMJ68>pqj<9}N&pX86#1j5<Vvsjo{*coP}
zqoM%z$RB5$7f_Co%eY`hhTWE9)KW<}OK|2Z16{)whtaE;J6L^nW?{i}`LsC(c5E1I
zCa=Cv$;cI~9YoFkMb|~rb}nU$XlC~N?`lI9$HCO7t}xYxEVWsU-6L5?S2%o|L(>I8
zm2Mu~$?#hB`UVwM`K678U6$=)n#Gz8LQ|TcXmh0KJ|IhTq@yCZeR=jQHlqkJa>uRL
zDb0~RPS@%ZZl2ORP48`Bj9Wll7siabFD9tdilZCo6I%x9Kw~s@Jx69xmIE_WyPL+q
zZ|4N~9sg}%YQV2-NbTMi6Rrdu$Xl`_JLCl(aQkx|_N8zPWL%O&`YcE8=12Pp12a2|
z5Rpb>k%eqyD_ttCodJ~SyZy^S83mwPQz_<$o7j$r$m3DvP&ZAmH<oawIb#&(*c%jJ
zFV8h{4dh%@NM}x;Lw5cezPAg!bT>wRcM<n8V0)B7@5M!20ulO=a%7t%uybY~pQ=m=
z$O2Pj13VYB2@*~_TES)k-53YgzymJJA{w{YR`l*`tOk1l5l}z_$U>&3Oo`P?NMa8~
z8GTXg0l^vs7K`N`7^5`Dci+tMA_3odOXJ)s@VB1az;FL-50_8fMc$7K25_c_s9)p*
zRyOJGun|^lPF7LpmLE4@MV;ly_A*3K4?n)C@y#D?BkC#N(1mPSSYZSK+w`Gy5WIF}
z9ak<bBiAW%U9x=^qdZaV+!=+<VT2vl$c}3;!5?7AH$5{F!L5_)9?}}DnX*p<q@iY|
z2##B*M;00q&GMtif#)Vz3`G>!J|tZ2w+>8)Jx7orowl+E-A~}~kZ<$=n*EM&;~B<3
zvD~T0?GW0j<Jz$f+?uy*U!72%pZLC@TXy&M^oPmdg_)5K5~QOPQ550!hY6Bot|soQ
z`i)`kVm<SA4U$a{2Cr&80WO;ewCy{^z5Qb(w;^ksp#$uf4s>WdsR5QL_nZ#vce(_A
zkJNU;_#HOrV_jsAbb2v$)-TiK>VwV;EHA7UZL<J5A;L{e$0R33PH#j28j%eE!%U*T
zf;1OPjVQ1?F(|xXKLBuS&8=~6WdWbRvWjf?2J+z$oF<dcz8#zw8Gz1#R5Q{f$1u*Z
zvzKEq$^l(4kD3&6t<XDr9?ALZ_|_KV)y)x-4-^JDu$T6MBn1&6QiKS-deXIAG0Fd#
z>zY|v>dSq6<bfyyR63J~)!a{LH*A3`5p|;;?9Zhp)0U7!sME75P55?@FkAa!tDr+w
zewwNKteh1Ma3{$?>)td~v4Tn!PtwiJ3^(pEUb~UwkG`AXGf%JMcfQ!ilV@&YVLrvo
z96^;K@f4|QG1d8wcO{!mY+sup49l<0V@958Xj;UFgB9$K?qF^va<cmzXHN=u^5i+=
znJ3TU`qfiN^8{LF^>q!HL`=F&ahGQy0LTsvRuxOQhAJ@o{v76Sj0V^VyD?cWBDU0_
zOk_BL!W5KNM_x%NYt>{We<a6n#!c`s``zleiMn4As3n~!&0S20HFotRFVoM3e6<p!
zl8(C1rt<wH<f+PnYPF*&AOf-d;;2>ybxV-D<Pqbs!w-?c3o~Q1n;;$}xVUi%ySF2x
zsV*Fzo!&lj#&)t$j2qwMx`UIr<~Wj@*f2+4`Ep|XO8Y~;()|;31#ba$lxK&5yib7N
z3Gl<h^upT#mFw<Sc;&*YsnR`R{C5@ZYR#;TujVSliaV#bl1<1tnM$GNm3oQcf+Y^J
zBFx;d$Tq9Wa6im3gR!f|-0*vU1S981+yQh?ZvDj!oSu*H)2C;VzB@uT+=I>zLFQ?E
zN6bK~HIhVQ7;EefbL<T==$wHl0{7;SDusMy4aub^@Zzq*D|ZGMy_F(iLaHMm)1^yZ
zWI3gQAQ-8P7u5=;onMu&<N+_2&4a`A*^Hsf%8|gpIn<s5`i%Yr1=&K)$?*$jbh^K>
z{-FXuvWWxYz*`)bxyob2WYf6{;D!Mj$DLUPEu-t-m5g9S3SdT@Gj41$KKf3Kuf06N
zlb2TUUw&mCpFH;wPOqg{SjeDz1l5nABIN|bcVO_iq4pvuSJC0M;KKMJ8)YB>AKnMP
z^^?NXrYI~py+2T8=(ExLQ$Y!P^gVlK0jJhxus0e&b6yv}_GO6B%n7iQZ|bz@g{7bD
zKoJ4_A!yoCzfarzlMV4K2g=ga#OR@O%~9$FCxcP<@6~f)aSUU3P2b4HJZGx1{VMj&
zLNr{-U#sISQQ<gek4#VrDiNa)6+s9(hgK~FhKs3X#A1f3Lpl#1bcM`Y!ij+6&nkl4
z55IbRG&h}Tq@xsCYb?#3#wc0<5ZC>Cu={t3jGtA{I(Y!leUe#{KT)t+^YO@Lo8+7n
z=G569QMwOAB9(Zsy0ibHhJ7;?eSVB)1D%5bzZpDY+an76Xntzp?I_|LCY$Ohu);Zv
zB}CX3+FxYC2Y(2&a_)~B%_^J@cbdT4w7H5}uR<)rC^c2;$dU~Cm!87TIP6sAy8u9R
zU;>SW+!Ezj8QsU;Xb2sTg4N?mM&X=`hWI#R3`RKyaRK&{L?en6Xnp}h>SM65g81U&
zcy*-kotxXp-W)-rRGOBDuaxqD7&(j{Oi*X&YV0a3<k!RP!?TTETxQM&Wh!v}$!7UH
zSsn$Rh$dD}s*FNl`|SNRvxN;e5u4c20LNZxdTrHTuV&d|Z5(7!8o$&`;TQxe5OQX0
zkAS~<GsVllpWyQ8Mf`)WEZ}cHeh*jAB$%5^k@XZ*zhD4KQFFhr+uO(8S-vKj=lJhB
z)yVcTD2i}nTj8&NxQWQTX9-@GmuD<QHp6iG)FLilSOg=5=Cp!Ft$>fZKcnH%&~R6-
zVh-2{OZUMa;D&-5<D?<Ygw>y?%CKZ3>&^s39_t4u*Ux7CSliiRcCR2;&Z=xgHJAvC
zK!y>E-`^(-X2x>Q`kI*OgQEP=l$08bXhTJ>9gej+T#M=Po?B?^+MkTx$5P(ShYCK9
z9$HLB8InN?r3gFQj3kDk2$B9c0urLmZ7@=SJm`xMGH{oseQE%YZ6sR&;F-tRb}k1R
zs}AFC@z}nw-Kp%5e`wqK3GjPla39tHEKg_W45hRE-J)bPv<KD%`-{fx$To#OqcN++
zXx_IJp7Q6i3%mlrP&#4?NMkLa$5Q={g)|0dX+<s*L7gO^)OenuQIUdl#o}xa&tF(U
zwtElRXox(HJN5TT!=`4Gu?so&Mg_Y!7-bj^bC3dN7Z$<GOSs8B3^y+0C($atdutn`
zHwWd;qN)d?AVQQabF=`RGOnXCdRLXf-q|xSiLywS^@A+wbl&5+Ym$E-P$0VxE)b*;
zgV)dlNOG~F^|OL^4av_T!6-OTaK0RaJ^~rc3&Zr;=druv82F*?17tlmz{u;LF_7gN
zZ{N=GPyS#F&s<%^fA$Nj_}mjac;aG$ex3qR1l3niQRExFxnPaEG2l(?o&*;2xX6!8
z^$b4PTSu1PDvBGGl$a{Ext4@cN%l%IPmQOpZQy4<bqQIXBIm4PN~uH5t;=}KEpE(g
z-oJ(;WWCV0!Joynk)1lhMlT$B(XwubTFq*i<|u9kpX6d$fHr%CDlz~8ne&1nTjl!u
zCpV|i=@qxUz{r<&R!*pF0MHgsU8;?j*m!1K)-HtO<OmAEvD0wq)NQ?dO~#x&LE*Tq
z`LDqP=0R`FK(d!09>iE(Uc>GdVQ(*~az}&Dx6xy62|pSnhCUvXgy7sAOi^IMrVg){
zS3N>evXf1N3^dz+u^-x@VT@!?jw<eNY-~3j#_v>_=XV19j`Ozo_kS+}uralBXD*si
z4}eO^(ew~C8yW0}Tx=$)C;+{hX9;;ev421Yz~f-4o2rE>w^mABrjLVZ?Bj*6&+hrF
zEiwQax0mF-QN6KQ-kLKEAru3vvpszAu{GqkJ}lfkv&s7Vn1M_)l2l_a)))?R3{#E0
zQ3m9|%<K$iE}X}Q+{dkG2|Mc-@V(6#w{DD})O{$FjE$3<M<&RVLeiDX%sJ9bFBIFC
zae5L>(M{6<T-N);>>J5tQ)kz0Qx<muefut@QU_<a>hh>&(#UkyXZzn4s2&$NOtuf~
z#HtvX3tY<b6yde^6a15ZKEmgoS;Ci}&+vt3Q#^BJ1mp>HpP_mRO4VRr1bkiCK9<=&
z>vyHIB5OuEEb{d>cY!~7xiA}o;oeC^r4a<#Mi8#+Y<bZ%Gfu7caeiYCqihST^YD5}
z^2zJK<XR?DZT-b$_ufh14}N5wrMA#kU^^_g%Q^{y>Yh=u)%dp5)5yYO!|@e%I62IW
zy%Mxq=0HX}K*dhO>0LD4Lo11;Sqw24kzntejf~mn3k5>1jiGCD-Yn*H-Kp)pq20o>
zs3!k`p@!b~Bg)`SvguqS86?Qk45!YXMVzi-heuH3Vx#yho2))u$;U(hhQ(D+s0`Z{
z@z9k!qsB7tzHDNs36&jQKb@QnKiOv#>*=Z8vvUB>F8=-BqrLz0e|%&@+#f~8Z)Tc~
zo?wR3`hX5Z<Efbg3toA6>2Pq4K}(x?N!QXJRe@YqkgxFj(168(fgsF@uvqO1!_}H0
zAqwovqgL65jT~Nxdq*vqjW&VD^5bWqah~^($D_j7CC|Iua?o73aSmgRoneMytT9Y9
zvP7fTBg}7{!@c=acxlKOET6?Yc@MAO-GkcQf>H|oD5@8dmh^JGIIeTe818ETR?2tc
ztaM(sd5gUoRP|R$B*;ANTh;5XBWj$o+hmmla&9NG*tBt0nOTS#XS#F4eaJ$xIavUe
zgDz&mSq1^EX`)0z(55A4c3E~5;c3+pu`*fFbw8A0kU?C$p1J(HV$4MvFTOFrw_gKZ
zcy<v#_e>98eF3<>v4uQK!MzC7k32>_h+5si_NIRe08nQd=^z6m!o6e}FTSx2QbvxK
zD*qUNCn}2_%8`7QcirN`EH0g2M%2^LaaIJkTOiyl+R3An6&b?Lm_QDz2RnC<z2U}I
zIGD02cJd|7uy>eY;;0dx4gSW;3SC7cRB;hx+!IEwAdl}^1CXJVrYcaC**7j?mT`SG
z`$djYna!|zlu3aAlkK`v^cdGN^t!*X=oX|}2WfymHk2dgwJ-{|jxb~F77Eloku?r0
zC92wNAE>XB6hI%8i8{cJgr3S^P(z>{g52Uj1HPERYwm$<d6FX;rT~Dw9YQv&ojZ%?
z*!)xfZ2Y{NEeYfrdUfd9=tjuduV%-p%MD$(<(c)r!d-c^|7B$mK+?hY--aVC(5E_s
zKc)4wZ_M>aEyVp11b)<?W`CdR+~3!_CmVoxQpDEQJ>dx?p=8_k@CurCZaQWTOd=#^
z7uEt8WkVxLD`UxJ!hIMrm*}{Sve2;+Wbu4CC^t$rLqsAqz(7VnB0P6t1+=?~Y&e8Y
zM&O1rvDS=CGe#+6ca&pqlp#(Tagu{IFuS$_Jn<M_*#mCU9PUR;_zA~|Z^ck5L4OR^
zs5V_uQq~@*SR})EjT51u+#p;lt4|JIuLIl-U_%J@*D0S?3EsVO-NopC8BeYO8}!l*
zqB5*789#dwCEbVa^QA1{#SQliwfV18hx)DwYT0DlDNtx3o7*O;La(96ePdjolhFeR
zR_OH<dXdJrUmM`X*9qT!a}Hnn)GB`K3mPl4n?R;Z0~nIOm==)N$ObyU&*L0A)kyOQ
zZ*8t3%?5SR!IFJRCJ)M62x+Zx@!UE-|F^CpO_L(Do!MviocmTaF$yG)2{yAeW@3#I
z*aHquKA*6_C$|gFa-$@}ozpfLu_7W$z{Mue@(OsRam&~zlK`a)vlcURkXhAH<&NRZ
zI9t$GOmL+<7_)^+)ot|b$Tdk|@yy9c=qT{#56`G9_>|Wzvdt#d;(Or9Kljhlu?K$J
zc_e>M<?e5K02?zS8KxNSjIcPrh;$TTXD2D=9y6SMOz+z+pSGKC2U_p2R-Ar0(p#~J
zMa#o#x(n9I)uEj%b^awc(T%}@U1^PcN?Okn_(hKr3VKu-zbOH~gUUSH$T~Z$_s|E0
z;L98%lc1K!U!yX2_<RodmXhodUnemHK44st7OR{gw?xxvlmh?|Ex;BM+6!D`-yUYJ
zr|{(`PJ_4KL_QoqC$ZlP#6YeYX~x)#b8HPW3}TH;Gjz@%r7(NxF?_Ic4&S+-V|%oK
zk2GUzlmfehI$w{JFTs@LoE7V*{Jgw??9=a;6U<r!MlUoObd%26v`D>f6QV%4p)zT$
z!iD=WAosGr)ixW-kXfG@Jk9a~fL)vMHoX!FRHPkV%+9LWtT(eF3-lH25Zf#u5x|6=
zQeds|m#>WQ@>>zU`C1>p{e|=R;<G#G=L2A-2h~%yc}fS+=Z3yB1lP~f%`+Y3;2apl
zgn#|b`<ArTjBjvze?m8vW?+474o_V_g-q|%Y@gZlV@ZbFRSO~9Ye^KXeljCtP5^&G
zqn-sa#9xzTsOh_Wdg0|{aTn~mIU74B(V5efFd994!smtLj$&PoC37$Pjg@P)5s6ZR
zOjuym>)i`@ILoR|VQvXz?8!S}H(aSRd>i*LcAfUS6pW9WD3qCz3=*Vqij9qP=*4Gn
zKTi-vrJ{h`mI2ARlkD-&iKq${Z9i6O;;?oiTGSq1ejxc8GI^Or2fwIOTUQs`sT1IL
z-1$C2e`?K~Jgpma{Lr$c@<D@<)ILUr4(|xCf7Hy9xyAw_IBGN!H36Voxg~!kXuOXA
z+uGaOCkHT^>F^c?jy?m}@=Zv(RjxV8J^_!<X3$Ao0KYQE!IW~2QjOhFj-5e{IMc`(
z$e}=U^N6lLg;#h9-@6xMur-VOX@+c+KoKFTVi#=2tuBNrL;B)6Z5j(^xIyYl0D*9r
zJqP$TuzKN2sGkiffjg2Gt89Wko878czo;|6#Aa3YVI7eN`s6}`w6IjR6jRsDc(O#;
za<HhSO5AYYOOHA^iybFdjh&(_jlp4M=rMKxE&r~K>&0A3t2A~-8h`eEjqkrj_=Qie
z;2-?*BA&c(AH7}<>KDC#V?%~cOkbO+ODXfr1{qibJA4MOeXwPm1Nj+#mLo0d#iMcc
zdXd8V>MUkva|}jV5#wM;+6gk~YnLONx3wcWcVv5&Vw!CbVnHz{tIzD)G#xHYvzHLt
zMAmU|?Hb7}j{8J%KV21^V7<5QTd&!4w@<uAlVtQBGW&qlvS=aL?xy4LAkD#;1Y3IQ
zJj>2lLLq0zM*WFzwi9Zh2&L(@0yHY-2d-r3#Wj0a0@=H6I@O5x5)gna=>zc$h>|LT
zhYb0q)xYaaH56DmHMn_)>Ua<GdP;48BB4fy`jHTg_uM(gk)a<DXeymgDZd>kiJ(Uc
z3q6XAU;p7@{2I7D&t1}%QuCybu|1QbjsIf_d3FFujVEBRf3mTQ&+=J6qIL$*<ND+j
z`gQ}(fN4!904QC45H7FIqrdYJ^k{%Q9ztu4JZFqD#@;B$&M?EyFe?@*Q4bmQq0Vez
z_tKO2i_Hu-?&cVAj!~w7bR4Q48OAH)NzrELh?JAT=df}l{LBIv<TFcxQ3+8Oum`6n
z)VM7;^jy@)fm!m;t{GgVBJ@g!M^*kG27n|Q$5r?M)&;AYwe{8Jx=0}_zPDVkcr>mX
zYp1Q09MnY(tRy+IRi72C3$2p#C;JYiCKG7&I+~r8hCHxjL^)!Rt}_FRKZK~v7Q3^<
z__yDP@r@q>|M>4-z?VOL2d7q2pr@gF%FkhQBTe0mJ}L6F{8=97$TN+c2`}B4N0x8b
z*ITf7H<?EgvZR<b*4GyCh0k3_o@b@ZGq;Bh$1RpRg1rzcYpN8i{z@m4&mZ?~@MqI`
z0Z?JYJ6Nop)yGzYwmMpYELTA`3{2QCcOfI&50)#l83OOJcSc{L841B*ulu_H&KxMn
z&TB=tUN$!}f*YPcQ)(M3VzM+JqPsM-am`Nw#{8H@I;2U4;qC~tGqXsC5w`9Q3iBu?
zBc9JG>NqUFjq^HavAYy-r9ya91)e(ou8~p;91FD_;KA+y7Wvaq)ng)$(dK2a*3%4e
zKVkeH5#TpH#?NpqJG}aeFbXtei%xF(LfvFzp~sFxjl(XLV3H(F0|NU&2`!lx)xuQl
zA+k+!to{*(@O{;iBZ!Jmwm_;q)^Q^vC0-)}dW!IsPo76FdmqVg56RvDTYCw1M>)0!
zIR<f7Ok?v47)3KkH!kA+Q<w40j|SL$KPhth#{Dr>@1E;uMlz5iC4)U@AJvr>Vi!V{
zy>_rC*{X*u9jOQ^W`Los`>q!$%*@Q7*Nf1Lq7u}pN`}Z_<T>Na`YO(yJ&UD<MVwwg
zg(y<B)Qt#pv$L3+U#K(iU>e-m3;Vsj9pqUCP+|FhcXJb?IKk~Zck$tew*e~pAq%ez
z4Q7oj&k-jnk|Z_2VX<SSsP2_COf$@TviM&7F@}wwiLlW$*=aJ4VfI-M<7T!Pbau=v
zjA#gyMlg}m$hF3YTa5qt|JuQyytIaY{C6}yad8ui^BE8kR4?)YpNre2xIa_wnd?I4
znK81whkyNzO{6(2uxH!58-_2WY*09U?wPQ>ID_Y(I|t2Wf1jzkkU-x-%hIL{5_aE~
zh5HCH_zPvsIjmoxd}Uf2g;}x&;=`;T+M_&qT&2xt)%}4MGw2B7O(T>F@CDpAU1rWV
z$t*!0`|c@T;g8*-C%Gw$PE=9zm29o^@`PZ^U|-GR&;9`2(W3>KfpnN58N^s$IfJ$S
z1>C=#B8pUH>;l82sraL8!zT9`Z!`vT?{4z-=hVQwg_dvaQ=!`|+@0+^1b}xa@SofR
zr-KfOMWJ+RxDRU$SNa6_9gmIr09L28ZzF7S+NTk&w1jG-JPG>;?%ww&vSQRI=j6r)
zL!n#450(;3pj|s1nmZ}T0(r6>xYP>>Uoc7m8+z-tg^S`dOAOrJ!{DRaxN++~Zr@Ll
zq#FI1K4|qc?nQG*t~`Yw=y|+!dlx*|18X*n9)y?$LcOpRUQ-yikPP-ruq-itfS<!d
zO<bNWmo%44F5qKku-3KwvV8UY+$<Is7BDl@N54M<QVMy_n4e$3#dGIydVLMcOG}uW
zoyW|~EJ#IQrI6)CaD62&gdt-q7fhrG83B7q+5baanb{DT3}+d3J$o86^Yt}bT)PA!
z;F<EeM?Hnvo`O=0JWUWMBW!JL;e#6=;^wV87z_u96hZ48aS~&1Zx7o$dsa3gDZ_B5
zdgAKEofUd-hI$)?9CE>96Dvio!y(Cpq;*89yw}Ge@N6)ER8jJArt!5`hIr`>g@5?f
z^Z4>}cX9nf28|3#MZVnB#r=WYJ}^UPjBJ>JbH+B#;)A<e(9E^GIT-9LS-_9kVZy1k
zd91D|q<LEP_mRoSp&9hGN4$q*=yn))<+AFUQORCe28-9k`au9<0yMMa`nL3v48&*2
zJ?qQ}U&d(Ad}Ak2D=NY`S96ReMMb`(J3F|b*2Hl{mf?vgF12iUd0%jd_c49DI6&JY
z69Na^m<}Kr`%Joum!{YU4Fz?s5f750?IG_$(>#dMI-9c`qpQEeR=Jn}uA6B}m#hcJ
z64iA1ac>Tu0Q^C;1(r0{ZPoXwEj#`BqAMl2&(GCbkmw%Twt6D<d^FB^d1?>FR5M3f
zwCD{#>K@;YR?s&QfU^F{-e1`Ro#tWK@)(;uY_?4Eda)#$plXVje`hYJ2~w6KdFLf*
zcY?A};}`1-Gg!QL1AFhkjkn(T03Y0mF}pYqI&&KD_m;7B?kZj!M7Vip2<Sm+&Qe(F
zyL~QhSUM>c&fp{0*4hm_7Z^PfoW}wzEL&iYEMUT9fV>jujcw2u7v^zlZ58u#^O%{L
z0icj%8mHD)aq+@=tS+x&d3hNs>LW>kL7YJ|Lo*|0U=#zC=*o?dO8{ArQ8kp*3?rJN
zKJRglP^}0w78fO0P()Bs8U9U$+aM7Y{c8XyV~kW@0>>VrXc?<#R<M5dDt?L-W_k+!
z9+1W{wzlu%{SR*7?e{-Gj|h35VK^M%!`pYTyEiDlCq+;yDi=26#Wq<ifs{wcFinCf
z$b`4CfF`@e!WdvQt)fEI<6bQ;Wq-`r8fpA5|7r(c`~EWi;a7mqJ-Lm=`51a!u@}Le
zFg$Vnk381UsRnDtH-8dgl#&(LZY=`Ic|HP*iTT++zVyQ5U}VrbFZ=ttfj;WI=rLc(
z9sqQupEbB5%k0HtX<2YX_Cnqzxo7#A0lBB&<H`Y+t2RiYGTOmC+-6oW+-EJm&&e<h
z)#FU_oJI&tECR+x_J%{iiG-ZJwvLLf*$SrYw2;PfXPcLYXUo$Z!>u8DDuPb?_~`D)
zmTpS<eN;cEc81?!!5*Q!PH2{fQb!0)O$~fJRaS5E7n(t_jA=CEP1)RK^+f7<{I{t|
zJqZORO&`l?n4rTbzjo@=Yo0*5vVI1y<p*^(d`7tFCBK=aema&BFO%W6*U<0B>~~*C
z=gb1YBW^gaKqLgY%Mk~|f8pv1@^`+4H(z-j_w+pC>(}slZv~s{7xD6Tj;)VIP{_)~
zxANQ{NeWMQd-&k?IqVboiG-0qA+bRfaTQC#(0a_~75D1m!U8UwJB!uj74-YFNOE9t
zaS7+oZeVG78T0cC03wW%9HTgg24kohgUuA0Q)p)7y4bJQ1&ADbj%WkpjC<C`E{W!;
z71BRc?td`DzNxn7r%JwAgFq^Qo>C>#ry>w>2?A9SAw>$2B1EOBNkoJ=DL|r95$2XR
z@XT}P@TuoNgPDksX9>2qxA5j$?_hU#2YHs@-sXMWxcOnh3KBs@Q6UW_yPwZw0nNO&
z`dd-K$cIK2klAB*o2i5`byhr!nv0dGD*yl2KOEt`k7n?nfAJK4^MzepTpxh7E_1g6
zH7NEOLDoPz$dD%*94+9FzqgG+tShi?$voZvi0pn9gXy22jqus$F9MvG{e9ZY;37yl
zs{+s0qV|?VgCh77#fCCD)WrG)*}VWk;R_q3m<bz<vT*Ed%ouDMD;ZHKuwoKe?ki_0
z8o}HrHx#0LGR3;CX3%^`oeVXEKXf-;GfkItC#KEvF6D3*E_YoN98vR^bd+MW8)JTU
z9vjOS@ske|P^654ocT-}#XR_CSBE0WZUkg)01*wr8chryb)X8T2>RTfQW8MuG#0;A
z8^Kh8--*=oSZ{<S087)^cNyOPF+o3Tps`YVn`>0vrm?_S)D9V2-{X=JK`EqbWGDeF
z^My{u7pBEEhd~RAw#V*g8@mZyRQHfrWKd-Q^(nQ5-I(#p>F4koFXG<v27a=eBK|0a
zf<{lN%D29<)c5uiGG$RV69~xB4G8ssk+{}p@y=rJ!WL{^u`r29;mXBxxOo0N78aI}
zYK2JkaqjE}mX}u0>(3xg8N(z+mND+{<+!^ufaXH(qctOA8{n~KXt0xcNEMq)7QiEm
zF{@R7WstNgD*Xk(E8`1@JjYF{(j*C_Yqq0s*wf{H87gN`L{MO4Q~*FK`}qn6uK<He
zslt6#0RtjLk;3faIzILM8O-(-I7@MVdkeR2-NtaZhtXgUZ@%?5-oJ4RS(cXoQ`w6e
zqSEDY9KNQiaf+-qRSJ^sGSfR|!0Up@7}%4+!cn;xB`y}ys+4|m+5a~)qjB?IhTs1~
zjqm?t7XRqi=JEWMO;D79B4zj1cz~~du63r7k8*I%*re0Av9*I-15rd}|EdaxJCF0e
zs^?^U_{^A}>*MsP9yE`jbpiZ{npi#($G5hOEB4xl-S`}`!_q6fG-l^~89llFlMa*D
z%=(!`o0+l4))2`qtQhA|mN%DTf+n_f!gV0LA+aQaVult46I4m&sWN|o1wPHTgUSe|
zGVLn9XT=)Yg}P*bJq~pc)JzdOJ(6BjgA|WDah6|Lj@#CM*+>$0G!!|CxQ{g>8Kgx~
z2z@B5f@r(={*)>+X6ul4l(~N6Uf$yG<8{570zzrarK1jiKM?<Rpd;_ZBL+`VeJsbU
zv@VR4rep270$}k3_#M-2>39Dr0W>u|FEKv89>35-=4!6Fo9*;Ovqflv6cH90P?OuR
zFJ~dytV2Tum8A0}W8bnqM-FC}bh89E0^3{ZNlYTh_JLs^GX2L}8Ma1O@!{eeKG;ja
zTL~01dJzGvj6h+om^0fx8GfIh*Vkt-JpxGdsap|Shf%#_OApPMo$ce=)hoDi=@MpV
z7cqz#ON&cbSy{o%Ou_EOafUd{v3Ea#&PT|#MwT<OTo-KK7~HY0v%^c~s$vjmEXyR%
zxRI?zx!b!4kQr+M+X}q;`*`2xrFBeSDyb;SSOeo$8h`&)pfv+jC{d9UL#dJ>ESW<U
zF``l?nj{5VxUjU2r`FD(7ZK7V!SyGf!QSpRM#Eja_0~K1;g4P~oJFhNP2)~3SGQ8#
z*;{D2Jy?)kT79rcHM3g*L@pu7xCgLsG#vxNhzN12@yCCY;pXNHe&>rD_>IqQV{Uc;
zit786&Eg5$#hg6R$ddw;{l$+oHV0IIJJ-Ag%Kk$HG8Zn!DfW61e&)H$h<b&@Q*&nD
zK_So=0(=dOpW`25_>7Rq{#9l=Cdd=$zc84w+V4b;$`kLKIL*x-3<yKGY1(k&)7ToT
z$1+R!u9?C(Uz3J12TG8m8mOC~rRx+J-bF*=P`IJ6tJKq<UMnDcpt=9(Y&z2zZjS&E
zvXt=QjZw|wo6NoWGiwsC=g9{g(|1_>+o1ryPI2l)A6pM$@DQ{vD@#*3h8X~>OTYV1
zY4>0J_s2~oeFFT-8Gma1eK6!}4}PGa@Z_+s{dTi7HoVqka<Tz50|2Y`IEmnyu&kl4
zd-ogU6-H(j%$_;s;7X1VSd_R|+gsfE=kQne2#M|kd5Q=OE*ZW;@l!6Kt7^Rq9GzGN
zDVBlAS+tTrs8a(~%aA+HOQQ!e?6R+3zJyOa`2?1h))1$Js6U5=g#`c#bE!s>=D53)
zBiB2~GDe!`$Z|%W>jDVz`2TDXkqoMRXw2SAA|YFzyk)tYy{0TVkPGbWg}nJY_p4U6
z&13yuqqjto99awMQktwwm6t}2Tq~#&6e=R9oT1VZ7%IZ)Gv{#r+yyXaxcb<W`0VFC
zk90J^4_<v0ul(@GWxPajEyo#r4BMTRp*$B|8w7gZw*KVnNeRt#Z`2V3rDTW4ERHUa
zi2`9pF<yNy!9V*qjBmd_kN@HC&ExdqJ*b|poLQ|r2d>$GY?vd9bI{B(zW$>jw)S$U
zNO1C0^&czBPmvue4@NIi_|nf_hf+Y275RPa$UH@+4}mDl7RJvSBbvZpry^Xl?2v<d
zt$~u3mG8z^?OCq~S(n=S7dIWNfC{TRpd$x0ds9hpuXLBGIzVT+^4cagk1F6B_C=i(
zShaI}lkTs~+|)Q$Tb5)PZjaE9`Z#~;3f_G^shK^=v`N`c)@FYn8Dm-q&hP=hhld4D
zQfsw>?f*Z>jdf8loSq_c`IvpxC&16xqN&L|jXa?vvoW{A!-?2G(~+g2BI(+Td+(J%
zT%b43J5sW(wJr9o!3vv<-!a0yf1U##g_?~}=Qsr~q;LL0EZ;Gi)&+l6hS3(fCpOGy
zqDt~)C0(0f!t3KBBZ!#-Zk!0n+lBtg^7<$OdQlH5QqZ}^#+lQ2{<&wde(DU8Tp`UA
zW@cvqQs^m0oaWfu93jqfq-l;U*A<&L?#mm4JX?-BKC-b%P4jH#x-F8s8h7)X+Dn~s
zNyT!B^!Gtz_Yf)%7?e^{6LgxpAv46gtS5n?IWLT4%AUbIXQZkyn3-E##?s0Pz`*Hq
zm+<pH{|ngJx{I%W^V@j$gPYJ=BTe&q!CV=`=vsb9_Tt@Z4+L3p4k8M++!!Ttkje}|
z1}m-;GnmmM!oA%bfAk{b#=Rc?r{B4Nr_bF)zYjMV++YJ3*(e8Vjk}{&+#4ofq=t;s
zk7=mx5h59k1BiNr$1X1d(9oQgMFtA=^a&u3n(iQf-r$B7AjwdLsH4lL96#s$(vLHc
zi6<c=&zu{a8X0-P?Fe@dl4I?O<{mwui&2bk_yxzP1|hR$r+%x0NR@@_Bmiz2-}jRk
zu65yTAQxCCWDAe#ikF!Y4-)7+M~`N)IC~Djj@zJJ0zPF{--N`u$t;)JzNe#(684><
zM{Q9}4-WiI@lq{6P)hRz_)T?F(*%BX$mCIZ@|~*9fd?<st*xzFkc`Q?`w$hzS<Q_I
zu3XB`QK)D0!r3h_q?6w-$nL6+**{Z5;>O%?l^s&elE_sHFbz^;7ryF8f$E!(muEN@
zD%Z}M+Da96q(U*?YRvTen46nLL=ooZ=kTddK7)(rF9Mjw?nr|aVVD!LTqDUewns6N
zG)FQ9dRdX@rWw%Vm<A#*8_#Pu6eOoE%hz1PB(cg_v3|yVYLY)dy^bIfT;iOVb;~H6
z%VM-oFUsk+*13=;DKvk_r4wlp6kkZ<6cch{WVtFp`OF+<=N7QAw2Hs`8&`om#+z^a
z7+?R^ix>`v7z~EUvb=H$Ww>TA(t@F66ZQiD$uYgN$aw{nz?M`|Q~+yy@68PV-Ty}T
zZ+`7Oe(Bk}SeQ*qU`iH~t`m(c&JihvzkD^t2b)}kIy-D1jDEiH-$lq*?)tHdr!YIK
z3z?@L8@qHY4v=8)(rE5NRtUL|!CFRXQEn;isC|#V>^=~4uwMzJ*|#ULD<+{={ueCN
zF*hnw>^{UUsoL<sn&begKz6@igJ!gXhs+)@B)46F_dh#ZmqT~QeNF7}Q9wDIGln}c
zbk1NE;nvN>HY6h>`UX_>?;6zydtPZNgrg;go%WTJJY8^yK;}D+6O!R7sCZi23Gh3%
zThY)lwI)tFiW&>EYQu*kDG4`xw8FXo^9Ruro7%u1{Jue{H>ED8lT)E>3PZHzYmnk0
zSeA{BL)@90rWo5fl{^lhWD`qUd{XRZ_i#XV=Q0zX#8o+drEY#+A>Uk@pU2|TBEW<T
z=g#4ipLiNeOKaHN&7d`~HDcshjwI7av#j`knj_70CEd)+oWWwB4OxG|NC9}Pm@8Nz
zI7&V9G$l}M76+UelDo9%JB$yNEG?1W<VD^wIzU00te@c&3cm#tCfjK2MeBkw(z=X}
zP*nB}DyXOr>h<yTb3cPmKKDHC-u@7O{q67I&PR7}Z)*#K!3a^WR{<n0WtAoiNRneK
zIRH?+59=&ICTUDCiZN#HpC+hC<0l`c_`QG0c<W1R_}woKu)a7b@6@pjx{!J1qYSFI
zgzvwb;m%HueiV6(pXt!*9jC(vDk6O4OP|2pTw(0OtZPIjuzfDG+!^!<3{t3nj>N^C
zABryT{$O%Kn#7Tk{8)pg2nA09&rWu$4wZ5QiRYNbHf5sRRGQ?PvpeWYo~a)9(e7*=
zVrBg9ZzW%ZLu7-F@|LGLM%yD02$#-W#e1)hEVHsIu7%78(Fk-W+81+0Ensh2;IB)D
zr1{M7VSS&{wK)nBPwN`!X+pE56X17zk>8YoA5Sx6^57K{qGokS_njH5QSMX*^D~}W
z3b3$aae`Gzg2(JxcIMV+u_O1gFHc)J&5Y2t7q`;Ybbjs0oa~jNo4-|sWRNb`6(lzw
zkh>rXO>lt>$TItmwML`}XVy<)d3gm&^>Fe01w4N3Iw+dM?jXe=%dvGQE&*PKIL(o!
z1;|VDtdMMKhSuYSyb&TFI2>{oZba>o*KHH0De56%-y|qM$?VB9<g&`@^|O2TC;$S+
zKoCy$opp?EjDT|jTt-NcpdEC9uE|_!6qKN*q8manDlo_t;ncay`1N1Ef^@Wt7hie_
zZ@={pKDu)kn_Jt3`=L@b04y^g?e0CYNw+bW4F$tn;o3&;U&S+W!G>~e0>cr3w1Q&B
z=5CJP|93fVZZ6>;{pu{Pp1xmRAA-&cwvRO9=H3eK4tpTlE#n}la`S}q$NU+2cSG?!
zJbnEX`VnK0W?<w}hKqL-lQ?*JWg&MI5hdzANf&OAJFEq$y|^SlM7(8{+8RCJ<PbuH
zZ-S6CP-pWXlu;=pqoY--dCGZ&m^A!g0yxzK%sZ7#CpsQQ1kDeByHYyJkR>@3DXcD>
z$9ovaeSL6@oLp6mRRHgfmN+2NXettNAcvismluKJPWZDzMqLxdGMM*1OX>|i66@Kq
zd-jx$g-Tp-0{o8YrT{EV6<i(3jct(T{%Yc?5q0`es8WkY$&kFju>oMfbrU{I7oOmq
zBQu!DU_d+j3vHHc`K&1bo>b3j=%Ik#$yhA;D@zt;8EUBBv6q>lwT9LjGrb-zoZG<Z
z^>q;Sarx3^oI86SX|Aw4O!3injx^atlI2KBu$N>SSymXbXs$!iZE!S>H=w|+LXFg#
zpNB?PB!wBrV9{f4?_CfblGyXt2vSLKZ8Y6I4e=+zH*~Qp(~c>Pd4A44MgsV>t`qsk
ziITn54Cr!A9I4{gV+Lqu2`~KYm+-SM#CY}9AK~5i-o?A`zK<I>Z-JD88pkPAQbaPO
z!8QQ2*gpso&~oe{hS&RN0T>>O2#TCaDnWu~jeq$UL)_h2!hic~r}61a_X>cPG18$%
zq#}Ipy$o;MCiHrRrF$jsRO2`Ya{BrxxS~6|zJ%o!f~Ks@@8iZYN*LTpMHz!3l6fn!
zUyi$Gy0!KB1zbIw#$V?BK#~R<8IpRr8S*e~kEb1{i=h1#3(*vlAga2k*c1fs2ilKw
zJ)6Sg_j@eUU2s1*W{@>wv>QWb8pILq+|I$qSOf?F&|>}EUO)EN3-0{w7JFONuZ{Oe
zL%JUaejWmPO%SXx>mAP8NRlZ~TQ2L-Si?@)L*oSaodCamZkmtQvl3jUa4lWxJb8AU
z8mOBqrw0KkWbDEL02q1=c?_Jja3Tr>2fFMH3jnV`P`?1sUkQ=35NGCwLDMj^FzKDr
zvb<*fj3^GJggvqF*RU*ub(w!vg1uf8;fZTkv2l6>syB<%>t}H0^cjp&!rm~!`yY*v
zq#4pIN1WsZvzO(_^Bj3zo4hdm9<=H@6ds(Si=~HSjWBc(01`U)XpqwzSB0_*ZT@63
zYUSs1SuHQj;m8NyupJ@E1?lEos%*zlRHk#b?9c|a2FQeCK~7}FNVtH|1CeA0VQO7G
z3A%I%)oBW)B7EZ6pTe`B`V`)M=N-KF?mKwn%{TGp+wUTZdZpJ88IsTP`5EU*k{!!!
zI`ELS&@#@A&DW133dWg#T*hIP|1SHLW@dmtdub1QqXqoezj_)!|I|I?aUt`h-ZI|2
zJA+%>31)jy#aOCwu2<oPQ-DBKItIC>FXbSi0sO+}AIIu)A9<dX{e3Lle*)X*Ym)8n
z)Ln<6W=qWi60zOu=dpf<o246?9vqvg!IVqTMVkLor7WI9y=-JSx0;`);ek1FvsfKO
z+X#-#^Cl<a!(tWD*rjDgL{N3T?cUVxK?t>X=*Iz@TKCA#JoK>o6w)}xVTe4}IKO@o
zx8ECqS%IRlJFl71IUW;Lnbtynf1l?L#*V8s%Z783y=}u6!*&$#zT(y=dXK0%XP>bn
zv~ZMsw6Tw#s=3R;qZHzP0{jkh=d7z>=OfGf8DJw+zs1BufZ$ld-QLA$2B6X}{A30}
zlgTd7WSbldCCyj!f0Hdu-Qy_rnFPz^<@?wyrIXPgQh`6o>CXH-5>6qY(FcRe{JZN{
zF5~*utDtBBD=TYQURpt%0egEf-n+F|fV?C{oa9JKMlUNv(=8DgH8UTrg+r$B5G$Ix
zxUyKEEhEvr(`EQvROK@=uHi>z^kS_eY-12*06|4gY=i?m{r!`}+!+D$CSX;*C=srt
zRRSL5pA~Zvm7%EUAxb$%Mudx3uH(wpYk2bMPvC?1-o+~~zfu6eUcZb$7&lF-dJ<MN
z)_aaS4n5RP?3B<g`Db0MAwm^dQv61j0JC^&zfbtikB8V9%;D}Yt>eqrZh>>g?RXY9
zb{5c!vT^}fenVrE7ezMfR~95l8XvXBr=H%x!h8>LHUM+J@0BwJ%SznH$UV^dARp#V
z8n{Y<y0bbK8)EF-PjC%kM24|rES~><YG5NLyL63H!y$i>Bo-ncqK$!Mlp+~rAO<#8
zu3;0oHU5%OFr-S_jVhZ{lKh7eljGqj^?{IWEEU2^#1k~nVv;~e;UCO)L5D(jCUxju
zrz3qs&~)$Rg%if_xNgO)KR31AGY5y5BUMTh3q2%fmLI~$;K1q@c`;s3=7MQ)7}E)T
zfAVK=XaFa>(v2ps8sQp{F}X0pPM>gX-bq+YR-eyKsBzKbaem_re(Kq0(3@FCufKqW
zg+*j}!R)<vdlzw>VU%Q*17}*gZ<?2;a>;HDC2KEHdPT>8oxYotKofo(d4SIUxyKAj
z6Kg2ATmX(Ftv0RLL~^8|KI<vpXJKF$l6g`G*(#&#17aW|AVZFvfHP+=U}NJP9=rYo
zZhr7C{`%|R!p&PB6=66qV)ckXIf0e3y7tJcfRnFM9)mrj7Et}WdU53S6GuJ5>o;Qj
zvp?+P)@M%R?>(902k$Vx`*w<6uUCR_Q_iVC6xBu#h%Cvc`(@6}_Hk-0f>JrOPN5HE
z*d_P*v8a+b4AgZX>BgZW!}eF#v}S8w;el4p{#9?4T^<=Uy$}7Te)xO)STo|i7<rO|
zNa6O)9Jz)q?}YRmlkNIxjm)&a>mHf|Sg5Ht;Vy}U?wYs2ZQ~1hs+$Q?`yPhHd#MbW
z+Ih@BN>J!gWc;T11@lAoAl2g`A6ik$d)K5@)?l8Wd?aK;Dfws#UjJWv-=8g&<3Ntz
z7=4kKcizrI+OLvOq}vM^`ZkLFL{S7qgoXJ9eCDS=jZ>#KkmM0&`g6!xVK_?h;oSj7
zaf)G*BaX8wZXwrfF_?uvMx7-mwgFJM*VBhV6vXAy>)AGGlR+fyqjK3sS5`90Fb0$>
z$#yWhdmTuen@PlRRam`8=#m{MFZ>K%FCh8Za^xScE_IGXgj8!N1+1-aV0G;ju3UW_
zAAax-{==XCIkvWUp><wo0TLB*%(CKM=K(^<0wl3bwHgD6EE#%n%X4W2QYPD%j-wxL
z=J@AdSGcov3AqNgMnm+Y$nLlFLY!4?-eWBki(|+&<Fn6R#>VM6<T^#pS@D^4h-2;n
z?L!V7S3H;{Tnor+YOGRXp4Y*EV;7lbmpBOSuqN2g7dF9r4EBeaKSqFixSP&323sR!
zafZw1uHoMM8myHey-;OAsf=+jO`D_~KRT$mQb2Fkz%8)EM1sEp2{KZLRb=P2rVLe#
zbK-{5Cyob^#Zw-V3S4l)_#I>5H$}!zAMw*~p!$Vq2F5{*UmSTvYvhA7akr)GHolG;
zA{rprrnlL98vS>nV{%rs^-C!*Iha7siB)jECT71ckxMyTzt_i1zlWKbS$z7Lr*ZZ2
zbqo>$BSH!w&T`z}9bp)!7$q6vqzqBl8amev#bK)F80vC2H9$ED*+BkT7*IhlcYznl
zKokIV4HLg@q{5ZdKiu=~WG9mE;;LNvsgRZDF?z6j0lnXOSA;}o&#s`)H>)Z8&4{6y
zfIJ5gVQF;@k1ws@zk2Kmy!pnD@TdRrFEJPnk)~PUps8Rqt<@0^Y+e^0GuYH3I5Knp
zxJtMydb(6KN+`wH8Z!Q$@8yVyG1HIyqK%R91;^aQyRo@o8J_>-Ih<LaN0t`=w=kKZ
zLs}BBWsvjm*BU$7%}g|dnDYP${dg=Cz1p($4sv0w+<Boe*bb^BYG{gIa>@8r8LSVf
z)H6$RWO317ySjJ*n}`5tGr*zhl{TN{M$+p5&un)&q%>M{0}x~1Rjf^_(Rp2WytXN?
zuTOyAalUt^3H%=FXK-9;QbGK2Kmgc2hgFk)E8=u^CdAu`Z*&|mO|ZosD!b+akee#M
zT!TCk_l*WUzIm`E3sW*5<BYvtPhoj+3H|;o9=mc0&ph=BWV(-0tg$r$MoEr19%2w@
zh~o@#Qe^C9d0u3`akpE+U64<7`-jLtZeadGIrA-_C&e=$AoHZgIhG)I7?J_*$aB~9
z+&xLYa^zef|J+Hwm}X8OnpsPe^`nN1?4N_ZS{et%laawVv#^9`KK&Uy@zf{q-S2!0
z-+Sq0Z0+nK&oe|(R2D{*)6K{wV6(Fl(E<QX6Q;2&waT>P(pZKWsb-`AC{q4tLN@CM
z<w|dDT9OoS=JX6^W`Mz{jBz;VqS3kEMbO8Gh2Z#s0>k}>4|KsylZ2TUfQ&kVY-)<K
zIN3h_je&TOARQIs%Ds;?vOFpcnqZr^C^CLt{M|3`9AsVA6yU%OK@aF)n8JbmK6;?8
z{h8)z4`y>G!0&hiznSR`Sp2X*UBVc~2ONSXGkzh<0HurRi`VQHu&QZh2d!Qs1Z0&K
zFfrWt<dv&;6xML>x{I<TRxK7FMS!%%+R8FkmY1=(u#8WC@{^cbIEC#&iu=1cMrndL
z&I)EPE}|EbEJvPm5#7KCyRC`37dt7KI25?wLVXUjAA=zh7lHzs>##er%w42oBSixD
zNw%{%q|C+o8n_rl;0A3*(DSOX8Aocl+}{7;huYgiKrKBYMVMJw#ut9^m+|a#&*7Wj
z_$J=?$y>O8e;ZJ$@M5XL49QqVvn}_P<ew7wLv4P<q{^yqxxW$#7Lqm=?jx$cpE{pW
zIT~VA*?kw!tzu(+7Me5UoE|s_P0rzB5tAK>nS;ANXT1Nnd*G@`Zh5fdd6*U@e3;+i
zI2ZOIU5{wZh<9V8qZH>(pU3uXjWpF|afj;Sk}2CZ#v9Xld6J^#WNR681Zy<G{!X@o
zk5BvFW*?<X`6vdsPwfjXiV}28o-Ug1MAaBhW#%qT_@P2HPxA?|5akfgOm@F;Vv@(D
z26G!Lb`aVMP90CyS~IlHF+V$t3uiYlH@ASR7cb+|rOOy53cJG?n|JmwiZcx26r;G5
zah70@%RubInEPA%`&?-%I3(5-!JHe0E`41DDYLHG0fyRSo@C_iRRv=5<)WUcOF(`}
zf@;TrR%AMmdJz?NuAm84NnE~2esuv80@K~om8Uj=KIgq$^~fsZ46L2GfUo}gZ{p3@
zU&G5Uzl>L3`!R;21S*P3v(K^*P}NZx1v^i6&nh*0?iDXnrR}~d;~vIxQnp<~SuziD
zn7``68o~Fu#`Diyz_lxD$npfa&Z=HA_kOlMNJ4iEOBpa$3UFY!WhtITM1?H8ohKXC
zIm8O`zSdh-KAv^zR9!c>KbkwuEMcc<Zs^Mn1;U%}*G@at#HKYZ4xvPo)qoFmJzK_T
zF!K?rC``8HX^v!=LgyN%mM$Q<w}2sKMx>4XXZ(zNIh__jJlP)dwR;r<G^N_h><Qy{
zd^a^+#!o-=)kn)F*sxyj)LJ)b;jD$p<5uIB_Vt4;>SO^K$_T9{8=Ct6T-hQ!m&$Yi
z6VRyP0y_q3I?q80IKOck7tfu?+}tuQU$}(%g=K8*#<+1O#wboO9Ay}c3P;WY>=m&K
z{PEr;Ez7}>ma}P}A@D-t?Sr5snS!q&1BglchX{OxC<P}25N>3H*GlHfL&?dWr)DS9
zCNrHtrl0w<E;3WsB+kkyET0#qB3}<gNHuW%=}+R?wQIO?^(Fl1)mQP_8*hP0gH&NQ
zL;y5Vk&8&<z?-69598dmHt8o6K)SHJAzk#nmOVc<?C`<4C;Jkr4_Y(MpPk3rY9FI`
z0L{8&5<RFFT)a~N5LVz1l1kl2MBFya2{AH3RC$=ibv`I^@rCbI-`?1e#Cw%0*+BL%
zur1}JLz8IkH@qYK>1<3N2Qzo!E(h;0T@M@cmkbjmgA^(vY~EqSBQ^?RC1bCo;C6R}
zJpp{jYn$qQJo6}B$ww^C0RYgS+U}22TYyJf$k_!n(PJ6NI0yi`P_~+9vO)rY6F!P6
zd8M&n2muoos?9`p2A?$fyAu#Q(G3<5Brr5s7jn*pxj8)Z_;swToWk7vGB!?cV3aa;
z_7dFQ+QKkSF^n^e;uJ|*_Uz?2)P9tp`3H5w@qin|9_X>K3{C8pE5OOY6W}3*bN=ic
zJD<^#0FZaymG2{2;I7J!5;FLz#TFUi^;KMi&HBM*^rZ7O0Htz*;_U!;0rWZN<;p@~
zIjxe2iO4bBu^tbqpNu@$plB9<`}04G>(?L0^;ds@Z-4u{xVw2Dh<Zh~DJf{H=gznf
zN_5NyQWb8O0{npiR)w^4oGZu%RAT@B@=uPe=bANRX>k^3PR&B8964u&bEygFSW3d-
zs`t=j^vFzdhT#f~HseS3PNV*N80=X<F~F=z&huJ^Cn6w~ELB``u8XIov_BUz$&ROO
z;b?4=zEz(e>J(QehOLT=B(p_8Fr#T=E2+L1>_B!77~8m}Fw``qpu=q={;v28J_Nb)
z$GK^(5$`34_hOu0JA=`74{@ABMWvjx3~47A;q7BL&(g%H9-vtWZ9mx_PRuthHcl1z
zoiKjK6!}fJ$B%H#WCiYOr@2v@I!@88c(7#}5~I~=vd?M+tQ_{)7%u|5DSBlYsp)vg
z8hGOBWjuN98d%L?WqB1*G>e@<iuXU-!*G;f80UqQGtH1?MfAc0t>QN1$hCbflAled
zcph@|?BKb1l0-9FfXQe3sFm#_`85tAwkz!8mJ<@|D6WI4UtlShZltUqL&yts&%*|d
z2%5r>8$Tg}KJq~yIbawy=*hAiYiG{lg`Z!?l`D_o2QPmg-~8_1lp*Nj{i*V)(3Qg{
zI}Bw#)c8VHZoDM}O`+tTtNkL)z~fif@#OW>NV61Lr$t|_#p9JnY22)qvXkxTiV*wP
z2KqPvkR%Yt9l8YDc%p+v)623-4txdd<n^_)SA-%fgu^>Ltn>2xc5I+V%pD7xZSJD>
z*lm8le2Cvr2xLAeK-U@gWsGEyK<7DD7tdmMw2W=Uh{`Ay&$z`kaH4>@%gJ^OmhYG*
zHah`+$Nbir(m8V(;C}2%E%v0=$(^%#tz*5?ET>ajUjkWz&2XQf06|4VO%hEP{LDPZ
zNZeffaudw0&yU?68)kg^nWyl~6Hg=4Jw(wAMk!-+C&qBJg+ZKQI7$(xIkGHAmOogq
z*B0FX0a7%@HpoBko<n3AUJARa+Q^towv2oLCafiulET=-aNd<vx<olOeW(GPlqD5)
zAdkG$4iyjid!axOJ&6-+3+VIMGYvw7%hw*qnX~6`>B?n%{p(-Hhqv#R6?v{J^GX$u
zrec3?XR_>itz#!QCzCoY7=qYKGp=4-!L`dP$nss}I;$fET6fRRIARxu2o4<>0t1a;
zk6VXmZu+6nBiO3i6#D+S19IT0jy@CcUdDIO%>~|W{A&|#l6i@QDPW9CIS9t=gCahd
zZ4L+GCbZTQ;N1x+$0=-CoFN{hAVt`|4<rLXDJPtr#<_h)ub*Y$B#xpd+rz$ipWgb1
z9yKg<0{jkj=X?w=mk?OWQ#Mm;ab_W7xn!s}8)6?w?B5H6Mf21RXF+N4L}Z2L$_GNF
z9dWS-t#h0`y^g1@KY@kCb=<kXht2zY7z|PjlN521BT0+CJ>~~vEZ#N0Z_;!lG`(Il
ze(8F%kVw;7vckX-km1ZCa<l>V7lM2emD8tuQSG)AYB(Kg1l)ckg$%e!=u?zVjRbJ#
z<3Att$-uF2$()&A#M93`kIPpc!`J@&&+y8tKSr9S#VS{+GA}|^4=^!_;qOwV*EPkF
zAx$?=KO(}?Vubm5V0V~8b8b|JYHJrR**+3jKND<NCd1S|FNoeMA$g&b&t`FFZ8Faw
zeaIae3+)|H7a-_n>$NQ0e0Hk&pgMK-H5u2q;n~i|HuX79JSrc^YlWI`kRTZ3Ne}PA
zmYA6l4-$-aMmV*)4js>9Z!ZBU)67Lxl21$OA*vcqw&S%;^)5XDe#d-^9?tvnL4rST
zwrvc}oh-6ff)CsYT$+r7+r!b!0y;p$S}>6uWGKWunAnir)iVoMgX<>$jnk*Farz8y
z-W}rhy*=F99%2+{g-HwZgGmN47TC;YgaPgQc4=I2c~IW@UV<`E@^44+^C_@cltEF`
zVUn{zwTSAL6Q?d<H;7M3_$P^g)B8|rg6b0bb4_vNoIexv$p)xYE&O}E2+OBV<11hN
z4LtSqtN4qr{S|KA{s=nHpj2cSdr~R=R5f6#Z5-QF=IFHC6O5X)W}G{-gl8UKFWo$I
zXt(>Vh4ri5EBzs;!c^2gXUMD{Pdw*v>%X{F7)k;8A%`T9WP{y;?rJwBkqt|wY*iLt
zCzRN{pSsSX_G@@TDeS?M3T1G67|RLn0H%-brgKIzNRek5mgY`@cnzC8LR9tc8AF@N
z^qFkn3F<r9_Kyorq@KreE5?QB<Q_i&G9cLc76JUxA$?T)3`_d}9u4_?*1{k#_1aks
zRyAMD8zvtFk|Okavq*D=?cEXXZ4a?KNT4-8=x^6rA9w1#Ykl0BSL<ZhzBge}vdl<)
z$IZ|UV4jnetw(Z?9T{vVwI#|EMC4Pb87a{7OI5E~5Ue;XrOW7bVf)M|`lh@-H#e~H
zhL{NS)tM+nK-BN!iDy2A$F4nw|M2hs7;nA(HtyZuhKhPc*Pl{`4JK7U(7ifL6Uw)m
zP<?5BapBw&o_%^9aXLh<6GM(&Gj{AqTFH4hD)7g4-y`4`ml~JrO`xx2|6R5(#29h|
zFm%mb7y&>PAl-b@u(N1T1iY4*UdUN(22%ESYQ9s4V6JKM(j+n2r=+zx?t#3x1^yW7
z#z!6gWl4s3cLY*|;hqA9rfd_njFXJq9B~jjar8XSOVB9-zei^4J%V@5^lY9UnPy@^
z0vcfGCUgC4`M8EDjmD0Drn*Np>2;`OTxl!wvnVSO&)1-bG&9zgmvL@m16#W>_C^`v
zBzxeXPdYWCmVuY{@$|Ler!F5t6u#z@e3r}p**_;ANRjLU3a7VFu1Aoc+a~}lGH(|}
zG75GUmr4Y~Ave_kZuLB79EZ&S=tBVX5v)c_018o$5G}6ZtH1G^c=N}v;_H9?4ZQQ-
z2gtJ=QB;6srm=f&;o?UX_^NM65&Z3U+$A7MGi(nASX$M{@&uZ-zkesAuMzw?y@8#d
z><*x>Z6zNR1a`=E3&jO?%XKI3GlCs?<O9ke*5ipM195h!U7X2tf#r!vRkGq4EVU>%
zUJm1{WZ~9g(P`C&g&ja}2w)y{aL7P9OflRUVQGFD(DT^bilLOz)29sgPUr9BxO!5X
zoa1DBNY|ZH`#v8j;HMtJJ7<dL%#YZmgizsczB07mhrIEbxBI*rrE^U?vx2ov8A)KF
zQ>}8Tu?}FmDl#+HR+sVErArvaDTbpIS$?$cn^5aZE0REq)P|Zru+fmQ<$yieV~f7h
z%kl$>cLudI9TFsvMONLJS{P4@;H&9Io3)e7W2i;$DH*zq|3xxr^Ch0mppOt@5dFvo
zA}acIq6kkt`&0O>-~KK9+zX$>`q~oGG=|n1tTmX6KPdl>GUKvZU6=npjHgB^g*V>b
z#P9zfui*PX+(woq$nq3=Y`$T}DU8F`%>_NnP|J!7;Fc+aZ6lCI(8uPp8DRSYzL{QE
z-~|1B+>*d9g1o@9!yQ>Pw@9<!zB;d}6%ufAr?dBV$4!?eXmKh-yQcZ7vm2@eGI_%5
z^f7Pa7>6v)urRlZ)rIq=0ggF|8s;wJG0bKELe;F3?HFuRy-^=2Ec7V$_?-m19O{Ee
zos!ij8-g1cAJh4h+6`bx2v=kd9hDqVNP+AICKk|=bX;5+!w><zs1MD34CB2c$M%^X
zHHs$sW*m8>0FGLMx<#<zQF0VUWr1je3S4<cFVq2qhFD$lG7iZrR2Z<$V8L9_MFMCh
z3isdD;7yQt8W9d5iKkTz_sm@Eyg)B!5FW<0ubF%OtnZtQj5T0oZ3DmbE5C}zpSX^{
z{L8<>+i$-M4Fy6}N<C5k-@I5<7{P$b;P$cM%03o*L<G$m-+lQu?%o^XE5Epb&wgee
z3-cP0>LF6f=rLr=vcJmp9J@JFgG8L0oBTL{Dp**=R{#{gWReYyr|Bfj#{by>j^mfJ
zVH#rtT_0@LV95G~4PHtay!OB;hm#l#I#9|>9Wz+$>FLL(!p1T9eSs|4(u|)WHm*%g
zy>&pS<8B9|)lqt@3*4nFKgpz~RZ`j{V`VPy?+JvY4`?dN(;UO?5r_z*0U=M>cI_+~
zKXMp9GIBuc<kb_vcN{mG{_anD{7$x$duQTDkpj5zK=MzP#d)220DZY8w?{y=k2nlV
z5GZ=cn10{oqE9npaef|GE?&g;ASvP+lKf~i-<P0(9bX$}D%!6)mjc+}y9A_25<CxM
zIXLp$rfHo76BhA?Q$BvIfD-#!QZa9j?1iHQD4S9jsO9;g27u`?cFuQ5O%V+Nu<D;<
z0}Jc!Qv!Wr4xigA$e^f)CqD5kR@T<>^549OZ+-hk43iW}sT$;sbK8w?pUs|6Qx3|L
z<~<c}==UPL^Zqve?|+lvjkj0uo4<ArYikK~FG7!cg_PXM>EqJ&KP3IcB#{h4Wy&^t
z>FDCg4qoCeN6^uLMff*2^e6@nwPlA5#~U)?Y6UOseG}EtY=xY2>*pR8R^o=9NS0XG
z4t_9_DwZ`n6}|R@X6#e$dw}|JI?6EI8De2}0ZX%|ar;hOjsXG2uQG!opA`g6JM-;i
zJC4xr5!xOp;73!Y{^^nLDV9(k1*J8UbA>{l1b2~u!m0y@-_y~0&tsIh<@m>qL4?JH
z1w8TCRovRlFpM)~d48mZRL}mOIwYkDV2;`@trvwr4d1u_?@loiE%${f^Rx&flETal
z$)bgOe6&VY&#6B^w6#c*3sAe9p4iSOU!gXKQ2>4~Vv~^zO#u4He}6=TTx+avoX6*W
z{)@PJ^(y||AN_mWyT4U1R7%y2PgL~%LCgvzFc}ss#1jn0#onTx!u_2QzV?k6AKcu-
z@BF7%@z`S;GkuMIGy@f>3i(yw4_va32Kd7PWM*zJp9}f~(-v1ED&i{UR?OAp_Q{Sc
zwB7BqLjVCc9d&p=)(19ZyK~vyM?_$4L&Y%@Ry@xvnyu9CpRzkCAuP}3HvOznedKVH
z-#%|8uFjRkJio3`f4ZC28u4z7Jk^+4T)@iwdECNY$?h4TP8CvdC@HkPIoaoAJ08nR
zI+5?50Kfg$mriOD)4Q|=I3puGo!fE1<S`He9&CBhIQ!2#WNyZ<QV@K-4)UyJyp!Zo
zcG`;~fMzgCwlRuR<VUQ(j|KH=BL?5kt>F&lhyJ8Z+}&vxm1RWRcrIf0opX)^Tl(1;
z1rf^GYdj2Uz|X?(NCvQOz<Z;S%LJe=^c6*<puw15Sj1ybJ%j(^)H?p^Fa8`q{L$;k
za$SPBarWO>f~st3Eb0u1n)z!7f7Rl?yaAL_$aRh%zqyUy|ARO1i$8Z3zx<_D<a0yx
zbstgGM}hxr@MlRs-LT=d#Y%wXV)y56Po4`r*kuHp*gh86LHpI=zBd+*oxS}^G-Rk(
zFBEp}A4prMywBco11RFIaS9||AMT#N==?;=XC>}F?{)ibU`RcW?2-w2sxjCafdC|l
z!bi6=N9IXhd;<|dS?zt~6sb-C!ZE~sC)*)yk7B=@KKa@|jz`n1Xp*?<meeaGMld%_
zMl_jq9=VnoWG}?!eFaL1j(Ll158|FIW2WE7<5w?ZXOJR}GsI~Qeh3VKx<%qP8M}nh
z9Ww`aJyCIwx_$HRK@xS_33a|A<hWagKwZGG)9rx_P^aV?X*%~H2~t`L-px|tdjP9R
z?wyl>J`#q52vCX;MG8^W!}`W~{L0_?D!%$_zl!<U8Gto(o)=~>T9@*?+W5t4M)UgL
zc%pm9%m}-6XNdpr58uWA`Umgh!w)s~hC`&;2${}mpv7UJ#wOd=@W=IlvE_$`r;RgO
zgg_s&!|*w5pG|Jb07zuAxJ7X&0v8hd8$)Bf&t`I`nP5_RCQ-N7aU0m|vKx<_>>3!~
z&CG>4P(URk?~^9AnEm*+EY2|89%6Q84(HdeVtYF_VjOCqM}nl2JXt=SAcSMOP5IW<
zkCHoM?-9IrrugNaXbk+>RRCxvc_t8P?Tnu<^g<hp*8*0m>^|D(C}Yk)Z0CB7cQrdR
zgQu=t$L4O1!6-wL<v5Djy4_PrXyRA+Mt@<p%Ws+TGxwSdS`VX2*w%{|904c*5rdM~
z7B|t>-%-N}gxEe3fsg!rgs?nK2KvO0FAFflm65~z;u4<w>CfWynX~xQKlxL<_rVRM
zS%#?B2Wt%?1y;s5K&T{_H5*5E&t_;Cu}+AMYfOk!jc@(U9lU>IfdAxIF5ojiLs(v7
z^dgO3)Q2JhbImkV@;c+(CyR5CSw3z85dk#DO}`e{J_`tPlc`G>sD)N)-1IZ=Z5+f$
zR*yDIaEg2n=_>yaEj(QKG+Z{0JG!uN@EH!tFS{Jmgb@vn^(aqp-cw(YX~t-G1f6S8
zuZLN+0p{J($c2oUhWbw}0aXB04HAhCapXVQj@~v^o=Trw$>Y7{ClAoa3L^qDY4hyj
z{+b&1OPzn^FKNx6kSBB7FTf`<nVI76iWF2dizLl3j8kOU(JU}=U~xmOf2R(G0AW$m
zhF7S2tjDCKmr&0@Tkjx|5GdI89<fj$qgF3tkSKgDg}%%-AS}yS9j206K&12cE}+lO
zIwZ@1w2*HV%wNB!prQyDuRf07{H@={3!nci7U$=ovka{BV$oc(e_#!;mZf(cmauML
zDwP?67`q9Q!i`%4{O|wb4g9PB_YU59J4T!&CHt4xkrNJ6HD>O3T>W7O!5HQu%xrbL
zv5^PS1p3&Cmf!%0Vh5=;v3*^NZ_H-DUwvXEjqyPlqa*#~h6=62td8GFE<?^8lM6gh
zNp{~jx&+dbcfH!wDsq43VL&kX#G6cHIv>Lnr>QK>G1wXbOz1}oxOpS?qmqaW7h}h{
zQ>^}-fWAj%DS3hm_P0H10q#82FZiVKwEM%$1|!JLFXzd3Y}1I1Ak(+(B-2uynkK@)
zj=j}2Ln*@fjWgI8WEjRdMsapD+&raQm?XBX%jItiy$=&#ZI2T*u!j@*^oSBq3D=Vd
z+DNQMP&mB3t-ULdokxzjOJU7!{h-R*ptcX(7u)CKJt^OBd@;L%J`X4cgX4i70a^pI
z%d7b8&wUBAbIbVt_g}=_&HG@^ix>q47^>{4GoE=i%wC$zoQOTcrm|JAW)3L=G?25#
zAOHFLc;~$VzVwAPeEzd*SXdY!QZwj9y~2f%m3WUcCJ9jIMvwx?d4lHqMTw`ohX%IK
zl8u_N4=uREWYy|pa9lMd<}KhlS-+M=FxHp}$Q=!1Dlp7J$tX|acImLGd<Xz)KP(+H
zhp+F)i|@j~Z<J!RGeSfWE^R!4*ME=}LG6x-OJ(XJn!7X<t4_8P^mhXM9&zADQ~rYK
zWZ(&`q8r>@sI{I-j(W2h3@X=}Z9=;kWqG;@n5Ax6Ve>u0vVysip7o*#&wui1WXu@F
zDbh^iXz4u3I^<%VKoiz7B-fBeBw_S&V4qc6mmX`8Vp4<240W`O@moEOthvc1DGGrv
zY93;UnlzO5&bv9F`fOhiE13Y=`!#g}k3RNvImnU;j0l`$xVIJK%#}~zso@^BzVmG)
zSzfSwOr_kCLBvMP16K~9-M$Lb#<o=bPyr|lLnwyI0qXbg#@qMt?u~7{e<Q&cURcFr
z*BEJ@V5T>VDC$8$fk4n*lO-&3Vr~I^?Vt}3G5}#~KiOmJx_|(IA@l}Aw#uwJDD$+(
zWY!!6ayIDlXMvE2k);})7Qpz#0Eh(o*8FxjfVJv^B8Lop#6kcjmZ*+1{KihRnmcGw
zKj!I3YmMPfA@fw+M><>rR9v}tl2RoIG;{k@<?zYM0e>gO_hY`4oa*{IJL&N|zMC$;
z;HfN}nbe8QK%7~GUK?h6ux_#RY>Vx4VtKuu9S@9fS2LID+bwPX**e@X(1o!G&;SDq
z3oE#@m0~zbk>&Z38D*^K2JQfog4l+GOaCA%*FY`Wzv>|E4Xm=q0q#<3s0DW5ODsLp
z8iE)TY=I%?e7vkbVUZ$7GnirP<SoC+4P$qDR;@?~Aqd`6Yzm;y0&HS*gY%grV=0;8
zqcE^WO+Cj+j$xc3&2rqneFtfpmiMVDJvkXrTn4FA*<V`}aO$itw3_!+*R=``<O02@
z62Yj#s3anVG|TZvfARs|dV3F_`RQeR=@(8TpWj12nnAxei=K+gIpIJ`Ju%;njW>ua
zp{p!45QN3ZvE5N<$3?hoA6uZaZW|jL)Qn$Gl@wEA6x~pH-_6sO%+`Z#4VY{;kNs=o
zG~+RGk!R;Rkh0GjQhi6+EG?Vo=|(@4-?MhieGJnfcA3vQbD|#W%Fuge`JOQ4wQ_%>
zJ>9XE##U}OJ^Gk3{PHx%;QkOgXKbvU#m$>>d1+Me&lvm>#($_B2TpqXjz935T4x$h
z4;P#OzoUXel9MOsV|`kMN}S>BQc+BeNUj}31m9vB%ya>L%}c|&caL4uPWb>zOYKYN
zH!z4bMsbc&k|Wnguej8ifTaE10<v>wm|Y?PR8Ddn)a8Z|y3@k1rB>`I{f^!KF^@D1
z$un6lLJ%5a?ClE}>g}VpFD7)}f!K;hd1njgBZPrFGh;MLkfa$FXCmC+yo)4B5cPTm
z+f?@WQTcbSo>3O^RJuIkjv>{Uv{z+(gf0MqQU%C-?alw6y*G`OB{{Fe&KH?gb?ff;
z-M6p(dS^GgNwJ$!QzToWL@m~08!}{AKLo>orLhbFHeeY3H$Q9`{^vg)j7IWcY}l|o
z8iBKEMv!Pr)@VeHC~Bcd^+NXgUiaI#yHr)K5ubl#WM)KUWL4e!ZZ-SeTM4{(Yst*Y
zjNIbHIo~;3_~6<A@4g@5hrYOpXP*(sWsYvxLl|}-5bUcf>P>~?7I4%6eZCYq8)SI>
zLD@BgVQ(ON11$Qsn;m242}Uo?d#5SA<UQQ4+Lx)BLmIPA9_PR5|J-q5waz!5{$^`K
zLvFd7@mP}?cAh)RF?M;_Gx6Y_HH>7CA{}KQCY;=O9QUsqGJ7Y(&x~}a2BFAdf##TR
zKJ9<X=8WIr1|c&;_B@vv>>W9{0C3u3hW-8?$^t6*!QjL!Kz8J-B_K4wpVL7i2z>IX
zC%_Dh;tX+?L#dDFJ%-2zvJ=76M36PL^-BZ)w=;hJCHIa;O>v!V3^ToK({EKT+A{d4
z9VAlA3*UOUszoJFqytTV?NPh&r@I(=5H5`c)c)nDEy}{P9?6U>m&NszkH9hqlmwJ8
zz!_DYZz8*O#sj`_^~H63H;9T-K%v9qH5*362m~QY6~6J;_wd#`JNV+~PU6*9*Ri%f
zLRW?eHTx$-F!2m+GiGti11Et#YklkjI0xjJE}qu8)dYCnIz^X2Vh6CXTRZ2e7i15R
zbd6rdIG5H;7+LLMud79pT2gJQ9FHV_yHg7jW{fGSCfPXF0kuu2>OU)ZTq@yI_qvZm
zO*tz@o=K#m6c4WNAdNG0g9Y5Wp*0MZp%OVvpA*)OeH2vBr$>5XnyG7kc9h!kC^CM@
z>^jZV>Jm7g+{573gE`C`?|p4N)op>TI=<>NB3phsEr@Isdzl{>Z-gMMEUzO<fhft4
zWsgQ3@px8>9`3MDYT@?KxhdgSyWo^2d%sMx8tc8iYdpa)dAd|U8~?F0CrvgLZMX7l
z*%tBu(S5LeX#ZWmytAE2%`=58E8-jO-oA+>8tUd~A^~#PP%;WPtJf9)shI<*xULQK
z$bO5SJ%NO-pQ^y7wwz~$``a0Q?+<U_n}7QN|IyE0z+;c+SnOx$bUKCnGYBClnBp?=
z13p(OX#)ywR-Ji3AA3w%eCokEJJ1GD&E?nthWY^LK`rIMSQ8<O4-{6*vs1mt80(qC
zE`wIr;I&~O)#{GfW(ec#$pk-@DdXZj-%OCG@MLzf^_cG?;$p9pk_vf}BN?U`ZABP9
z7$J=_1Qg)nnJ01mioRlXT_1_Scx}A5fT7{Oi+O$Dp`K>nw@&7a-=RHuW-IlaGk$x4
z6fK`uoyBQ-3I6^iPi-0FJOXJi8GtS8qWV-TS+mWJHAIQRC}BiN4k^{qJj#2d{KyLx
z_76X)b?CtdN5+FQZmBw)dQ6hq+lLz1k*1KjPL{z^E1;WlTldQLHD0;3kK;gJ@g~hA
zl1w5D1>Sk*Eo^OX0Tk$(F4k_IcE_8i@c_^r<+bH5o;<&SH?Q2s?jVK`)L_o+jyyS$
zq@rSsf{>8q3Ljh>;n)7rTlnm!PvA>Gyo%!|Gyn{X`oACuAxQY3-ekZBpX;Yb+Svm7
zYy{?$c-FOjHY3PQ5a%fuV^&5DYBL<mW%Meh%%cfqCqU1xzw<vHtnDGc^{2_|wHwO#
z%v;)?`?h@4bwp)uAI-GAU$|;8_8!p55>yLp88xrdjLGd0k4|2vVkoJQ#u?(BqyT(d
zBd}EHgkAK)C7e2T5lGH~RjzY9%Q`+A;FVDhWH5g)%LL|KuR}laY|UMcR0-HoG<TWZ
z0WNPw%=4@C;Vy9}Q)$or)P2AKZuXA%co@lC$arwS@bnYtbh?OkhDeee>SKI*l=8}H
z$1rFz6qxXPb=~B|W6ehC$3Bj9`yzAzt07wfENTjB?@56)_7=0(ZKN^aa4MOnyH1({
zbNb9?+CZNN@Rk0DNtz+cax5-{NaGRmJV)3Owb_OX{;C?SaT);KHCGBxUf95||94-;
zZ~wuY__eQm3-`Ap1OYV}MQ$DlGVP2+?FPzBNK%Ebed8AX>f3klQ$KbdpLjOM>C+P3
zg$$jbi!kgWq_8oH?UO_{F3@q(PWbBc*yG~qmw2|pANa!*Y_`ujavnftAw_nMS9@fF
zwKZb{;FZ1A%-))7f3!w3{@okj(26+64^;9PBNm>fyn)+4XoHhPZjt2}`tbmtNtK*)
zm?GMZG1`hS+KxZ~78jNfbQiI)bQU4b;O6xdX_gisPrG+kq3wbUM^8iQ=^YH4BfrBx
zl036xToOWa#_td#ikV40d3LTtN9_uCdZw@qVWzMh^L71rs^2s};_)k;kPApCY_wOF
zR-u?MiVJ5#egp;vT(iw-9<fGc)%0MI#z->98U8%vGoPlMYn*AzSdz_?_18LYOPwE2
zv|pjdGm*xc(|Fp_8^-R-MV<oUPif~$V`et-pv)DLOoACu=?E%IEQiHLbc#>K?YlGR
zSr-;M`1Dg}u(=xIKl|y+SnDhN{eSv8uG}1gJaul3#?wqh$xKypQho6-D-2`CKl$fZ
zaN*n%e&`FEc>1Xjr%y|WEI}vip%Zoyl=XjF?(PQ{<E5RA+1fxKH){piPJw6u-P%dh
zvz+CJ+72qcz>b^mt@{tmnn5=BK^w%e=LTW1Y`y|K6CfF}6F!-3MLdql<zo|Maa&#B
z7|p8-+NY4?wq1hC8CaVFMLs<KV}??UEXfh?#E7<IjCNxr!vq9iWA!)$FJY;78pt<s
z^MeSI<3hd}1O?a=1frmL@5(((U|51e@{C%|r$gLvr&;%}<D=A`N6p+t&GZ28g({g(
z6Y%-;W*QTq<31i}Ji*;@(q`!B2M{(l){v_JGRbv}!=oYdob72m-O3wD53Xy<G^fj?
z->3a-`QF$%Ut&dVp3}BQYR6sE9;ZpAhI`p(nhF|EWcwPmIMfdGbIC|E2@(RgZd}LC
z_ErI?U<Wv}?szw4VB~ZV$?6cVE-&Dxzwi_Qpc5$k!jGK7$u;0Ne&-6l{@N`l#s0yE
z#sE**+@dm<K|n>AI~VndA6y^dH-CGC=bu@}XJ1~zbD!vAc_l-V2Iz(h=!6{vL8zl7
z#sI#S47i5t=UC9kp5^>u?c5@&Y|ERoL85E)0*fJJpOYn<Rx(8mrMuPaD^m2uLbTQM
zu>(RUnTjzcaG_JOgL^i1nS6irZWT8N)}|k9<UIjFr4(eQkPTCec4Nf538LK?S)8KR
z?c&Vw^GHSuSnZrc8ZF`4)d-*nf&@fRg1s8l*?_OC>kH~yJ~FR;v%YxV?>gLFcbc`i
zOFU=%4(~Km;KwBP-UppeQvw4r$6xKgQxx~@t$eRV?>Pzdk=Y4hD5dc1<%?MCFXGny
z2=OCO-&aPM?N9zl?cwd@$6RA#{H8xQ_T<(w4l7Oo`#grh8q1c|U(h6D7bk(hH=s>Z
zYAu<(F@BAWZI^p`mLdnnc@1R9+ZXeLzUJ{S-)5OalH}-gLfp9aA@1M54<W=JP7!~G
zS=nh{>V<gn{0f+J00havkG^yaCy#aUn_peVKmLE-LM}bvuLPc8s{sipWN8|ikT!n-
z=`d|p_~z>m@ZQxSo_lr$FMhI*=bv9f+Sx`JcCpY|&<tQ`blBU0mJ9Y^F?Z|*d@vb4
zcEFUI+2>{YxQc_Yg5<dg7?cV2EOxGz>DC*<O^K?e+E|sdIXQV&E@8b+W<Rs2Tp6ed
zZrS|I6S7W57N5nG*0rX}tUz@3yUH!}f-1Ia9-XYivW>V6nzdy>vXR&5FqoLi*rmm1
zR54Vp3U+T0WB4FK7G+4H6nUCsd1(pf&OVN4uz(=j1SLIOyPJY3LJ$Z&SR;yh+EUtS
zuzF2nm%8q+{!8=hzN6M9oNbO@<S9v>1HVHul?Qk>D;M({&_@FZx%t@?j+}clfx+a5
z3QdsFXqhKbfGEn4X7XcN-)Ax*x?G9(&iZk|dHC1PV{-i32l@QKdI}Ieu~y9+jj-2q
zfLeg$6mnN;#ym`oI`>h3>18=-0+^o2_KkT@UOYGvoRw{&n2}^Tl2l@8AwZr+$g&J!
zw+DEHr{l92sd1rqLxCTD=`#8~RFHr~0I3w7zr2M1`agaQ7f<)`zx>u~*c~Q@mbM0b
z6)-p5WJ)%o%oHrU+M<}R(<Ka}9RKbc_wdfU3;3&V4)D_Vt>F3RLL}K1dSM^kP7mF%
z3lhRIf$`_JHRBoB2w{g$J~$TijqURL!2)|UppJ=(JG*u7Wi1(XOly3lb1h|iPN+L9
z(CfN@a?AF#MM*f#+%&Y&taGuV31%ujlN@V1+GL*oP(+{8sQ=m4ULG-xu?vI2k|9%B
zICE}Ch<0M+NsctmKtwpUx`|_FE@9_Eh<IxmaU^g*%0ZMu1XP8ug9xOVzKZ3mUQ=D`
zCye>cD2I7z-;tbV+`o>FQd=G|S5Hzi1%4#vccPCJtguyY)7n=agYbA?J}w6O@Yy?R
z$<zAE3K$_qafVTnBYgy9o*$VvQH9rewl>XUjAHf+8mGo;4(>2PCUXn8os7lCgR}!_
zoR&GK+}8GLMrwdQY60U)6^@<&kR?OpX{2S4Mu;<$Q5#1N&FcHC1OtR#H^fhU{wWAz
zfMo&xNPvP4SP2|o7x+(q@;uI;Sit}Mo3G>T5AJJut|-x7&C2PVKl>h3vYuSUKQI`A
z1(*~%LgC(4in|XIymuwS*T2!j=YQ}Ro_sRJC>f#GSwOd20Kh;5mBXPA^sz74ott(d
zX8B$_=wth@%jh{WNpARG8Z48`ezoHYOBPC0uu8@L6ik}6b!=w$aTAoeK#izaADh24
zjhkm(W9Wh_cF`L*c{Hc&&jzZzPnqWgl-2~bQ{+jE*#IRKlw@R4hG;jzXlsaMm_lX>
zEQ@>D<L5ttkT-Grro#Pb8S#jb<Pt(C1Yw{7n*-oXP$z<#&C_*$sF*(e-jr@z^3HjG
z>u5}(=wHvSuMo|po`-i*07kRxWCnH~-F%vHZ{A1ycqE`xbx`-&VJ7D{nE+8pVJ=@d
zi}kg2+}lnOC)vke=DF8Xmk#!5Hu@vHH(<24uD}$ikEU2T?GaV(VLNGz3CzCtX-3Ct
zB08kKfmS6Ik~D(|1n%CvgL`*w>&~LtI7SVhKtWYowSG=%pJ5c$>jb!bb_qlbR?3*6
zkeM+P7J7`IeB~rAoLa=M|Fd`SumA1aP%O2fi7<9S72vPBh{~PPo}WxLV^bA(3Isxd
zS>eG>hOM0x?_C|?@}(vG@E4Ea^w|+Q;RwB6S2KV`9iXT>KP^!WKr=Ai0e$coxio73
z*kk6xK49brh9#_5Xv#&sA?L=2%7c~~KutHN8dtvuduP}~v#}?WqOD$U5{BZ|%tiRi
z1{wu<En)V)wKM$nc-}IHX(Ju<xll<tGtKVB7(N(6=1P;}gq6iLoICk6w(j<D_d0=9
z2Wg_9AVEY3!qBR@wPl*Z$mBERo+Uuk-<h9R($2Z5%hB!f%~t9;oCCi(@Y~<nBj#gJ
zACEf(*F6JjxA)`&>l@oOfn_IZWoZfBP6wlCh&cWDyLp;G>!b20dKk8Eul2MHE1!Gn
zmC{Fk{vOa0bkN%~DeQgR@JxH9qOV3WlM+cR5e6ad-Mx+5w{I8qeFQ7ht9o5ln7Upr
z<Ol#55Q6Z<&s@S{4@Cq6%NmeX=Vb^GLy*8HpIF8J_$!~nvlmzKkN(ALxVIC76@vmY
z+=fKGSJg@806-9!v=3$}3p4`Y2SbI|-`vGpZ|~xnC)e<W&#z&9bBLAY1ifxl0KiTU
zouCU*c8X!wZ~21l?eCr1I4|h)FkFs|&;pq3Fpm|!QVl~F6BOC&<c1?D>)JXfc4UlZ
zO`NW+Yset$Wyl4-ZtRXu;;_JOi}ce4yKEyd=X)C{+klsyO=TDNc|m4d;QhG!YhhAE
zUa)9xkIWUaxTw{OcZ=M;WSD>%=mZ^fsEdt_Q#i5u1a4ecc=x*s-~f`fq*(|(_M+K3
z6q3$@r582;6a~B2WCQCAzeYWuC*yTK9gT@eM`g}#8qI;<9Qf_Ck0kb$|2Cgy-G??h
zW6btPE&cxe9m4vFzqHVY5M2zT98r?$7>7rs*&gBsJ8h)HzQBp&>PZK3Zp;E?jwwJK
z!x*}85aokTOuMc<?l_IzQrds>O;I~Iu9=vDG?9ps9E;rmLZ!&1L|DciSR?;%D7|sc
z%3Oi7pZwfY=yd}CnKpZNH<C1HC_12P%M$<P&p(MzJidnC_{!_}#%s5b<`O}Gs`jX?
zL1{V-)&P*SEjd*Z(7HBEkN_)%BvttK8(Vn&J6pJPei^TRaRcj{Lmc1C(CbDB!mwfh
z!=PjVT@cU?`b@;&1AP`l=Z!MAX*EZPX-PbNaSdLhnO0y!?fc_^xYEGIWeOEH^9tG5
zRvwvW{WIK<eO7_;+&-Xay=NXfpT8D?opw<ExlMBz2N0IVLJhg8QaWHgM>0wg4`PgV
zVnn+!SSobGE*5($P<aREPCfzTo4EF2j0ZO~>&<~7+oW2CZ7_N^<42wvKWZ-PF5@^*
z(H!s{&Cc9x;~eIU-ysKn!`Y2Wh`H|kV}tliFMA{4i-g}HzyX7<kH}Pagwj1u0T)i6
z#OaeKu(gvSN^<1+qhlDgA7ht~8vupJiIHFcM{a^HI<Oz(haZ!k!oYy`wExp>3(e|s
zobq=FfCMAS6hMSD86g_(02I{0&Q>Q<)SUvO){m^*4_gYpyx7H4=T{I2(lSqO=PZdq
z2mla7pz!6-p2R1g*u>xat#9M2fBFGFyt9iS2p|Li4vO20V8_|i;XcVgO(ZO5O9%x>
z1!hJr72duwz&lq4ICp9hue=iC)aeALPIb`f4k0K+x7$Onvw%*}MNsCSIkG<&^x5W=
z9;T0*AkYUGty(p1vVTnV=e5J6GVqMShPBn}IRWn`7-|4Lw%1oOgLaO&IS)JRVG}sQ
zXXesiJK2q(Z(=zQ=yiWe`J}KmT%C64(RpQnMa9T-SvYbI6C{He(J(2DTCyD7u!Hrb
z4diJDi@jsmT)BX|cLc7yoq#C;Agp@48n8LwPPlAcE$b}jq0$Z43THRwg=m1jsa&V#
z)1mCsv6!jUb1(;fhxg=}E$|b;{QCUZfj^Jdvn|=3{otcij84Y}G88NH`+f9#eO!+p
zAW3Ciw{qxP{oo$PA0+@SJ7i=H7EGHr`0xfb>?s%h$oe%?L~lF<#@q8;QUY<3K?uVA
zyZ3PY!>e|TgOle)nsFneuFuOl>PzqopMDI-Ry!c%x>HQ;wVEZ<Lb?+Qfzz7-{`+5f
z8Lzx}2LI%%@8FNVakXG10}XH#6?l%waQvjkhz6D3P)s%OGwT7V&I0`K<_N#_l>yG5
zS;7l1EaBMk6z9)(vAUXKK)dLKJ@mQ@=yiI!7BJ9qJ3EE}7T9ZoK7Zz2Q(|c%l!ipp
ze9!Gbr@cn5MwYD67+X;s<%edBLUX0;0l?;aGa!f=-pB*5^s@nm-T8US{dVFhCf4^+
zqn^`0zkP3F1;|VyOEN^mg4v6QDWX9U!w>|7jnz$rw2Un6W21itDVA{OPJ(+ka_zJk
z7|dKP)3oKBhE!7sKbSM}_Y??%bZxE)0AbhYVvhIb6V2Q_aSr?r@yR3g0iF@?b0kRf
z>0<!?%sU4gqlc4WTti9bsS9j8#F^1w=whMQ$1utfCxs<FKSIE7zZj;JK2e)~kv)BJ
z2Q=*k@3hZ5CcBUQUO-fV*5+Dyf@$p3fR(4XJ<xvkcb_opASuAT*nUp<D9;r}QHmfC
zh=x13b?Y`n5EvHkh9pc-W$J<o{29hBjX@d4mw(_gR+hR@Dy|r)>VUDcMGZ7w01!b6
z|Ng7z@tIGY!2j_(>-e2NzJhl?e1L8@gb)O!idsTd<&BYXp4W2J8W@(jf2;?aSm&K7
zKnbu=5CP-*?Fd(Ye}MJX9-exVu)3DwnWy?VeKtcB4-teRdSM?6-34?yU4%iWVgXIy
zz_6J*J6520que+MwsQg5tYb6Q<Idv`cCQ&jHtP=A&JZM3*6^9@RTb`3&VDrZuVnTN
zWLN%{@_;Ru!DQ5uTy`8$sayx30ce|Xjj@!c9<r?Oa~a1PjFSf_dZe_dS0bfCo=IeJ
zhIp7@xBvq|{Jt9_jZ&mhiX=+Gim|@BhV_lp80>`T@j5!RfzhtSl{+~gVr|kASb^z`
zB4UI@5vWbhAPkd$FeIJzAV>XLanXr?{#*xlcO~u&3L>zQa#nTbbGC0j)twR!#H<cG
z1K6GC_#NI!=>t5Qvxfrh?l!+EeSC2sIY5wFO+hF1RV^IDMJGfl;KarTE}TAv;V8u@
z$&pF<NHx>MsDakICqqDtZ~rN?7C-WR*8d9#A3n9_+XELkc24iN{E?V*eyq>EG|iD_
z5}kk`R01g#LJ?Z^ePl*BRA5h3CMv!t2Y}EE16(+{h;9hvnQFTKQcKITF<?Xtuz+IV
z{D~g^n_v7CKKH4!_`iPlEqwLgy$6{~P(V;zf>JHN)XsE7M$MKria^?BRA&VWEm0>;
zeJMsD2qFkD97+7eUvGh!@$Nf>%}wCcDS;PWSU`VifZb>Z-A)e+oj!Wq1$2TCK^W>>
zK&pU6L&nIyS~?HtV^~s2_JzQkKn@PTvO>-6$OpDU-J6b-%=W!kxo)LZ<b&ba<6$GI
zEi15L2IFJ<9LA3bP|B|P^DOJOgYR?yoprp63$rTBSyG8KP7w_fjJ8L}bk1IyWMHMR
z)L+86vzL)Xi-?9@<h%hH3EUp00Ai3371*l=Qs6S|I%K{2UZ2zY+^z;@su4APzUdg7
zXU;F<r=Hru^UDwL_y2Mow+5k6$4p~fyXOIZM|DzqP+^AC&YbZ(q|@#{{8hE`pZ~p?
z0Y8ZH<dpL(_2Y~DtWhMZH(?n@pgqt|>p!WbK!0&z0jtZaxVycjV;qi-+s~fOUG@Z(
z_O=dgF)d-u{2t5zjqxj7=XdSnZ2U;t=1~BCahd}l#PJ9Z?%uNPIkjt`2>`7CcWTS;
z1C(NX?$Z}>YI9M83pxF>z5;0G?=Tbt-45_0FQ3LUmsas3pFNLX|H`-U-K!6ZnmZJ^
zeWfu0S<+G?2ee`w2_)*QI;!-NLRTsXogt{u2^63hSFa6m<pW@8F~l2hWY|1Lc=5$m
zoINKo688{>odN{*idw)<Cxj5iwpnbuS)XUtt$9EnJm1;j@dk`xw$|T<jMyjBgu@t`
z3?FlgGpLg+=wuq!`^R?rptF4y0IlX`f9yk<D_Cg;+T%1T(5bTp&AQ9B%s=CSRLgc1
zLrF%S=g5*ANt9x=8zCAb$m0xoE|F&vtbkspho>(-1DUSk-W`SQ+lx@LhtVj<j*=iD
zAp*moMcA2p%{o5Eyai^|LRm{Ktie_SaN&3#zwpWmUOsUH=eGYEZ{1$UFg;eB<K_qm
z<Kt0eKA%2DUALKL_%VRN?mzt1Iq*BgXV8`oYwXVe`GJD~klFk~edJCH8vmVZlWq;z
z*V3O(Cq%EifWat36z53N{E?D*;vt{84KVc)qm_><IAX_tkeu$$Baim>m95eISSp24
zlmSH8-rB-<-h5NbJdN5u;Yd97>!R++@N{x)QWZ14_?e41xv>bPl0rr~PB!K%95Vr%
zzE~K5RE%>c7V-06zKG90e;ohk@4kb7`Uh`fYmn+~<U01D0)gDjoG{i;8VFVZupDqA
z1r`M2!UZ&h04qkEDZKw-jB7Ut?_J5!>q)%$!Wy1?t_KnBBJ2#%2}5)`9rQXq^g3OH
zox&7GP$A*tHs?=I24I8rvW9>Bazs=9$fm&xYV#M{@Pz&HNgI3Gf#^J4PPr8+Vaiuq
zsXk|6V^2$&rh|!{^_Whk?A&wNij#oHXh%tfJj;=%Ig&U-JW4R!i4YHBD4o5>TmZ^`
zZxN55egeqX@!_=;x32cU93oDNKz4`>LI?zb?W|e3bT;bpJm8NUum?xl2_Oszo68}7
z@zvw_!ucJXTf7ds^9FX_eH(vt>$CW96oN<^&r|~I)v$KK9ZUSpr=u~TECSoo`(URL
zfbFByo<|V)A=Yxw{!G?RVt!vb%;3<}LAs&E%-C37#?zP1V;E(Kk_=h?=*h<SEA^bJ
zvwr{&?#ZSvHmW!X^A)S}X4ZpI>#xqdhcd1C4evi^eviAsV+67^)zWD$F^Uod1ay#M
zdwT~W2&&w^vXe<fx|WD6ai{5~Nls%ebOKyDvxJ2nA<yK5?c%0EOv4$(U@3?onGpm6
zPhD8XfBTEi;b*>h8UNG&_I14R?mY~mOfw~1y9<-){OZ&%8O5kXR54e?g`k?0s?TfY
zBJYj`geXi;ws&)=ZN}E0Y~$;HzKxT|yLjc54XmsWA+dwSeh1xd7oD(!ZrDMuyMQnZ
z5e6LuBB%^I0MoJ4W5D8o9BzDALqT@Hq+M6&2W7<O@45AS%}74iDU_WbQpO&TyIrtr
z1>u^%z@M9E)-Jm2=H6tU^#@8Zl;WaJFU^ofDdIRqG>j4LM#z#JN)<Vi1OX)lRu(sL
z{>0<RqGf#WVT|{;1O$c1vO<<jq>8$|j%Z4zO<?D7<g6sh<!74FBWvJ-Drs%M6JUKw
z;OAf2#7{gu!pZJU^mqr^_BCw3{T4>a3a+bT7{oa`!oIBP$1NEHt5gk`&8H(ciJ8hg
zw*e$`;CHAy@5nXqJ9*$8F@m<7o!^`e!5EX%;VWfX!g%`I#eoc<+v#F`bsg{D*hQS=
zkn+(3ejjO$-=2Wk!GbBaFr41*gZzm-uFI0BPO&V_YC9joS#)}cN8V4fOhQUo*v`j;
zdPglunXv2ls`|bXOxctlYp2j3{PZO}ac%=pvPkTn@SyMlL8fLem2J;o#lTWO#7obt
z;2-_nFX8vUeiOg(m2cwO?ICtXDZ;|11}sEXzE^dkE3+3<Dp$-z#C1`d&;w8G#6jpJ
zazP3t7+J26W{klw!PO6MBJ41pxV(ZFo?k*|VFy8Xgr%hpdYxTRKnQ~_dYvA+oi4(#
zgD?ysD1ac++etRt#c048lSyMUT%A?J9n%U;XLceSbP$0hK{ZWb*pgeK5d)#Yo(^a?
zym^{ZQqQ@_4Ytk+WA{i?s~TXPod-9*-Z6D4|4PMBxkQ#~>1LcEO;W_8B3Cbt5-7<C
zf&iVMi>~M)SHR}#X&hg<hzIvW+_)Lx&09sOiQ-Oue-nWw%sqkWAdgF~XtI1}EiJU%
zn$VEBFZV;7T@Ub6pIX7sKA+*3xDFwQ;CL5l^Z=u)S21|+0q(57h<jMqb&=(7I8P6K
zZ4i^4)j5}f9=QQ`CB!U~(squLu?vnU<Cp0JJsY?%k90UxH=JhLt{e1Me;){ee!q`l
zED@(U;xvbP1Xbe?!}yH_eJwZc=|P`p{|c;)mD;cc8=dO?0#au%U|P0quP!cA&N`Oy
z^DJ}V1m8oTLErDN0-`tvGmyj)K6w8<uZfG*2_>@FvNk{0TuOZUnUgqwav72ngL9dt
zMPP-no8YIu7ZB{wxT02XZ7Iah|HwIf>7~>7$G`Uu{@EYBg{wDq5vMtVPM~8dihW|%
z^?RkEi+RzQ<f14*MalNrz)u4~QngDc>s&y^$YaK9Z|vf=*S8@Ec=nlfJo#h~VRsh`
z{R}H>89JR|!Kelyx?u<1u!~NogCGnMicm{KOQ|wxxoeZd;zr$|8F#>jAe0-C5DgIK
z-kgm0ZfJbdB*v-fv$ny$-Wx8N?k$9!aQljyG`fzg9Z?%G7X^z~WHd@hou`*1DbhGc
z8mEY(6!9=d5+zVz2qN@*OITf8MiMhZv4oTB7Z6|#w{K^-c_qV5mYT~9YCuK=Av~^{
zRfZn5#w}F9&>D2H*}YPNskm?*U0?3t$rB-7eY%UE`xLN>8{m8dj&_l!J3u-_w!4kd
zjV%ZwyuQ7Fx3>ZiGBE4&Uxz$!shZ;E01MAe(~sm3JZ9Uk-U5)%f!`eX?R!!|;He3l
zPmdt#^LO~nZmS-yXRSwC?Dg>6<Bwq!XNckqStcLJ^WY;LO!Wk*w}KnmhZUx8ePjFk
z`-46vNF2-9wXth%mY;BEIVecRPGxFav+l!@wDIKx#OE-JQb`P>1k6B|#rW=bzEjE0
z$P8>R89owrCl(GfU>x&>ZisUym(X7j$TFo(R(#jHo1oT0g_a?F4e6(o7_M&<C)NV|
zSHJKH{KOAlz;Au^E&PAq_z-V>_y9^O1Yx;fWh9C+98B517gg+FV1XJkQ`yTrK(4a^
z$%r&yT^lID_}e$O@$J_c0RfL+Ud3aN^$>I;gxv%uP7s!s6qt6w%n%eH3_Iuqoq`Pv
z^!w5*#sCWhx2})<Ie(}@6nu`HB~_=_p?o3l<^RgZLXI(wfeGO3_th(A%dEw*gE7aQ
zK*ZW%RGY6T38ffWo+Hn4q)CP(PLU=#vMfiQ6raUWf;7#bltd@&V7b4FmG$Gu5`j^~
zSnZz1Qs+3fQ^MW5F}{04fhf`duMAQzrIDhjcLm0<dculms9iZ*fS)1dEYC#6KrVr^
z8w+^;T!>dL6Mp)6fi>KMN=8uG0G#eXrUM|4!74+xGeo+TAY5F-hdXPyy_=#Nl+VyQ
z4uVPmPJ5_@o==B*QX-h8<>vNLb7VY<<}TT+3OTv7oSn-M4&j&+c?!Df&LR^b=!7`F
zaSR{c9wCZz<hgw0{DIvv#=W=H!%004$RlJtsNIKr5&I02-+O)G<Q&1N+u%TYOx%)O
zXfvqX5_dwaz_mV8N}!x&3Q?4U!RS$rBu#B*&*`)hne|5w18AI2N-8}6#7R7JX|rI;
zGy~>1G}YkB^>Q&Rd8|Ek**|j8G+DU;O67R=;sXBeFMS`r`~&Ck`+xc&{@@!Q;@xWx
z5QITd#-eMis`QAl*=1y4!2)cMD8uE-1EXpdP=iBa2A4I0qRzQ{>%9TK`_2xOVr;DS
z@c88(R#p`xVw^eM#rj5oZdYN19Y~phNI-}XoiNlu(0Cn&2ugQIm|@&xvtyQ@i5n}g
z@vCz4>bQ!7F#ed|cx0OPk6AT)><Mi58N^UsbEvpzZ&nIQDM-bTxkR2zB&h~?QGz5b
zKwp+-NRu3CS^z(2#<t&E#IfZQ2t*&FArK7-oqQ90u?CU>b_W?gxRV1ES1g_g!y1S+
z7`ZxJ-E!Kj+FrYM!T^3m5GcS`70AvySe;D($dFvfrk^~sh?g$~c=>|Dt4{!HxP?3!
zB2S0lbQdZcKxHw&#lEs+WWx-c=hzK4@E|+^umqHr5F5a<_D411Al!kSc^~Ttb=j#<
z($UPco)6|y&%-~>4EU8N=zN6g(A{~w9j>~UKoG=OS?XhC$UGmx^1i|ZzyKU$pRxNv
zY1n`L*j|3S0!wU1HgZ*}WdKxzK~TgHW6(^QUseZj+w@)=+vo0j1&TB<Y=AqT60v1_
zY9q)N(0u^Nu-q@N)XFJNw6}tdx*WD648VoVOCOgs%b}Elk`g-)ZdZ(k4en6c&BF?7
zHv-bhHrdIQ!Y7|RiBCMX38gaa=E>7v?l6uu{D8nZ>D+@|F3iRC1<vusPi^AmXHVcu
zFQ37me)}$d_iOLroof#e1_1&D)jqQUoa|gQ_eg7ZQ?O2apsIaK(8u)&3?^kTfW==5
zRQ3JtFvnkg>j79X0wSC{OIY6^bUKBJ&GK@H3+I-wvQB_XF&u3nSE_Ia6#`)pA`C(V
zL0EvmAV3%fI^x1OW@ZCYJw#w;1e$=ZX*6RSY;hCg)o<8i0AtBR3zHmHD9%HrAY}>c
z^lK@RONmswYvyT&G|Q1B8M0JD<^`LVrWx`qhs+h26$BBMmsWB7*clKnB8h>m2RY;*
zL?+k3Vi7VT#M>Em?nr=AeXf&cgk3WhIN%P3WYbr}X8=EgU4{{oE=*8G#$N^`GlUR$
z;ldJLeL~<f=Tdz7T!Oy3k38N*nhv4TU2qnGWeirirHfUWL^j9}5b(~Ri*MiWK&Z6f
zwySs+ROfDSe>MtWG4E6zW#Fe~>zy%|dLDsuXm-F4<q0~Uj>Ke)3Ws5UPdxq@qC_H!
zGbCwV)OkEAJK{^cqx}r5(nI6J{ck!Oeti>uvu&fu2fEtCmNjtk|AYfBr;w;NeO0(}
z%Ol!bgSNViHh!dCk~vPc%HwdUgYmdUEnV*)BZ@OfrI2MQ-gxb`ie)7?M+`NiQ9_`)
zrO9eJ)^45`PA+44DL|gZhOrBcHT7&jJk8>fmjP^yEHq`G#>tgSMz<sJqn|y6ANb@+
z{OHT4@F#zB7hn0qw{Yd=Ho_nP1cNmAGdI+Z6eLHKUhET>+e$UKBfw5IR~qnDj-jHe
ziwgup=s<EX<J!#;KDb`QEf5Hc{SfcJlcC=yP>@3^#>ES(ICG|l#bt?14Y51ihEiM~
zL+unAh#~+y2nazCLI^@2ih9S|!BvO1D^*2iRMJaUdH{lIlNVyEmW~-vQbM6%<0^&@
zs*t(rcm%~<fjp%cxy+Gg3Tc)iO$(+j%QB>zxsys2u?k8S%gd7KE7rjb2qCb!b^^-_
z8-VI#u*<lAH^J^OMBZD5Ko?mi5RY=iiNekU1~^5b(j)|(z!-6(T80Vo)aJocrzdQn
z=LL#(>_Qup#teiZ;qy<e<Hw!>o;^0eGn+X=`2g8qfFv7&(_vB1mnQ|_Lo=r_k0sLW
z1VL{J*W+V&|9%32LUs%&5Q}CJrGJ=ZJ{`rbmJqWfdAH_L&%-~Z`asX-1TAa)=F`zZ
ze*l6Yz?tJGar=IXQJf=_kM@0}$dw{rUtnJ#axZhX%OmR!v|s*6;|6^EaztxAO~$O~
zFw>shIonA#wg86<@Y>pjEOOFdC0iTTu8)~W`Wb9qbDM0$R=1Le0`#(e6TmJP`F+Dt
z0;LpsLgD)L>y<lVmDN{;N1J(m2D>4IQ|HG}5_smZ<M`}z=fFyWSx#x03M<aQ1%EZ{
zqee<&>k7%KKVwFoOZ0od=U&*v3s0=$$A927{_rnu;Wxkf9o)P(tk~tU{s~6ypJ{e)
z$wE=HgC$EwPVjkw15^d{$O(*RW<V4MG0>9G0Cli@k~6N~j*Nb~!0lTp7W)!mM?ory
z<>fvuUs}fIW{7TIf>n$pA7VEd=qN)nhE&R78@*4eb_5kw7&z72tAS(%{-^+4CC-*g
zA<uJ2DIuk*0Am5}6mpptfK3(vPUaGdxtdpMP{>L_N`_Rb*e0p#3_;jf*+jpygkEO_
ztUAck4z{-?Zr&W>*8MK-hedW?o&jm1kmU*kVgR`&vk4-gI@i&XG#ZSY<;Y2%C<eoL
zMF^`l&jf%zd8qFOPue|ysT<&DKC_NjFK4*4^Z;j;Gl*;(*<gqy9e~pzR33p<RygIh
zod3)W8Rg(yVzju1Tb;AWvmBkUl#%KI2jO9}&FkOUkNI>|*czRWJ-g}t9QYmnvuLKk
z4?$QM4zQeGutx{?VX@aMWS&WeILRO-Kf3!v_A~ck*YmJ5`sN_=gB=eir#pxKees!p
zwx&9aW4;^=WJxfqyfp_WvGYBqckr~JSQ}7oCGz%{IJhU%8nombwv-H}nL?7vVqfwY
ztfXP;LKW+0y+)nsR~w7i9azN*7tgHW`6o7^RPMxVPwD7M4gj16{7u37RcELIBqSDl
zz>80=;_<V6{LB~5<6r;jb^PY<y^aSvDUwVU@;4m@PY~5fQN=*Ob}q6y&t~-$X#g0I
zHibcz5ooz!DrJF1z?Oyz4y@0jL}3)kN{)H&uENb5LxiEm<SZc-q1#=-#f!_>+~{I;
zRUqg}5aq~Jge;G-8*OWOBph=U{o6{rW`cDMpsK(htCGbl>lo|k2c`c?X0TK``J#wY
zC;(ppICG`Y3A#A8asu73kB(S^%0naxVK`viyO&^VJHbGNMUI{b3WE{|NEskYL!(YH
zua1$;<e>q~O!kd@U=671^K7Z60}c%{7Tcu7fAcK2G!TSt2wdFk;pbjn#rL1t#>w7I
zECmUW?LzJjkfj4~HiD8dAhRiAQ2@>v*&u}ga5D<=*AKc7NB|`Op)@mH+#AZo5_0U-
z=GpB>xQj&uh;Wui|NdO+dHAPHALtqNn+v&Tpyt5uh+sYlBE0z2Wu!SHN^>M>4pxu0
zM1^_(<}Mf)>o7$~-85z>``x|?sq2P_Z-S$x!`#_t#B|%=MkE%do{q$GKYCd@7@h5S
zxu>V1&td%>j<9Gu3+OV^G%M<%B;)$E_o0--vJq@U7uZn_<k@X7&<O&ZT<>FLIfTqo
ze}hoVh3z_h5_!R2V??5L9s)?&i&XRLz;P+D*b{jCY!AQuvlsF6KY9UQ`_?`D@Bi{|
zaqVt|twDl3mk0zGjF)yqtUCP0dYfk>IVDpD3rXAvAup5Fpc%rd7Eo_1Y1fs?Rg@VV
z*l`JQ%0L1m%P#;Cu(K0EPy`~@O;E~81(aID(sBnE&Mj5f%Ia!>eqUJGcVVaygwlwN
zVB|bPmM18bgM=_xfIzpFf0p~F1hO<N>enPN7$~Gku?@FB7$DCXHz+WGQ?5ZIL8$=D
zi;xXVV%=_maKKgx+DyP_ODoOux(NWAQcu@$(=u{tfID&qM92uGXDly-SXls`JJ-X1
z^4Uc^vvv=Qcn=+ppt2G2;Sih+!Py8bQ!VG5zJOh266sC~3cI+SZ{XWEVp}oL$VoJ}
zbe`XE)ThGHbEd^2_jZ2cSLVR)Fi$(b@hiOg%fEI9KmwpQ3*c8|`Q`H~_NYKVBAhyL
z0=q+1#5m;Yk*-YerIECGJ01Y^@_?efI$^eexQT9<lK>u1N+z86JEm;XUk_N*fF>Ap
zfnl37X0`UpS7b_qmqsk2$EDLk4sCMJ2?urx)=^2uD9(^e1wi4A*WZ9ts*Y@c&;}5~
zpXXO`0;0MH0}Q2rb0^pELoYq16&TXV2BUVsT(t>W@+a(?KW<ujwp>(g^VPOLW%zlw
zLpZfY_zypS0zdivU&3F$xr6`v_rHtRuWaG^-65hRM<)!li=(K4Cb3cPX9K{xKF|iW
zWVnxVxxB@6YB^{L1i1if#bR|xI~k@d^=sQerOdfgZ07d`hEWS+X9swFX9$0)pL^cA
z2e4}lKPdol4Lps(B}U?1t>Ui!iw1ZqrHOUj9hxA`n%|aBSncYtb2b<>*}!%q7ns9r
zI-0>9%rLi0DMrq~axcWmwE!Cn5<mL<GJfPK#>wC|0(A|@BXBlEo(>8rXC4D8D`e99
zs9VqD94gKs!xh|FxCEI?bOK==6Jk57)64laKA%rVqL(#WnddHmyGN}}!y|ew4Yb_z
z)Pb*A04fLpO6FJWVF!Js%(LG^ni1kO$0*Kq2lf%(Gu~4xcsx%hgt#97XxwYIU1e_3
zQad=#q@@9MxDJcA>fuT{Mc9pL1<PX^)^p5vY%2)IfzLLhm<HDK*7uFsG9K?XI*IkG
zx3^eODn=BgkW!)FVeIT|7xPzrJ)_P?*Y}a}x~~7TkFR2d6B~WJ{OoBcl@~x|Y`eRF
z&2aCn3hB5pO9T9k#eidK0m;fXsM=K!u-FB@_~Hsa|HAj<J0FbjTmSFd`1acm@aENR
zY!8#dH8ZH=6BvdBRHFjZ45rBfQnjBIJ8Kx(SXP>qMW(3UTar;HB)y7VfbpFMg~X;S
zCp)G(H3)9xEqDiMT88GB{Vu!YcZ?KXmdSLC^%$Y-6Zkdi@SLD@H!!^fK17}kC(pfC
zd-zDn2t$EOCl_#bRpGhQ0$+Zvho@H`AjsZ>k|_{JQ27uljllT`kV(UxbFY(<3i%)d
zn6aG+d~4VPA*pW}K5Zx9xb@EUo=167L1-xz4tTl`U^EAQM`0q2W(NF7fP=ZS=TVxT
zyL=H+0#TelVs4((gFxDoxd~4L0UMn&BA>(M<REdlZjvpbdu^sG%%1$heMBIzrw>n4
zx3jbV<a55Xjc6vLuY&>2CP1_uRNGlUAK3JRKOoO@q<JCPO9op-#+l*SX)=7|NIU_n
zKWuGB5D1()wuob^9WX~8d77u=&n=l6CgAf?;@$)2puaZE*SfwY;1R@l?ot>3!!Nyn
zYj-mIi+_6s-?_SrH?Hj9wRi7Afzb&A1R|&;pvC22xSe|4K;e;sqRH}-WB2N&v0Lwr
z?@hUA<2_f*VKrD%Zi6T7ojq+slP<{d{ekum&9<^wVsd67=QA6)SpW}can<yJJoteg
zdG4^z<u7G%%ucQK@WS~HF03Ya<uTx;^9qad4)SaS9>kD&T-5F55m+V#yEn$HWlx><
zOd;7$020{38vg8RQV#@ivz;vvXkF8DrtfG@+9{uACi%Uu4Ik&g?+Bbskq&J<_>M9O
zsM!{x&ZmzBA_9tv5ysgQC!tsrF%DU7*C##VyI6rBZ_u2_AcWnKXHUkRr_W7Vl2)=$
zP+SEGTZ>dRNj4B_)RCbrbgm`KZye}>Va{SWgce}U01HMO8S5Rf=OrjEI`5U?49v}B
zYh7%hs2Uq^)mA2J2A|xMJvfA%SO;iEvXuBSIqYA(4c7MtqgOCK4P9!zf3UL#%?>Lo
zMx5lxG6@Fb?YF;!v<z++0whFb<WjqM3f(yt+7Z$1DHaAU8!HR=;g=o*k%VHUKc`mA
zSGT+Oja@wGspTUxPK4OQ`sr<JHG8p6AVc%ZR<gKKh0OBIF~YC@+!Gijz~8*Jg+F`k
zHr~D-;cMTziR*WV=yU>zKtSm8&W!p43c}8<jwBb5R<F5n5fN;805?7>89xKA8Nd$)
z@T>11hQp`H{;_9Zsf`8Xy&%AGIdRkkSOi-DZrtnG$R#9l*U<v}93z&x>D%g1$Mf+@
z0a5`=3jtn!dKu51%<#l|gzvwsaH6vVm24p&BuKIdoa=uw0i-GA<O6zsFjOLuk1{Cg
z;{M_j7^DiIptxU%(vh@~ag)v%B&uH*!G5A?S~H)HNLQT-#&32xe)n|Q*BtmAfoU`=
z;0IldI-d?b>I0b2?{<)8gj^Q+eR-}9-EPtpbz8oNertxECxpBNG;Lk8{p632i>Yg0
z-sUUKb&LylR{(@Z2ieBbH9ltz8?0dXNjo;__%$V|e%5ciwA5$C*~E}7;7`xZpyvD_
zC}xb}6j_#|*AcjS<tnmV7EXy3<0rIDy{K6~A#7Je>$eF?G1gWV@Ix<Mf>O$MAEfbJ
zXsh~-8ZVl;eP}a#@o7FM#6Hk8{qE9{l8`D!M=)M_ZUwJAw}G1v5`6oe)A;U(5&rm_
zxAEt1+(ep51VR9UpelKxs0dIixdIN$H3k&2IS_+#5W>kobbwza356Xq!EBAR7<I8t
z;6@&Hlsy1(e;v&hodVfW89oNi|GB}NQj;yTK^{#B@SHtoKq(*$1zxzcgfBi3;<1%&
zJbP*v7grO6*?nYbgk+e2^HE*5SAsq8zH0X-cZ7g!kO7JjNrA85U-ghH!Z587PQ5O9
zo(Xf%chq`XTs;eBGR=YC5t^b|MLIB%&hndIw1@d_#G1W$>e4v`BE-%xMV#i3WQ;>=
zmN`Ad!qY6%$Q0++0Qj+w{BgL&$h2z%s4(jLm}@}O9@}nzZbvH^454$r(0F(}0krz_
z@9g8`)GD?kzSiU6vVOkvo_tB|W5A!4?dO2MTuH=n4k;BDLxns~t9>%F%go^Fy8g#e
zeNv5@gb+Bhxq_4H-Qu}k#_KddUpu-Uhxzu6-1aQ@9JipV`s^7ifODK!CH&Y+$MNc?
zfFFP97~a2q8GrN60RQT1SMdJL9ql$uU|}%QBn+nBe3rrMnrgQkS>U*c^wZ8k9#*iF
zan_%6J<!nraBL<OI?ZDPJ(_^}c-%nNIACD_F>hU+SKiqKerRR!XfI~K*0~7)-H`CP
zr&sa0%K^?UY~j@6J)B=BEMgZj9YSu8kZUPt5wM=tA?q_PN#LB3ZYN*`M4dJKoA1Vz
z2@$(4y=ILrxsp$V4W0L^j@CpoH+Q)^2YyFq8qG4&L5Tn?0tlt%7w#cOe+s~v6DQE=
zbPy$@Lgx7>*7r@B9rrM++Y{+_0Q<o$VeD)m7jglhyM)sHSG3n4R+7}Q@KxJda4pj$
zr;R5Cxi=CJT0t(nW-30oIgL}RY1CrPZAd<u{8@-iu&AY>M%-MMNn}|LFyZd)o5<6o
zuIUq0g|(CWUORo3b$}#nUbx>6@iSj|3W5|^OR}d2eKpXs!5_7ZTufosGA%Himh@`?
zAl6bpf>aU$gvZbJ@c7w2zW<pO{0E=gz};QKH{agDzx<Q;@XoazFn~-ln5Dy>mTFZ8
z<<pp!BL@t^VFiuNwa#t_@R5tsY>lV!j@yyl!}c_NgkR(HwzvdpA??O!i^q&;m5&nv
zAPfq1<oaTOSD#(M=O1UB?mWPH?*`U;5<L|03vw7E&SP*MgY!r;dwD?%euRG0GR=`k
zITQ=rUwQ(&G1svy#&s<OX-T($5W<jq8rSz+=6N)GSrp7#L3ejv<9B365on|--r1b2
zA}BP;bKrL<0bltiAcB+vNvaUVInqo$;`>FdulBkwf|v$P>=XW(l1Z0c;|ZOq@rQMy
zgq2%lnBH)9zrzYU+1?glWw(Fhk&ZU#8TK<X4QI`9easqxPR07Q22A(?rwt%c0l+vZ
z43UHY-ulj)7z~FHL{5j#%&Bu20gzo!su|aXPKeLFcviDw(wh;6Rv0riy*FkSnxeLB
zFYY5e{fS%!l^1Qi)FnKAdI67}BD`>^i=X?!4cyxWzWMF|zx_w=;_8iEBspW4l!^t?
zop7p(TFIe3C$WLGWSPC7hb_>fnPO`mPi-HyFnjDQGZXMf?YPhP!9GC>8xa>_K<M`f
zU7>J#HN;Q6xPs4KP}mf=u_*4NALbA;hRS2`Fh(j9s65dIE!vUuBL;gG@QWlkSCB05
z7u)MlB#q`3b|$A4XW^VjdzQb>r^7O-AOPz;%^3o}cn<uIz_jxZ{!Y63U;O&bdQAVI
zM=3DR@;l_vj}_z6nG@)ByBNkPqBJXNi4MySnh{>p$UYmUl2e4BPtge~I|J;A9ALiz
z|AZglhP-NA)BqZ6n-54i>(quRu)Sy|w2P7FhqC^O#yDi!%aEtd8jbBUd1=UPF#)tu
z6W2PC6=UoDj83{zKon(2k{m1j5W~SP@+?Ep={mAb1N@c$Kx5b$;P_e}C)T?lQbmk|
z$tbmT*uC1$JtQ*FN7cuk@`rTJo&o?R0T8+Yp}S1jSOPAeTES1h{33SZ0Dtk;F8<Zm
z-p6}428c7p_9(|-ltZ!t5h2hfJEd`r$p*3mavJhZY8Lg<7@%bxDKZC>;N&X0K#>l(
zjmLdVdtK6d#JI{cB!mHBwI5(*fv^xLTs#)w$6i>$XHG|0!98^NHUzRFW<kbKv3BH?
zF`$FhS;<<~{5?#QWywf)6R1of5Bm5w@1~GkP?qEj=v0vnrgod`oWl8ZMEhDIm}Qhh
z2H^V6KlnRx4*ZVJbQi!5fc1laE{lSmp5LzyC+Z`Hgv7a1C$Q9C#J#PZBE~`Sq1#<*
zNeI{%U$+PCsOj)YCYTvdTe%Rf)!7r{fKpp&oePpImTW>Lpg9klO~Fu15Y!&fz&s&h
zVv6AU_EJBWZnRmy<_5VtQom+Q2mVUAUoIumG=pLwjdvikq;l|suf|UZ?dnN|*`Her
zR6f)KfuDW#X>>zq^NJ}3WC#ajyt1EVXNefiSOp`@T`Ly)U7+7p`1d}ufS>&IvxxF8
zuH4S>XK&oWU%YV#4~98*B86M`Bi!Fj^y94nf<g!f1j71_+Sr8s$f(WCiO0YxY6DcW
zz4y{XJ~GP7OEH608I1uPU+Lh)N`U1~j$?}opLwi@moA1lzcfNGy946uMZ7{@fITT=
zaHfHtOaYa9+&K9oIIqS}GLy)5Gq7Yt$DhRA$cV2X0WRHot4vOz{aor?PBK9u%{x;^
zaZ-WSH_v9eH_MW*Iq>^<PCMG*<-ma-lPE&m=g9BSg1>+Q2+>8JGomC%nn@f&+*kF_
zni9mxkk3~)H_mC3^^cGTtXV({6U<6nHqh91Hl(05ZcjX}lyGAboD4!X79>x=plfad
zFQ{u!gf+8b0ztz8)MY5!5%gYJzcDgVL-JYg*L2{oe3_*Zagrktgb%K~kL~U4%FUB>
zR73d}M!iqv`bWONFNPq2FMR4e!hovCmFYm=_q4D45sg}*l7gbTHmLH@Sn9-h{v6?x
z7dG)rKXwwMEWo=r6a4v`ck$Z$TNtK<JKGuFxweD5J26NI2oOX-5V~Hg&b{Nh&aVO7
z$Pe)Lk=NA_oPH1MtX+_&ly==@V0AIT`C~ntToqXDWLOX}UN|rC>5Cm)SkBSoZE$)6
zN=a~(19=K1V-5NeuuQ=!)1m6BVszV2*za9C$XG&U3Jl;|(MhBTjN_|0zbcMJRPU+!
z&Sd@O8Gc6>_=U3&<(a^5bQIh52m?Rbo}II2P>fW}r$g3nDjuYY6;5xiVX?P>-BGGz
z9Qg3=a`pTjpD|E%`Wvo~Xi{RnvMND)vN4|=SZ-$f8QFP+X3{vbuDc^!mdUQ%($<|?
z%$Xs(G)*XMu*e1$Bgf>$U}c<$3qM0wXAxSMSWCx*Xz-sc@#1Z)pP%qE0i%T{rv-od
zPZVc}k_^3WfZMlkVKCT*2s(zO&|v)Far&zuhJhv-IKH-s)5m%sXqjilhD;Gz!AIt1
zRz)pTnR!&2_K+@%%+V9T^XCXJoZke*NemN#tG5&U<#+Gm%AE*F9%5@Kaq~ff_iqkx
z<Nl}$j3;3LLdX5HI8OlI2n<acg_>rhYRY^0!+^VTJ&LttQ`L!!{ceCKPxNu|c!*<*
z3Vjjd<YJCz&qzGB$=F;-(NP1a^fsi*p@um!l>xZ{@G>JzU9)-&HDTNNdp~-i82N4r
zl}e!7#~-|}5a%!epUvvIwSIGUZ$4G0k_Zde;n@KH`v8V>;CG~OU&Z(x{3BK9k&5{Z
z>=1UBikgfw$2YOLwuY-W2Rg<<J>vV-9_heJ56tdC>&fG-AL{B_(=3FWrU-7GpX*xb
zGHwK~Ri?c^hV0D+fh5dqZ3DC!$DaimHuAcj&jd`isLtr?+PQjl6r8cWRvwy}v{%n#
z{v1q0LnF4LW&jOaP1lLjs=cclx7;4$8ZyHLc&O9oD?YT`K5$j{MMfC68G5ahLY!pC
zvm6V70_SNFZeIqp3nRq2%<(hb{z~bmY4)Ol@|S<$aV+-(FsnMJto2lNG^ow4eKRL~
zKLiV7zh54}{1cX90|-LZ%2*w}AR$orex~RN;F&YPbLTbz3J_-k+arZLTM4e-9^%$k
zf;bQGV8FO`KgD-G+`)S{cafx0t9WY{Rzbc91g>g&$mfK~ALSj<80XO-S-~)9VxZR%
zxUkv7<r6(zJQiT1FR>^hEQ%2>90SfD3$VVRuqYxR--XOGD4BzIG9)So%LFP<3xFqc
zfHSa^0AyjzQsz%SDsIsPD5;PQGpI}=K7I*T-XuuH2*R4hube!!e4DC&<@H?7J9qOu
zx_vD`g+cLLna$z9I|qJ8Z`z(&h&vHj2rvl{&z(IF&us|xXf{G*k`N^+(o{a0F%FIX
zZ<AMQtAU$lg`~5*+6F+TUAGkiJ^{FLqo2rL=_uNw5=_~oX4J|k_XeX$-lp@$B{Y7p
z>f}<36DS*D0_4r~tL3*%_Y^i7g3vDcw70d%{Edy~aAm0GG9_qqOkax4CFHq6l4Jk~
z5ANQ^?#@=x2{ai19XeiGzc<WY&`@~-1bpeGi|8+e0LNqM`*;d8!BgKB_P#9d{ob?R
zd3itUVhuXDV4IAXK?#D?#$^Ekn|;FZzQFV67C~YexfB>BjIBY2+gnSxyL$pr7GO6K
z*d8%%Zzs5NE5bWB2Do;2SjC}`M-I9dM@M?t7G=9Oj`cn2<XR7xPWEwPCB%tkfs?CL
z#3xXM9uKg#sIa-5Vxtc%h6-IofE*#05-bZgFHsp-W?+>8G6gu-uA4cOl3KRO2GCRc
z1iAD*e~zd`K_-P?#+&IW#M~_g4l4;KoEpBSfs?K7oP)k2+2azyti3Ys0vODJ-yHZI
z=t;{#0Flpu-(iA&tQf~vS8!~76@yWNQJf>o<>B1fW_(v`*V*?0gFSHo;|*TekVaZD
zVlHT!B9y#QgVyLr*pfv!n`YJD!3K6EfbkW+kw<ds>L$sl`7`Swz4ep^2!$b6WjB1@
zv;7{+n?{+R?--V#*%$A?{${knADWJz<$BXJM--*#gaNMJxQ5%eZzB*vQSDRadljbd
zl{~EeR~f)JG7nFzFXHTG4*@C2()7ZqWt=Xq#IX#i7(tiz<GrGb1BH1X+0B4!X=r(J
zu~9uqAjm3cov|PYXI2Sk*Fp&DKr$gyge+$yS%_iW!(g<8VaibGB3A-~gplS6H?|~3
ziNdve33j6#1je`D-^Tsj1j2NBY?yn})UCPF5Aot-t6&thcV{;`*jN<USY-4=g{2^Y
z-~^Npu+T}c)XUHd2)z!l5Hh+#L2w4h7>XrWW>8rUP84F511g1*65tGwxvtGCC7XsB
zOZ9h}0SMmPjr)6XrZA9?GN?F*5CVUEMPWBZ5z$ip6VCNqJAKySEMx_>%%>yR-wFaP
z^PDO0n=^h#Y#IV|ZB~&EiUKGK5X>VT4i6C0U7gLfHJsYmz=yX-g<MS@UT|-z821s8
z=c^;*aWPlkKyWQRY+x|s(lztKJnk`;@ya;ZS?kQaHFXvMG=L!+090{lP}ek1@iA#u
ziJ7HR9p_5ww_#BV5W*itF*WPw8o?L`rUCw(b(*r#x+&`+fRaUylMHc^VX+s2^8{&@
zq0{MAwLVmux3~rnrLhY{!}LM1!jHf51dgvS6rJ(X*4`sac7rj-0x;eSD&zfq&3k1C
zr_h!1BycbeXiW26T|Zfy#T2hAp1c~xU<e2-5M!YWtoHy~E2Y|nv{7;~u$IZ9UM`g(
zqznKkM9BtZu78U<$kD4uNDQeeJKIj2BakCNWi|WDKp+VH?g-3`fPhZG2n7(3f*=KA
z31V3=bgE$Pm=#zlAT9<Kat-F{7=^-grI2jq#k??>JWIAY#*4JN3GC;&^1ZL`O9v_P
zI0rT^;)4&nNOMLQmPSovNVo&bys2jLjca`_^E|RsQQsHL>iFjXJ^(nG1HU6Q?flv=
z^Xjksuh%uzyL#Y1AOtuF=23o!2lZ(nL<qwW3IXCILy{g|H%~a~C-T~HvMa2dK32<N
z;SO}H+A4A5hPNnd$*$tkE!uAuQ^$?lR`|s_(I)Dw)}g=^OVJ=GTfR4$Ja*VYH)f8A
z0YxoCS0?A`Sgx4NWWzbMnb%j>VNL*lu;+EHRT+d_F_I()D<FvmNJhK11Wf3-22q$m
zlq?^r_Xh4W+Jgan=9!aNTk3!-nWt)sfSXZ{?T~65`eSYk47IOmO4f$=cVF5&KHxDa
z7c_x^g27gqyQcJFss@7^ym0x~0ylN-TzM`N6S`D<x6mniC<F$&sN|=NyvSUx&b#ur
z4D%CRQ(IVS%34lYWvSF)tO9gW74xzzwpV4v=d8e-SL=di?i8!44v!%XR#Z7G9`Eh&
z?Hlxc@4=tSBxE8%tZ<c1W0w~JQq=>*a_KcBpJc_h7(?-MpM;~^>zZwp!#051JHPhJ
zd=%R@JmTlpJpjA20Dejc?d-|(5v#*;BT|gz#U3_SSFtll5G6U1OxB~_haLOUz61OK
zh>5~FYI!%!Ci#{lZ;0L)fNPZ)X$Yi^ZJIT39-L?}9lodvf(e?MK&0rnQaNr^ca9aI
zR=l*@lQ_<$E$F6&z-%OC7&I?yqn9@D=Yq$I0R>m?r7-IL@?2sRB_Kh#cl$1`U%w7f
z#W)z|4(6!;1lK=i#@f;XP9N(b5DIyoH-VYY&2_3Wy}d~7Jo8OW*6|n+xyON;hXRdk
z2%0DD5>H?V;gL0#0FJ9#Hm+Dht|h`1uvE423~Lan&&|rrshVF^>#2a9(k4G_fHT;@
zul|h!*fBGpjPEL7ryMgJp4<lBjJ-+Njam*SKjg8U?Uct7d6Xj%0)KWx;MS-%Yp%_D
zef52qkgqeJj@l%H0BUwp&-=41^_l~}kN0#}BmZ*;-cKeffFINR26hNQ4_BSbWn4OQ
z3ODY?h~oTE$vh`LYnkgl$#m;0>-ESV1>t4m+!zMi0<%%8H=)q5k>_Vh9DVtBtiXD>
znH-s8eQg`-G#pQ>&y7ACmDPKW1*h$l>B&2EN*Q4|ZB{O!h8c|s4sEPwvWI50gv-!1
zYXKYXH!a}LXZC`o-%Pb#S(;-MrRanLakPtj_wOU@bPZc~o!RG=ff0=4xoQKXV*Jqe
zUBtyxD^OZGSfF;a2U+kW*GO*O1jev^lRZ?*-&fP2LiV98<K&$PBB!Z8<cGryjm=kk
zUJ08<GO7lIY_VsWZL8SBQevtM;HPXrrU6_H><p<T*D}oNcdF%-voAccIsNVO5CCl7
zgNfh63`14a_sLO)aOoJ{y4Ar>tk5lGo^WzGD;c*T-zMkUo=-<~(*0+eX?XkAQElDu
zh@V?`bddXOPFxXyh0rxG^XZX?MMMaL06>U1$q=Ra;bQw*oIOjM{0Y7+W6&epWweu4
z#O+uS4S?cdw!A6vhTA3Cj-_pY*G^e5M4eR)Tbm=M4QO3P&Nrw~1<bn!G2Up37FV0{
zciDAEG^L$m3f|0Iz=q`0G2NL6{$K!0)*lr$UrCZ7&n3D602vnr{HCj4De1JNo=)Z$
z*%X0Pj2E9gfs^Zfu!;>30J{*ATHHKc4Xy7WP1Px9KWM~$>-!#-;h6^5@xucK_5fIJ
zW5V{zptjv4Oy<sI7ER`l{oBg>09>u6sdO;yIB6Srnw#(U=9$D&L5^}Dm$=_MgF(0f
zB2{0nRdj=W9aDL&H(Yz?!R<%3w<QEvgtLrtm@|Gy82QZ%_!W#_2o(qfQqHgBM;Hy2
zZk`L>4o+=uU}u<Ml;lX$9O_UP_|?zdx)!d<$dNZH-Nj@I#G*|pS+gdUiHj->J|=c?
zoccS5%&0&Kxgg6iKq-&3Fe4NkxhETWbror*040q4znT^;+su@JHWK2fa0e}G{YoN^
ztAzn#Re&S?8I{sFP{H=G`PXm}H3Q%+XPz1yG92R`y>8O=c*HjNE4P<*1DH}yXSbZJ
zzv8`=3Q?2-%oyzM;O33%puouLGjhGEIv`Q9f2i8TtnXt6Ru_9Xb9@1v4v?q0T_aV~
zul_zUO#)~wES$ykjhn~(tc~sCb{4MjUX1~7ewL7@0a`ww#@qyltw4&$Y!h1%5e&l=
z#$De0O=9STbPq^%+syO1SFY<EA1^>P+sp-2ZNIyp8|;3;{xky)AMK>lQsznc=A95%
zb^{2Z>RiqW@CmRG5JG6ePt*fGzQ~sObmS%#lu-^dI|uI18NZ`D-3RdDtQ6&n0ziZy
zIgfOBq`{AVm@f5uc;ft7+_|42iZf(KB&vhV{*mj*IWAIRf)z~t!Q{)2*_JytA|6U9
zqEEhQMlh6BL`Hae4RY*YdD~^vl|kC>oF+q7m`W5V$~I}K0hs07Ss|Emv9hj?YmiyW
zLruvi!3lJq4*c2sW3Yk$KYMT1B-@!?hpqjc%&NK*?gcI`W^^|iO?Gp%Y0_3pcF<wJ
z*p|cgi%nS~B}*Z_I_z+S{39fhqD)J#j<6#fVf!EW!45h^iIPY)r)Cd8H-HAvn1MS~
zRc4-HZ$F%G*xz(A>*D6ELf82aiCdM!nev=ddwpx|wX|H-EziMKMePaVZO{Z?%B7KJ
z072-w0mmn67(-Z}9^;*N-a(`7-SvN&^}F#hFfRuaVBi72^z|3<(=Xowa~BLgfC)!b
zoTbUH3i`??YVAGR{<ZM_tuoKFx303aa+ZCX!kXLr0P75?<g+l*PYDo9z}HqKYPD@n
z)VYp{??<hNCRT{)gPMJPau)a1-PTcF(gmAv6hVL5qkFKy^2&9*{{9g@I3Ca#eQg_m
zJ)1PzL0!}Fzw@}1WtYqF+Y_!F9X<D@_PhAQT;`MO{y+IU9e^K=7Ge9DwGh)>$YiE@
z?2P*S-(v#<LrZMh9_vky;U^H#*X#tGzs61zaD_sQgsK&jOsVUnT<prOlB_K<x}*+N
zcJN7oD8ceVGQ&QJ)MHYr)U{a!f}5dUR=Q8JZ9fEMwrQKs#+Kudu2O)a+%bGVp$|$*
zB1Z{Daocv-Y<d_78fmfKv`KJtU<Cr$Gb*!>viv?C7(f5YZM^dQ6X2n@F%D9eXy%pr
z#G~>#N#RQYfz<i|w@68+i+d@Yn(`1>K(=E#k^(q;IKUw_ASpEjD!KX57Dh{=V=Z-t
z54+qKcD*z1FkAe2aNwD??R;gC!a%?3AzhD?gFCplyaQ$q@@&Kb?fyA&22K>2In9vo
za@SqFU*LBP;O+bW<nLTsDc)i}$?#(v;&|oJ&srF;F+2W+n8$^_P?il|eD-NPI2rTD
zHeLUd3Fj+)epALSTSz}U#U?6rJN{f&lb-nxf9S%4Vzshji^{*dUcaa&q*&gXW#H-T
zJP3^IchfGI(5zX^`cYv6ePn}LCm~_|qNI84;#qD7bn;VD*$vD#1U=oKB$qH}YLgc#
zj-RNoe<HwU(_vsiKeV{_*~c)(_}Txgzt8n|INt}8#5mYvdE?q4UVi2Z4h{s}X7I5B
zR6C)fjFPQrrTTmo^z8(;WO9<}Y{;SZ+%|S^M|LTZSqjR%bFvLkmVm8H0731*c?LWt
zBGbUR3Np6<?&3XX%k0%z|4Mv8|EO?3pg-+k2zcY<2ydJmp)s4#%V$(CpSAf6zax%l
zp<Pk+JbprP-)QWz=O~9uUC&<nlZ@y+I|K0aK7ilQEC4d|#ry@m0lAsvgXI!G{ql>r
zf867A-J`v1F%G*ujTjQeZ=B5c)8N6E>~Wu;C?G_t?@)?aY;nS#lptyZbjIgQAp#-`
zu&?!rsh&m`%)lTR=lrSi1GQ5pbblS?+f7OW8X;Qkp(4tF$Ge6W;vHfbm$`AKyALac
zMJeDt*$3bEXE!SKm>GrvC#NkS!0Pk_-~YkuAk!$<PUZZk9ROhpq3z>R2WI@-SMT7L
zf95$z-`g;7i82hSI-4L5<<uxOBqfD7hAFl$F&U}KICqeFZtw4#y2;7J(zj*MxzF<C
zwiow%C$J;&I%H}Yl?6E?Re6}3-#Otk+4~0`E%4hgy5kPb@(8cpKfrfB>d+YF;HhSA
z2)2h;U)Ns7ZPbL!jQlQT*+mB2EQ0CR4E!GXm=Q@}{Puw=N6LBzeqZ>}kioJ!#HJmv
z+Vtp$%O~Fzt$LH)C1%0cM9PJzY$;Dmvd{F1DK*zNxo2TL@iOv)J>?2m8*UVs6}`DS
zv^p!G#d%tYI^Gh=Iz`Ds1=BrZQr(Z_^J)WALP$z1S0Y<YkD;i2aj&(uzYhc)G>m)q
z?u~ttw#ajReQ};&{K#dVf|u@G$1Bg@z`#!CIYh@);thMq6CVY`k6l5ZOvgkN!As30
za~ebL9PdCi6C2s?Lb?+WlpqI2;auI;thaMag`BxBuZRp~n<Q7J?i@SGQLzoUKlGoJ
zb9TR!QRX?Ew&)LU;{M@t==!iTq^{lab*=YfhI^MD_!)!2H2a*&xC`K;8Tie>@7{i9
zE&y&8Kr<iaFDA@!syc(`pMDY#PTDcFee)CU<~dbf&>8C)Un1?$XH%%P_)MYMQU`jH
zm@j07vqW1dh2A~CFO)1#tyV01CJ9*exz8!Hq5+=Tj?zYY(3tcYidqIT14)Uu4ak0<
z0)P5=WUxo#hCoT=ivEa-lX><Sh5^Doy45|;ej3})7wp|l)(_;Rs>%6x<#36Y?p(!{
z11W&Mv_wxb*<=fOCUKLZ)IeJiFx39lCzxzu<+jN><qXo#!URL%a*QWSWc#AG%2LxT
zJl+8eZ`*B|Fk7kJXQo_iCXV4`&#VU0lHgW3^PifBdp%`ZA3tp3fzh9IFc5su9^tjs
z6KKd9KxxNL>(~qL*c%L9awpFj{#|C^C(UBt8GavJ=3_idJ;xCDw*Y+e(F0+^&@^Cb
zU}%nX_@d!HCsk_<;b&j@5;hxPW&8W^6D;#ADGCjR9K0<Nd=rvRs=vQ*?28{ynhi_+
zg+U%E(JXQ*_oOZRBl<l`I;dSLDOn%sTs#MQTttQFfOos>C|WKYW51QYr7yMI%p2)a
z$!8`XO(dU1mrtcF6#%C|Siefz8jJaaNq(Vo{M5BG31kqgPS)Uo(X}mp@Wa>R8UGTy
zS7H6M%=6WkZsFhiH(!GAFv>hd+3!;v@*(PA<xwJ31>03nH)XC;m3vlzVvR9MCLp#>
zdeok)G0eM8s7$(5$^_6-KuD$xSWuw$<qXcE6FrUFvhAe6atd~LW)XR){J-5$-&v>T
z9{=AZ?ik&J7N%+Nqty|<_5OgSF-5Z`l=3)B5e{>d!=)YEG#Hw_8M_Ps-n`6F4wxA~
z;Ql}U+dY6c_T}s;HpG2)_WYuvzp>CgSRA44hB3xrkW27wN_rT!5Oh+2P1TpSthFwM
zONp3FHtB22+*Px_i!lqQ9XD&zRR2c`F)P5L*}L#2sW3&J^|Nthob0D(1UY<?{bEJE
zzsx#`#IFk{`@4nt19FM26j;m5@iUQscKv|klNDGP3mWkDJMXGq&fM*fq5$V|F~}^q
zbL$Fz_RCLV82S<XMH`)-7#y*8@q_Ing%On=Hj&+2JgX;9#mQ4-`l68>lt_tOl-l)#
z!hUehlvSb<#xsu9G2tpsnv|bP$oI_8Y9tM;Q`cd^=~rsNjJJTlv)mHp;qIj<TvJmM
z0+U*Hq`5Zd@|R**59m%>@WFN5J9+`1o%ZAP8<{kjf+H_w^3J)nZ?3u6G!WXWqvxCV
z|MB0x)CKv>_>CI$w=D3xx)0#T&0>@@%-HV>bo;R(*95%y%u_hs^jK|rtkyl4FK;fR
zBn3X1JiI&0_|rXKgvh)^J41#GQn7xHWhxnpB&!KA>G^X|M4e-$SjNzFQDBjb4J3EW
znLQ7rxO4EVovY-=j|NAWaUJk(oGLxfXW=mcM${I2=Ne;)E9>mZVohQc|0saCP<IK&
zH$GD^$@UWf#N+cs`a4zme?ERg)LvGAKItz^m2nh6D*@=*9-D5wb{4$C&<`WfGX{oS
znDhAXKhyXcRK}m1s}vC&E*iXi=Q?g&0s5{VCv$~kHz9q(5)}$*!VZXM0_<T6V}&wc
z)RPKQ0;-zrtAI`Iuo+KXltHN|_O6Ic)$3Gh_ADP7ksL;gU4}3Uy||U2^>jbe<w`mO
zCF&@oEFo8bQuw@7mKRT26(+Q#!uZxE1&RRhQHHmlALtVn45uByj0b#(H~QOXs1Lb)
zAbTB?zrIH|&k*QNnhiYfe#Lp5Z+$^D8oSv1$32V(w!Q08j~V!l<E{NMe!-!LFbBDR
zfsmhfDE!8kUxF~<blsutddMZ{?<-3n6^Pmm?-kxa)0qtgchBPM5nvSM1gG6NZHz%0
z^zK2ZmU=2nPD<+1C}SZwU`8Jk1vE+J7CITFm3)dw1dKFzBrVr8CVp??L>kTUi;`DD
z$uyA%yX$(DC@tRgdvsvEjgiO?ab5l?0RV~!R_hi+&tMk(_}#bd%dzZhEC7xAIhKlP
zBM1?}ou{thKm4~|0<&fNBxU6$VjQ65wcBd&=~#z&*|I&{y$JeH0evZ;n*w7cKv#FV
z9PeXWA{8Q#nzMo>)=El1t0eENIetcyK$Z%}M6aIIGXbS4!`uOQ$*yKC8hlN#y<6qF
z`+0S*e<wOY`=AAZ@ZoBK|L<LaF*S*&Q4f9XBQ|-Nao;5deq+77N2%{IfOjtYah_dA
z0`NQC*9^w6Sokcid3-@ok1LJ=9332?A9$2`_I!zmTbVpWc}+DT_uOIWRf~(nc%`(Q
zqDU%H$4N@KD0!GjshTYne#))V8Le<_`(xvlS{Qxge&|=p<sw_Vd}^bYEKprJd)kc%
zi?kv;Miwg1oNT=$rZ0(-G7E7}Ws)N3d&bGh8ht-tX@Kv)_8M3?%<dZ#89Y>-|0q8H
zp1N^}U-|l-QRazW_4wuARq>3GEst8?*qK3JNp^}#rd;JJkqKaiU7wSQEWg^98=c7o
z$IglUmP#LAm6b&0y%pEcot!XbhvP(Bj^D(6YO=picDk2N8^~<ir}O=5G;}@M`x{7e
zi2K*Rg!k_EaW1C=f5xaZmiW4+8S%}-o!K@5ZIAWxgBkeEz|W1hE%@8ZU374nB=h(J
zjZsc_=c$`mZy2lfDD~`yS+DEMB|_QyeX_<WF$Yqu`($D{z>am_wn9$FE{GD)Manpi
zO)N3t9O}VXQm`tCS?uEJ987hIO}<wy)YVdO^3=dJe;w)TMUa}v2W9FwN?fOASRn_1
z{V-s)Zow=#XgaJn>#^8NL7fJDNgWt>0tuE4;mgln#}ik@0zR%3<7Ii{L!I=g;YdX$
zI9dD`jX<S{@at?JXLxg}C$j{c1U2x=+4e{^HbqhkS=I9?bwHO*fY?4i;e29*E5}k2
znP(|pqxzk11KT@-zDG8hc9vX2To{lfBIs8=q-V5P;$3<!&frrrZ8(ht>5M+gnVorp
z{L%wIZuTZbWB@;$rJl3Y)7@=W0A2_1s{odd{A{BJY#KB}KOgEZ5WEo~eEmx=V!2r2
zbbW$N+e2iQ>q5rA>DwGWeGyZXg-*yl3yzUdAbT2UuH~MH9WQgaXOQ^0IDw)y=(hb4
zSF)-ezDNhD(+ep{VuzQg2FK4hxSdJhB8`17qS}DSIn^Equ|e^oGOLY_UQcA7k!xw@
z_8IrY<!+_q)UrqwsZo$S2%B|>z8@f9eD=wQw*Sjnx*HHR05u`7U4=dqrQz-4`fgl5
zz<>4^U$r?IitW>xV2J}Pv;?(QN6QYy`c_v?l(YO$0CXiLuoOQLt)rGmeuj)Y;Yx62
z0?5viN>J?0n*uaaiFHVpkw%4}1U_YY9lNl%(O1D|boi9B;kM|0LUq>gBF{52&>wez
z01t)+zx&|=ggyka`=|zYjoWJ)CNgpwuXoJ-ee(dD1=uwEIuF(WesJ%9{#%#65TAix
z7(W2e?gRLVF&GvLEc<qL_xxhu8f)$$xO#X6%!1XXMceUDa*9KtkPCny?S)H?3n>9>
zIb_RVb!_qi)h|{8gi_9NE7eC-h<WhFFO;Vt#M`0@b7%5mUjxP49PL?ZtVg1Xx_BqW
zEzjdN2TmmvfxhX__9C)1(h(i;5V$oLPyzKmq;U{QG==qx2|}v~{Ke)yQQQN9Q;zQ)
zjNAGGFc!wiYJ;}z(HP*5zxy3@{a~2@6y=@dbH7|&m`FVZI67$Xi(h*ZA_GMF1jr;&
z4kZBiPz83q7q7T5sf4`OmQ@0mmE}*deL0XxA{nZ3Q7PcrLS#akH7Qa7#qdmCwZE?j
zzIJg(E#dDS7`#l{jR}9^)KPe90$>6VZi{mG+<#Qg$J}M;2DJBEKnzZ<JdZzpzXePa
zu3ziy89f^NFR9mcK<teBF7eoVTh!V*_+R=l>knb8J;LiC^hjOAAHl=rlFWU6Ul6oo
z|BOEM#C3F?;AGw5blssJ<}Aiyc_X{YJ@u@81_dYV<h7_P{)ogT8I@w#oAF3qEy}~x
zUJ^^zI1N=-KeLixN@}bqI>5cq5159)E6FEx>_l=bMD+~D(GqdbpEm6fiQnUAU^$I@
z$a}6*>8Jjkd&cTygTC)^{m|g_<Rk#y$l$?5<}Pp!o>{J!z!>1m&)&ezYh;<ep&+T0
zx-?VHkYN|~{UHe>m)$_0#P^l5)KCgIsvH*~BA<ipE1R^G0AfwWDh21v(z#Q{MJm2w
z3$Tl}smR>bLf|>R-%zbbFa=IK+zhs{fICRbW6WQYP3#ioAQvLWVOaMVsKEzEuK+Mg
zs_h~iv}337Y@mBj{C8lkk1lmhLAJlox>@hxu>#G&4>RKzjn{1B=gmidLKC=I+9~?^
z=JrK^H6p-Iz5G0`T{*&gAD?2~_88{=zNj|Yc^>0o<emk0PamzIgT+(Iu%OwLq_j(!
zKpg-P7u~@cQ-v`2=QUd=Dr6yINB#CnEa|e8WAs|s%gEsqn*4L|5fY@N+C7t0bOhNC
zN}x6)<}bX*8M&x{b3zh(Px)^VyGc3YM?l;4=(-*d;N-zwFb{F>k8ycl2tO-8NNJXz
z0EY(+{_}tLRV+wUgoBi$88QYC!M%0og1M5{S9@Q@>_ti-D*=7EaY+r_)Y(2kDH;J8
zV6VDlYJenL@&sKUYC)a};-WLARDhjiART45OdY8(^&R-_q8*q?O!nW^dm^_XS8QL;
z&hDX707>WcH;IA%q=T?vGZ237{X-v71C`-7MmCrz*RK@dPNjaod0eiN!q_N>{hbGQ
zZI9m!{N_Ud-20usB{%=u|K)9f-T?68KBk_A#RA+kSj;_Q7x>O20aOU%=->ztgVm}>
z+YXRRDAS#kdzMP=%KHPDaeZZyW%`9SIEj18B$s9S`a=W;E_+YmHUC{Epa@F7DF7K6
zBlGMw8Kb0*wo8sE#2pC6^?~6d6!dv9_U93d+ZJPk`rL6K0*S!beKPtryZ=N0o3U>8
zI?4$A+5Lrpg;L?D|3BMfMH;XwU?&m|?l>ov_P|+C>*b+pFBOn-nSXJ4I({Fkb&Iy`
z&@=|GefRrVt=BMyqRc*1_?cAU7;3_C$qPgHm9O81F$@`8exD>KBNYJPQ~|vU2-pS+
z%Z{BHgO~QeNdjnOoAamS*?$rHUCs>j63xtfMY8NXk=$Wcyqs1^K2yqEM?Z*^Gx;*o
zZ6d#qL^1ZUi*B?(nn7fgL2L@NGWtF3eat^EH2|qWH@1bbPrYa24BN>C_A%kUfzjUI
zfO|oE^$z~U8$Fm7h3i=7b3#q(K!v;09Naz+tBhOh>qHm;d3`o^nSoz2Xbs?d0R9qy
z=8>P&zG-zfc)9pshw;>nYcObVvg)zgbm)c|u-AYg@Q6)blo3kK`e|^NNAIN(ZW85q
ziwcEJS;4Z=Nv%gQ+5<_l!Bs%JZYU%w_X37KImP@%j9-#Ps1x?ovdFW0Ha9TPd>&AH
zkQep(g@Y!FuA_`aR6t(k`uQ;Vgau?~tWG!Bv^{QIUE;I5pP}n}G>fHj^fQ2@5;662
z%J>oR(lgib<aH<W>~mHt{W2yCiH9kkCm5R=!<Pk&S3qBNH9<~Xk7Ou^yoWP#BIW@l
zrD76xj+)9c0c?V3B0>W@K|#J*jmM}-Jy9`p+0Dd7YCVo6ne7>kUCwrTQ9!9@i4068
zdd{UtZwCyk9wLN~uYL_Dy$RCIOvasNaXJ~Oy0&NJHv>OkBkyH&0DXV_cOG+(pE~aV
ze1Du7*vCmd_xXKMkPNfn<!7J9&Fj~2x@xiB^cXHN@GH+tOI0~l7DvfsVN-c`u|BKG
z(j+Z!OH#SG<;t=LlJ%^?tHt8z1!wZ$pLZk!hxMn$zS|<!Q4hAtblpg-`llqdqEDh9
zB#CQ~)IndxDwHz*q~QG_Dj(2o2PaVwh}Pp6pZFWleVko4V7=+UA{e?;fEi@nJEML+
zLjW2j_p<#!`e(aLLxjKl%~x=AK-Sb{P!5cxUOqfRc0{JvQ3QP@r^_kOCk5k|{Cg<n
z0Y<%lHHl}*0W$-nl82z9!rm2~Nozn5)n!OA*RRmm%cyKaa+?t@PdF77H`8gO0!*;R
zvfbG=x&MjV4w2n&ycu9TKgLf)(4Y3;p1~k|>)s6v(!@dSFp+aFpd3AuC<od)IWv!+
z_!@%<L(}XT_~EtLU2z;U;}^zYfnN{c;L!s=WBdG8^O3&r07r23=m-n5#A@>Z>$VSa
zqsw|=%0yX^VoGq$oP2-c5E+qurIx>}*Dug~+V~Ph)=_uf6=ES$CJ|!UCv4w|+QCs&
zqbTx;iDAUp=M*!?0Gm-7>f#rKlHS22FJUYkDUr33WkA)QS+;Rx6l1w9Y?Osxj})Y|
ziP5O;{flJ0j<HNi<#y9!v*|!Yc<Ze<aeVy17Kh5s)2MJ~-Tz|(AvkW!xXi`?-~8Fz
zSS|qcAzp<dyHj;?>f(B`w%oC2sv6~h*k}lth;%@4q9G5Qmx`f_6bxCWW=f{mKB(pA
z@<*wG--+Pzz{+dz$J1Gg-j{{rY(IT56+stIfTa>(#TkR|)0>g(7Wwf|Lot9`ja_hl
zj2{EtgBIK|<nRgnzpwY`xEZfw-Q%YjKkw{WCh}+8cgcq#42$JHiILXU_w$$;zcB9o
z&fjDZz6ZjGdvX*)zgR-3!M-eu=EvuFNGNEpT{(im0uN5wF|@tod75Yf6w;QyeA)7Z
zlnPgwdVYu6T=JHf*v(Sa<q_*AIeV4{u4k;DV#6%k5Nb_Pqy(4iH?^;x#j~Ky2fIt`
zys6jk7ADEQM3LVd1Cu!XT@vR}iP%b303c@*;aQ>R(28KS-e9#_<Lc1@pMLr=PS@+P
zI7Gtu5&4`i|8R_fx<&=S%g@}v(>EHB40f)LBj?wuqbEu%-L}F%`AmtGi_A$-asC8q
z>FOdi$zz2%l5%uGW{eVr#g{-G#n08Q+{q{iy{}xCvqpO{A@eLrUG?!zj*mp(o-2v~
zQ7j+j=+yPJ?hpqdlal~jo|jz!;;yfqqp=H(PQBe}2ksdUZvHgx_RCT1otd_TJijoD
z6SIJ2Bsf1V+k>e=zgX;R@dCn+L3sV%@BGcVl$(KHc31mw)B%(1<Ln!n1=!4o{34?m
z7QqWo-@@~^pTz09#cI=G;JLrA#*9YwFqMkDa_J&SK}XUDgb89L{mFx~7`&CXge8v0
zP9<1U6SiuJSfcLIkqM$2{z_d*xr#F|D-uOea5z31{AJQhiNIF$x(A+|fj>zluQfTR
zUbdvYP*Mye7XkX7vDvg321bJpBK;_5EoJt(0B6$uKJJtXw5|y7m%sTH+`7I5xCeNM
z3V2ET&LjtCRX|sJ6q&9VFvY)?3|xw5LM-nrg1!XsRQk_Erh5E1Icd|#0}Tv0?&~X2
zJ?T}F$s4(FtSb3@7O-XU6xAr0f~+%}<*6`$BAGlrWdzF@T?*`fnc|dP!Q2@fL3hH7
zkNM_5tb1_FAOL@Id<$z?*vq-r+vgtY8jmjWneMynW0ZL=_5~~%pzi|o>3pPT;8z;0
zHF(+6$-MwKv%2=ef*BjUcDOvma&dswrXOP*c%CHMR+wc4%?_q^NqIl<rQ`}O-a`FJ
zR!`@l(RtRjHIzx&wbWr=m%oJ|KoM51hAHb8_uY90jU{3fK?zf%*+8AeXFtQD0a^k^
zRZ%}G=`=$rIdDasGZ=$h$sO|{37{49U60kO1%dG4hacengZnT|lYzbv?GPd!2&!OA
z&aa>U$`iP1`}@TA_r;(<YQ`fn1;{2I6#$t7z7jKtLJ&CWpf8bmN_HYwdiaWNlN|M9
zW_^ev1!*C2pjhk|EQ9G72U0BC6iho@iX<}6F%m-3SqlAnDRe%Qc2YiLGYPyZ%%e=*
z+#ZI&lO6AmrSIju{tO8ElMchC2Q82A&)xw}J2ye&SbWRs8Dk}%F~c9^-m}7U9wYE)
zv#^ey`zgHve0O$M3}Z$iW#G4$`_ULsxdhQ>?lHYkm}X>Y1cEC^2e@)@h~v|d?Q7d%
z{;qaAe7-Cxb;e~0dxiYHxZ{pcdRyoL6i5mglU_I1(-!r;C0TTlvnb*y3BPXAv;P$J
z35LMEBA!Js_mmK<Kq>;k_SZpW6UKpq&XrSqWCi&azu3J~T)c#YJtdVFh&1QVzZQD_
zfZWLwx<`@%5DD)ej|15^2n6eOhttzF4wei2=)(_i_wHR7vru;K#^-z09wFarjO}>w
z&J8?sa{+>L^HhCcskN$5j6eJtP`jLWlg~+M79yMYnC|JrB<QP48{-~86)#XRgNfO$
zB)UOLu@H%*vl4nf8P%ZoQT6o+Y6dV<hrFI6IL5N@1Rz7%P$%0tsmNWW!2VD58dAbG
zP8hrF^7mwKeT1L$UOx!BlOEg-=$`%>-g)Z)Jqwy<`dXg8zGwJ%sp|)F{e64mp#;Ep
zN<lA|b<B)kJURe>YJ(p4a)S5!ZD5_p=eReBFmB(xj+dUfjgwV})n-6H@K*D+%W-sS
zzsC%bOg8jMR$95wa$4`9RHsR?2#^1jtnL#Oq-N?hPFO!JX5)BE({8F_p)Zp7jI!e~
z!l&5r7E$vY+xLopQEXPBixu>25i8lMa~4fypEAljCF%F#RC206pE!fM_c6ze8l01<
z%1(2PAv0sWY0<Sk4jMs20|pi)<&33ZWGGm{8!9%9G7J8LUwRSGKXnA*ew2E817_#o
z$jMG|1TI9XhX2)`G)W}7<z?$WGOmC=&A=gcB9%O&O-i!SRK6TN&jmvlRHdE*smC8^
zmrdaUh%5mqPOiTSXv=VH!aDl(Nz6LCD<%cAnZspie@c-F5{Ja6(&ns(GTjwE17Mp1
zvi18&oeDh1{JxgKn=wM=Eq(?o9KmQ7Pn){vYZ@rzY|fx>9*z*%D+l!{fIpjoUl=pv
zr^dbi>A#Vi|K0!kBLJ@h_?3OEqhE|!CCxCSi3<g41P~@1E|<7=cm?loKEq}+%RHll
zr1R}+Mwf*wx+tqp0yBjutX=%%2q9+ggajmkor_t$kv$6zpU(1uBG%6>0|@zeV;H*$
z0q>p@lEBtER?s<d`cQM7eK)dQWZg53q0t4F>}$?h(-rG92FF7PV%%{c8{W=<(3tto
z<MN19uDT0#xBD|Xf%3S=LSXxTLfBSjz)&cZU9@}Z3g{R~_tlbP1MOGGtTO-n*G(D2
z)c1__Y6A#xa(oXbCl6pu1NdO}B-~jHs4?T~X^aB}Q2H}3KY^Rq7T|tkWuEH0vd181
zW)e_9w3A}FehpLrMFuePiGZlLPHJwSN$+1#&WXejMvA~fvZ#rIvt`Eesh&HLV$iu{
zVeE;KjYz`8@@Q(LWu=}CEQG0h&{v70Kw%qD=y&AY=tru?Ice~^l(J6BfLAJ@O|V-Q
zpwxAqag2oQ=4`d+zXAQaN5AT^STy*j?-D*)xiEI)V;uCg?XGEZ|7t_0wAXJQmvRio
z8N1NFDwpp9c=z5v`WtgGHv_-wII*^`djWo9pI?K9XSwmk05syYhl_>5qFLbhw8N_H
zvAOIq4ilIz{#`{mq>%t6fLH;IPP&-)b}4|U0i^`#Aw>c2<<N4yWkC#S0ig;<_wOSu
zn+)L3MIaQD<JHndN1KcN*{w&#K9B;$(PEUC)fKb>bW)J3QaFztKnA%$`WSfnz<7xL
zoHkjAV>W;UEJuI}(J_Jg+S*Nz(~~ut#^9s(Kf(JSegra&@9EQhK%lWW49`RL0Xpm;
zxO3|&o_lhM20c3NAi_$zN$PkZ`5y2&kY06~sQ$a4p1W5hzoo$R)j{86eqPnpvf%Pr
z3Ufro&?aLEb7K`L0b`L$e_^`a<#o$sR-aU*sJX<GD!F^RG}lR`|FQ<)u%!p^tl*6<
zOsj#2pgV3ctUA!G7xBi2S8>uY4i-(E*{6OEK+hz-y(JcK9+wjMHO;;mzwg*Ku6fuo
zOFi>(y3f21HVyj4az4rz3(`PDaO3I`UVY(NoUS^oH$A$3n7jM77QUhGsnt>W(~{S-
zz6zjd_FalK(^UUVWs3!Q5VI7^#(XQYaA;BHERy+uuvV@~%-~4Di8Q=Fc1@9zYp29+
zo>7c~h-FvGf$l6xFgB~$btyzS=)iZ0olhkTcNZ@S-K;yTRxJ(|20)ATdIO_mo-Wsm
zjL!V>NHTyvJ9-v;^JkvLt1ny!554X08&sS{Ny9nS+a)`gWNdfkET2FUAIB1CE1IK7
z#fYVJ5=#|0`sEa37)k~(k}!Hm*g5xJF8A|E8t0%`J>qh2pO(26?h>OpQUO4w^3!Cw
zA~mxVP5^b<_ZVjd%C>W(8so5i;_U3V*b5}{>>2&K2bl43^9)Yt`dC1^Aa+BMnF}IE
zPbK+;y4L4$xvL2x42y$(y4^d*ubYo{7&GISj}?G#TL5@<A1mk<OB|X8W{wHC7%)ag
zM&xk0#O)hT;H?MuvEFp(=kMq2$5Yi)CUSNurL*gAfr3o4^uEj;CRd+E-zoDbGtx#c
z3eb63C(9TYr=_S~^k`W>B~_(_uGHo*qMTQB@Hts?5~Encgj)p5c)UEB#{x1Vn<w_g
zl=%zHr`Rkcz$jTOLts2}IkIzXnZK}K&ZNbK%7^!o4{CRyguK~}1D(bhZCLh?nXy{0
z!2-1H3hUKzH0w_~rw>6M7MQ<W<|zVv<4ZU2+^r?JKOTGh^bw4hXevaWm5SwEv(R=e
z@^#-G3V<)U;S@h3({7znPiG;XBI*q+gTrE$9#AkdA=Nj?i92o#z$6Pb=L$=w8fw8w
zM1$QjPFXwN5;ULU$0_Gd+44S#vqNRdnmEa0teLyWE}(6j1@buuw!3d^GhjF!U<~0~
zA0Ob|(*|UQ;L3{<v*)hyWa4L*dCmiXP=ju<+~>J)*Y@|#jGr1a<Clzk|LAY9?eTkK
zUo#wiV+~&B+|KiTAjCBqLpWS4aI)%cjKhE#_tk)%WI!(}PpCe<U1a(u^NyuF=Pi<y
zYts&alA8A=5d~7r;Yt{`DB>+;y$YXo1(PjiSwxvu1SX9wOUG#*n9A@ImbgS$xrJQJ
z`;&}uOrsZq`C^dO#c>Yl{@L|%QsS%kb#0H6<24KkKD+xV-g@V4n8w<=J4V0|s7V<=
z72{x(%u@tU-@JmCZy#bo14Mf5BopTuisb2uRdR3FIETtd)DzM7p~0FIwj%*M#eO}-
zRArzK6$ed}SiMq^dt!i-hM$Ynoj*%XoKxE`l*cn<$5VfYoLo7Deae6oS8x?4fC*Jz
ze^Qz$QZ<*V;<?hfCfnqp_50+x2DYp1=vM>!(-zIOoA~biLwtBLz*sj=_}*Q`=KFtx
z>5HFrn(L4GK>!=tx6Jc(0B_9weKX^?!=TRq{1Cv;?Pca{G3NO#c$g3Mh2Z=IM~4gi
z^vloVbluq)haR(?=R+Jyifgn|v_t6`*J~##79eNxLeE*s`W1Wq64oz{V$i*PVKSX<
zo#Gig#LLYAa9|2`T!ZVQb5xXL{GvWa)j!C@Fk(D|$V4#WxwLV+9P{TufL(^}^CM@F
zBVjw-u``iTjb-q(0ZwFGqxMTJ$M;II3u6!9nE<qHhm(^P7LCEeFiuWaSS*&-=?@;<
z`G36&Ae1Rh`0D#X@Jp}W#=r5^Cov2yAl>-AQZjqssmNgO<0B@Zfyn1Q!BgUH7lseT
zzA~viUt-H7?T16b5T(?=R?YF_WHU>0N{J>B)XajCBTun?$$oHR5))ld%AK@i_~L<K
z*|k%$cnURfl!8VsIF(Al!&7u`Bh>-iHl|KW65VZJaca5eaBF8lf7*fD0mnC<!SV7o
z$X@eNOas!`2Jh`@?;SJOHxG5?HVX`k#Xir7?^)lDdCb6X8}7qhJ5#WqlbsCu#S#Zy
zH)q6M0I(tgEX)GW+<Fr4zJG$%x*ua4=A%<SWJQw~NlZT~0e{<q{vzRLaQKW@s3eXQ
zFCdeDYIjg?mf~_7m3S&LN3rHD48S-EWH2^~_cg3HfUp3poU^9R0gPm?qBHW8k&N0d
z_l)RVKkpElf<LHyK=ILb1nc;jn7JS|dU4Bl`(Seh2?_vuFBK=V9G@6iuv)bkm|<i<
z-<}2o7bopBi2($Z)RThL(*t4wUbuaT=bt(N_YVLb3V=@qAW{K`)qvnxA>X7sW9|1E
zkf<1pl#EzPj*e+)ebG%a1zJ++2`rebkW`FcBw{+N1}?tebjpZEd{18thLK4;%jPZ<
z(G3}BsvEk<IMtH7dG3VFCV<&aGS3~(n+q_8ZoshW(U9Q#53b;ilOq_@#U@S3gX}f$
z&0Szrq{}Qen+Ks=9E|yW`<n^)?hO29;J52Iwz}ZG^!W)9y2a8v6VBs&(2JHPUOil5
zwH~l;JFMGoj&azj6s9UD6y>0wen!W$XIz?d;!Jw|0<#yKC;cQmC9g$TK>SQIw4r9&
zcj#(9lR&ysZ(+2Ls^=~Nrg|GG%NSQKpN{SHQS938Q!#mZ%Uq~C5P?7FJ}w{p4h!%Q
zg|&<5_k~_a$3$xIu7Qu=7LQ%W=lXuY@$m`}!O8jrZ@v8^7-IsnXA*OlNb;pKy+W_y
zt?LK)%ClFnG(B4B#~25V`b2?PBxW7D?+-FTxX_M8{uZ!@ihNHh`EZj#?lsVt$0=mC
z|4ICSl%$v<6Oj(#Ju)fpL;|c*){x?;hje?34xfdups3THGU(a$y%RD|k!cg1$ygA1
zNWeJ7?$Nm_P<Y*=d(fgeIKpf95Ao(_0~To>r_1D2lQ@A1RF~OI_ss*N%yZ91hxY;e
z34rx{v}fSAb=>>yzdqdj@Bg>&19%(2*Y^SZ`o(gLbr@#3=lOycpfLttd+9kV^X##1
zd*7Eek1B4?SiV^Lh$s#rN<Yv(FDlp1!$8sT0Wko9&h=9nfl-d1bD49?Q4&cTEf(Sq
z)UqG~Vn7T<#wCFfi-AOtKnCWEAfv&Gu^Yf9fD$4wOVr{LfUq-pk@2{a{Tv}i(#mkf
z*!78GK0T<F(dmV~xXR|-IRh6cCei&I5vcZip(x!@he(9uVaDUowH;25Php6#paCC!
z@+qiU1Y;L7@vyS6G55<dh{J%Ndf_R2^Xqpo^c{qI2(!;R1f>A5)(a(%2Iv)^mMX~8
zP_GUuaxjqtJ}EGHrNDG#QcFnzVdS1!0DqG7A7;Rib#rI|JdVw(;$@p$aSgS<bC8w>
z0L$_ANGawbfJ<RcK8J#nYQBHr@No{DGoW7U)6+9OT$c7qfia%IdvT^9oqO)Iu%KV}
z7}gzz8_(hH`dM@X<8axizP|Ex?V?&>3QnK%xYT248gxtRcd?)G8h|(M{q|p<-5O@#
zx9gw}0lc*j;0K%M*Efq9_?;)@vwzPUWANhb+xX~{HCF2meLvqPKF^U2VdbIDrihuL
zvdlBVky~Dl1LBh$Kh3~J*?tASG3xho+pkGQZ`LUZ_zO99q(F!#6C?DAATd=7_QFn`
z<)?QJh$%w^woZ~BLj)nK4|tct=aH<_A5{v+F3)8P$0Vb3Eu*tuZ_su9ctnSlD)OAf
zD{=MI@=pJJ*ku;r&aDHy^6U|qj{)vgKbIo)s5-+|!FvxmsUuQwRxC^Oqy!qJV90_B
z^CwfxAjbfz^d1kgP-d$p89yoK1xhL{Eq^{{^z?B^jct<smy&S}Png=EU?>wG$FRs+
z*t+EL4b|L16x=*(=xvL8Rp~QZUpt@4NErnE$#`AA+g-yC*H6Hh&dWB_Tu#^P7lS;C
zZZq?^^z}7{W(lTdpJ&8t*41+!$(V)K_3?o<c-ha*lnnZ2&hxtn0Pt|Rz<NDk)Am?z
zdJMx1{C2K`QE;}jHIM(BFA_;M^D-uOtn`IHLM~nUrDZOjX~v(_Te2i|&P?6r)hvDL
zY?&&*;^;k5xqI5GKh4QQ%s5!5OrOOk%4t*(=lN-uPMsrYe`as7A9-nvujvdvwNB6M
z*xxxZ#285%8Ch_x{1dTGr6W6c{9pxULAzPw^*7&$q+TBU=>TV46ea*oL~!kJiC3Pz
zii1T5;SPd9Ww=S;V|0jO#O$zoNDKh9TVw6>+47K^m!y~h1>hr6cE3zyo8FbQ3g}c%
zUeV-*m5dk#qZsx~ouD9RWG-g`W<ZW}pd=F5y(ns-!uBQGS3hQ@ka;fL#ksJZCGg3G
zLrX<KE=5p}obAg1;g){To%18l9rKOfcE_X4(-^#Qzrmk<#As~vij!}buI=#OEc2X4
zTK|f5x8ExS`5u7J=A)gDnenTS`vCsX&KTT!<Tq0?=#~eNjj=gg^LYG_4=_ad#>>xR
z(+)V@jQxGH%=6J4Ufn~fWu9ka{Q{FmN*0=f%&^SN5LB68I3`fLc9N#(NaYE7_AW4W
z&IJ?RC`R?cY2~3}qsBZv1SU~}eT{MbcNB8;!usq&tko#V==MpjD0V$_%G`x4V0IEs
zcD<51Dbam~0O4_)*fOWY<Q1VBu)7{XhBJ%_1s#i^>v|kNI0Zy-bZGF=$DfQ+FV)lM
z<z7x6=KF$7^j=`hAbkGmtN7Jlc*e^-;qv?9+>od)jyyqAqYRRX0$g^zWfWi7%J2b&
z5O?I}EGWo4OUo((NK{xj1i%vovTKHnE8AHMc`q?^wVc2hpbDqbQY11>y`)kvAYxb1
zA|S1>tHp0FnFOfMa_x9tNZ~$MX$majJ1UycoY#GPSa;};JJ8`1xJxhL{+e;P(0P5v
zOSye+pObkSmCxzTo96KLOJ5!sTmSCwJopH}zqYyD^GL?b_*KTe-~J5&;fEl+x33J7
zzFA;s7IU1-c|1adA6|O;DGUs();-#OcJn;b4ZP@UA<^uvNNR9Vs(Z>a?Obv+Ou$^;
z+NE;rN(H)OML1qxA!f~&le#!`?3>T_OA1n#xhJ9-vNAKOQV0Xvr|WWGEa&-!x_0KM
zmq_w;N9?3{W-n$VH6xhDtVtln7>b=5Uth0VbX^aY0mLgWqb=FI8%iwSy}!%o@#!WA
zp1QWgH(tCB;Q{dZeW>?s`C}>Ss3ryX=XoGLzw-5zw<!Zjk)vf|z9N#_|7U%7NU7%N
zgow@)VFmgU#!xe8I{pBqemDhCQ})uHup*KJN|XQ^3T$8Dq?W0SLL~d2yMF3(w`A5L
zRR(SsQ<oI%(?dFQ%2{R@&f)$p=udk<8297~-Wu+pNh2Ie59o*%Kt;I6*Zlmrl#jtI
z&@UGIT*;dtymRlje`7A^X5e?`@iu_>_O);}&A!7c=P`j+L`Ios+X^;qkJY-vF!%R8
zG<%vo%Xyg>7lpgkJ(7HPQYg|S0d`WzTq^?5q|ZpSgfcSRNU^1sa;k82m6I1qF$EBC
zR?jj+0RX7pr_ck%3HTc&mO-NFBi7XKBPit<Ks$M-lBKdL^kcQ71F$kmZZ&W~3={`u
zoSv*P^aFTcyz}0>wx@@}zee=}q0j@AO#Chv4Zd{e2-lYFDD&h#F(E-+8i;K`aLN&~
zj1t3tm7X)HL>81lQWW@JF?z{lpql;Sh(XI3FiBqL1oWlb97Ql_nQSR4p#XAAEE~8O
z3?JCO^nNVmQ26Y-z(kZox*c3~ALa<ulG^726Ifb@V7nve<h@cR&bKqs&HKHxcZ~M9
z1rgzc)e`^uLjz+FuItp*GrFEtB_6l=&Et}f(bayh@Z(L}t~HOsm{G^%pm%K!$iEMu
z*$43J7E2tq8}FPqkH-sGzV_lX=z76=-DBMj7-re+L%}{}2I)h-g8@ox^a5;GdBzT(
z;lo997gvi>?BBs8Fp2I{R9+uQz%r&yMG+4wm(OSWISHooA0?Hy$4WLz0%n3SL31iT
z++9aV1jkZl1alZG<zx_yI|^1#=_Hn*;KeyETYQ1V09*`w_}S+8A(*~EDJ3P!n?M|s
zz}D=AET|Rj@;S;|`@YBV@hSSAadcqt=G*T=tc*Iib~aYx8Oy+kQW@CjZ2I(#L;Od-
z@<Nb!O0P_13bn8baF1`{RN<8=DY&UnWYdJBXJy8s8tRUu?-LVp&LrqPWxFydCX!q|
zC7ooHWt)X;J}H3@NnAIjCjTr+OeqRi7byek=r}Of<0~?(T{ECbJ!&d)(IW7y^#@i!
z*se0q9n{6S%=26^9{^xz2XyyapgF{6&2wXnLu33zP9*CjcU>zNUpwg&vixS5=cTU~
zoU6T^1l$L%1n_Mu_nb#z%#7c}xc3i#{nYA&Kik&@&@~5OGk*<_|L!vu3oqV&3I+zJ
zn+|Q;tD<ZkXF`74fFbR``qhde$-ld}MN0D4sHhlD>+9I&KGf5N?U7Up8rUx{`P9ou
z)*%{j%EY=;a~N&vqS!?*FO4Lpiv6>uF8OC9I$lAhs<un-8{%aP$J?)2(RR~ev)Vvp
zz|nFD@e(?Wy<qAR8A3$;oPsL{gkSj5HHZul=`4F$V$x8|uFF|1sj`CQ-*L8Ol-MsR
z$T~~l3zeVK_m|d*f_zg7tf(Zwu;|=55$)i><W8VZGKNuVPNJpAh$8T+v9-JA^A+MU
zYOb5I-MmFg=LjA)fL(H(`FSHgyZV0JLwd%Bj_}^{%P_XXnG$oRNaBfbO-I?BGw7QK
zfWZ<Td+hJ~0KgyL`-i{Y&PTgEX2x&(cn!eE1U$W$i=bJ6n*|ykX3ML`1o-TqE*N9L
z1EKE*tTsK`e!z_TJ`ehfjZ<7S0z3||%vTg>E>Sj}H#qU^9I23SD(3$o3U9Xn#fFkQ
zrpmaiJ}4Hzg!gz;6Zq@~&(;|go-U)$iY3P+L_&~b{wQYSNI=He&-gigYq~N{kc-No
z8;^mEb8?Jvwp<ctR1pvvG^E)hm#`-g$N9O;Kx-63GHwegP-#fBod|h^&iqB&*w}3l
z%ZwT_U>2-SH|Y8v%#63+c^AThv0KjsRv>*C8|mPIq4D-JjWPJjv)Ay%;Q;0y%ss$t
zncu*|QIzFpg0zs-?-6NdC)k8{ztu+hfUFO7_$EumzNFo2D(ektMw<_pR16u#4yJxl
zJQ1tlzATPhJUwWOfGk(D^@8M)^PWF#29td@1~0;#09TG<AG8Z7A$gDP(c@(O?!4zr
zstTJsm+gx^Rup|N96P$E$26KGL?K(TkfEq%Z6pPCHKrGdD^zwmonwr{gBD=Hy}{u3
zKV8BY_HiufHSHrEjEN?F$X<5@nroa(J_v%oSwNa*Z)bu4@7gG~dCb7?VNX=N2Etna
zzOj$xb7Rmq4VL|ULwuYdg(3LLGf#n;MmNvR?B@B1@pUBm6b0tej6Es}KMQ~oY-N{}
zgFgl8y@XN8H$}NyYCWi61b=LSW8^$)H=4x?Cy8t}p7<<1A_wB!euZ>E2WY|8jZ?dB
z!UehqP%ILD_fk-{vQiaLKdzg>Ojd@ei_KBg>58n7YiPkMb2w&1cHcx5W}@NjxKFP5
zB&bY6fQ7*W<H7wCbZw7oM@xMFdq2hi@$#=U%$bzS-x&Ptq+sD2zk1N%KlzmxKo|h-
zK-|Z%9+cO_M7p7rqJlpxn=^cN2J{zxX8nB9aXJ<9jY3|X#IBSQxo&QWbSO$i;~bB2
zJVYhnJ?$UVz^)X2KEV`9(Pb3LHt0WuJRPjAKwy!vOC_$E+owOmF_=q$m4GXNOL7dJ
z6bf<9`Wa3z(Gv?7gzW>s{eaE=4L}VZ96XC}|DXp^qg;4nsV7Bly~?TAsKEBQ%(>*1
z*O=coP_wslfq>T`Gw_>%-{(7vJ_P7n0Dcv~l}Ek!!8B->2RLfiFf-ls7;Zck42a+>
z&)ml0a)A%mr(=KL4E#PP(39$4_EL6uTA1s|2bHJp**xD_<`})?i}kH@NVdgip<C`s
zLR^6hEBBxZq}Hc`-F;d_pvEYTc#ybTF|e5ycu4?ozW2{PufpK{M*G-=5W^6IKli6p
zvzcleTz{fF?0)$!+5#S&O41MLj)q>oD3IvB$hPaSUT-iAjKig%=fSq~kR<>Dz$2nK
z#z7lGsQ%5vrNJ+M^#({bVCf(-sF?&&Y@5W+v3@^GxUJH!M>}A>Eicr;9;%LzDHxOz
zfJ2#S5~;sdmS84;OM^NMV3Q#A9Q0v}L^h6KkO_-ak-9urwk*HA9f+jU(eV%$Y$DTu
zz9jvWZSGU0<Fn=c*}vONhR$aU>jAuG479|DSHFtQ08pb^a`m;HUDs{`D_qw!%RDdr
zU}MlO55T6`m#@VG0N;X<Ik<fWeh)wH{?@M#xBiF!{ZDPK-y;Wp1fXvYz-9q6^z#AV
zH#%{}ECD19x}LFGcj)^0*zX4nrbup-Vv*Ux`e{>^1W!i4CX&yTEDVeBb}>mE%vN@o
zY_rSKQ{*2MTj`lJCsQ>l-%m(^5W9CQAQQl!TNXRHr3GllI)akQ6Lgt*qOt?EBy|*b
zlEODCq)@-lZYNo0&=so=0J4|hiWg;x7p@`!nB)J}s|~ug0|31L(fb&N!J4;^4=4#3
zB@!|1`WFPUgy)~Uf}2;Ysmsvi8E;eob;<xJ?bD^`_0L&XXPJAY<rUmLv-?mg2~7bU
zrt|!!WQO28EL|!A@5%F_k55ZNec6_PN6xlcgttUO$d0*#iM%udy__840$?u0!$=m9
zfwQrFTD)6~(?~I-?3~shmB^a&tI!4AX$N7(nhn17*$pezPp)V8b8@YR=fm|q(|z*@
z5oUWkxjzE%ox8vJ>$5%k4E#R#_%?t~0X(~}i=l58Sj@ohaljF<2wu2-3yo=TdfH*N
z>CyKy+xKXIo=pCMcay#&;7O>y383cKH*t=ZqGppb$tV2#AQU@xM!&n7nMbLTa}bS!
z)Zw=yurd@_r6k-Pnju7BAH`}$9r*K{ngxGE0umF9a75A5N@D3Hpl<cnrIS-|W*Hsh
zpR*v9U8|e8)OLT+H2bLg8xeI6y7dy687IdpY}OlGJzC(~Z@!DR>tLG2DDN`4&AT^+
z@C-nFt}GhDfBJ8~fJ4K8w19L0d{o^$3q>+juvm2hj?&V8w<^5E?A2lb(hSB-{)x$6
zu*~RXiW!VRA6Hqy?0GFUO=YLLKM#30ya*@j-~y22oN3HJ8rNmAHKt4|Y+v!cT#%j?
zzUQs|cH814u>D*Td5F(H2HZCYy8A7Jf%W1he)qM0EEfycb9!x4dL7P8-#mP+yTs5m
z`&`8b0KPvT=^6Mvit&8_e+=NK_HoSEm@(F&Z>?qgJobqDAOgH_`$=3sI>Kk4-N(8e
zjVb2wNDgnts(GUq9TTA3K9R^gi%egnq9h;nkYY>^7a0(fFo`bW0fEWOm_)sO31AHC
z4*(Jf0Mh}nG_E0)gSvh@vM!lqtZb9)MtdL@<eZUg(@HjtmZsX*BKFV5PK*GK0!wHC
zpU)e#$H6EzT->&MBNcnEvIopS(04sns|~uIar>z8eUQPmv((>5Nso}t_p`$o!Y{vi
z1C1HLU1!7FCC>!W86HqE6q(dgJx5dLt?Yh+SBrGXja~|<Q=)*&WI2`IJxM{Kq<MZw
za{B6^Pj+?jEcWMd5nKkAmFrT?l95b}36$JjQz}92InyWE9Vzb%tN^fT9LHJYp9P>;
z%^jo*m)!>d+%me84k88*Zhj4`!KiE7__ziny}QxBp81;{J?CLv?0t;GUd9H%AKDDR
zc}$EsM_`9>_qYDq%EmgZ_qC2aUl8+9e?|=f3u-X*g4L!&+YXr9`yS;%-Y%;PV6aew
zZ7IiHkajA)%EH?vdCmWtXKhIo;4Z4(mE>Q<F$e{vnOLcv*wFP*&x(p|(6zJ<dDoE*
zNu+{fR%{?QTjo?)qL>I#jEq|bOB~@KF3epWD^^hvNTVa%e^$!Jj4{Sx-2x)GclT3t
zedmMOw?#MTP-p#J+_`yxr>_kl=>hJ1V7iEu;}cTpp^h9V0FO*Qxb=}N+Xa(D61Pdo
zn5`6$h;y<8%5e?_@ZsY<BAF%UA?{i9LrIF6gwK037%oINlo&x)S0#I+mEfYubzsNa
z*~&QTLf;Lz0JhWE2xP|tkx7gOuE>MsYmpA>CQ-brN$p;<yR=xUpz-`hzv>{pU=ZMs
zPoKsxab4$3ALTf227Q-)xEO~$jt2n#`0j80wOKm1Wz3A<u7l{002~9jz8~OsfWb62
z)?prx9+24bNd!;bxQc^jiTkH5PS-uUerEd~HTEmBeg*O-stJ_-ve53QL)}4?$Ul=6
zIhm&pDp$ehP*D*Y3>s3BKPRd5q3+^cJw0|2ij86fss}Hun6&Iulv|8;JJqb5ch3|b
zB>}rFzOT?llaT5+B-LXW(WqKON|yL@VeXnyOgb)gzaWKe5N4d7tgv3KaCor5J3oF8
zr|WeHZB~wd+5s?T0SH>y3j+S*UwQ%84*}s8B7Kk?lK9vQLhQ^M`uq@|G->rr`Ug4V
z8D0B`R3<%A7szd)?WuH9@;Ct0di)AO=*7G}RG2nYTtFpr`;^GJ6A8$~WDj3m;wg2f
zPDy31dJz+H&SGz0>Ah3Ac@qp_F?Vp=lq2$-$BTyeY>Y#9+<|*Wzqp3~=Pkk@)`6F(
z7~zmz+Zr6se-h{6Tbh>poCNp`z@N=WdIo-va{MWP*8x1U52jR%LAPAuVCd!}y+=qQ
z!g&6vTe$tib-eTb1FYK~!!QHCN00nUy?!NaW{6<WkVA(!AaT|Nf+J>T1cQ<*s9K`l
zHi<Lr#$G{qCr{PVXZ!sq2A`_OF1U2+OhQb6KLtXPs0)c4WpcOAu-IUUl7c@CP<7v5
zCYel8HYGAiLh^n)dpnH4uidnG^7eHwIxsVuMdKx$-p1Xt0#@qjC7wD2dR)&hzj_@<
zOF;S-aKI0`$59($gjk9qC6k?g^f`*_ZALCJSjbo(DS?L4>zds}x!*5&eP__ORo+?Y
z`-@obLM(%n+&E)^CnZoQr9QesIQ^EucF8FBggJFl3k7yA2i-FL?Mq1>8k~O1V7+t-
z2_{}VUzummBk&s-n>$~{`#&IikFGQM(33sMdy?6`d0fVlz{xz#-c)S^fbZDHJZ9kc
z$i~M2ejmWU1K{A1-)xD{Ee;@N1vBdoAMsts<+zR9Ndp5OfYqkMrtQIVU*$dyd1UmG
zg}O&rEdgRFTW3Gx94E)m+86?|0qe>w6DqtN0Em?-jEY1EppSeEgblWHaLGo(h17QE
zbP45t8M4j&s}LsJ*B6+*@E#5RG|(lrekhJpg;_{waU1`JYQInG1!KVx*>rXfk`+E8
zfBY!~TSsviDs#~uZ&Cs7?WV(Oy#|DEe0&dGxA6?0u`HjV@EDmtz`$5ifc!SOukGm@
zhj`|Oz(|LFaQ%I5QpO|&F)2Vn#SDjh?&0$mpSeUB+W=k>Buer3ER4OD)0e%s#0GL=
z!lHG_JQ4elNJR?{odKAZLfko%)k;l%y43-cbNOmX<~s#)oy@ezNa~<?ndq}Dd@np<
zHdAGEb#OciQg=CT%r{ohn*rPofB>%#FQBIdh$vjw>JhGY^11Ea&<WbaX&#q(I3J5W
zjun94zx$hi_1=86XW;j!d5k{*(Cq{G0YJN0VlWFBo+Zlr`1(YEo7b-5#+560aN3SB
z4&BW5JudK<T}|3pMM7A3Imw|E_?NSLmF)Kbcu;T-)uf`&#zO#!+Ni}rC1u>=jabwQ
zJqAVmd57Fm*{A=!D1S-2eki#oQD8|O(?RM81q2%aZt4n34k)KhmmX6k2P<+HwSQ$-
zYn+~}aB#4|2OqzOdk;=vOk<H8CDJct;^NUBMR5)yj9>kQJGgz_KzIdk2k@XMS5`Kx
zDUORHG!R8@<fk5OdqSpumGX(c73`rPH`GqCJ485W_6%HhuZ*OkNl%@6ZEL{06hhgH
zY+*(2se9+L*O4!?1n_`d7AnX=s5Y5NK$gfBiKpxU+@}nCL{HM34Yie7#PdadB7**;
z1GfXjEbxE7)nL^dt9BSeT1pI`k82<m-#~MW!#u{(o5j9?-x|QT<|Dn^nB7En9Cv^7
zuMPnHOMqSvRnVh-45mT5IDi=1$Ko&d!}j;xzHtrD-nxm?)fnS2=8nzdaRI@+=q<dS
z6jo*b#FC^eEGW*(&Wkxw|MO-i<)sC~lw|v)VAv-S<DetX*w@~<i3-3R<Z^+~ur@X#
zk?D(`$QWO@%!sY6o$U>?GQ4r?WJ`e9<uL~%8AN6-?qBxnV*A-)V60XvwCfI6uQVVU
z&<*VS`G|tEpMJnH1O7b}?sE*_mtVP#n^%BgXd&EtBbiB-M=H#WR6Y}IYLsD3@<{&6
zm(7Xci{w!X+6YECey{z$L=uCTQiOrTMl#~piv%cf%=C$4x}c0^VuP46=;MS9(*P}9
zCxv}Li7_n6FH;~_k%wmHFB9)gZy@^p8JI?tO(;cYP00aWc0M5iku(AA62K`J7YNB9
z=pM8fHUs45i+Jn70zFIQ;yGT=O>p(p*E@~Zc#wI|wZ~<Dh#|C#C77Cht%L#kb8Emj
zj~Vzq^6{Z%{q`~?CuGnr4(6l$$hp4olQCnc?7AIgp2Mv2d<<Z(ZepNY&WMWeELX@S
zfKF6Tm23fjQkY?v63CR%z(mrWktA$c!lXhG{7DM_lmPia2ESXQ#M{HHfkyyr(fh5V
zrvBNz&JHB7auH?mQs&6{lhrY^0Fae=heU>zV%;^z4|QFK)yWznz-GNd+izfuu@nBe
z+h1S-6ustUo+Eg;ezd@y>jReP01NyOIeMZDzP5qD43O>e;QFI94N-FaEP~FoC$9j!
zM1#fHu~SmB6)6MVm<8iv?7_BxcQ6+~A188C4xiBup&58BfV~Xpa^kq@_JgXQ%_fpc
zY+sfMQwDd_Y+t4SPSP8l)FqojTQUH*J^y$Hw*!XFD6xKb@g=P3FkH(}tbNU`mk`gk
z&N9!r25@am`#TqU0RIx8&*r1O+nA-EXBmVJz`p|U8vqXXv5IcFMBgm1>}R>>qeC8}
zjPCGYiKFEb_l`GMZF+1vj;;OYu{YqI<ei5?gSEGZgaV={`OKdbWsIU-HcP?o&N(v}
zxlm*PgUB_s6z;CvJEOih-SbDWBGJ2bD#fMhcXYB(m+$BE0HJynQz@wJ4<u`9GHxPy
z07`b7*!DG&C4a~y@=ulL=ZO#s{gC5(L*Tt#8`^b?lLsp-8-tHO`v@O@@>$j4kBV-d
zCRREy<1c;VX?*FaLkzrva0kc`zGP)?L!iXD6)MNi7M(Rlg&xJdWJ|$b0t%8iT1qV^
zu1F!PbBXi!GZJ@9PS#V3PmnDE?@5G43i_aakG3UVmy~3hsLM3{a<ku&Fqg<ApqcAu
zl*`H!Y#%D$2g*SUlR1t%+yzsIQ;~~;`2YaJdIWxC2*3Bi5$<&hknJVb;7?!IV-Bai
zzG0M`=PdJ_2hcT3w2S3FPldIu%jdqG8Tjqz93E#D@FN@M{^)1i%*gsJhZ*=iO6VaX
zxOMF+UVZLqeEMmN^`=KZ%RC<=@+)=gY2c&kb1HmJMH2`pH-=F&{xsE7sLV^^{y^7L
zr+Vug2F<{qGEfoaqG`dO34CT`lHv@8M1`@7hzD(=Vhap8868Ey*42*2hr5s4GD<~9
zg9YFFXH9K{#=v!Pk}c9qr%K-<#j-d6C<*`?KnBL@bdA;N3b&p(Le~TBFkrD*28PdA
z#?MK<3|Wb%EgnteE`vdUpMU8J?mR(|z5}Ei3v}<CqcEM4%8@=<BFD}&u)X5?`MFML
zOj!LFz+N%jy%gS##K1*^m0BO*lpGT=Q<*Y{g{(fQ^bA4)&@A?Wb2)7U)Fl30s&1ZP
zk|wxias=3*Szt+*m9T$q8JQe41!O!8;-v&)lka*ereiCzy8tl`Ea*-;4C@Z&>XZ2M
zw;G(Zg2f`fj)R1gf_twiw^z)#@3Q~tA7!3mXn(5!erSW+XW+Nvn5CX)7<d1{e=QdD
z{o%gW!DOr+dcI>mvJ%byy<QlDqs0N%ZIAV)_kC6Kcnse|wf>PPW-gX+p=_8?k$jfx
zIw?-lhitEMV7%0plVxq^@=yJmM1^b!i|6FEIG#=Q-a(RV@Q_ET1J>Od_2<~>Ic;4&
z2EKEUlsdVngdV;SG|xU5o_!d-pzjBqoU9-sXxlY5?JAOgQDW@knE_?~;8<M(fkklj
zaDnG;0*9st4;wG@EQhqm#v!8n-XPn1{bc9l_OmZXcsy>xN(RY=-o&IgFzFlfpO5+i
z6DcZ(*QJ=h$3+)SDIQn*8nc%v2jHbaA1ly@N<Uue5~?MvNW#)ZNj%l}%KF0N%&k;p
zim7vQ(-^3xOsf<b+6vnzxsl76z?!7p$))W-fAGfx+u-&ApI-Y4j+-aEIhVe!$7{L?
z6Fs2O_C-lTF|&R1fa~u&0Mp)}hFG`#_icSXj~&L$_?>ysiKUhQ%Y7U_0nja$=$iu^
z^zD4OKR4PK|M)B#gD0+B!TpmKYa8P*t31#5tBHF0H25RM>J?-BN|H|%fbL`PD3g5Z
z96p`z7ozi&11EGAxLB5tysIZrXZ}!d^z`u$Hjg3HoMG>XbljfGZg3G8Uiz6jbE@r8
zxqCXx51I34ctzB5-1@0tebKfZj_)6%X$($Q$N2E$PtllA^y!Sg^bt9E+Mk&PzxdUg
z_^IcP!2Kr3JpBpb0~3*DQiNT|S!4eLZL{fon5m@LyeE6Dw4xNuq%#?+OLZ#FAu&CX
znj`48fcG>4A#>qGA%Z{~9F_9|i#d8#NomTwm3}Y8R$v0aNkv9kn>8wZPs#G8*}lBD
zu*&wy#q8_zXXR$VupVF___KT0@kx6CLtMR{Yu7d@SI>D|?$I>|=oia<P6BKI{0jhc
zu{;C6y$*Mxy$#@%eXL+G4Z3E5!@iv-%^m^55Mf+9I>gtWzk>(&JFM0{x_+4Z`yTsO
z;X>E*Y(M>+E4s)~4D7OOKPxxN-lO{cq6h@|fO9x0q|WE_@eK?T<1ra|QbeqjQb9}y
z>Jl*JN>XEc^K^#a$Vw1k0t;vm-Z!p8m9}DFOkn<ula(5_*vO2MObTE}c$99kRk@Mf
zz7R0)_F+6`WX7#ypH*m8n?m6^5v*4$tWVdtdb9*D2&>Hoi{(L->qUlO8vT2m_oYMY
zSp;8y{s>>Xy~Hp)0C>#rqpTpNIImAPOls{erL{LDNbpfiCLso;8o+DGAW0q;PH7&W
zHaAIurH!#*B~=ua4Vg(mb({jcISwL|lhK-Wlnw`pW^p?d(<h=FLbbsT5;GPJ6rpKk
ziSM_Po79LTppZDhQ%Uw-#sYKvya$_{Y-8F-Ng1=4vwc%?T-hNMKCz!FzVCb|;`-Ab
z{Yi)B%60tNr%Qag7JFTjcjHYn{K9n&D+N_5?zwik<bUwT{=PkiwgbQqED<yJM$N!)
zf8*{y_$zYj@BSZe0{EkS0Y8R8yIf-E44N67JUrm@<s+dn2G<Ub@KJjgt4)W2XF2!<
z`I@qj_82JY>^_MYsQ?P|96#Ofmzk}re!&PBsQx}CwxQ(|EuUF1=A!G6cv7v1p(l<A
zwyzF}Ig8zK4t;cNfhsva8PdV<4CWw_WE$5&?2KfrLyiR0<Jid%G#wa2SAcqB8mk5M
z+pG>EQ=no8W}F_cFz|qW5Dc>NKrim)(^l`X`(H4A829a9+2GkHfGdj)+O7rL{ytIP
zJ4G9=3T2}73r`8qq_93qCA!0XmrGJTsk|;84`um!K&8(wcjuH+m^pILQ4V<LtS?V$
zeS-xyu*klZj9esjSxrRLNkDuEQAaGDW#u+nHHkqP4C?R01G~a^E0sLHQqN!Y->Fk*
zYB?8ZFk?9F!J8iK)34y8Po6|O2o9G9Fintly6ZaX_amRx>6`t`EcLwXqi-6t%e}WP
z{Q-b?@BaP2G8f7-@Z0<N%w~rC7klZGB%og`Ff<D^eK#NN&pGYX7{bk~S8)G$gY{;>
zx*aggxbGZ+UJS)j!*wbG!@Q;{$v$H#r;~kBE*JHVoc43d<ONj!yeqyVhEO?hdhiEI
zlwGkir$asj@>0@p5Xdu#&J-qISlAiwe<B&;85uoNU=XAN-JyQBU|JQVHda15&RyH#
z!Mz6n2%F6sAAItG4Q)4;vmASW(*C~40$#a348r*O^VjhUU%CqEH^8s~hCXIcsBGLB
z0RR+i<7+^V&UWvZ#(`zfm7Va}=JG_8K-u&~QqWWkd5?ScvgIWpP9~(E5$F>szenX@
zX4!p`8oi(_2QB9PC4d*P#8k2<jg)OHA4jP=uNDI0Q3@JO79af}(*UugFrAEyc+9x3
zWAy7DM1r^4oA{Wop&<@{P6f7mhh8N8yJNij!(3?d_z4Am{bH{W!<j9f&PRI&evf0U
z0Qx-uZ|#fq>&*h~Vu^!c27aFh^Z~%KY4G(IpTYWcz-rT>?fO~fd6B?hhQ{=J)84n>
z@)_P*?g<RwO-AV^A-HxT?hP#V5>C7h-I=ExGQGsf0!T>|f4=Wexpg{sN*_r9_#Q$B
z7@^)P9{jnYImk^tODbe#qqaP?%h!o|o)HxZ(^r-ObjNxGhojtcy=t*KUEyFsxN>EQ
zH-6m0G>vs~kC}kr_E%#3Y_TbVSMD6(8_yqL=udz_#W+yT)QJO*5;_y3oRGBGq{96`
z&VmA^eDdz{dd75BKti#{Ed_jB0eMJ_S5THgB4-(;1QruEPDC?q1#ngbeVm)j6mkTk
zKE<qmFL4Of05dwyQVDS{^aRQ-U_Axc$iI^*)~=N62fCOHU$Wi9W<Yn`VX;`?Pd;w&
z#$6i`;~0A50^F5DuL&-`<8_`Swanx4{*9;6)TQ^K?Ry#D1MtsB8|ZnQWz4Rg4>2sQ
z{1$*e-`|BZ#ySk9DflGMk8KZeJwY<cJZ~OdMc4IMtvhrx-FG3uV6nDNT`%LRI{Hv8
z8%xsSuN3Z{*1zg?P6OU01ib71C>=KL?d*|!M*kd{6{;|L>$C|KpdJ$v5(mILcT3jC
z%Z0)t6!3Qa+7Xo9Hre;F3XqR}9|oKrpMVDj^MJNJ0TIC{MlYDVIGJZD?`w1b6abAe
zc<LJP#6hdvJf$9hu7c9NdnR+-8-{{=X7Qo>)oSmNN`QMM6rO|2sHAdB9q=xi<w^qI
zqri4f^79G~r|Lc7duR21r{K)}I~0~#+CC`*Dye|J%;mHMq}=gJq8Li%FB&*y{d=Me
zXQsd%O|yNvSF{Gyx3YaG0M~*MQISPFUtlPZvA^$h1HSeQK3+V7)0QK{rcy?yzrG_g
z7lU%P!~D2RkAa#o#$mrQ&p!h2-YoN+f#2gCA6U6(zn_~i&@~NuGn2BP3q?S1<LChQ
zPsY&pImY24eMM4bSzK*Mg<dU5-dCD&7o^}X4^FOuzg(In5%|;FA&EJLmSu`6W;5`Y
z#yvoRzYtcSTBTxh46&v~BS=&Lki-74Wolv!6#$^9Otn<;=OQP@`d!d=J&x}m+x7K$
z^WFDAWX3=2QE{ka9dzbbOtP^EUV7>Z{=%y_F!URMHxTJYq{>jaaEO6ODM~?uK>HZ;
zE9|4l?k8~vyTmsrfajJg5`(??^9t;x=T{M6x$mY726N`j0$A4IM}fdhMu|L5AOd~i
z{elFPV#>vH8)!?7TuLzt+9-x2FepGS<&;v-9w+RmJHL5??JHmJ(+u#`>r&2?#Knqk
zh_+-9467a_f{)}0d?dGENJ2D2ay?U_XEy}4&to1y*DUs3yS7&5d3QeAXCE`Fcxcw|
z*G_Kz-T(8S+FZY{?qeN;S)f}iaWwb&oo!HXyfen&=f3nj+IEzAZo0u1>+`q>;4kg>
z3q=uO5*t$K*HrQ;af|^Z>DMdBKD`sD*j_vRUc_cG-Z#RUsW@X8_<Um@+71^5p=F`u
z0G%?m;oy84VjGY+*aUaZ%+18>N|i~C@8L`O|GY<vl7U*cOmAjG<2JOL7N^H2AP8>X
zx`MZU+>ItKZq`3?@NA;~K2pqpXXJ(O?9By!@#RAd{V8PV03K{`JB2#l@0UW4MfF^4
zVv}X7i>RY?)&eyRV@C!Wss+8&-Y=DCh}1l#@Lnl|v5TGzk>YZskck)13?Oy_EyzeS
zGZ(4HIf#@bqR7JDk-ks;%%$h0ehgztEMhm)BKwH4gto}$rTvyDNN!W$syF50v3&r*
z?SSs2L(>?%e*X~P`E-HC4B@&~*SL4{Bm<)(9iV{Wto6Lyf7c1<76%yi>*o1A0RQ~%
z-~YAEe8gwq_qfLo0lc;^;3q`bESI?2HE4L4kM`MWH9wv>x`IzmS0Tn>J~|f|2<8CK
zgCFJLQSJ9joMLp39#rO@?hV@&{P`Zd)a=D$E{P3aTqm0CEp*qk@>j9@<QN;(%Lo)r
zU!cMwa_|S`-Wfo!hb^Sy4H5w84z4$OvEY+zu=DEp6vNO1GT?OG+9D4L6JS)1pOb$g
zX9xf^M0ol-;i)SfhII=WT8QoMqui$^c6ce|7Z%@}O$e#}$cMR^Y%_Slw(Pia-<eGI
z?iJz$M5>>WV$YrfeKoL@f<7eMsiP4P1H&5V%d-1&6B?0HW}w7Qp9Lcqz0bKDXz6>X
zNiy{$6Bn}fN_mDmRK36#hV27@VLhOGut9Tp1Mi>S#`_Nj94_<TTyh34C^LRx=4i%!
zmw60LgUxcWZ<*(}0lYUK?HTwz{y})xX8QdqfGhjJE?u)k+bnQp27YG%5TUQ*=G7}$
zt$M869;;1{Veap{fM8Fm*?y7aGeL$bdOZqcmn?u?xonbn$4WvO{Q1@#7x12dKOuo}
zW-$m7P8b3)LyQ^0p9sXz7}satII@3c%*J!T*0WSe*t-jZw}vprX8O6~WK3-Q5{`#~
zM^FL}be*H8VBCHU{@^nF9NTEK3Sof0AMoJ*1N1%P%3*`I-}^Cy3{2YVQ|kvp$nJCN
zdGgu<f8lF4fME^c7U0f;gpjicR^OvyM8{<+OH)vwS)oGj)4>!M-aC1_D7j)OoJ_cE
zQj`KKiUFiZYD^<h<U?R?Il&R4`bQP4PvxH;2y(tH?mY=}Cede+EQ{l)14aVWI0mvh
zhC$SK=iVVD)=#2CP&A#%B%HDXxUK*~&p>j82~6?d6x)}^HpmY11?LX{g$4bphx7xE
zkDkECi|4G&(|Dk#Sw2J#y~bXBM)mj2sPD2D#ci`h-z@ie8XN=oX8=B$kM|7x9{afa
z_kL}4>wo;eejmV(0ld18bubxpizN>G&RQbOV<$9WWpZDC@ecZdv09Jdk7qZ}i}`hF
zS!M+O0yH6V0ppta3Sdqnu`Jx(xnoMm!E-W4E#*|<d1Jsk+2z}8K8Goo*k<5S1WJSe
zBOykC*k<(k@c6NC9%CBFo5yIUP0tlN;AZ!h?f-*3(@He`B)f-jc8P(xB#A*Vla)dv
z1iEVoKx7$12HH)B(~}h-jN7-a;YS~C#^Ywp_6Mn)KPBOO^4bD_@ztx~;S<QP8QDJF
zGe+dI9kXImSYbTLv;0!6CrtsnU8dhqH~LU8B`W9ziA!Xm;Fp?QPy$HGmLr8MKjcoC
z)#!wYD2Cd5k@O4denOO-LklJ}QUH8XmbFSL`XP;oC<4@Y`(-kGz2tCO0Fa`OJ0|3z
zRQOIRf$bLr^Z@|(jQ*sB0r1Z865qOegvJab!1GR?>fh+Pce#Fu6ab(Z_+8e)WUyH*
z!L;|#_CL7$_x`JPKH@X*JFoFwEBV|L@FQ#%OI$Gx4EOWV-f`B+1!+HZ{VGl$^f+C&
zHpXE-Iu{fDCAED)_8FP36U7<bRQOzy4iTab8~{Sn$5)Vvii;8m>|bC6L(ZR9lS(M|
zD2sE@J%>8R0Z|^E4~7>~GFO%P7Zs8rLPCefhh9Jx4MAc1NC9deKcS)?v=`#)^b~#D
zfkm+CPc!+KD+Z%rX9H{Vp7iJ0UvFLkp1!(<bfe4@4){?D;v|u%T0oe*kETGLR8F!p
zpP&=3rG0uR06hg<vy(aj1tNJSU0o7d2ve8J>slsR1CXVDzAT?_7tn`k&{vUn3ToS|
z4V@%2ttrY=Jt!+2bCK!3KB=5SnS_%na?pz{@dN<g3~2AQFv}x+Jlw_)KO10FB#Xb+
z?c|M*YN<Wuaj8dV8nn%F-)H)F0K73D?HTx;=Xe{y?*jNHfE)X{m=@@o1r|KaB8si`
znG4`194^f$^V|$rw>|n{Mtxr-^q0y$i{EqfYb5^k$S;WoRI3_$dnl4^mV5p*_)86B
zoRNwS8~^{=d(&r0vh%#}cTQ$4cj>)n8o*!%gN<N_l4(oU=8#Nzk!-FaNGcrRPyXQl
z!HYyuAi+)lii4y{af5;ZlHwxK6c>S}D3LNm0T|5mOn2Yzduz${y#A2eIVVqMRZn*f
zy6?@?QE~g$&C1Nm%FKG7^E~hKIKZnlb?KPLwogy&-a0o7z727=z+z_#Q)40}wO58h
zE2}TiKTHY_1$zaq?j)nMM4G~sCF}DQMV>R8Mf|6?-oh9`$59*V><6|tVeZ%u>$5su
zMEvb<zKJp^rp%zsDq|M~v=Y<+2vpwZZ%_0%?`yzcP(5p=TA%G326_XgF1`La4-|L+
zPrSd4g||!40LIkbCgOoedh*JSIWsP^<^U|?g|3f*J}X-gKTy8^)A&rAn1EqSD8J8-
zdl-sa@Ib8}1`j*(`i9I|f>{rP@iH$A02C;af-)^Ii<>;0zd<3wTt)RY>t5H5v|Chl
zeJj;m=a!ZK1pcn@x3{X?JfrB4n|WB*+mp=m8O9Xn@QmZ}Km7*<@VkdR5lgM>OqA*4
z+86wZ7(VskyC^i9G$%=m$<6a6!0dieWV<Qa^^;OyjD++5#C=_lEo_%>xCJxV))UV8
z^P?b4&`eOow#V=96JD^kSUG++`C{4vyk3{-<b1|rRC>t;R<Uf1A3cC$lV8OkxZagU
zq;~V%P!=Wk?i`aAg=_1sYw4HG0&3s(-QA_*x#n+u`l#ybD-*=z9<cE8^+I`gz5Xt7
z;t_)X#4;3liiaQBVE^mo{aK*NiIgxS@<&V;&%sbUgbA}{^)}n{$oO#*wrtdvik2QQ
zGQGY$>6y2fzJq8_^67#?hcVp8(bTyR=reQ<cqGVt%24iK?~a1|+98Z5vOCDVhY5E@
zKfD0<TO$<f0)_A>oAZZHuA_Y>-_GWA@;WUQ!Ta>eoyO%FMk~^IerTEJSAjo#{7?VE
zWP0%oV`BWC$586u)GkAB9tupS@r*Kxh$eHAU6Yutufx3?r|3elO$)NzO#OW?%jbs#
z3^UwchuOe@)2Ge+c`*+`6Bj#vfj;xs>_FScCm_mHOqZwrG7ZC5?{Hh6YMV){iqpy@
z!OGjymIJ6SD{Xom6>Z+0Zfj;`v3$0q)YHUjS_2)`xQiM~atb6#LY8F+LT-|3!AA1s
zJQ@>->i0@6MiBg+F5ttb37EVxcBuhR^LZ$LTGEfLu&rH(w4O3tipt(qs(22fGJMkZ
zX&!GqJ}l_>di9<Y6Ie$elTUo+P`o_55Ig6~K;1}%Zqt6;0v>B9eQ+d0q3`s-W4l)Y
z*H8aFORx{oXShe4G;O1rAtsQ3qw45qt^%LS;0)3W1q4lAlAmWNBF@YSzx(x)NOwKC
zD)7)+)z>+l98`CcaTEHxx+9Nb@;E*u>s!>J?f-r{+7s}55yrc~uK|DOP;$>Aipb&_
zv$B}(t%G02(z*gJ;+P^6OkS`}a`IxDAbN?AU+-g8$^~#**==rCKU~o16Sv{d1Amo!
zre_dS&me@rpDhc;>Er8q51p*Px@6T20K;-_RJKgCHjHVPaq|Ji>f`H-Vz7GrI{9Zs
z)+n^LvIMbmwUui3q3K0zj;F2xV_6#3=WDVgWigNW+WmJZ%MzudS^^f;kB$*gDsp9>
zUhmH=g1`Nlo6Ja&GOc8uEt}N<;m!oc!E?R-Mi1!qq@3cNODa&1?{h+q0X%=X;lImZ
zZlAXfKX5z{cHUtPp9Sm79{VOP0Z``j7qUmjo)^_1;lIhqcDlYkn~^jD0BHC14FRcr
z{$^(y3ho6l#N>%5-wu3UJ(WTz+wa92Wm-~fGEB7K{Nz()r9wrvyfcFOT6bJ}RdaoJ
z?w)=7-DzB@uWhBs;u(cLsLb;b@avC%@(0eQBmQh-(hfd{@%SfyK!AS*ymPSGIi*RW
z8AeYZ*)H%WM)=q(w}^GbCdo+Bf?{GyUoQOa7gJt6ZxK_7Z_0vS<b{iPi*ImDC0z1E
zg0fE$H<Y<!F1jo<37I%b$Ch-mPFMQb$}jC@d?g*7tglnXN%vkF`KP7!bDSYt>1QpO
zwSTW)U*rXw)tWrZ_|Pk-<YiH3s{5u7wyBHd;2D_tokfao`^+&B1yUwRS-6g#xN^=)
zMqB@Gq_W;`{~nM%`ch3tZfWX=ct7`iINLPt!;)4?9iz}bq<Ub>MeX;{u46#jYX9As
z`X$!iLa)PEGEg%P`b26Xu93o;5zuGa^E?dtBrL=2flIq*k1%*_uYJ?c)C&MR2?1rF
zy)!1zdnaMQE`c6S$H+wm<e@S$dGO)@K`}zPsoEblCgMw*S6vyWE!S?N9Gbs}nf$50
z@9K_HS8kpM%<dE5E5PqhNBh~w#P~hG@kcfIdlQ%)Vgp$mlSdJeOdw_yB#ZFM^%E9x
z+{QS_B=dafz@MG(=idL7<DlMT{7G$m;>b5W=CAMi>BdOlvw8$_{+yZ4hD{3xy@%XB
z9ahjOE*pnVvCL<@f>K$<W-C8+Jww|ZJW)<Kyj{C03!FB&hBy!wl5Ikkq=<n{vPQ&s
z?4J9;%Kmag+q+fIB6#guf|4A{6r|{)G}>!aTM-@IarWzIHCU9}|99W_GZ*85`$%tM
z!DED^2Ur+p^M+)H;^*~^v08R79|I1cWp@DuT{j8ri|NNL$S{K_vIF!n6y9!4Pz0Gq
z!V*@7n8_igj^Q4{&~m+X^qE2#IZs}w`)es=7bysAIO4ay?z(fTCeFdi?NhC}i*ovW
z8^fuI?7ON%kwujO;Q>bq{1))1)A62w--~qeuRwkc)MpO`{0beB#B=6FIc53<3bLj!
zn#G#35E4_={e9&W<M5J#zZL+r0qkAixHxeK9#E8i#$S_Z*8rgwB-WC^F67<RNJDio
zea-o$x}3kpakJe{yG?r;W#tW8@;q&qjjEHVIt!Z?42sp8SDV(hA?wOLV4alH&IGIr
z_U1h|LG8*37jM(zF(Rzj8`ABTljAw>ojoMYi#oPpM~0uOSwO2WY!1t}zH!QtPB3MP
zlv&00wY_v9K&8BFKl|_9XRUhS>H*-__Gs=4`s{qRL6{c?5kY_vSkD0PlOX#Ql4~j}
z<b5d4!CsFY2ya|4Imin7y@93|{*J{`yMgY;?dKEmz@u>iq;ELGKn9)!!r((7*EZ>a
zfuQ#Ob28)vYM+mo@M|OlEMKfIAd{Ems~jT{s~ex-{{LstQS9VzYUN(n4ZH7{y#(ak
z)3{or)S4uoQ>uf?JTE|g<MB`aKr$Wi3HZG*<MB^^zuf%ae(Kj%)p+`s4>SK&xh9o5
zLz}5*EmU_If!A+e<775twaVBgIprkte5pUvkatU0^mU*@EW?F<mR~>Wp*2ClW&a$&
zDP7i`-PhM)0*f*9A|X0NN+9x~18J?9j99_+7Mo||6|oq<CS=_u1I03gQC_r!@|;nd
zV%$mfLx8d@NY)#&tl%T}uJiVzGmJpgGJO3EFJ;9$DBI$_K0X@wyWet+Mf?QGDmPDQ
z!q{!R)`A85z^i`k?74;ZP8^4#RU`d(yH3D?--CUAGO|-4u;;&DJ3@hxyuJ|Vl90AI
z?4l_$(jPdoUjKE$<xDupz6bgO#xxe_>m7$+ULT_@sRKwy`v3{|`GtB5M^B=W_=gwh
zo?2`ROl~M7;!ov`x|h$(?z5P_DuPDUhEg8e$3*vC<x!|AyYGN!KnZ+FP`^DL?Fsn3
za6>7+R-3$h>!FTq5yfQjj5wb%{rX?GRaed3Yp0wp7d&{lCCLg(GXcMs`m^<9pKgSo
zv}~Z(R@k`;Sb_F({f5Ecs9Y308KRr@*MYP;_fI_V=L^FcgBK@S-OmWLO(s+T;CKK~
zET+^mMezZkACj(=kS8h0c8iE1D-+7*m@3_dwJRMt4|HwxqLteRs5;Y`Pu$Lk$tlYe
zOwqAUmP2aWdfv+%^m>YXme6M%B!m*x9(NM8XJH>WQ3pX{An(ms4za!EhKyZouxOn{
zArL1c07-`Al{n6z;jna{)w2WVO~8qB7wD5P=o<}Ix0y)B9XW*^xqQ+$a~Wjn0<7+s
ztLqEM_K6XSRgNhQIdgvftr&xLCvF_3uV(ie)~}U+_U3k`apmf++SDbA4|xuxz^`h!
zKOON2_`QfDufrw(7vRnzHei$@nawyZGSt-T*DJUpttbmal9p`Je3E%yD)2Y-dsVC(
zX>-Wi=mOjMzs~}8;ICu!?8JkLZPVa_KRe1H02qCcN$sjxNlLYYXH+BW)2dspm2tYP
zT+{z2tu#_uu%=-KyLg7CplzK(t@q`=vW|kNQK>P)cD*H8Z#i1dcyRWJO}ecBo;CBY
zROo^AH(Plt{H51VxH(UdM&@aX9?%k0CADoqpmIUo2<tamU#oo<dOzUK2LU@6ALAuT
zwwS{NwlUnl2LmDHGUT91-`z6^m@Ggk1VCgz*Dlx_*aL~ayp!SB1_vye!9K-a-?n|+
zj0}KJhBNzQ=#w7^jQ7LZUy?5xDGk|qh7^$B`Z!;HtLfA89<AgvaE;dnFHOJlG_K}o
z>QOoDN$?2x4PokUdR}9)h<uLY>?gk80KZe4yc}-&Bc72)Gx}3*SNKsI^xeCD%AM0=
zR-2S<QcN)pmu!A<xCWPi-$ZEn0k==5PIcJ=Q-^H#ido<BvvozJ*H2_`%XoqCQqRJ}
zNDXgG=^WO?&F#i>1Z`g_bwInd9b@&9IR=-dA=#`+lZ0D0kC`uG3L~A-gWcn2Nk47I
zphJDl^{M!_Z$9D1LXcuxMLF1^=K&{9+o?1hl5Tpz?Y$g0`n_Jy^dRg$+BtN3V8(YA
zwZi0k??(bmTwocod+wU$ZRb(^V}cv<4#ECBmqoPQLGA0o1fm$ikqx$+Xc+X-%lGS<
zx!5_1gL!>Jtfj?}%dX5mb})>D<;FpP|KhTJ)G-bwFA)@9nSGpG;%-96k8QA{9MC8<
z)zp>lu5G2K`s0c|(s)i5&klOJ0{;T|{j;C={t5U!r!g^p&wZ$in)Um8hcbCFN|VfH
zEX!<~ZF9bEg&W69ZX7N7PY)lHqy@%I_lisN`39Umede!qwyd8wM$mfL88jI3-a2zy
zPM#KBXvM$x9Y3wUKb!4qC6`TM?Z1X5x6cZZuNg40v&=2|r_?KGm@&&_zGeWeaCTg|
zXcPV}^?Pk+0F@%kGPdh2B2bnYMoP!UuO|a*BOSD3_wL9%wc?YvauzzLC{r+bKcKuR
zu5EVDtKX}h$Uu>;#xnXmqZivjRE;(Y?ll475<?QWE7|KG3U&|4LU%|Td;N9<%t}l^
z3ff=BW!(IAGvdxE0kajtxquR2@9g&$>|+dv#|LI_s`V@7#8C9!`_Rvx#M3wiOJgpo
z^0ep4H}oDV<m()h8;sKY&U;7X%}uY3Vd+eonvixou0?c}4~m-HJg@RFD7Nt&b6EZ;
z0e-dqIgJVUy|5#x`~3bC_?E)}oNA^ek5cAkaploK^L?z9LW?3xOSV}-nirT!=Xs^T
zpR#aT>%$^l&!6iIIui2Ug1W}-Q(DxqGw#7l6=-c`#0n>Gid4Jrui4k;4Oqr6#xj0s
zWSuSG3jjbYmr${Hq<KAE=silc<t-wln=R{$70Y?d`FhPNU!!Z8XXoTM9O>Zn|DZ5p
z_~ffc+*u}2ZYxL6R_5vXuQ-Le^`W*X)p|b`Xj6eq_rXG3cpqSIY&{Z!d3*GT4Vl3N
z7%tzbbI>_bJdilBPCF#tj*JL`(>^;V0Z=9Za3(S)E%l-whWhk+j+;XOw#w=2gS(I+
zj|Vz?&kcY*?=zIa&+Y}if0j_Ja>}g4oP31;=RYWNqtH>s=3z1U4&xVOe5P@gM;^zd
zhh_T!{uua;n)#c?1pHpiarP76C%69hpZ+rNFAoL$01Bl^qB(O@PRi%Hz_@m_;MU0z
z=bNmGaVVz#zN-fQ8h|D}93gIm!wC3u89mGGvvJI<={Dc(Q!Im$reDrBeNis*tO044
zzlZ1g*|3JHrRkJo6xwa04*=aRzAmz&*?{t3N)s7jjH&wjwh143^#(Fac=W&!$8lE_
z*0cZJL-!m$o8nNRFrxTdpFZY8*EW=S-Qy>gIhE>SB!b{=2-G>iNO@*3ct_xAngIh&
zpaI|)H1*s|_BZ7G>1Wg7vZ4}l_$1gXCp$9!d_A!+V6+l2jp<2_gKV8AMU~<G7zBO7
zK+HnGcqQNtDvZP`47Oqp?aNp&``Bmw0u5EgI24;4F~Xy3pCXNx9Yb%idU)5k|6KoC
zpT?E?4py*@=9Gtz@%VM%YiB?4eN!bj0lyc1oCE(H`0T+<UUY5pQl`XL*tN1Ll8rK4
zJDPLv#wlO>`Z?QligCE?pSxm2_9+d6W(T)>Ie$ao&m;c)p!bR$Gt~^a_@J(qaY~mF
zsI+pT>XhZ)DI(}bf{6~Wf69_LcI)qOTqjX$95EXJD57d6+?GfRMnPjSqr}cAgd)$_
zuGb(!k|!vgIYnX1`Z+Ss8c;XUUiI<~v@{4GyOD7^%P6uG%FJ@}1ZAwqhUNn_p4*NC
z>Qq;tE4!+7!J(4_sGbw>3raI>W^xSZ`K+6zTeX0e16Z1SyHX?Wo8p0Bte!pPff>^S
zk<#?-(a0o~8!^!WKI6KIwvM_!IIVgP`^+2`OK9rF2TW~7bMmZXX{0`e#>04_@b)3+
zPybjccia96Fv#}3_&3cmsbU<I2*3B}8rw4J;u&=Rferd>`F4{PI_39W$x-O2GIi1F
zkaHYg2fi@LJSX7yQjD{o_`dws|MAnm2kQ5Mzk8_d<WWo-&6%0>idO%fBuCZX|0Wlb
ztRPKGrWA+Ejr^nyZO4mx5Vs)Lc3YPf^)M3hZc7TCpmzs$n5qv(T*k?F{S;#bzAI(>
zSJowTv#haV4H~Af4qmt9pAAq`&2q}leK##QYOs{Gc?-OD@1?EXjF4^<E*?K&F^?&v
zV0E!V>pIN2?)_<gubzv#=WFu^JKw7`hL7D|^4dub#THXk`F*yWQ+(5$T3+iG;(j>0
zGXpRH&Io{tT?EBY$ojs^?Z|xd0HH|V{W1tnj0`e(!9F%e(m9snCxL!CAC&c3!tQOD
z9>5aup9|*&_CxB!tYdgN+t_AD6vK$Ii`cV3U6XG3ScdxghSvQe-ZD+q-&Z6B`s5bB
z^Uj=guF;V~w?<8oBi(MUdrfEHq<iwuX<W6D#B&NA^&@tk@Axg?kIsJlvy;s8IgiQJ
z^I${WuW9P-p|)U@CW$`~y8VR)e<H&1e8#=&C!DWSwrz~Vqz<?e*xxIz#p|K!`&3A{
zMGEO*g!c9BGvU`d^=jYs6S0e3k1>$WXa(DZ-Z6-D1Fyw$676So+isY)F{O0wqqt_6
zMucRuA<Gg@PUhUWwjeLcw%<qD`CeoFeb(2C5#g_VY{{E<6lGD#JTYa!Ez>zj^*$QQ
z)zfm$bim9W?wil*@VRqcCg8wn!rQW3JslGj8FKa{?DSc?bjr~3V!3j9`ysxYDj{j6
z?Of`vTL{ZJrDYF&S?UnzlV=Bg;$M}r19bcU4}6|IW1U@~?<Kic7DBNpki2Al?M=?i
zQL8lQ_3LWe$y2pJuadm0UXSfGuFfdxy3?qG!iNjsi@=lVh(G@^F@A>|o7#r<e**r}
zL2l$g7DeQ7Ok5OKx7AM+$BP-S-@d`y_t$Kbf})%ziLMg(>t%O4vd`LlMcK~_MpT>o
z=Sx4uQ5br`?}5I*$^q1t@VVQ@j`wR=M^FCQn7>r=Ple4fDyyxkDZOaeLz`)^*vu~5
zPe62ExG0^AC_s@HtS{Ceke4}0A)uq$t+SJNswjdevU>iS!cjTypMqdS^ZJc~+sm9{
zokA1ipt@_<`H97B5^(iwIwJj|doaBHP{rv`f0qQ#PZIze!P$!eLlF<)gk+>UdiV%A
zf(EuHw!>%0sWY?=k#LV6f!Fx`fFq!<f2>Es*GCz?u)K57n8n$I^ba#5F%U2CD6@hx
zDNsuI_sMNmX4yG+YCE(&0@YpL)P22Z8z4@=@2ZY0j>)6w(3|;xf!{v+@z18y5r6(;
zV*Cy?&VKx}QagM8q1%A)oM&IOW*f~gSM4Tju_<k#EQ&PCNz$BhigCDd;BPeNPo#5`
zrvqEPD8M1NeJ|_JH;<4uUyVLXIFR{AAkVLPp%L-CBE_k<+YCN&%3s8|Y@QtuE^U@u
zw@o90sb7<)DeLod=5dUU6z@KMg4QmWYqI=okcanw`<T3PE#|e;3{`G0Wm36$+QEY|
zz@oLGf?iIZ&00FgCB)XTo3VR84+$`9;xUzC5K}$Etldy<pLC3&m>^TwUyrwZ_u;lZ
zgA!u%9K#k<GlBhO!U65H+aAvHGl6jSkO|BVfavt}nLwW+BO&c!XHy{*Og|3fWW?y_
zg`ag5C^jYKwji1>`OUXyyq8c#-KhS<pTr?xo-~cCH;k$x9E!uTeWuRB{>pU3C*b!o
zj(35d2i`v1{alenGcp}r%_A(rEY`eo?Sv=i3EQ+J&C4mqVFG`B@Mnd*cXel|oRg8D
zcTeVNnQ^$`?fsZBY;f4(2N$`Cv!CLf$3A$(k#k~8H;weR*GcsnnV?-y3){_xJV{v0
zBJSKi##o{4D)0yaz#35lP?qqSdka4EYFxQ_7FCRcV8XJ*!Ju>t4BCO|7C7vKL9e)%
z=NsbQg1a8b+wmR-pSL8UB92_wk@?ynHx&Hdg6dih8UmNt=YqH_A9f$0*N5jUV@5z>
zI4E91tlTK*qYwIe7q*Opz8*l60P(6uqcnzNH(sK9qY;WtM!C%?uD{MBZc>zZ*R~E`
z-`%xcH%m`d<CPtmj>)2f3kAOn{K6#jJlvS1o(CLfKmJ*{^?&}%mw-P3K5{7CQ5HpH
z@r=1CuU4ydEu)*yB0hQV77yRswEcb4tmKu3fFmLAp<L?PP-L&HKRg-eP~=1Nw|?wH
zRcl(gbjmg~u_UMU3mYSrp!~C0UUfNsV4FGCkrBPjJE<K(E2g|G3O45#h%p!pn{3+#
zI#)8!$a$#xLFCK7bbA~PiVs~Y`S59h*``&0UjrEGgH#<8-Opg~uir7YLHR(U`$I6x
z{r#R&`#rha`hPUYoq%BrVHstw?~P$Or3Y*r@ZF1%*de2IVi-ouS=a&kka5sQD7R2{
zOF2VQSs(N{_Xy9yGc;Kg{A^$F_y%j3qNLcCD1@(=+dSsPV(@h<>9!qvE6Jzb_eYoG
zsVAA|RU3xNNxsnfkcKV>_yge2&VKB(Qx!J>zn68WFV{_~e+{^PkSj$gwo%MdN6gIC
z=xwvVz%`%^WLZIy6qMz3zqqoH&+6d|gTJnauO+COHZ$=YKYj3rwT@nhdy}iDIvg?v
z9&H?A0l*5|sb2420{~UqFDOp_pV<4W+&;s~6;xV32EpwEL<vQfu|7X1(wgJr8TTKZ
zp=*b~s>d(D`03j2L0NGO%{@tk<AvrU*9w-bNXisU=Joe=PNdy&R2~SlgS1ruys0qI
zQUe)$a)1*qxPh@C_W^)m%Y7MPuY6+^pA{YhS+XP8JtVyp)BBtBoJeI*W;yJ%xdZey
zuAw2IH}+l#0mIO-H~r5+23`;2POdNbD3g+Mn-j+|fAHXludX5@O*^sEUe}g!Q*{|x
z5e{t#j7)BxS8x<jL=w#oZR+v}_?0@!VHyV-6KQ|oarR^1n*qN8eD#pqNu!uFim%2E
z+4`c_DDGW9<$RT~NehxJpJbjB_zOmC`wpNXl1OC0u`{#|kwEsdIPy*Li|!%UPki~N
z*Zb$VU3SH^C1`Zb7-c{LDz0p>=?hFZTe59R6e(`sIi@tm>i4mnJay;bsanTBKhU{a
z=g05N_%Gj>QRE3yY^(l00{wT+`x=mFw(ruDdpb^<&*0p-*TZw~bR0ZwnWpS5`IMf^
zXJ9>!d#Km@XS=}KCM(XiO?Qk398P7ZhcL9ygS~=;qb5cJ<cC0?5Y|lx`uc(Z*2jV3
zTt~woQ3BX*ppWk*0ewj2=2>hqIJv`DiyNFL(wAv_4!w=cy9;SoQ+D4~{Z2)ZL^1i{
zTZ;Y^_?@#K``%(Y>W3Q><M+XgFV*1hQ^4X78>pfkW*n6Tv0Ux|J881gP{fhqn?7`#
z^T!FBw3uQXrqKgk%3`Bj=8rbyyk)~$8KlLgH7jgm^lH{k+43=E$vMGb>d<u6<>$3|
zfnDyOvcX>y%x=j)tIaATP~eK{vifX(OB#mI&NOshuAB@+V@fs`7Z_7gmYTEGMVHrS
zIsGXeq1#920;qdMA{bG;dSdwGEkl{4U5tavb$b6-t?brKOzgtW`z5E9)~*J!{+{oh
zXT;Gn@LUfg?9TQZ1U%w7QU;ko`hn+u58se+N-u2P273fdStOVd=qx{yq1T?rLo(KZ
z@bxg5WH19!Lf{kz<fC{Y?E|@rFAL}cOeqve0fpgVbeAX5ol3>6wR4?2*R<vIscR+>
z?Hj&K<Eo5YM<nsVO$67qI_}S=BYxO1F@7JwIQy~hJqNx})7S?asgB8_=nAyAxy3;w
ziYzNhlANNPQroBDoh`khmmZK33p=!?FCqhAa$r5;yLs9?gXKu+6z2o(pN<kv!X_{t
z0~qokltAoR$L>_m7g^5g$zv3TTepsQcz#|-G`I#Xm8E<4Q1t`lW~_?{%emqs*9}MN
zyb5h^`ukevNRQcKKi5m?y=R*tG+|b5h@E@dhr{}fWb|2vEKXiu$k4@MD@~taG<KFA
zmMPCb{vIB)XFGM`MKAP#7QKCQSVV?gSUn&YlC};2Gx33*pY6C4^f3zhf+6yZL^y;%
zA1^QH129=hvCfIK;@>`A@Tcc<qR5qO(*V2nn)Z#Gtf`a<^j)zzR7DoWAB2J6Tfi63
ze(ZZU(@{U{m>9ngZu}Oge+higp^kg0BR0{TMOhMEYSv5DOpfB-^%GW`j3g~c(y701
z8pGgEDRCGgadP@9Ca=vPrvow0?6$P-D8b&nP&1#<nYT1A?+jclGZs1n7-`r)`#q@E
z*2T>LY>RW%nl322bhY~96!xxH1#z<7k|h}cckZ6>@avDQ-XA;5%MN+2j2{FmyuF@B
z6oFSxBmU;cBg#C%lv_-hgOt`@*tvaP4<EQagKgiR@(xJozsmZ2Jl^j)-WvMk-dNV$
zP==pxPBH{60t{cz?NvgqMb3FV2z=~5zF>Br{k-u26(jw5Pm!@VWLmQe^dY05FBs|`
zWbcMRAHyK?C7B~Flal;AB|f^&TbsMwUkkISFYm0b>By3K+Sj!;5hQAA@w-B!R8?eH
zsSXPK(kk~_et$aR6Y#r4BYJ=`UjY7F;O2qu@uYD~W@3(t{4!5LRYjeGPu#nSNno26
zQ;fqj_5gqVx?5QeEygHknTi3lq@P2^Ex3X2BC6;7X_V<EEn0IJOUh__vNQ~js@ywK
zb<M3T0N4YKg47WV((^%SSSZzEEv3L1!*;czEDE#|9$lPQ@3qJ7b#8w)JD@|1A8_+X
z_?EjFCQqSAK#HELq6<Z}1K3=X7x7G9uq2m(B2@OpdLsqw-UYtw*l2)JGGpLyhny2P
z>LCOI#~m^m4Px(uKJkoD!tR=bhB6~k&+1nbUKU>t%7`>|2k5iUC6PTo=a)OW!FeY}
zD7HCLl&p_$aW=nK*+SK!>|J=favs%nPZ!@%8^Lr&FVnaZ-<fqyna1&<Klew#ublnp
z_f8QGAHbNTo*&RS`?2p9;MagZI^>jLt|PX3hPkwNXIq*loX+Nyc}bEM<YhUXXw%rU
zP#>!8Jh`Tm_cw0*G8*`fpPkmo0K*0__QpkIzyZH6|ExAqXUdtd1hfGSMxe+G){mcH
zih_IhZt!rmsv()3?G<qKtd|j64py&UYq-8BInn2cNs%(EGx%IU;26z#xqNN-H#^Ky
zFvAkho?O$)zJndF^|ld|ewuz*ydPlhzb~^p->?0=Lp^Uz4x=xLq;J5|%h<DjHv~*#
z0_H8PEO(f#lf4){7mNxLG^u%d(6=L?z4@Gx0X9|wfSRWOi7)uwt~3;@0u6jES@Q4B
zPl!|~v|T$UE<Fd|3GH3UQ8~uX4jtHD0>4+O;->LIjEV94V8?$1ei`_y!17QVN#dBS
zj9HeK&=|@3^1X4iWWCNvvYc(2Qx;Qy-!yidK91qZaMqviST3#CiWm6+mgz_+_Q5i8
z8CbW=7+R(?&THy|w2^=+J3^w9e_|;+1wl7vF20JgUNTJ*@-#&dZrnWL;k!>jlq>a8
z8dTKEJA;oZ*Z~2qFE#)5Cu1nzLyDw|aqzA4L%E9nF|rHqUB)eHAB=CCv&fExcl{nZ
zvGCZuf!77H;KtcKb_A6ZHf~`co?xKwtq<S=fX`Z|jAiEyfHIMQW9NtrRmR>&(ACpe
z#y}=0;~aJXmEpX;mk{&;nADJ6q(rkhU(IgtCl9GudTLkRI<lpadUjC`EzQ?n+xE|C
zT#b?H8Oh-T+gHFZ)jfXGn1J7<8wK#sf&Ur!3x~Rc<~m{<&sdtW%I~^lxKGu^%V$1x
z8)aaV6eL;Eueqi%je#27k!l8?ufW$(_<K(>>aEXPb1(N#EcZ$k>f38x(*s1USE&<K
z*8#u|fTF5AJ$t{D1p>twwig!^X-XVv9-Kd^*6X<axh|f%jdiGGo;^muz)39pwU3ra
zks(Eblts;=S#nPMT2;zpNR{KF+RN&5`YdtLE@O99^$f-P9{N#{(TOViN%v`SL20iy
zZ7g5T&;MhmjI#%>`ffsj_q0!M-3TZXaWe{cxqkLC_{Q8pebC21pCQBh%#M)um(eoK
zK#>%bNkOr^&H3zgj2L1ax7Ya4qjmW7OkO58&#N;^rP;<aN_|kaPk=uGzIgVde}Agr
zCg6AZ#@UbleYy1yfA)`S*6&*mc_nS58OKp^DOo>J3S;1OHY48_Y?6G6ahS$aUnE_m
zfp6Z@{i2j=0b$3qNe$vuzus*l8&t3FugCs1EQ1Fk8*pa#|Ahcx%QGsEjPZK_?ZVZH
zh$!>C0)BbU>#yJCQF4wEsr&Xir$6V>%06{h2&#_lQ(Cxn40mTwkhF?%5GiV?YTO<@
z)%8d^*o*+a@iCnQK%J5U*XXjxpC$MQ8C<4g!W16h+vSew=T7#VET0DOjW}X5<gUpc
zz^!w$4Q^xPwK5p9Fp}Bl>{r0NWdNwkz~}Z--{Oo=taFqI5Ap?nT--soq3xmkK3D#!
zf|Ae)_+6EeMiEIIANndNfS;ct946p*$%jgTp98)hc=KRalaAO#Gv;M+c^Wybevs?O
zbF#D`O)59fDaK(M@As7Ivi>RnVY7N7c3^b%H?3;|OLbsMp~e9q7Mo}RKw48v%ZXAc
z5A=w&92R@$2GLj4Vdn-a0kGG;A0=c-LY5>|uk7^&Po6}SrgUccwbIVR>G|_HQxO)i
z=5M?iqstYhOfW@S^|mR6)Y*oP*+v_n*zA_>vw2|U`{_=C=n#0SCnHru!0`RgICa||
zGU{v%XDs@*vJI*;9c9F<rFl;t*mAr{Y^R^b4XAPbF(XW0w{IdQ4DJXSv#7qT(*c)i
zM1m=v?9|#%i`@(Yz8%054<Jj^#}~{t9FvPOY?1>nt;7?+6o%|PMeB(7%r$=hzCvp%
z1DAU8Mk`h2^!0jqn@dx*_qGZ0U7b-X#WtQ(sDnp1{2A~I&W&{%6Y#ri<LpPj$K3jd
zKlddRzXJTP2fOLly?%Kau`rk8nzCE<-@J2!NNLtdPLdXwN#{9@X9a-1T(c+Z6f6AP
z>I-Zm8<fLHIjmjJ{j>YUcSkp397$Eky%Vbsur12O21v^GTd7~)?TZ-0X0;|w66W(6
z@0~v(H)X}-S)uKCZl0~<U(E<M5f9CpXOZwXJ_bmR<O$OB_gQYDc>C4%$5DgBfDBXx
zfLE_qGE}qM2vMHb9Y{u(5d>v?7RfUlkpYIu^w%#v7f?^eX#AYL0V!ka&bddfopj$M
zGMJf%^?3wbJG~J24*YqqBM`kHLvafIp!+Vf&_6%+m&#r?(1$>o78IKtiI$uneVmI_
zh-Y=5u5MylqWWQ7&)V+aZLW3IP0~!`a(@>BSroC2VpolFm`(j6@bAt(|2<Oy_W_Q{
z)$<!M6c@nH0$)4iW^x^|iRY~(>~h?assif9(VR#rlBAAtn1J6jp2O)SySzB8;Pc)x
zA?MG%+&@E3qIM8>zvg$G4tqiHmK$iOl}v=PC`i^96j{oLUcEtPOobm*1^B9mMnzHe
zsGn=WUr_ob%p&2#iziU#NV!Fs!gY+a-rHcPx$VN~1&R0m+3O0rf6@;ef93~{bEf~O
zdd*}!{N4FL`}^#yZ)jOR>|Mg($aVNM1L5!V%wHtv*f|pZ?(KVUxe(YI1bsX5{bWQ!
zJKCFQgYmIhgO~R^MMNkz1yUN;GUre84>>)#?e*;>T~m0aU9;S=ZQHgrv29N5%*5t|
z6Wf~Dwr$(C?VSDn=Vm|aa=i<^S5<dc@mqT|lkGQc0Cn-)C_<DY<k^d7phBU(^EA56
z=9RyVfOR`QU_-0N-NhY`F}_zw0o#yYy?JWrkSh`_!^%^8W-+|6RVAsC>GU*lb2XEW
zcloIbWzSyxHVH^5B66#r-84ovaGvv^=*z6Wmgb@yAR7imS{A5AkLf2R@%Z8{EXG(k
zuCdQhyuG<^q2psKXc^XMe?cCygm8X;UqEz+5(py@fSt6sg*XB#`wJ@wnPxGApwX=)
zx>iYtn1z-GN+~DPr~84r0uuzbkUja=q?Iq{4ih|k`UP^aq?KmDU7{BE5mOD~kGL48
z3`FLaxSZ^NR-U<>lr=&(=d-9p71MUx>mso(f{0B+Gm43J7)O}L8^>eCpI98?vTceU
z<cv-6!=eHO`-G>sdT<iTLj;ROpr*$`-T(#YclYpOw=H^iHrGQg*Hyy@9BEm}d=6x{
z4H)of2kpFM^F&e(IRHcOua}GaZMOfi0dDFcZH8QpzIeZ`W3g^I)7h9*WnG_8edA_P
z01h3VSqZO^_4Nqr1-bN8P1BMzuF58nB68t0vU1AALq>ApEEFoqiQ*#K=&7Xr=w^)-
zEU9&0e%hU1+M!Fh7*>hVx;Moxf1*vC`N@DkY65C{t<q)Gq!IaVujxKzY{9g0C5XRY
z^kR<|JM7d%!FI^?dY<ubyq~8HZras_=?>pA!xoB|?7c;y9_S6Wk%ERJaFibZ%y`PT
zt=8#Hxc{mpRV_+#Z~PQoi?UT(QWQVXX_pO#=)OdYz~L!c5ncr{9RPzsbH*>04J7Dj
zlbYE>FQ$~@4xG!il2x1Sw*)F5PFpTvCqp_Bm?J{sNP+%2QNSp6LE0yDn`_8&tEQeP
z(h7$~`@=sTNQ&}{k+XLGT%_CynYw#;H8ICa`K@<aBQ{@o@1W>47{Uqzp>(Ox<i#9g
z{3@|ie`B=iQ6Mq)jIomgqH6RG{!ul>{r=&0-262w^sd>{4cWD?<fblC8$}vTIyu+z
z0dfqw!K+gf#-33?JPtdN<Z^!zn2q;K6O*TinngUC<}dETA-c9qni;ys5{U3=-Qu1W
znmCHG8U`c^vJC_-xki{+bi0{BGT%5EgqY59tMaCxjk*qTp+CL2ij;K|OErOxIy%}Q
zTmEXMB_~<-blBe6H*a*-w@slg=2@#&G*YWCueT9daJdPQv!-m*5Hq2_)ABeoz*b9~
z4>aGP2E@N94?ciUcpYJ(FEq7|SYJQ3P<P9FpYW8PYE;F!fPNoJU6OO57V&Z0`JJou
z@4yw15#5cNcS@Ablj=#V+G^wx7C=71t1clVJ~N{aJip5SVX>X3FKFk_;cpa#rX^~`
z1aN%%`Fs)C;q$%%x*oUX>dNifR0dM+#{?ZQ46n1&-#X9bhXZi^M{K|C|1{1rRuJ!T
zH1SgRrNyw@B%Je9{YcrD$L3ZVCh`{~bEuFgJX*@x`9!uC&<*p^3k(?TnbB{+eOP<3
zCb+!e3Rn+alPV&Ow;bwAO-XpHe-k&4>qGBbLMOLU&`8w7*r0MDiowpKzsDTG(2f{&
z8sn#$MvY(xx=f6*I&ehXdrTM$nzWW!c%+$#jYN@5!&T|??Y%vsDJaIIPMRbJQb(6*
zd;e*mr;)eAC++LMX9!OH_0s^WPlv9Gh(UYG__$tg%DCYXlm?-QdbNVBj{bP}9~@`K
zpI3UyC0zM{)J#Y9I(b=G)u6uDO!qFMCN1P?ECQ*_>G1uQ?8zcC=<Vy$WjJrQRH5=4
zPLll;MtA+!;)WcG6<~uBaKJZnk#x4)PR2UJFE8D^4of`%8s|u!rLK(K7>6(w>G$sS
zo$9-%Fj3n9C$4h%EPcv*poNBj0iC$}%81bd;Vz{VWquwG1$f_?3%&KBy|eNUxPZBH
zWwtjlic$I|<Rc?;t+Q7gg<gx!AqAUL08R5Dx#6TFy9`jo89DXRn4wC6{gkFTDDSWi
zj>YMIdb%~@7j>z$kqq44f}+ejPQneL1)6f4T(%o#wDG6@Z(lb4yC1;BIq-g{@6`AB
zIn@{l6|RV}jMurBY73F|g*xCn`LI|#l9Nco-N^z?jG(wR0g7X&s+j2F3UQQ)+A?wK
zJylX@b?kW~Y$b)k#Z<uZkLhp=r<wFQY)-4GJJYGljAHy8`fv-3-0`TN3C9&pIE5^k
zV8^GJNgjqT9HRd!eEBeJNb`mBu3*Wh>jUpAenp7j(57P4%uEP*2SISP{_fbZ<TNSD
zrI%^SNUX2NSeGB;pPNW5qE~4;#?m7fr+~|vOk+r%NS2(ygv-~4Kzy{-kQT?&o}ZuM
z178s;zMcj{;Y2g<zRv3OtEvC47EtZzYBi_=nj2|gp{$w%;rrf+Wv_U8Y)Vmrd!vG1
z)h*bPVsTglV9xLPG<9A(K)OlYH;2Y+DqjG31<Vf<tppp<jL7m?H4h?)X+`})hyV~f
zgBX4RaCi?Cm|w5{+0!h99nW%l#AviACnk`T$lkMZ+36F)hUhlR0R#~gPB#zTRB)oc
z*(4Hi`d(2&9_6mD;@Zp37E1@RtzJ97fOTBqabhSL)I<1B^_V+`pxr)Cuh-dfz|5hW
zc<A1E50-y7{09Gm`5ZM6Wu+cNe#ZOsa%_)6?hefc&U;J*H2@io)N#NEZmIdaLrU=h
zaF@u@J#=c_JQNJZIpnh%U7Z_twl-Cd#(9FVHP#aoY$P+Y30Vv$l;SA4LOkN*O?hGp
z4rZ<AL0a3Ot4#&tG%e|xL#H^glm)dAY82ZeOeM6^-@yDbG5Hl>o3T4w#-cRsf7$U^
zRI!UE-@n+3H>~|)&0tZDU?25(xFLu@b>=r|(qk49H1Fc3G@uVZzLz1?;ae9#0Kh|Z
zL9GfYf2svSR$RjRZO?umOA15JnGKYlxkX*E_%B>o*J&pd>Rxraro8A(c%5@7>jm+Z
z4_8P1J~8vQTAr=ns#MhPHd2s@bBJTD{s+K)y#(+TC#K*W=O6)FtwPD|Jk_)Na>Wt8
zPyq<w!e#ISVt)+U;ZAD#W;!N!*1;waA?x=8x<GmktNWujd$fx9S+9y<$Z&ivj9^7`
z?M(fKe_X?`1W!Xg7#_6tv(nHcfClYd{&Og!bS&7ewt2p5Qs^WBOWhLi!%eYEl&KB3
zFb%bM->O{gs#cWr0rk~%&HNm3b8z_Fnf`{o>1;f>XRi0}p^V`1T-6eyo6!1~iw=Y~
zqp))wJ7#jfOETGjkxA!>anpXJ`Mim$8pNyUt0MU?&hwSt@xue7Sj0U!8Cw7CB;*SW
zrM&dtc=B;2k1fn09UEtUhb(s8W6ln3{hZZ$-!(rZ(9Y-mE*hXautsggW&ZS;-xvg;
zeLXLs!j9?a=%a}O76u=-1MA&kWP<j@54w1lv7q`;y@PAiX)OBam^6myG=`LczZA3H
z3h0Ag0X<4PUNuejvg(J%2?i}~u&Ejmhs0;$^>}1hzn#toU_CTT#$Xm;!mGa$j&V-S
z5kQ00<{S#ozOp&TM4A&oCPh7nk$GuSiM=m0CMsV*RP0&A15-C(&on;eI*%@DSwB1_
z2o#iF0a7*r{|HZ?;e2APr}GWH53axbDhwU4YOq;c<92K&h%+#BB#BOHLscyRJsj_3
zs9P~CLv|C5Y%K~Lv9prMQixZ6id(I4<c85Cg-W)LK$_aJ%l#X-P|OY~$KLCe{zy@~
zdtUyA`|iq0?=0@DW$bd@=IkkLhzQXA`-yCuqt*wAp6>P){S868AX<EL!-ZKZSH)PI
zSWZ$3SgP1U(d-GQTRqs1jT36+og(%qjNYwRi)iRHCxL0R1cp^t`L0zZQ*E0*;|P3^
zJt?Q>DHr=~-y};GlPt4LDw;R<0PP79l>tc<agCc6Y9svs(LxU1?8V1lT)O2Aj&^Oc
z1WsmtqkI6xW%$H*FNp3+(3Z=rxpufsrTyeO_Hetn(zYKpaS$@c8r0b)xnV|P?(xZC
z*kZjGQ!aaLn#x2>tsZR$I`}9_eSFW;?v78;0vT*VyvDxXeYU>`Y(2#IGxG9V9Ek{C
zVe#Yr-d=jl0YSN@xllFJpmVGNlRD~1EM-p|@FPg`m&uO_P72Y<*a(VEFl+G+u1829
zqndQL&fB3VFXu#mTRKPLI^sQ=S{=tWg)*InE8CN%`yML=p-dCr!Q0CPrlvd1?KbR$
z5WLvIAMk%QS#)m;2JEB8az&5QoQ|`b(MuR3-B9ysi_`1Z!4GiUs0sXida6P_DOXS=
z;ZtNu>(%qiV)`6Tt!q74v(a|z?8w^^y0{Lq(t85pUET<qM8SvS&s^8LkNeXS#h&Z2
zn0lhus>@2Ek5{IJifuzd{ID|5&uIDHxeh&4X|N6Mbf@Qouxfta2~GxTL$$PGDU1{)
zOmuCD?81W#j#E$ZY}<8gh)64hNyG0E{i_bgEWO_TM_`X)<IIT`wOV8}35rx*$7g=@
zo;JlaSWIiZSIw^ocMRkAz@C^X64hO`qq1c;jF&d(NmL{S&ah{)0sNV^*bsk1G%<!b
zkbZe9Yp{f{lQ$Ucf?W2Af9u}XEc;Scgd2VnpKjZf=}ci*k`u|Y=HvUY;8Vxy4Fk|<
z*zA5V58oW)Va|xTXQhDL$&At+&W$go^LyLADOu4b;3=bVyWTu_yEIu+oC?p!JrQ?t
z0Cu3X*a)qOw1)8Hzf4Rr6#tf~l`q4FqS3!O8ej`M9x3J5kO3Pyr9lAgC1GAEKVEcV
zyfLfx@^81znN7@sWc2#7OG!i<a(cVjC&Se~&5lC`^H+HSvF@@dW^fAW+@l*3A<~2d
zGK3Wca<rNUp;S4<aoW{}%Uw$ulIz>WjY<2Zyi{9OdSfKQW&hGI`CeYgb~LG)96){N
zPlkx7UwC#h{O3jO$d^$vET{Skn0%{q4zY_t%yLJ7)XoFM-`}yk&s8IAWAr5Jwo+U+
zbB_>a%Kq5S>x{)MK#|uN?*~Rt!rQCC^aboK2D+i?36n^*9`UrX261sVW4wvQkvvd}
zPyb8A371I2`%H${3vB#FwqL)6!<Nry$6LG%Mb1CdzKwb<!1%jsDz#IF^pzri_vC6Z
z{wZZqe_p?hkJ2C~9idx(Igqq>4BWFZ^y&Er^_<2OGjmT-|Bviw9L;>3LYcpu4Sdlk
zN@(HxcrP(x)>bXn+8+eo91sG?or$r%`Fs5~nm@8q#aQ<4k3Cm+vWKIFu{a|mNH8qa
z4wR(x2t?_xM4QZ7HF0jO+TfSBCrAWX-uLQE+s=c%T$2A0n#~>BM+*c>^}T=nS-<9j
zMmEDfiF$eu?wMkqZ&95a)v5@rbsfIw<wUIiUB@JRkp(rB(0XOe({FoF;&n^`;RB7n
z4w|5zz}WqMfLS_V;F^PVZuBX?{Oq;3^}IOnqJQ`EY^&?;#&%nD#{&GzmiG+pCPPAC
z%J-oCZe8f*9$1PX%<#&;;?fdM8a*CHrrLqOZ9$qzZ*0ILu;-l=R{)`H-&M<k*hnHf
zcvg6@4vcxCb#27!dPb4RR)e;fD3j>C>9<38)sB}(FpBYipw1B-EMN|d(4`7S(`Oti
z&s)H@t#v(sD*s+c0M2fkm_^kw#~iiKE}?SEr+{4j+;XGtMW9io!s;3CRp?uy*hZI7
zHB@PMhh?u385f$!qB3?^9=d2aaXk-~Obc`0MI+xwu%a(^*3rjn&Nfy1ii*94?H<ql
zKeVH9vORGOJQQP)(7^4%dy?A5up#G*ob?}=BY=l9T_HH+AH+3YBFW?xIs8YKtwz7u
zk8K-Idu+)-Z0b7FeREv%0h(vpF)BONU4*x9je(@w8oie)kgmxfHAjQ=VP|}u`JlN)
zx{Tgyr^2({=N}I#FciZ`0em>zjn6EuKV!N&cei?Xo}M7QNwb}f7?Wpwk$fl>B}CHT
zQ}?tkK4)%GR>AxYe$Hrav)!pHq$QW^XM7y3vq;16)<x-h_Z*Kl1Id^|iF}i$x1FDt
zpdan&mvlw{1VOs3T7vJdL4?4(VYLXY*@7dq7J({}a32)ZOKxws#zUc1M7K-2$F}o<
z`5!w7)?&00rSz;3<RqK+G)*>5=NPM=5YYG96Q{R<Kj5i~B|Dzh2p(9EzFs4qBQir{
za)@Q}_HYUz)|{(j%HY;q-dOo#i$R~>^hpfs*($4Q#;qOwb0!aXI=!AsPj#=LVBZ2b
zn~Xg0sCyRt$;)XD6CZKonDMCRa1>v9V&3l2WHHyIq=0@;ogHGx_P%HR8)=j7FH>ZM
zLR-d5JXqya1Aoadhl}-vjL7~yTE79Ke93|usm4otZB51|=<=9QzgcPqL>L;>tWimF
z8e52SXVHXHGS%=#m)F>9kmNwqxFOy;vic5FnQ0EUilXL`Htrx*mBofmLF!*{nz>{b
z7b&CSVTY4~oBF4r03&S6#_N`DB(Kf$CuYyM-i5B+<x5sCoL{&2-j(+cRbS1;;NC&X
zi0}``kHpK+bS3x{p-$OQ&pZ!=*v^WbWw}TYlw9cN_%t%v9dA}k&x&Wz*oWNikpFZN
z&)>qcBlQ{Isg)}Ba0Yh+ws~$;!#-}E7pQi)qQ0olkCvwi;~&wC@CM0?b_%@XsEpdQ
zjTnSU3Osr_>6i<>iPy1IAJ3CK6uLHJ?Uqf~5l+oTn>PJf=u@1owpv3h!&2A;KjPNO
zjolm8?vfs18!Lq~qDf0AI0SWzL3gIOR&Vfbb$3FS=Z`Iz8^4DecaZ?yUF8<-x#}h*
z2D7zzcfrZAySOWF8FyZ8na3S_wIEJS@Xp9D>K8fe-&{pw3JWNu*jqBJ50$D0ewU2q
zNjFz~G2v3u+2ppGzy(JDWImhbigx<3(;N1Dh?fFHj<Al%1pHm*a@397&gt$mF9*dF
zJbOIqF6Hzue#|fdl3XcKZJn7UxU;RUrgE6s=;n;!DBXlaN`sab0W<whj}IanjKtia
z&_XXdh7wI2#<r|2h&UkLeAqvRA0!%&{rvQ&lOeb#?sjVf`<2mx@-FiB*>{X-6>Yqo
zRzrl-k`uMVf4l_!<<m>N=ZwwLk)HE8{!`^J-D1_}o$~7Z6VHd(HU|V)Bi{Fq=#?=o
z`UCu<Xg5ky=p)PVo#?x-8^jm(g}sJ*#WqHzA|D6NB<v7^UAh)Fq&2$5h5dL`ypMBy
zw5|`K+IK6X>izMKon*U8n(KTm+)1=+(^!mKK>O}Y(mo+vWSY#N)$Q*OnCq<S*Rj{O
ztMR{Kd)&}hygS94$1Z>uj;YM9KdRccThJrtcQ0zpk)3RIw=PaTx?CJm=bbsUB(`ID
zA3vt}s1gmCo2HjlrjEWR?>X-+<et5t0k|ds{jktoDF?Y2TwC5rCOaRq5b?NEOjA;f
zQ`(uC%!Y($446qck&a}9Ln}f=08Yf>Ij$aOxI+No4+$AIi6RgoAJdz&G+$-jZCQ(=
zPi}Mw<{<o<(nbQnCX#xOhXPB<*!oQ~+PbT2sy1O;!XHD_pbJJvtW2xvz`@->`ex@<
zJFD-Vo^3$mXIYrJ+O|Mk9a6wb`pX`hnc7oDTp#WP)G>2$FQyY}pUJ&UA4b97(x0_#
z9mnhf3^H%3i6%Va%aco+saz7>qTJ-V2$lqcn+%VXOS_CGc5ya2Zu}Of9{<Z7vWHYj
z?^py}gMN*Xa3!9E$>Td!PC%WPIvhlzgG&5K5FZ%6HaPD6glm!(F-SfB;$S4T>o#aJ
zh^t~8X~K(OCy{Le=<#Xa&Bkn#X)0N__`c)f^d*oVo|n5&tVSBANY{c^ujjO}P4`&0
zxFy&2{M_yct_doJxKkszLx_rO*bhpCz#RZ}!!>LC8w`@|3)$pgfx+;^o(D9jk^kX;
z3o8hLy%`{o$L6E#60q{{qJHU~wUE&ET^;9R93Z667I0p7(1#uEV0f%X=kDCQ(X+bB
zb9~M*o}hXpIXrM5+z;S|sB?_^U4Vr~RW+MeR**ZUsUHp%73ASBA7C%VMK?xj@|%5s
zZIX<TUydQSSc$jnzB6BDOS^tv%dy6OE?>uqCS7rh*8NjQqE#VRik7#Y=1HBbeKG5&
ztgaI7afP)$|0U(1a(yBRfXk?Xl-5Ytv@hVI*Gc=WGyIP)(nEd}Yk>Rih5N9C$5e`I
z(@%syqMea}{ZHZ7jJOxA2?o*GUV8i?OfCAqV;tIvOjzK^h@F{>V+9JcGyxAFD!6wp
zAwUAiYkQ#o{yb5FC8JeX(MBJl?R=_t{`aL_wki-cH5^Bjv1ZL96*XT!`y0AH^l$V0
zho&-yX8s#n*?;dFzMv@y!F>#h*7+8yR6ItKsj~XTIeu1Xf0-k)(vpnI#24gxBPydu
z(a$7Om?g*AbCQ=2o1SxsC##sMSI;%hn+V>fEyroyl8=W~=j5VS%tgLuFz5g&@9_QT
zN}HYx*Egz)?$fJcdyAi7Rhfdw4_*&z-{;v@a5Czno@0}yXM-FwNG8{Zr3m{yzb*xI
z5~02@XSmL0WD~hLiV#OOFT7<AM}?E1^9y0KZM*<BsaCaq#*rrI^ELiDq|6}=?Br&n
z7eg?$8ktjMSEXU0NE#JQct^uj6EV?Y7Js|YPNa~ClY3=Nz{w=mrq@a4K$#Mep~1&G
zjGVr}#b)A;I{&&H?q~}oM(9~|zZEaF@pgCmO^S`m(Ope2awk)fdjztiLFm}xsq6<J
zZtu>!-ZseTt^kECxw+n`CZWTy0T?5MXc(xFzIDf&#myx+El`L&o-%Cjvpit0em0vt
zqB|TrM^@LNP8D)m#%o|ULtqB1*>o>z$_O1uXes5ubj4Uj!G;D<Ep6OzH$1axxo-bR
z8!y!AT*o1`>xqi<o-1mcleJL$6elD|(xpPg7j_|~_<v813w&CLFNYmJ@UQZqE${~O
ze<tRXez*4bq?Qm|m~2y;FjhLTM-<b6?`5Q21tY9=rm~*Dr=Ip;%(9h%WIBD?w29!?
zkw7$%O>B~vN<k6Bo$b?3Uo^~TVY`&s#T8x#wu4O=E_Yji30<bPJ%D7xKAd~Z!Zpr@
zoIM)3T-h?j-^>5_fdWq!-*S_aEx}kkT$_im=6x6Hs}=~0IsbD=xZ;OeqB{292E<r~
z7gYnI+$+;u?4UVFlpvOn`#P~4`q74?H~u|?Qup^SG>vtHzrYXR04otdORXgohG~11
zMSx7|=YT-!rhtN=u1hp+B%O<h>2S?(n~NF;rH-<9de48ukM6*RTArPU_I?Q2%dp2t
z^^Qu^EuinKMF<*Vj1WwJ6pKOy4UCkc8MZG6PZbcdaFAkcBjXL+#7U~Nc_nfEi-J=i
z<&WX5LqqlceA7$l<F)IPQaf#f-oe7-cGWV7xgO}4g*J`#an&x_(K#o!BxcGHu4*{X
z>j;upCqjgF(mv2nJ*YE$@CG(&@xh?fJ(IJT4(xs^n#GIpec?NJLi*fGvH6$c0HJ`$
zsTyWXFo-WbI+u#IcRr_qJ=t)iTD@WP-g0$4zAfozNKj&MfHUYSTW3(~<0t{t&~P2j
zZQNVbth!&5yuRZe*TUjSOFXC#t3cFU=B?_MV_5e(9OvLeE^&bZwQIF#&$PSxVbQwj
zdrJ!{;N7C_?OM_Xb&#m?(|=jD!Q<0-TK)MO{rs+p??w0UYEJ}QeIFJBJZS97XO4ha
zZSIk_bm>6+Oi(xmCK2{Uopt7|I2@V9Hj*TLupn+XiOb<1C&cr$5Xq>j`MAm6A<C?+
z0f=z7`6dd;u6fp92z+(oflV-fV=17i11Z&9#NjDulHDeBXvt5oii<AFfmIl%p|k5C
zE_>{*R|SQ*0;z0&8r~<V(|{XSJxu$Vm0$x!Ln!dgK3{BPR(tfjuGOw$5O=WZ6oPeB
zzHQOBbR&z^SiWQE`$jA+*x;TRZa+lcUt`f<0|FwaB~B+8kUnZ<{>J)Blst~_@`U7W
zQc*Rji@A)BL96SWV3qXCmg<w^@|Qj-o&`Gf(IykSLfdRR#R1KPK39B{X~)3*sy$v=
z=()ZI%6Y^#@2S}=c@9k+FsYTaOAR{eWen<}LrCkyro1Z>;+QadNMx%SF}1qOIsOg^
zBbkekqQe|^+WL42RT{@J^mFW8PCy64CNKe4LwEbxyf)5jBVzFEHFzUlxo-~jfvY4n
z{AFc06h8i<?D73Psm-5T>^+|p&;s$joU&M^i@*{)2Ni_i`b$gvcm0pdoWMDP_ho;P
z#Wues0Y6eD4S-T)>6blxNIV>P8lA!SM5q*@gZqo6sK$X95D^c?TVgiLRjMu{f(ZZJ
zP!^C(VMGLdBL;@<jC&_JZAZttgG(wb=%^01Iz4{<p=y^;(Y*ACnY9*;Up7s<O}=tE
z<Wgy*MHTHY6<chD)>f4Q$}E^$3c}eqkb&(05|eUY!+Pa+Vc1ocjK<+HyVJr*F<RsZ
z;~gAqLD%EkOVFGkVt30N*NYgbo3m`;9G@t>u>#}u?KnREJqfyfG4Z7VQx_k%&$c#u
zG|L6(Cl^7I?r}~T^m1xSO(=_Z@E5EeCZV?tH`DpJ9N+`w2|q^gnZWTq)c1B8*rM<S
zw{x^xr81}^iGLbTrs`|5-9m+@BZgA0E)$<jZWYc_hen^CpDTqnH<@ngGWGNkNje!u
zIymbXO+DD@#ntL_4f)Kp)R9oEbc8I49?=A|6|H*08q0eM-)p8PIo0)#N&v8u;JDZB
z_*D6@C|uI^ExTQMkBU^>T$ykbPK9L`QylhQ&k}$#pWg4x`GPx;E9O>}Gv<urZyc*a
zOk3VfH|eDvU@+A2daCJhY-3@%noK?&mO<=JfJBWs=%PPZ>DC_m9076>xckmJLn=SY
zX_JWhUkL81Gtfpu^0CnVXhAkplv)Tbf_76x_q$C39o3Y|CN^724_CV?)p*L+uxpUG
zmIq%I#^KHhJ!wE`o+j>6x;`#?NPMm)fD32R=lncZ3n36TE9N`72lswrwdUF}K^mUw
zJqclkqYD~7v<?#VXQdg{#Q9zEI=4^O<&A>YI2J1mu2fP8xZdK4lI3dRH7*y5Jve%{
z4(fZKSN?AsvI##b9lmFnzEE$30N<a#5*F%X^lUVgC*WU)hWNCKTy*+@m1IHAsx{JZ
za~+nKZ=ay0V{7A5%m0x@r`Ch6F43v+3HuPs_BqItCI(*n>ZtG*=LlGejAcv%+!Cil
zpL3J!s@Zz=P6rFo>aId5iqCzEK3G#Bvo`vCB-ESER7Ro#o@c8#QL?b$o1(^iRBJo|
zWenDIXxN9$3}qalrvO6}bQ89Kd<bi!uyABxMK*=uHYNTx-yvhV+qPh_99MydhPd#=
zan&mvV+ov3iKvW)E~HLt0B*cG##&Wkei*%#=E4ZK3*LhLIRCrKG-3hHP7>O#P<x6h
zCa?y+EIffTV2gK)1KL?j81F+mb`0OH@%+0^F($`nlfP2!gGR*YeXGDhX-%nxc45M5
zs2O8ya~<wNfMN$OkZ!xjEE6Vi>zK99fov9?^(>k<psT36TFXML*v-S@kv2y4Cr^3x
zzSLvi8o_Gul@5H{x%b;yi!GUEx(m80e)c6@fFW4d%Zbx=oPwk;khXL8TRiuxuu%MR
z+F1ni^{bg>ku>I}ImC0lzE)YGO?)4l4SZ%~jb|^WmT87(4ymIaNkBL~3v|{G=;U8T
zl}zVru0okKiLPR3{e8@f#HriWrn3l?PXH0XD>*gDZM0q$I6New(cHs{Fs`xCgAr%a
zI-(cUy44c=;Z$e+mh4NURa4)p`IV*#5)=*I@Yg^eq-*V?a1@~dBoA91q_5~(Q5}A#
zjop@I!}F8UJgJsfQM$=SMwK~3^VN^!!w9U61#+g;=N!KqD5Jrct#riG4AkuS5~sKy
zI90W?-C)2;CD`<LJT!dVZQ+z{<?@OIHoExcq%u1d(*sVBJ!p-fLBUX-vRMB9@qAez
z<ngJ4a!vRw-y$r5t1ukunL^egU=xP{A^z#EVWc_oPB_HyZ~D??2dJTVsdr=*aDmb9
zQ<%4bNp0euYwu*(9bw-^R}luRD7%&$N}Rk=9KB5Ou=lTwwrRTF$+^_+nFbi<{12$!
z3J(99_VM~J9G$|sRByWx-m%dsRX9)dVISQguzFg-N&UpMYRZUYr&}q4@St(oGLVid
zG(CrF!cqhRqB;3N+sthI+qI16k)*wcBbZs%qh0I%Gw<NJHrUFgwq?I%P+qEQDKCgR
z*cyM39;`@XXq<+YIfc`-dS>d?%(lWDB-jOm$?N7s^<v}6Hkm`{G96-7zCRIF{xNf5
zOX`HVtYMsw*F}(l6fyCE|Nf=gjHlX^?%rzusG9;3reS;9S?k<t_YrV<z)r5^V;ObU
z=}TM_8Ns(VyR9{QWMY-ZgyLy?y5OowB4>U0GfK2N{n}sbs@{7N5}7%1Sh@oT$)&RO
zhC_V0bC{|2h?!?A!gvplfWW3yRvRBuG6882C`FFFDJu)B7o&ft>dv0x>O|fzL=qXM
zyT^O0?<ZXjIPd|_`jVGEH-;u1N?yMY>h^4PqnN#?GEN+*z+ZlFm5>O(`R?OV&S?6u
zwvu#@gf;95>CwM7AH$I{Ts~IXc@#r@U2uXPDu&7Lt3=Uuk>vA#kpG7CMtQ*k{!v`M
zIv@N;>{#G^!@O9b`yssC?85$Bkr|+j2$L1@6WuDaJ}-#b<e`wKooSYLsw<#1Z9Yzt
zmd&;unFEK|==90bt==M@kJvw#v>lJHXBS<9(2*2d<20y+*Xh_UjnaM-@U9~HYfr#0
zxrg0wHp-o~#eY4n0kw~@Fru73bPpbI`8x^HNL{=`3tnLudQICuFbq;(Rxql;zScNB
zyC(u<p^cn_LR#DL({w0G%Y+jGDW@XrXq@(qBpOP{(6DUnC;BtS5O(}yI)CK?CziND
zj!Dx-d6S2Or_T9(r@*t%lj0whog<Z(3?h#I%8Xq64Cnt*`tk=t&4I4E<&z_C*tfgt
zX#103%1b;}XY(CJ(@B~ZG|TIm+=&3J`mh@YIYm`G_kZHm54S}%BQPaQ_x?0D+MZ+v
zTrezO4lC?qK5>M=_zM(ycWovVD3L?F(o*PT-WlA&J}-w1(x2(?C)NJNJE#(%oKY{9
z+h>hL)skchj}{Ee-=%{VVtag&?{UDL{>lHg(TvsnJ<9YcBam?i77Fje1*^epZUsN?
zAXc5De(&=zgpv`e%eX`nLnL@Kt7}N1ouz7uQ#2C3A2#j%_HST0Mmq`8r7m~EiLi)A
z2Ap7WP3li_UU@g5y(D<#bR7;<D0H(Pckl9xU$X0ToUiu4k`G>|=(f*a_(IqVWdIau
z%n8cQm?RNfj_k35j3^NUlu75G+@Dzr#k=@HIktAr{U{sREsx_&ei~p(mG-82*kd;4
zPp<15y)@(0=v*SwcKfJ!y7Ch#o}R>d919oH#}6g$Yz*(S2bMbNIAh&G?iRlN$JtWh
zE+VgtHYwq+;-|}1G@_XiwvE&$Z~{acig$YUF8erwY692Cjm`Gspn82&#drOv5e7+v
zciUVCQ149=)ChSHk5NzGgy#o5yNMW|tbdnV&h7dl!9?>d^!K2RCSDCrUFSTJ2sh)@
zzW1|2uTPG=Z~r0pdmINaA$3W<4%ZQc&+m&)k67|`m#t?$uJW>Suct=_cK{&(6dd{&
z2n9&86eu}oV1A*J7NRyuXra&nG~Iy!H5#3W60vw3;_A;(jClHRPB+;mF&S8uTtGZ2
zh|&&dJkYr<2At48w0XjL`oTaw%_HV}q|n}cQ?IPJ-Q4piJ9KCvK8Y(O<2m~}+o{XJ
z8oqtj|0gQiW?{I7|Eb8t<tB{b+np2tW2<7ET)j?yy~UEphYcas7Is3|Pjlj|p^GV2
zDE0_QCnJhI=wdH_L-Zuu%tKDIh5jVV8{|gx_gtDNRqN;ru#pB2q5u)#6I)GHxc(V4
zjG0FYoui}{$C4gMc1vkS2x1h|utZ3V6-rM1q`bMP6b)$$!HM<^=!PKDNi^jp$u{Lp
zS|)58NS=~X(UrZ-lzjMAC@oX`i=_b{XLpVJXQsXRY?o=e6`lqM+eVNTRKN`JtrA#h
zqlJ{N^%Lfx;KPeXyUQ(@{!!>!Yk!E8aSr-0WM{j9|1{FjhkvyhUp2QE7PkN_jXZOP
z)?OzL=}ppT*tP(_YDAMJrUQAIX_b;md@?iEW=gWm(eR`O+0vKU&T;eByT0!37}O5d
zMXK$2=XPPr_Pc`+;O@T15Ne33RV6XJO?RqFXG^3GH&=41+G+oYFz36!_+_qGFhIUY
zugx(#rDN|mqJ#}TZGpA)9=HtyD>kx~8j72nv<7XX=a3P8Wv7QsG4}vNG&@*yO&eF^
ze8Lcqq<cWvVOPIDBTFP1VKqipFuxr$7AqHKtxl1zael=Ulguo;nXzgS_3@MhzuzbS
zG=ICKF~h87CF$GN`D^3YgHg`vfj>2>>mE%wNStNWI)=DZ;`x)fGR>Xd&o8uL<%wxG
z6XK4q-@&F4L!oKDh6ak17_k~q0V;uWyka&{kjYdOcGT67uvW-&LRROp#Qi9}gpy%b
zr9#0=noKKwsij%M6-@g@OJAn|ACks;oELf3y-ONaJ&SSvF(M&^**+(Hb=9V<Ygmu`
zz(psPHlm9L9f>8Z-$sz-)bOhiUxqVC!E{9ahBf<8eqO*O{ql>G<@3IjZb~A)kN{g+
zU|m>LY{QZS%l5p3R1~<?t`hPN$MU}1w?&fJP#{@E&mdo6U*13ysZ8Xxr9h@TyBGlR
zjiVb^N;3XMf%AuSPjh~iO~JGp<wCjg63$g9znf>)6vWceQyyisRo>Zvt%!Ad=z#QQ
zDZezAl!sVuRhqsYg#Y10`^jE$RUk8WHrA3`5A;R5$g6z<5y_+XzB&$iK!XK^W3wwT
zX(>D+<&HSplPEY&`n8D83wgR`l*Bp#U$?~+Ul3U<#yy-0by>KBbdDr)i*#%29VPJ)
z5JLDmezewOAY2W0!2l4vT|l%>Qg5VLR9lzQ<(-q%CT*-|Na6r=4OPVx7Oiko;A9^U
zz3ppZ<j2>}&z?J}bd28x1s~I`e44V2el$NEh~$6*@zvv!S2tZ)<9~<q&jpviALIvv
z(LOm|de~1zNWBHqU{g|U+4Xj`eCl2G>h}a&nE?%J>3Q@;bd`)st+GJ)dQaMaNe#@s
zYWY4+u<s>B{ms-Jg5N0-_wA`mryyQGNqvMta_KOu)7XEMt{wq|S;EvSw8U8R+!mqb
z8J3EOwI3Yfr`%8S5Fnc=FRsW7YL6;%ek}9Kp-!jDQ<czKOgS(Uh~q2ldz_`D75kIS
z^4DpC1^;c$9&61z4BQy8evcQODZpJ!Xj9!rg{c5*4%QK{f|Mcs><M@h_xAxAs>AhP
z^D}e<e=1>dR{?Wvgx&_7RrrfZG@Of}wJymtgT-v<G%cOv?gt6mJdZ-O-5Sg0j#-+y
zXpyCJ3H0w1ucKJ;siEx2#$ioLDsZ<46GHH&*Lwwg1ZM3RBi`J5EL=}#nu^l&8KBoj
zo7rkgK9Kfkq_Yb61(3_%FL2BJKp^Q$Tr-QnRh7m1r;<Tc#oRtVb?SR8yIX<Mw2(Dr
zEyg65j>HS7cna*8Vu~@AR+wj6Ix=(cC{QFf`9S}xHR_+sQG%Vln)B;*4>x5AQtnCh
ziIOE~7dZ|nMkwR$-ec<*bGsJX$xTTR7;Zh`>)~mUw5d2o-8_=dxitg5eFut7?qwNY
z=rMJu8Cl#k?Q(Z-S<-B-h$oz0&8g@KpxxdZhslE$AT_!`57rbiFDo#YQIF62n`%bV
zcU%po7hRdKPw|U{+3hJk!-A&%l7=*7{fL#wYv@33zAko(=R3oqHxZ@xg9o90`O_qn
z(wHeiD`2>&#{smv<#DTd?bjjL4V>$bCgAw&kjVYJ*gprt08vj+Igutr9}=F!ye1-?
z8_GF>-9mbT%mG@8a4~^jhB)4)U@^K}Zq!*?pBCa;rPLudqJ@{k5wp}9UtNVq)DM2C
z!FiX2N;z*qs&>N0ref6PTaNL?zD6R9w7*iiZ-zRBF-Ch`adjgb6(J-wWF)7Nrv6jF
zJVDgpW`!f<+~%SH6HT0hYUW-O#ho!bs&$+Y=a2)5$k>)-ADNH#el5}^Q*F|kyaw^A
z00LafiLWadt5Y{ugir7a1;qC61w&Z24OofE>4}~j0a4Zgll=NwT!0C44n;!h0W&4X
z`3Cnhta+*FUp|$0w(RM%(p(A@otCQNF2e%~-dpR;1PlM1A20p?zchR1#xsWCThJfD
z39cqj@&hZ>$F^;Ny6A0-<ko{amRRdkdORx6T+*~(O|uY^y^G|Ih1ewvLfoWHg&RK}
zU4k<Qi)*pywcwsIh5;PQYML`8ku#>K$l8~NBoEn(@7g1)LgMh!@xM$s58r}as<3yT
zE^$iJBS-R%M2mk<T-*TE!<HoBIhSICXokda@|3?EUJWoojN-nMWciMDf|=QqL;qRC
znFbDpDnU2@UBGwcGNw|mbt-O>!vd_6-j3s=d8&xM0~i(dS{MI0RPRyAmR5MLCVw8x
zF3OadW3io(p3GtPtimz721@H_3BLm-jO5K#WjpYKf(7_?wjK2E=?^Ay+@9Gc_%RyD
z?P0C5pM$Nk^IVMb)j3{4c7k-TU#E~S;d+=>q}P|8yTzHldzgG+UZi&xd*Bp3F|4Ms
zhpe^F<qds94V+jKaX>H@4*t-I^NX{Fs_{pwCa>AkR%D|Kv&Jl7RF_+2+^Z{=TD3w<
zU|lG@)vJB_l0R>X-=j;HQ>;e7eXw8mTdUg373p!a?KrX<`%(RjFAxh7q2a972&W2_
zdvetxib(~n*NzB>G_$s#xEvqJyeR3?BE8y^bcL*LW2`v8<ey|qh$!K{nj1hrMQwHO
z$<x5{)l<sF=utboeAsU@6WN9F?;YAHe*0$(#~YNrFbR9om>tp};NwhEcbt&Y66CC)
z^8lB!L;}CGHjir7Bp_bN%=1o7^lhvbzLQj7uCO%z@k;q!p|OT_)I8rcH6r#$AFY;@
z@M#)U2!tQ2$`|0<s{#4d#n$=(*8PC8^V#DElX=2A9T2`E(rQY=JIhW>r9cV^v@S7R
z5DS+Y+ABp2vY1RmXUmzTjfc0tjK?l^RSbOiQIlXeY?QrK68~(tSn;H|5Dqx<(W93+
zYOu1F8muFrsz3;a(;Tk2q`bf<7Yl+`tFcZaAVgNA;(r^#VAN~vIijbeEx^mCmVJ#R
zWgawa#4M2#av|G-z<y00Hm{K8uf8sC$7T!<(>flg1lu}$^b+?WMo`WRQJa-%XUMIA
zLnB04Z}hAD+f#*>+qk&58)ud)5Fw$8OSQ=gGYs)^62T8S<AyFv1#?P1C^Il`VK60k
zUk9NXK@sz$o_)*z4pC}7=Lx|Vltuejd?g&RoYXlD<Qw)StMVFYwhI`&E7$A~B4w&a
z$^59y#evdfv=$HK%Zd2C$9;JTeU~gA2Z|rj!Ll_!VT~+k8@({<l6!`5E~)?`qay~6
z9-)yh6e(oC&r~b1W6^DoYQ(J~iux9cY}asrzSqMWthU!wViI+4T|u9=%BJk(I)?pP
zljrZSlU*RjkoV6ROG3X7@H3C;rki}def|b0gzdwmw><jDQ;$@Bmy3h`HQoZnUNR%1
zoo;avr0e2>d%ygH?AbR`4Laj}KqmmmX&RNW<XY)3?v(W6wZICq1-0ZbT9e!O5q3wg
z%x|0I&Ln{*TR|pR=K}G!RH|;l=H*D)o6YdRnN6p!!>#Qd{1<fy7)!Z(8SIag91z#O
zMWHP7J__#6<mx7GQj6CO!B;cFpOWym;Z=xJROBf5ff%Kj6`CtBa4ct;dCa(p90=lL
zaD~ErPAXUh5{5+dE3mye2{!7|)2wL=fd@XT2XVY;2+Tnsl(@O5w-3D}7S++MzwG~%
z#ZMH;J-MxF8ItK3nou>hf)5xmE^G-O1t$CuKmtsll>%|%)GD5(qkj>UFsq^-eIu+5
z0Af-&i+4TO*BEv2%vYvKNq0R5O`N_-RrkG<DZfzmOMAN81yH20-t?4?8^-YT^Z1>9
zdXeX<PQXx?u~zm{hxdIJ^^X+>y@u~OsF$JhEDtA>lp55{qRlJ+u%QQz@OE71m0Gx4
z(TbY%l;D7aKterN8~p;KO=FrY#xAQz2=%s)2^)$lIq%QziiV6dEj~qCpKrGisMkcD
zu$L^~b&-SP00*!x6AYRhFKR41PttP8!2Ch$E?82JH{B~G=)kg<(a*7-?1g+U`XVRD
zT&#<1fS*TOamyd31JY|y4X0J83^w1RSz(i!(wm1Z!DS|g-298}bY?#OowY?cJ--Lq
z>49WwN2w@S01vf)!KfJ_zI3Q@T!FVay8N!9P*En4!fd}Nd)mRH4@Ac=Ye%dDd}}}n
zI0R2Dsv@naxD8@4wseLnAy$6y83^wh@d9J^Cwimvm9O2U*YxWmi1t5!&vLKr#Q8Ii
z_1Ll1MT2t7x8DUWPyEqFvf8}zQj|1hHyf)dY;2-`UX7!}<y=q}CUP89%dZC)9xQ{h
zy1oDx=^&xAGSK>{JIeuvE1uK3h`<xoiAm~Pym6<VGJQakGo9`1rSV6f&B#%u^&pt-
z0<<ySeoZZ(Y*DDbW{f7uvyik8i?Yq=nG{eV@qGk3u_x99WwyXH_Kgki;p*3S^WhJN
zHC$1R@ROaKpc+kFlze*%{%H0G3(xA`dB~#dBkeQpSlW({KEiYJ^il4WRsJ&dzryMU
zjS`?(Wa{_SIY`1U`JPu_l~g*#lXXyV@6UFUb~*Z&T2v9CRO!oeO^kk>3$0t7`Cct?
znnW{IlIFJ;39MtwUO8L$h_2+*@5H@RDr)dVtv*R<QDrz_QC8V11Qtj1=DYdXD)Yu9
zTVmy&ZC%hGYF`dDz{s+xe)F8&Jiya<ReccLOl7T#(j@QfsKXN7w3X?(CjHFr<QU;u
zIoDxON^QwSlEt=i3h;}bkdhuynyZyuY%s@ymH@MtHwjs0y2;n<N|i-2{K*$=$vvVX
z@b71r{vY^=#A#^!_!LyYQt&zkXGot}t4QL-zfqEca3XYi2+(!^C?w{_&#G+7GcQH9
zUlm~8l)tn=ToB$LilUaHeSUT`ESqT897E`=A>D8+el7xXI6(z}Fl<ZnzLlCav5{pJ
zo}`t397UnjwoxD}cfF(utt+z=iOPKHSg^1ccxJD)f}$9+Xh$4df251<Y=aW50=FDA
zZ=9w%_RQnkzq^?6`_k_jt%nPwn*UUJQ~s5|G(^nQKs3=u<%>*S)@V<L1su*5_t-_U
zOpN@Wx3ak7kRlyq<Yaz;M*Z{BFH6-W!yE4<jzibX+CLhYDg(rEqYs@j$<rPM9Sbjx
zDntx@bXByPAzqf={zGUBl&zQ$jfo>|Q`rnyx(lyzXFA?{b$&}Z`oBp%=_A1!v8Dvm
zz0u}lmri`<_wO-Zp&cSj&^-Po2<m`Yp1o&r7FJp_EV`tb*ld}{Jr}~=K+L#x1c9!k
zQ3y!QsIBrpJ0j++Qe$z~3yo@fMb#7Is$+_(!xw4kvHslrRtxO%c3w{k>tEauh5Hb^
znb*Dc7?1je1`2%dI;=_pJE#r7GkHcsRE&njDoX3}sG0%n7CVXAcu;Vze*WEaQEt-A
zQN6LtAgsc*sUX1S)a7y72xNpz%SgD7F`XPs#-%H<mGhWb^+UWWLPs+@i8j8$q680_
zA|z&MG~t=Doj^;voA}_*G1MLzK5y(~aJPpS`RVN?Qk%8L>R?Nw{--S|YoB>RVk9B5
zlQ<F6n*HCMNe9d%S%uijU;USK7waO@2doyy7?Id=43qWr;m{q7#i%EXm%@MaO|+Cx
z?D(jhUrk#`Kwco)hi%UV99BC&n!h)v{W~Dt_ocVDar&aev31O_k3NigqkR@d@znvN
zj~5Hn#>X5LKSaKal@f}<lR2E!(nQDGdM!n2^zkJ&`(m1D^@z5NvjogXNmjJwheWV^
zRY3rOLac@E?4KLe<wRkwVjBm9AVdVjQtg7Lcs>h+JB@T@$8ippDW=f=*Htcb!K+u1
z&ZuM-)puSQco)MV)bS8Bq1IM^R5=55hw)~%JNd7;Is)|S9dt>}E9C00!E(P@k=ww5
z_;!ncBU||8l>hKPFX8F;6NNECi)8|H6!1J=j4;LYV;Cto9x2Y!BUc6Df^dX2^6c0^
z`Z{SRc!1Z$@|6a%*TBYPap~dN{;S`NT%nM+j_zIn5Kjs#6+jfYcO|?fPg*7AcM6mq
ze(GO-<PLM`6ITxts=eD)I~P|p75;WaUz#?evf`{I4~0oDu+8y-;nO{?lbj~uM5BuD
zCf+g-Jian)sd}DL+P*f|G8zW9HknzqDS`+Er85O*paW?RuZ5<q`=f)qcflJ6e<6eq
z7bEBR%fg;$>?QKO$dL4Hqh5tE7G(SzDs7qKGN2W;wMPGbY^3FB=J-bQudryD&T1Jo
z;%(-XB=^B2n3$+$X(~QTZ$LUDXrKlR6t4BMPJVzuuhAo(Htes*M~{?H&bEQ!wJsw4
z{HVg7tt`+kz?+8MDLILN95d<1*B6F;p-JR{XU<?ZBTAyEtvM}<NT?X?iU88XnQJUs
zTgAxy8q^oj4jAxOsJid`2LfZ(6%^XvCwpuZ+iK;6)v#&c`x}ukFTi_q_V?kWL^McU
zTt~~$3{eTyv7KyGP&q=yP^QKR|GiK?{bB?2)vy_nP8T6|&kxvxq6@4Rt^w(17yC-S
zDa3rHcSE#vK4pqVeBuR3<@DYREg7u82E1IQm(q?J$ax~8*=6p#adEBiqC*CqfkubX
znVDK!We2Cl?s-J`8*EOmVUlQXD*LfR`G)R7LIMv8VRPlRSAFM47t#me4O`DL$gzU6
zG3Zm&sEQy50xn5!U>5nyyxf95I~{;tOGuXZ5X9GMTeQrSvC8lSRMyCdzWZ%aR&OTd
zKKXV&Ge;n3jok!XzhpWAbBBb1!yTb9fW6jr4n;kI4}0*+8C}m&SD^2USC#%<;yL=C
z0`rQDzhV9W6bq-qO8W<C({r^MN{&i4iR^yn`OD;^5DTTnD?O=Cy5vW{OJ|CR!KR9l
zZXNnGhCn!1Kn}QI{iBZqB9b2v2PnY2@O1#c;mfbb#=m<225KK@s*EDhgVXra00#4d
zyf>%+gvsMYk%CHuhGmsBHr~^8ItrYZS@xcKSA_KA0LySpb$R+GxfjYK?F%G+Dpq-l
zT5B%K8jePU!1MtSXqOB0kK3{Vh^KHD@PT_i$Q>3~R2r4+wp-9=6_G=+!~shy4EDz7
z5lBT94pgK##R`w82%8L;5&2w+U0as}3_g`Nu==yHH4e1p1N;y_&Vh@rif{kxzp2l=
zgHMA9A$0J@d}NhOimmiAtC*o@h5(QF%JzuOy9{b7KA`Pu<VSKLJ>&`O4ArAf$Ak#G
z@#~=l;hwC;H@^dc;i1bpk;yN2FdPInf*#{g7m2Z^FntH&7I5MRPB)e4_$`p7h3M*r
z?Q6U<$oIvo*?1W|;qA@_*I4|4fp(VuC^&E5Z_;T(=>Cy7D`d@q&REx9s%<v@OeY&#
zsy$UU@EJ#c&uS&@kN;fkdo-;mw7dcXC7)T-tB-?BRmXJ@(NypDGayCLJ$fu620?Ew
zk$NK#IQ<2ZxXg>fUl+2pSc?WzkqtbY6hGLp)djn~LW+?Lrd6>B_bTy-4&M%(R(}40
zC+pBdkvDU5!!0?#^Tnk=iSD<X<NF9_+?L4U?No@BB(~-WHb;}K!xGJ`@%d72ikDOx
zY2g0%BZ1A2APu*___y^pwR9HfP5ZELwwwEy#wF?>f<Hlv7&H8EAKN{{oZZ**Rwu~+
zO+0JI;d$&`@Wlzb8lnqN0W(J12&*6ZP!DR^pavM<N0omE=pjNj&Ns&%`5ck6#9M^t
z$^5BHfPZbpGaODhuD;o{sJc0OF)6rBw6yaNmutEV{Ai;aBF?^0&_~3v4qYY(X2%r3
zR~X<P+IqHrv-(4}7yED1Q*7m+;Jhqc@d(!YMT>|r&c+tIN!+6=(iGxtbax;seUK|S
z=_}kak%l!eQ7=3n(u=8gJ%4tsEH%fx+gB6~b05E{^bv+^hSdHa03t!%zWf9%27U?U
z7dF4|O_T8S1>hI#bPqUB06(6mdw$J{j~)U$7}l_iH8>c-g53=;czmu?5h*YXjFMW*
zZ{NDclY8I6e|-57-Z=aa<Gp7Xj0c!eE&3;Z5Lh|BUa}2Kg!#1RIUNO*9WP33m3cT?
zRIjU@Fdm;8Q%DXHW;;^`>lgV-`UubN3&Vkwk`1PiZ-^p{DI^`7*CH4(fXQUreG$Jl
zkmY{Y2aJg{Z`-!e)c1H!EzpytM~SHjJDL%@tjInE`~<>N;o%FwFW4!!&3C^kzVd?~
z{AG}z1^!#$;z_r8D8g-pt71bZ3l{7Y`YZ|=TVVF01RQ1%VNsr*o#CgRc@>{N|1kgQ
z`498>^fL_77&D46gIo~axAMOLLF)4C(kz-TcM9ZA8UX1Ln$vzqq`F+Y0qmV>v#BNC
zpFwK5HMqi4^876BTk7?>QNDTPPb6pgEOa`JRMR{|s^`f7JgpN?>GI=J{<8$w#xPyo
zy?Qod@znpY`R<V7dB0m=-hXhw-!||sfZxtDGEdYL*b~F97=o;OuwbX$t0^2tC!K5%
z877SQ=<VzL;8(trUz6|V_Uu9?Ha(3|tBb&;qBW=sV@57LU-@q#n&<t~wl5q0`ix>r
z{1uWKtxc)tKN{o~Jlc$n$5;P&nez;GPXfQ0CElJ98R5yvSw4PigF&v*M?vUP5V;r!
z)H&Nw)9ehO?+%8+roUo?1;$kAJ-n9p2O-UMk@r|xif00R2>3Uf?|#!kxY+^t1-rlO
zlfXX)zO)LDAO*G&4)1ibk%rezW2>|bu19J2w9J)qLi>@sc<gt2EVAUba>RYe3a*c=
z@cK)k_cs@LFNLCw!9-bvA&Lg58L*k2;qQO(>-e$5zsw({FDIUjum=;;S(1ysH{q6M
zAXtSrO>jx8ESF3DX~*ADaHO^zaaWyQt?f=Q>cgi2?A;fpkQ~O$cBkm*JkO0^%+vcB
zsY{{NM}@#8ngc->=s|<dX0Xor-m84kivE@dkWj6?1P*{5l~pa6EATnsp8!vUPVit@
z$ijPoZ1df3v{!!cmp=&nGvL1l&YpCeGlbh12BNH$<4m8?(Wl)d{`w#B{HDTXFLMG3
zaZ@m~-=Vm_Z#%}NzVF(`%^&IWyJC{pp8M7w=k2@Zas&#-rfXL_$ND{MO7D{;uZ{G%
zzS5pfC_V1ak+0Db_vqODx90N}5!8Z+qLPWlmn@<p7!g!#>0~B}@GH+<=hNdq$A9tA
zC;5i>H@OsVk_=PK+F+jk*>o~Zq$3TEtG2xBce$3L2krSyA6KjIuluBp29S4O;=a@p
z@6HfaZs{35W1o*HBJNQk%I>6iMrNMs8P!3dqv>}ii?Di(#JF+-`#p}a@J<$qJI_Np
zznUoAMp&VE-Ywv#fDdoJ`;B2Rc~I6kG>~sRaCYSffB99w-vi#fiXqnk7eu*&28oAY
z!A_F{YHb$1%A-)K7F1DdQJbRHV$<T^7)>o{lCo|RUU%^;ykYb^ynOIEBKDB+h-htq
zL`My)(i;@s<*RlFcr1XuV36#`Y=8b1=|RHhhOguYZoQTLL@<K^W;i4o3^Ah-(Qt$r
zj);as%y5)_Zw6&VzN`f-b^VSJu-#L@Pg)iNSA!WB&tthrV5)FKvuNLnp70d-IpA%Z
z?|$PSho|nru@Lcl5Y6yulz#xc805rRJ}t0^u!eFT+bl!6OrT`hfSVjW*tq)Tm{aK6
z-K)pk5JWsR*X?c`bLE<uT-G6r`iV8!zxjVQf1btIOhQ5uL=2Ne_{AG9<TGck@rJXH
z^ZK>l<=VlMBymbK9wGyi*Clx(ebV<JPlGgp9$}LJ>>g;d5bwn#hcRh%hG)*bf}Lk!
zILO#Kv%dji2Km1^lcyMrL{&M5oYC`Ga>b=D8q{9Vt>edL$Fw7HGJ>?P41+Xhil|Sr
zrn(=i!Zxt)BRM{?fk{6F{DaMR1<)6OU$Fb$HsAS1d*z3I<yV290saTz{7JVN=k<O=
z3>%`yL(V5lelN$g-&Hx^r_JOP9G9HJ>n3;an4}~a$X=;YM6-Vpvh*_%R4pdoR*hyf
z@+RTQ!!!Ks?A3gH{3w6+;%E5g__r9&b}{3qjQ)x7rF=@qHPE}<DfO6s7C>IGc~`KB
zCE1TTeD(lMEw>r-tJ{wfMRTc!xnx6LZ<~WYk(}s7O!gjAM)~B#NL}O}8L*CXC@}eR
zX_oUDwC!@3#@{J$ps<s(d9KK|Kz<zfXn61f@C)|f*iN3?{SClhSVe<}z-@tnNM7$3
zELgC69n2St)upbof~cSfBDq++3MzscgW9xY03AgsaU%TA{-b;~xx%Z~9^)@x{ynbj
ze4N3W#f&2cYf+Z|Dbfsxl;xrbcMDkQk-rS~pyEBN*w~UB#LR9_nBJO_>?a^Yb}zh?
zPk(tWOWhn)|B7_ZGOe>r@047$-C^<!+%6rp-ggLIOD=$Ak4c!SavPYgc9i-B;Gb{4
z>kWa$GXTF}4~lKR>kWG4hkoUcph)@T>sPT<x39toxNOMk{j@gD_RaV2Qzzit#@Ckb
zb2^Tz?YGk5>-o0T2EGv*xM-x~^S<w!=DEJdK+Cx-!!vVKE}W)o-M}Byc%S>U*XLSj
zk9#9M`{puEN1t<{<61W!Zy^Y;SsGGa@0Y#LqI;qS6`TDTLB$Y>L2U$LFj300vEk<I
zrTo$KA>Mr9rF^^n4aVDFC0$Dyu1A=)jHKd7z^Mxu-hI>;ELf$hs8y0_Lb4Y#-I_4l
znW1rtwL-#>y{oU{m!^M$M6#Ma6AduYF#n5?!Jq>AFj21YCpA(RQzOJ`nkbtlwLaS}
zJCL@u*)=$>8XVFxv9$cQqwY@xVufuBhpXe-&^*fb4<QJ(Kd@^cf!yW6wktpMD;I#j
z0sJlC>MGhCif~on{K5j6ws@;;9=-HHaa~A6dLl9H`2BIrJlcV*I6?vAG7O@9&$A6(
zwVhAbvG+kveULRBj>WS5O_w;gqZX{5bkU#mSdHlTt>$De`SxmUN&KP;<fJc)<S!|j
zB&60dX2y%gxA{w#KFP}_zr{wh!(c2#;~{2f8VF#51v}+<&nh;tq=y;co7|cZ?@Yl$
zDnq7bgU!p|$ouzR#_w#OXWOn56A=vtn86S;7$Ad;+$9?2WG=<$IXEoYK228FCnl(N
zEsq=J4mS0J!+N%D3T&saX_aJki$+fY?*o1^MEe5p3-(}xzZU~P1pGx{xQaH%0@owh
z2stQWG7dw~DfD1-O}bn+PF2C?N_AE<5SXT@Y6kd<_eqk2K#SUhk<R$j7jN=iqu<~K
z>1Wx9_AuiJvo;_aMsos~V8Kr9vyub8SxUSgGuxdp+nSIZ&M*jZbcXH0Wu7|s_59-Y
zOZepWI#Y&Nj1$=#<RC8tdeLxL0zNYs=G)}k7g~SE#pe0opuHpRLi~`g<#!fg&nh=k
z%WQS?-xT;U;C-9#dc)J<!F+Hnq<RJe_yWlP0Xz=8rnwUN_-vxEWg#-cT5#+F_zQN*
z?pe;wn}fZK^^;uZPeF6%Q!N;iMF5S-YXB{zDVhp#YWTI=kMKL@&+*+?zk%1pAK?Y|
zD~$GcvFk(3`jBX70sstlDi=p=tR$0!crPa2oiV+2h|UtC!I0_NHJ(Z@^Q8;l%)h(!
z7@z&)ENX{jntaAYm6T2s4NEx(iL%I_3?j&hUosZY{P!Y2F6JH{oc6hADLDyQeAmT8
z<=J3jmD?6(y0Uwd0KX3W!_9YnM*w{fdbbY|zhD4Y{?4zS0sboRF5r2qXwv}a4O}%Q
z3p3Ujl(j*doja5QT1?K<oVBoR8~>o*RqD4)IUPL{{kqO$*?CSo%JrJs?vtP>Qk6C9
zTc+2Qc-WToN=GSO+x2QoB9)${o_&&EagL#2&YbV3{XTY=ZEC9vvUq&jxvh581{FGg
z+5ahOHLnF!thE`~vli>7fu_Zu#ij{qn)1Sp32#30X})gud%S4)6vpmi&WwoGhamzO
z>=b~#Ong0^W$c`@?J4noOtLqHI3Zd;%dO$Vd@gy2Ki>FyK6vvg&mCq98&R2}S%|Sm
z)remdm8qU4igEy$6TFx_)w7KD6=|O0uZEBw6Qpl|>6<Cur?$FJsi1V!zaQJG<9x@B
zrR>X!vo~x%Q`k%`+g4YZ?DB`edx3ws`Ofc{ga<VMzi<_T72xk-;N8Gq2ga*tGZNvl
zfy+jS3hMYSqL*ceMrfF9IwvAsg7KujuNJt`2PL$Yi}irG<?nS~Sg<sKiq2WedX+VH
zu)BD-&5ut#*T?H@)V4ng;#SXvb+3{8qHN1|4qc8>!#!{Gw4~qX($vR#Y$IKcT|=K2
zX%G<4DL+**V5oEYPc6{CT5JviOTecY5S)X)G_MCtN#g{y%GaIS<+ahL`9||89_I_d
zA<>yNqH&%A8U+9t>>k2<IWuQ^m@wO!67SB44-(S-DFY+u*=u}J9^*5~qdXCP4IjC6
zp8c5+MUqQ0n0akp)ByZU4*UubILtNtN~wo@A32j}7WI>E60W9|vOYX8bga<zT{Wa-
zE~aA@vd6;dazll*ul9BRTpIV90-K5DR;r|{gMGWe{|@}GoA3ON&G57a3&1Z}9sGSG
z@FTz*SCtAp61W;gTrh$JXD(Q<Q|kRvsr#D~z7&KodE~DEfoTQ=D^b8C#il7qnlez!
z%hqr4>cQvvmf@#)H2FhRW(+pgh{h3S6k!G?0Ki~(t-ssUl1@_My&1FHGm^uY<RC_q
zgeV#^x%@JIZ}KRgoIb)A&0~CSXUsHJh6Bl>b2;cka`0DxxG2IzCQIqeB^!+MdQRk$
z14R>M?7Def--B7(*O!@;JNGk+MZvy162Yo+JGI<QQj*oy_5Ca0U7PRxjwixH8;nrn
z7tCXy0{&0n`M@hyQ6Ml=xMeK^5zd(C-u2^_8R&!E#}3~K^n+FOE!CrWJ?`S5wC9LP
z5gp6|fry$+@Et{LCi74*fvT~nHHbA?I%sOL?<2#|MrfMw2ZvYqqv*AKZ17TEJ^BJ~
z82&yNZ+(_%phO!(1{;GC04@l@2Mc!WkB~x|Mfc)^gm`DlbbE@OrlivpR553-@YOS~
z<b$`a^OfyKcrv-j(+3feKokjUgTY*K!Ab8lZklHS@JtQ-8CS2*RHA%hq>T2R1n@h`
z5Y_gZlNs`)74R($?)rY;v8@98R=JhhRf4`0_yq7zfIkjTZ?LkvhKOIVx?TA@zj_Yj
zzsc+U&a9*(0%whIZ4faw4e4!e>fJ)>h_lMqmBK>Dw!VGRqYmMyC*GDmC_USiC3Nii
z?299+EHu?`9EW0oEKz{S5-JXT?@?bxkfYx7lkQV2*+1k6sv#clu88=}YXOVspJsJ`
zMe1ix`eL0Lz(NWlPEs~Z$|JJHpIZMiZy0@o^V^?fI8p{10|pxr(b^ybfI$i(*s&s>
ztZvW7mgF!aYME_MNDdNgqS#bX88Ey25<U@q9Ut7h!gG3=XJ=z3sbGu{nR$e7o|fs>
z^SQt;1A8Xd;*-Ik1bD`c@R<lP<YX=d0g}nHJEa<xdeHp5Wg~LEF{Sj|u9hBpkXmlU
zDf@P%_hA!w59p7Dy1rlm_yy|${{H>7JmvF02S%%C(*PF-hO5JfL5Qpc3wD3_&04Gf
zt4lywJFojI|5B$8Fav-#O-WPBy2M<RJ-%`LEPr<NF)r<Xg7IL+a4eYdfWbJ60!kzy
z3K;ATz@B2`lw^{S?8i)RPf7M;G_j}}5;er5^W3`fO?+_g#r)3pId<7#CmEn*fY0Or
z4<l7z=hoyE^?a2&zgk2uiV!hb`lpyusJ#$qFQa?L<oHDH+I2f}uubm*0cjl+FMHjj
zJFRr4%8gmdZjxeGcV-89=GOObzVq96!UG-5wUFu=tYJW76Zl8D#KY@XA@N{=ozyZk
z!o|UW>cV}og12~}&7r0GHb<F&mJFG-%>lXuaZS_bos_37$Ll?|j%(vaTIJ3<RAnE1
zs9R~9Q(KO^DZ1NreK`VqT<1NlQPt8AweC9KHWHh@pY`pRbPzqXMNvKNX3T<f-9NGU
zO1!mT6pVm1Ac~lb@I@m>0wRhaNs%Z;(v+DsJd+N&ad4jB*nf;~KKm_vXY|`VwEIcU
z?CmocOfnLfjUmxmUJDpWNYf71`7GPiqIqO5*-x15PKkG?Xq+Mvk(e>NtTDOtVm`a}
zD&BwNDo=fB%#0y1834=Dj^|Oh0_YhR?B$U=a=?ch@hib#o(?LxHlJ~{`SSf|fjv`#
zkc`ho7RT?dY?!{!eAh5+TIQ`DQ^dj;r7b{h;W)cEquan+kK<|-=xf$<NL9I=rtH}i
zySm{g0e%_yF@)XlU<X_1(jnp(tjVtY@V_7DqV7Kcyku4Fj*M_^FyP!U!t?=4T@xA&
z6B|99TRI$TI@rgSc~46!V;^Qx?vQeumN~62TPjPWf6_9^x7|DK!&2EaaksQ5J??2A
z2S)EOrSquiuwItZqpg2*_R*zNXI;_v{9i8tO!hBUa}ju3rhIC_0Gg(mlb$A^DFYkx
zC(qyFb@Fkp-TpY&2HTvGJ!A;x%#c9=0*6sv2NlNmV0l+el{8LCCke@3!fbCwvOC32
zVvI4^(OGWU4Q`Jf;py|Q<d?Uf$7i-jBn(K&qIn{w8lkKF<*A%`)UE)0Rgh;KDTd-V
zl7l;O>iA3<<-;)7>B|90V_lydVH`W%3)jmn;B{>zJr*Hd_G8HwvTx5~ZpJCeYW?g_
z=4CqX-+afn$Kfdt7Jy%{Wx?MC;J*XD2e`1RcGr#J`r3evs33c}lj5v9-R2&j;2y|F
z_<=p~`{LSV05D5@QoC6Hhb>Y;(~K(Lrr<Dv79g+ygf>mGZPJt%u21;ZwJ-44_V4mS
zd4?-yiy?c+`jF_%h{1S>tYuNakP7+$f<3EQ8t2TGES$+fLcBXAJ&Z9ZW_+I8(Ph4z
zUSjj?%lN(Yaeiy-4Esq|Lu$xt>dMHTSpafUtLckM;1^YY7rFZ=K%J?Ayqv71{Hy?b
z1<(_@H`g-sUeS-Qjd?=GKIM~S>b=WCBXRL071)bYZp>yJT3zKO*v$3%{^{mBzWp#f
z?ZE=@3wBiS_ZaZEfxir_ud3a1QN;DNA!~!EroR?|U$AiB?u%=eNBpwa^ZLIM_~j8m
ztC;}2ul_Fse)G@LG$pmlSW^C@vp0G1^s~Hh_5?2-KEp=*3=9=>W{qfl$Y2~14I>zs
zkO_L<BE1~!C6;8Gk{rgwyD{k`B{`U7kv(gP*3YoF{wSZHUgoQV$N19dCH&^?3*4B@
z$ytn>YFPrmsH(+Rug`NyT*Ucaqy%^sc21F;u*G5LtiQ&QKI+qP`-rwLqo3O+1LaPL
z$to*Eo_#M3)cU3XEwk_10nKj+hiSrdlbHQ9U1d+-%^5s@X!9N49`yQxHCm|g3)aV;
z&IgpoL0$($t7vpDwM22kwa73sCa;h3%tmF3g;oV?Rmt;VS|&5in9y`FRinC%EdH)C
z2S~%ddwlM;T^E9{r0vxv7}Z6A-qs1dCQRP<m@7i?JtP6V`|t?Mw-wcwjzbeOTYhid
zefh4b`(DZF$$B}9%WmIryv2K)*Rr|q>vbu07QV{AUDu=G`n&BGZCC|koMWi9ZEfjX
zmTlG@CDrC@)92YJ+7>~qqIvtGIRG4hXvX@fMiH0%MI%U4G>S^#Cq*<cO))klvMFgA
z@oRez^K14YUNC+QFE?N2`N<P}Q}h)c*?EHG_73s-C`$uf9}tZqWN0u(`rr3p_a@e}
znlW+Ca<I2IBiT<#rzz<)E+c!<`Z*@oUdCr8S9l`6$_-w~AJ{8=<#q%p10$@hxsnNy
z1N`c840)uk0r*u}Jv-7ky&x~^m*S2~^?GK>i{+(`b=+~otwpboKgIsE7SZy|ujRNR
zAhtR_l-p3~y3DsN_GL_Vuqyd>9@Hs5peT!TqZIlv)S__iSSa%v#ClzzuNKlhAJZ^j
z6+VV@tkcx8IZHT5?JC2aG3c)VKMvdqBS5g$C5sU83)aW3{P3@>0sjf`gTRYd)vgh^
zG#YSiJR%a)?&OxQyBIP&t9`1q!tMHZp6$IWgwn#q;uhG~oM`dvtp2&S$yi8-jzMkW
z)H?9+kdXL}uXVMxzK^!=o&9>x!?!Qba&i+%OjA9dNWa3&qmtQZM_p*2Th&$z*-Glu
zQ_f@=Ne-5%(QJJ-8lE4wy<G3FbP%2Q72$U>r#^e{MEq2p8o&Z1W}@(EYKg6KE=qav
z@D|q&pX9acPw`6qJmbATMh0NUL!z7&G#W>kVP20F6}42s?n#h`X86G>8e7slsyEw>
zNe^OdVzILn8>a{mtzTg0;!FAD^dUaEf0^5B5Ao&XB2OI*NE8MJB4c{g?#+Q6^@yL;
zQ$3|t!#5{pDM?yN!WNlpVj|UaPLY-ewwA)UO#SzfyvKVm>7qATjd)Wud!MWL2f^4{
zZcJv}j+0d@XnYcQJIDt%-|@Oo*B2}RzhK7({>}n_6ZoHitE*~vAi~wPAs5$1M5ewP
zn6LDC0p1e8uhC;}@ajcttAc&@+vRD~;BmWOnX)#j-DCH>7H5UF7ur~sCAEw3V_8(8
zwOvUInmWp{Nsqp<>hZB}+j4>)-BG>0wm#n_!svo|bpqT4@Y6CCv`hgl0AU#ktknRP
zX`vYqv^K@2N|I(m+Yb*XT(viO8DHhw$4_wO*2j^<TMWhn2I~W&^(c!3t__Gr83;5{
zhz8yhV6Ujti&N6rk{%=^2Ql$poPoSlv57^~tY7KH=dpF}rF?vHo!`EFf&I~CZl-5>
zZZ<$wbFDqI7=5eM?#<IW7b1F*%j6l&Q$eL#w^yW!;-+*KvJ5a!@pKkUs_*H+aMg3n
zR=O7!IU;daUr=_`A*j#s_a0|^w%4)xm8fNFGGl8Rldg8!cq%90`>D-$ygt<R1q;A0
z*s+7Z=OMfc_^YcDcLx|5!?m>$=huc9k>!2!`=%sJ`^|i<=i8Sab(!y)e$rD!cS-zv
zEZ6T?1%CU|&n|Oam-&2|A|5&xO8OpuADY*ewBfEkTCA-Uq%TD@u&4`kfS)bEpacA}
zI>CALZ!Qd<v4N%*thKC@a6$GtpWNb4Y~0|r(Gy&_`EjCno8cM^Mnbe^%4nb&Wzj%0
zoJVegouJuF3)1GPn|5YNr#T_ZUQ9YkvV{Q)R)tgzsTq=7ehE*Gzm|{OzRc$i&oPb8
zu%~P6BvGElooVffF&KwXr4&PV0Gugw^9qnBb3zuPj49TXkvy{i{L0VD+C3_DeA&93
zERwY>Gd?w?y|-;&Z^M^CqYbI(m9e_#XKkM!$%B>V@&omhMl7w<*CyjYnM!J{a%(c<
z=4?i?T9Ni!z&}L!UpC+I`kP^}2-e3!jbE_k%<xr|e+s++cndIGMYA(&*__UZBE#9y
zusRM)Plt42@V?U}&1GM=%_?1d`R>2cfS9DYW})KL8_%`U@&>nqfh9$rWQl7b4fju$
z)ivlDmGU|PefQ@}-Nkcn==WR2pYDtFWHXR<Y^Kt(I_|X9tA?=a`r-7Yx-)3}DX9(p
zp$zJ4o^F{(14WBELj%@gG!xa9NYOMZ1>r>pW%Q3+8bZ?)>>#fTOo^@GIXmRp=saJV
zJ&#|sFK0Y@1Fye!lW*elT)g@FtnJ)lJct<%rkEj^al~Le#N;WVW)L9*$pp3y-L<#D
z8nAwzwwc;IMbnbbQtUJ(&e=E9!??^`P#F@l#?%^;vk$R-@fCa~eI6gZb)KiT#w2FM
zM2F1OAW5bvIT#uz+Ggf@c@FTy)MOP*HPS~V1yr2WPUm$I)iVY`s-G3lj|=d`Nhub3
zh-=nBj;W=FF6gE<Jm2+gr1rWpK8gR?ZvsZrM4WO50BqrMNW*kk`@B4lB^S7)9SB-r
zH;%crdeAokehK&~41vrgSpUZ<MErs+Yghj6uSLLHfgc9GewA&X9Spd(F=k^lXm?DT
z0wT-QI?;fE=qaGRY&{npII0N;w2`T3hkl>*yl&iK4Ori{k0LbQcFuI%$F^(MSM0d6
zrp^<I?Nf`=+Mnv=1}(pB>p#nAAkss7@hF;qZLEHU*}4XxMGK%>=>KWX2FhFxVjlUk
zb4iHGU%?ETNk(W+5`#^NNHJ-`8K%7E+!n8nzR3AopW)2@Q=F3t<H3x9PLP2?MiFK$
zB3i3P1kEsy6bV5;&;@w;ebm%uX_;|ehc~l1`({FNn35jO&{>M8A|}EP)|oM4KOL|i
zo#*h%*Yf1>aenjmB|g8mMl2DQ0jUUzleSrauSh@~a+M<D=YqLtG3r;Z&zq-%&VgV-
z3RGd^B>&!x=!x@M=b%LDi!;lnRLT-U>q}3ZN4(KXWiqsU-$>ro<M?Drjo4Q7S0&q0
zh5gx#=MJYFCh3ZwB0dVd1NhM9+h1?Pz!EF~zhEZ}{(gO!r+dB+cw}WA7C1M`z~6W{
zXqm5iuupo2Q;!$jIPq#fHcD-o)GCvXZ^G+4sW$+DR^X*`rqn)w4*UY)_3xWNj&v}Q
z_7$vG{Q66}I5Ah*T6;v!D(r9#_pt4J+<U1VNY`bN_4bSUxwNcAH<m4GkNU>ic6FBA
zKB(Ha2%(<)RbF4GHn+~m=N_YI^}I_W7@PgvmPjH`_slf2tlFH$e-8Z06wrbs#!3C8
zOa-k;M&zlaI3zMJJ9EIFTz{5FCtqM=^K)D^JDigVYxa;qx(B4lXpm_It_?Axh`}hz
zz~L|=8f02<B^jU#2v2KDdVS2u?_;6Pp{i(-)!o@?N;*q2u$N?HEOwHRPP6(vlV1}v
zSR)ypWnVVfN=EFM3rsG)h-Zh-<5LHh_=BBw4pPb4A!U&f(*bBD_!B3>C-cutWELWT
z$fDFj8409#T}Us?YxOXKK{BS=TyswZ)QRrR(>QC)li+{$>WtIcXO*gJ5?Q8RqEF_=
zNp{|&tSB`cdu80#DqHxH!N7w!;l{y){Wx9qWBUc*ZNR_SeEaJH=nEErU$B*dzw^NV
zm<zmLURkFVxG)@Y{meR}p=n5cY4P#vX>JQCF+D(6n`7Qb1E~${EX%$~&jnOna{iVj
z_yd|iP!llh%d67&Ui3NlUaP;ZBhUkQdBJiW)YYA}9=?<`Ek-o;fhHi#^5Iu$S*+;F
zKI_$gYv6K$bVwG#<bt#WwFux`06u%9wFG=9C9s<d#4nP=*a9RLgfK1;%%g&8Emr3s
zaowbR^SNCflT9v8pJA~5B`&46d3ZG80(*?(+eo~VrQr=DWHiX5f`hC^a8N`Bi!{*!
zz&PoD6`}5yetuG5uHH_Ol37IVG>^#UK)V2V8e7uDW&kfvv(INK=`_Jk6EsQ5r0@(f
zKF4fykzLtfD;aZhHsWyYGLy5<;~8_E&mNrTkM>5yDp}24J`tD-5lc<~u8hRZBYX2m
zo>QZj1HVd&W>he2=HRh-Z)!Sw#rq<avyfb<2&~uY^(q<g(!P*$>_MVFY$)14<)Se~
zeTlS!g?Y1ufNLRDlb%Fha&$b|a9oo(=DGa|J4v$Y#hPb;9|8W+=G$Kv$XtR2;1_J=
z;O|9wy1`#rCE1GsE{@l@c6Q8gFlZ<i_fcK5On9q-K7UC@#foFwF{?LCG~NlXVW#R;
zJTHrs`qChw;7zM(xPGlZgXD~)vgj<h@)GWG73b0jc5A?0YEg$}(nlArkFAg`l*d5}
zZmOqY_UTVrCn=yorh@q~HTBCP!~%1DN^-5r5-9o7rp%%oitl!t+I29FZdg}eTZjsJ
z`dbO|obPbAx3z00S!(BkBm_>xDboS84iL;De?@wz8|lk|p9=~d(im%t?bEW3FikZV
znFm36WNpghqdl(c7V8I3GunTa7mg2jG}`4tdYiS$4K&`%B9>7G{v?W!L4+9?%)lT+
z!3-iyB-!_a9DJBX;clOhcd7eUFFlnxcv~Dwv=VSFL7mR8qfN53OieOSr*WEryd+Pp
zO*5f%n`YZ+l7VKiStQmB25|N|hoei};w;b1#(ZTmX1acr$@+C}$pyX|pW({~L$+gs
zK@d@lA!BrQ*f0x#>_+Y?;4hEPnHoc<E5Kg;ZM8P9jQY8t(zubu9DL@{J#lO7B(Fm?
z^NTNKgsEvTY8op%+q5nq`kpJ_e1u=0Rjo62G?B4%)le^!Pu@0ObS+rjDe$Yy3VBY`
zEb97Ala%N7580W{Rvqcv$u*V#-san1_toHm20Mxca+hFtYEJ_H7<fML=2eNiTj2I|
zMr4F5XAFZuRMVZ4xzvNyh(eT_BV2o55>V9j+>G<SwoU0|H87$X<4OOkr=t1*jx0KE
z)btE1$7~jv6PuQlwO;)0kbqRge#Oy;a<`MJxVN;B2$YknX_%L#de15--!zN97oS(I
zHI>>Kzi_=Sf=t(`D*8nI9xjOZ>LO^a^o1HJ&I0qE>v+iGaV~&Cvv?~jgel_bU$y&&
zryaL_WKrwUJ#Qn`{%QJL)7t&5EG&448Y+Y|?r-b&L=m@7X%3FvN75>)1``!}fK((Q
zDyg4pQ5#ij1RcFV<AOw0NK>Nxd#qyB@|-n1y}yRlE2zGd!3I2kJmDd;$NBU&k>2F`
z=oT*-?{VGiaxUFrJl%rbTQJ>5od^|0bjmO%4>5BVNQtDZAuR5xiSo~jYnlI6qWs?5
z9GKZf;Aaz^pL=T2G?z|rwer#&2&Xv+PHoPerCC>sM#z~<q-W0)56`kK=eT9p`SN7U
zlZWf1<|>ouBHMa~8__yXM-kJBU?y5*N@9#*JkIOh3LV8F-I8i_uS&R56-F=h^&BAR
zil)2!C{sh-8ofF(i;=m+f)mj*I5HnTk`{5tX_^UIXcz-3ge|5SxVd9O{daZ1)AYU^
zW7>$Yy7C~UW7`fQDV1iO(AGAVJx&(qkNUV<jCuJ7agwriIALcNuNw5l!25w81D+19
zXRr|Q3wAf7ena4m2!9v&#+9yIh;Vgd%%wByM3JdFn)TH_xAv;B?o0im=<bT2)C6Gb
z6Lh71uAyG3p6Vm?r?_6I4eJ^8^8$+6iswQb+Com*bbg-NiDj8G>z`L@!)n`CK#TgL
zyA@&M8URskiQ?5)$8}K*zP=x~?fUVGRt1*be(H(~cSUX&76&~0gT)ldIzVm8W34!h
zUEenx*aDdL)a<pb!Z$?`765TAJnBS<Gr*$rXqMITx5ak___Iz5XeAZ20EUG?yjrJr
zQ1kk~Ie3HuD9$wqt+k~2_EzESz;bms<s1`6_K;z`kDcywiG3d5nDOXfpQ~nv4ST>S
zJzzAw4U=8${>`d0Yorz!siuimfQXs*k9jn&jy)Emd<(Z{d=5E#o$2U2hl6u$>shwa
zG0(<peC1%sRx(1?&S0Z4>0pfsYaHl^+sTm4S(JC}JOXG88K#<p{JFTfRMIWy>6~t)
z&aKz0g1$;ko|FEWZHs?fr!Ef{1Uf05iwvBO90PUs%ch7N4ZzQ{jW0DCU#Wp-QS46Y
z?v|CgU3&kX+QzQB<-W(wGCVc4Ik<7L5R%lgxqrac;godszVnAs-VS_p^X;!o2^K5>
zzhHM2{Qc;!k5Ku~fcF9~Vuk#5Lu0spcFcv1^(?KYbrx$Qspu?X^MkC`)y}5$lumEH
zhv=>^HK++l$`Z#SJ=19VUb_Yd-kYvSN0C_HV>}9dW#3fZHp<wJ^XXkyQ;#+;<D@Mk
zfY>KZYMD0a*|r?hHuY|;ixEnvCao$E@6@T`fV>j;<s>prZJ<_a106AWClXlb3}&^2
z^_s$YJE_gz=jo}c!q8aGNW!|rtT7|f6r(XFnW1Tnji)?1j(Kbx=Vz)sZ+O6liRV}l
z%SGK~tP^LVPg$RAVeB;fm5G?FT_!ba3-^6r#@v>3fHJj1zB*ecR$*cdpV}UwW(31E
z)Qm{YkeLpc5i!w-gTydXncs@C9xn?d83$A$F8Go%DqN4|RRNew-Xe27J&`PJ7J;ZB
zR54ZH=Q3_0{<^>lBWLxq66{GeyJI1(cA02X6A0=aAey(Sq)FC3Yg)XkXR92Whk1{Y
z6)j|?u(*)dpoN>HDYp-%+&nm3wQPd|p90>A=)c|k-q$6;;|vynU$A=v{Qby>E&_i8
z`0s&-SK0PjWVn8IgY##`4pp|ctXeKHBON!(^_>j=vc$^hvP@;_)Nn29cX+jxj!?_k
zx81&Nu;eQBQ5ncNqFe+$q#amZC%v=Z^gYim{4PDT;bln%_rA|t7w)g8PAjNr&ICG7
zKUS+C83-$Zp)I5#s!_o?pmWnis}aKNH**kKZf~^`J<I@O0Yq(?DynG)RI})z%-hXR
zX&{!7*fKIVG!{`i_g7UhnqqLs{;Xm&sW`jV3_v75Z^!SKhy;^gFCn%j<8MKjq=q71
zYQ&T^YvM#2T_TgYltC6{D`gAJ9Qe(_R29%wQ!=Yeo%3|hTEx#KS1DLGsnzJ=f;p+A
zca~%<;-;TF(YzAlnOd!ET}zc7i&@gq`MdNk+ZF~pNXxn+c}H0bT4uee_uzWe@0JCE
z4PWG0Ce|vq_Yb*wFkzP3RnPiQ0zV4;#OB++Z9jOL!2<9LcCUfI7XaS_{59ahD%)Nk
zL|i|AhO_HynIo_;lXb1eE<vN|6-Zwq3g{J*ZK3#FD0c6gI@yI1`icx{gWs}D^swnO
zPkW7oGHv&x<$AlHdyDy-gzss;_e%G1F03rme%$r?l1AbNUmZ}}ebN@^u;Dnn)F5;T
z{)Ns+Zc9C8pWu7rqom$8in_Jp`BG6w7cfr?g?aj>TNhXXgSFI9v=aF%!68M2&sITS
zzD-$Mr%vRtNV~Lle#~mKdOPR3WT4Q_hZmRq)En(-Pq~$Pe=Fdf)cT^-87%Qc^q7yw
zd1P-6+MEcW`??|GR{?5H+GjmtSC0}_B8qiAJzQcI=D?6@jh@h^!*~P$Qi!hGhG<{$
zz2d3!YpLBk37_ty_Ip>nUh${ZHq=2{YuP!NaAWU~X}a<Z%NxKy0{;Hy+rI6Y;9&+k
z4h!Ti!H(O$oU=|n3jBFsw5o;=law2~2Z#t~*T*%22-BWwS6%Y<IOF(P@+#yMm7<y!
zEL4{~a0~i9>2vB7mp75VsOR^U+A_~ReS|HQ$<aL*XFG9fwWQXz_mYaAw8l$fBTnSe
zB`K(peP~0ij5jJ&yWU0?I9JO3RY+9SzYn)D<GJ=)Bl;0(#^S~UnoO<k#ni!#IKQj6
zQR|}%sZ6zNwZIVS9Fx|L&-dJzh81&ZTYK;vtJaQ(DxpH-e(P<R+HqH&FRk4FqV7%e
z#-)e==20`Ef+!{ewMY)!BnO7#0zc-pfF;l?znj0Wh|Rl_6V5heM6e)K!4am<Jki`o
zodd%;DAYOFa{<J{+Ln5K-Kx*qKoC`SIjMpq=YB~ISY<%Y0e%J0b0cu>ca@sF0$BP0
z9#wgT1pt{x=Zp*J=0q&wM)m5?c=>tLB9}C*f@se)eJaP&7#<fE$+H%SnLMOgO>1AB
zX{EGvioU3}9Sk=LvUhCXce}2AdgqQs&0e+2-r<zZy94?TfPVx0IPh$6ErT7~+DC}^
z1v?45`Xe9uGr->kzHQZQpBW8#=)zex#%o7jjJ>B<K<`GH>1i|Hq`&IxwoH3{w^fhE
zUmr*3ZuX(0wzbsxsAu7%<v2W~L+b9QB!tnbRD{;Rl^Y>cMYBB3Qntjc4=g1ntUAEX
zmLRPXK`f$(<aLHRm*Oa*fAd;J7r|*26uReE(Q2S2=ePz$@~EHGn2W_o6^P(!4mx12
z5<#oI&b9CSzsuQ3OHgU%fYi+QBPN=&*9w*WyHUq^#Il~kDSkOUX<PB|fMM-hBYu~j
zucM@9>#~j337C3H5P8!e`qbh3E^(iF{)XMul5F-4Cp@>k$6>N^&}VZ7&v)K@+qZo@
zOz6P^@C$ZYz~5W*-1M(sb=&9GMqIyemi6)4$vC*nI<ww6%yrtAti_|J7H^;9X`I8G
zQjj|4(}j6g+nMb8IQMP)Y%Gy!0Dp9VC0+8`wq~RH+2N|9<SqVXC-Ys8?<;ij^@wlF
zJ?4ltk?L{6e0_f*>RUU$1#$OUBXveYAMk7ICq9R?!VRM?Vyc3}GMeX*#NgBg)<Gez
zjD!pPbgn~KmzgMQ59i0S2s|Ba#{wt{C2-9)l<b(w&s`Q+5A$(d*D;TvN?nFS)Jdr?
zBx|bma7C?N`IDk9P@THFqFr%7o~zeafX-t7##8{8)NAwVsi%##dgAf@rC&{|A8{NF
z_#JocvG%NFXsajIWd^;bf#bM<UzY}M-vY(urpJTBDbH>1vLD|SE|vcPeDBS-ecOkF
zCmHOxEu?w|J4yQ>@FT$YgS>Q=4ew23*xBbHF^tzo4%tgb`iGYi+cVcKO8_EG&cCnS
z9)3oj&zjDI7MUfVF5cpDQL{5IKGA4tKeoQUl}~uscP?!yL3L4JA6Srv^XYSJZRg(j
z+S7-c&Oy4apDv2dx3$@n@}%0mSg~;Jeb+#GJZGMr`BG&oZOh_$s3&#SG^E)YPn*TD
zOP==Gq{*58E44a0VKFLL1&Fo;Yjbc|6`e05gDyC%u#l>QS?ldMPJ8Xy)mAZX{Lj_G
zZS!cqH2^AczpoI!)Y&nsQMl@BCo<@Oxk^N@2JFhVYRA`j{7vUwf9|~tPIcK7Sp?Dx
z>CB$r7SFp?C#7FKW3H)!nT7eOWxR5~lLq`H4daS;aja?4%9Wik4J8G&)Ozblv9($P
z{kcSqbWC<qO|@4!azOF$aLRK#d+f*Q-C%M1M4m168^MJPb`lmMe!))EuKvh}F93fH
z;cw+4@2l(Fz}dAC4_!LP+IX#d_&$zooRi4tIciPDog8zQ8o~oTYTn`XILYgI(tV{~
zL$u0%;gVgP_%+hXKMTKgqi*h^Qk_gin}C}x$Vp`XvzfzMPb)>M>6}Fr(1~2C8^v7E
zlyqwWTds%a+DOwPLmusu!pSce9Tp>RbwTq=$|kkcOniV5FUV^IbZua-YY|FY$X006
zu=Fj0i2wI(q%0>@MsS=d*V?5J<jF*!D-ha5V8fE^QgY->QdQ+}GUM6XyX?>6yD_``
zA<7Q}|Lo@5zV#qXw!s4M3wAoe-;aLy5#VnE{}pg;<=}5T;^9jd7>$QWJ*v<&k93k|
z`c{5V$l>no%y&^8a$L&0&F9-24D`&W?42=nlK0@q9ur5%8|%40dg>o6kw@n1<Maf1
zO9Rd}##*{5?mP7<eB#y(j=eU}^1HvQ06z6Z3Z)A0q*{AdnP;t?r;`?++bmtvjq>5v
z<>?%VYQ26hXN9cPBVrdF@%)&z9>HuHIrGTAl)tY_806`mE{o7YluoNPb>;t=1(KKr
zz$sFTVAX)2FUm-RT#uJH%fl91XTJqMvn-zBW*M1NS~T_UmBqHM`r)R}8o{fyr{On^
zRdr$)U;mYsXPb^}9_QJeOr|_@dzby`T>*Vh0skBDPj7zjw{8W`G1y62Nc9Z13VR0l
zzjDy`SAcUXo4bI$$&6=j?eNg$^Nhx$+<j2TxpC(mhXK&%NS3cnZQ}5;acYC)gJ(PN
z)A3gb6&ljd%HR3u80#rAT})~X$69BVY-G9fhzH|wo{g!JQdCm-w08cU_Y1NI&hPt5
zLDZ!V7Ni-p%1G+ow~8c$Z@;y)q&9g4AJSF#TH>ToIVp2a4cDSW+mY^6zgAv6<*v9F
z45qs1G<(zH>H_q2ZL$WILRe&OZDK>LnDK+i;@-H=t1*6%SL~;ft}0bfY)tic*5-XV
z>(ioIVYk#A<ca&t8H1wE(4#qXs5+M+Pbakwm~`1kaiVux0JJvX=Nz>c_<6=AXAG3e
z^DW+O7Sb%sXV;D1Rhe(=QV^ADJE<`V*B<AJUaR=}p7C~(3X`zG5B?T1E5)B8NsslW
zrqoLBw&Iy@8Wv4j$GNt}7|(rIkC^)c<8eo7>_Qs2w3He67MeO3I7{|e<4-wP=evdL
z>0|8_XNVIflW7*|yE~w73;1c^rvvB<cH#k%5b+DP3cLEF9~R)1S-szCWgdz-|J?eR
z>zB{7wl?xmU@svO?Omj70B!SS`evtrX8(Wjb=~P^QC6WKacE1$S(wDNxdx^8F?#^e
zg2N+zZ?wKmUCWLJt-7w`sQ_gBprvx(I*z@*BHty6NRPDHCP3D*I^C=9Ec3fI&FLmR
zN9uZjp4vTcfAh&Z_#z!G5l88G{%GraZS|`x_67Q|9M&TY&0^Z6V0wLQ5GvYz)dd<S
zLRh~>MHG;FEt(s#bQiE%f~d4O<HiFPOI+-cSSe*QocAnB4~WkpuRO-m%`hp_0vzgO
zK|RJa@4}k&9J94~p{{k&t;csw+chpk^*lFi8#g`R@NU{N2^2juMka?-p1rlh-gI_1
z0<DL@&jLRLeBtKzers^bg9YFh?7jkje+u|v;PqrmS*z>p0v9&MT)%jM(RkFK4UHa-
zQb)-_<9EFr_!g(Ui^g7;&~cX@ZP1aS*(%`eYp*G4+HfvSfT@q3Jx!!<zQ|84y4A*R
zy5Q?+RTI(cq_RkNF4Dqg*^*Y}V<PN3tb4Ch?Yx^9NY(Q_4Zy7q;%K`+zWw>wCo41A
zA_+wO_af~eu8kbfSBs<#*Q@@qwasjiZjGPYFKTV6)kU^g#m`Eb#S_~*K~tocjy~^P
zD5*2HinM??&miDQuN5O6R@mBuE7D!t<?X|?=U^^ur~Nhh`V2UpddqfASv?x)X^QTn
z?L?Vvb$Yr?!(EeB!*8_SCzfFiZAuxZbAJ`kw|aLt27Uo}H}L5I`ho@E7wkR-fFF5%
z&RX@_Ra0ge5zcR{asASHMupB_oAU`C+Vd{j=$=d|-iS<#S6tbq;dmCn15IHyzvF`k
zjCm(qI=I0-=TJGGz6hnQJ^a_w>&eqlli46E&>CXm2%q<*C+{j6>M>sXYMGi=LK?^a
zqaet(>$fZltpnmdj&@(iycUV?bFG#t2=4fOt4}-Mr#3C@cvw3dc2WIJ-$j%@_t>lL
zUIUW#@xyuktE4N^zIe2Z9h*L73-F?6#9w+W!nHNoMNmRVl(A2@_U@x)^`ogC)|WL=
z2b_2^KDuNsXvkLaX4mw14lC@uSxw(_w|3c`Oz#HhOMqVm-f{DLzvW}WGYqyW3pIYh
z?uLCRkNW)p@J*|1*s8K~Fad>YS1zzN9{DGsMm9Jf@4qZgLJJeM`0KUmE9PCEn0p-R
zsc)lBh40%}M?2C$tB+IfB^~=xI%G3i=>GAfui|^nqBH|d^>i%Ow7K`HR~=cyz4i8i
zhWp-i{k^rKU7z8Xq^S2XZAcAnb)w}6PPH`jhmQMPzlW7R?b}z|bLQE;Uhk+5y?y<&
zrekZXb?pKyDjkgUZef|Jv1L}DA5}k!lePtmzUvKb>keHYNvJV+I%F>8c^H2Lw+rxS
z4^AIC)}*xGX)HW9ZNsQEJbw$B1loX@TRv|}-;}1`i2ni#?X?Vzb5E^4y#B2D<_zCH
z#Pglh=falzDs6K}gJeY0T4(+u1ARN}9^RGoP78b#_&Wjg1zWX+h+nX~Vpo6kBkRCl
z1l|d}V&xsbNc+5Up&I$Cq~kQyhlqF_DfQ^X*@mc_TWIbfyP!!_xemZ|ktwY+$Fgk&
zS(}B%@ttcQ@pElRbJID9EF77I$+{s`tLZqj=E!)R+k$LD8|q=)8nD_usW>VHQHbO`
z8t(CFt!_>HX^{&obu1FsP>Ym`2mE=N09zu`LNg;?-TQL&@htwZMO!+U&=IZkyk3Y5
zt3M5IAyu&<%I&Q^^jsfr)V;nKq;s9IM#ND2y>Yb5@buBH5;9$ePSW%2;Ypp84q)C0
z)Ej_;XiKov!`@m?%j?r0rS|Ohxb&^enYfy99T|$+pm&F7Oz_o->LNg%pNpr)RqDX1
zcK?dwtM{!gf%f7#mKH&GZ?|sfvot+_wUl>XYB($c)5_vZtwz$9{w;0Hz)j#^Go8Mz
z9ro@{q)&n01>Ohz;?3{<mY86{0`Lp=K!Csh`6K6Zme212zUHohzsouJ^Adf~K{L$}
z)ZAN~sD&bZUwduG*TL$xz#!U(2!I-kX3P0DF{-s`U^NNa3(bX;O=KN?negh@*++un
zy$?O_YZLvrG^In)kP;<}gdRR(p3c0o7Geoi|BC#A2i-<G;}NKC?7z}X74KsLZDMW2
zQzzC&!SCy53w?w3LSNrG_SOXy|26Pk)2974^{u8p-qbgbI$*Xv-wXG)A!OJng6``-
z4P;T?g{&q5p%&?eE-k*cc9*_>9jTmM+ut$VID#ZYQ@?9loT!%@G%XhP)ivz%zHgre
z{{QywJWP`OuJ8OiBF{Sen4S>=A#n@MJ)@CE2ga7U7IR<rvfefJn#GzK-9pb}KhJvC
z_Jh~!HG(zEVGO$q7z1LByaEi%X)qW`=$1x864J;z08Ld*ch{X)MC>0K)vB(}jQB-X
zR#jHj`}I8aOiy=JR^%@tGk>4>9pBDwhn1@vZ0>eXs$$0Dz&{7xxc0giTdPk7Kb^bq
zcN_3`fR_W$JdyC%Zga<#i!|q2VIRJeejo>bSXC^Z9=dE|nni*qE$}|+?>)-8R+BuJ
zsBAaH8F_BA_`9PCH=jAK4)Rey{$U?)7HYhmHX(ucFroOkk2&=Dl!f-PzYF>ND0)v1
zeZS9+aJB!wk-pAOhbQ+&`cCGoei--x;OEy~_u>s-m@@e3yoSHe0=@@$De&~;@B2n9
z%{O`4Z5L_H&lP-n5ccU*cvn8)1N@f1JMg<pM*;{Og)ABID=Uy&+W81ABA$&OEgCzL
zmyO;*u<V$|jXDJ_APOlSo{g^0c<^_P+>~I%XveszYGZ5i?LUl?X}_b6i7_K;qeh|+
zj>?Rz+gEf=A9(JC+tU|~K98wGcFQ%)=$efCkLTcX2)h0lF=9C8wKlE@by4Ynaidtb
z)IA*ax*4^mGb<Ts8aI8e;5kIMmT4#)9U50+W!$w_6o89HB5%1i#*}y&H%eNi6ibyG
zLE}cS4-@XAf(=lrgvLq!y{KHpxT5L=obPc3+ec0TFAkl%+q-=FsdaWvres3~d^|7E
z{xfT@d$G0pWbo5@4}X934B!>{=--v&4}Y*Y*W|NqzeKCu9=(u%lFbSayBT1}?++gF
z8?&y1fXx)Bu<2oF8-zUParwJy2PrDqU~`hqAEtF~nV|MxVbDH;7sp|bZJMKXlkBE{
z)X#O&cBrt);q>~S(PZCu*tR^1YjL9I9a^_1wA~K-x(i&JUAho63qRbV@ET26BQ=}w
zHF`^VlnL8++-FOcv9q(wlWXfIRh%8*&w(F<?8nz$_u^H1d^$<7O`sXM2k~daH%8t7
zTtDvLo&j6CJ)T^>PG@KLGap9Lh)oJ3ZvM9$f8PIhjM=So-~UGk|4hN-L}QL)#NUx`
zI&$zaIdDuPH*bq>-OMG5#vJE}jzd(mDcr&B-pA~e7mfH3&jOxvRC0U;8?ugkjIsY8
z-F!|8icgRJxq`mkE$tVLc`Qbsql3Ta;A4&5nJ^mt*ipfGE&7?F$A}JG57C(GVchkR
zjcAW--0v-D^Qh?e6uf4OuAzgk-Gk5jV7Y^$9e2mQCzM?aMK@4JJ<iDXk8Zt=vVzy^
zsK+Wgw;|WcsONdh`$rV`{EK!uX8cHX(fKcWjZ&q^_<>`KLQW*b4H`w`PwtKPihbXg
z9r)b`zb88IcQ+k(G~&1qe8%nH7%hr!e(xk2{k(5F7H)mKQRn5r`*4<J>};QS=vxDR
z3iv+_eVU2hwj+L;6<7YnA4R|y1OEW{4q)NfUl71jyUFcWE;6?;H+p*7!Cf}T*3BxJ
z3K*4r-?-lHsND+-rf?RHT9j3sC*V$bm14Ukx1vW*>0wOUjeD-y=nhDh1=PtK7c?rg
zMPb3{qV^$dX!n*Wf`o1BH*)98vLa!OD6U-Aepy%%vXONi_lllpW2V9uY(aR-xhm>7
zAG}^h4B3t>(q43J7qnl|wM_9#y?l!HxSFE{mtB?GXCtrUtiq7|sN<%jjY5m!jcZ#f
zoRbkX=f+M8J~*mYQim=Yw-MK<I(PXlpJnIOy=OFB;nz2;6EzYg2qHwUQKJSyL=Zt3
zUGxwox|zX*kVFkZLUchQh)ysD(K}%TV<vhVCfbZPo+J1De)zBTzUzLU56_3kvaB_8
zoPDnS+k5}^zOHi>QL!9Do2EN%VNky(f7JF@c1FhEXP4VPsqp@e!e*N_tSI9q5SxH|
z6&TM9q_!J#a+B;(5cM$Duqk~Ak3?<OoL}h2rq7`TjS6A54<~=Cfe><?1<&iXkKgg-
zrt%&9>OY211gO)VMDy1#GOZ&GANMprP)V2}(^y)qL1bb---$5$_%f0hlIH2|Ob}a3
z%~%d0D;bXoxEGZeVdH(R$`;ZaFqe!r?89HSD*29a8>mPtz`q<t{w&S(OEtQ~oApMI
zCEM+#NQI8#mjYV6A+3E+;e%C{=(DZ6prkxZ$Lnf7e!JAqiYfga!DD74DMwokznTWR
zDNxL4l@~*Py{-AoF7Jdv-j@l)j9VhJS+n14P|hX6Px+z1j{jumvoo7^`!e95+XQ``
zKRYMqYZWbs6GhU4RHc|#u2Hj6_70ArFyTaU1>$SnU_q_=Ti4BHMT$x+&Dce_6gd?t
z>^NE3TVDxOC!?6(&IkmMnwiP4vYkO#q@S^-L<^%M9SUZzn6vrDY%PRMQ@-Hqx##zk
zqajp#dG-2C{Gx7p)Z0vR&#ZTa-R3*)*MpeX-#a^POeesbWr;I%;f7{Vrpy(E!8zq|
zUCg|(>GRbT&&qy=xN)u*e2Uj-ry`z6m@reuG{;9)%O9ZyE@f@bezQY6G-xP&k$lJw
ztQ^m+fbPVpKT9&A(hw0pMUg{z@7YJ(-ZYV2;bib`s~sGFMOhG5K0~cY$qh>$_k8aK
zfAKB5`Q_@hv{UG$lO)$Wkz=BJ#~H`hdYv^prdV!n$&-_)gX(KCZyyCNPI75vplrn9
zTQ<=-xgNEou=6KBv>g#%9i28c<`pB!{@msvSk~+sub=XrubKbo+xryKdRu&aCw-`H
zfLUZaBU*bWvo0gOP7Oa5Ft=6jb;AyM4nj0#X&EK&08t3{ns@8fbc-bnif}N{|Hzkq
zwy{ab((=%7bb`iBZe|5gk>4~bQq|+FRwOwO!Gi7gnZYjrE2edzvvx>{?3hjC1-#qc
zW|PH3Is===S~>Mo!y4WBUv?-R&vw!9NZuowPI?w0F{=}^Fry>_VPJ~OTrDThGr+1)
zsOCHOl1WPinO>gT@|lAb?6lWzRxe~;J7=*7>w8^su{cotcTp-=_rvE2#WFP6lty(D
z>HEhvZScOCV}(|MJ6}vwNZM#ljXlvPTH3kv;p5SNcET~aWcJ|4yj2Nd31S0rHZ8UH
z%0X>S+7@OL?l#=tM>#|Dy8`sog2w)GL&UqGqe*v){SJO~PdbZkp0Z8e5~mYe+{kw!
zof!639wwh~(|#t!R<~0+W1i2K_rP6BSz{4iS!y^i96WZw9A=x)Y&4MA^sRnYKvQf<
zl~t`rbi~PK_7z+){_DBL{tV;uT))aXzmYF%jRT2NORWxbV9PZ8t5MH_wbq-phT1dL
zTPJbD2ER{c#OXkt?7OQknYW5&7r&G!G}bq1YZw}Dd=x}Tk)HbkuoE1?-kIisS$9hi
z;K=hkx!XtPcd?C3c^daETj6~-44bgKw-18+A=GQd*w(`Dd9vH9Z;QXYQVsgOBLdzk
za1uSvDR2^zIJLu_mZ`43nSnoTjwL20=Zc)F#Y_6y{^H18ntnUnUb<&-5Snm8{JQ#0
z_<bxzqTjiCpJ&O|odi1gV#mX=ooh&=lO&BIL{RUMGQrX%3A7w2Q!$NqtV}Jye=P7U
zD4h-&OL$v=uwxO#N1Qiuk%HLR2yxz`ucG@rI8Hv%5!?E6@fkV4gZaOq*Q*bIQ6UwB
z?;A<7Fhxc%o$_nvx@HHS%I!_T@vk^=Mi^eww$!#ho^us&=8Hh5th%~Qdga#No~3K=
zPv?b|ZP_v3RNJED>lv?ZmH1s3f}#vx$O^noEEy7PTEDF0*ki&btd)aq+_`kAZNj_8
zL)B=~iK*33ek1sO9q_HxS5w99>j}p>)jM2BHXTJytwbpScjK_svaL_^FT^|1le6o)
zOEZBL&$HdvHc5TRh?j7hV6V(0$plliKr5RgqGAuC^T<0_>dqJDO{KSujY>Ufvy!8q
zJQLO_9y;DZ)hd{OTG|m*OCNPo-EgtV&mwg-RTYZ02~s>*4W91F+CMUrV9GGWHM{-|
zQ+}(UJa`Z!36_)nB{<gS)1hoWVR<z(K}5nIhaM>6$i~_}sr3F{HNmIydlWAgx(2on
zPqhN#(3CM!YKEQoOlY^`4W{GtdILHLHl@Y20Npb=+;M(lIiiHV^EX|d{$!_{YU;Bx
z!Qe3QPcehRHB-fPhd&s<iQMY3wy3C0DP0yWo`ZIciYOMt@65Ie+rxVwQ0ug_pD`J1
z&#SLkF=dnYKqgqKn30;xoIcbQyxrJCrG@K>$~<os;9o||)EfEid#e(?@a_=Xp{j^^
z>o(Ana|uqrvv|+*wW%5J29_VZ{+ezlw7-&+dz^A3G{G{C*@yz96^o_hjiN2h-cS@;
zvT(k#T4pE734N7zUgK@Cpew0j#MdWZzl;Z&d$-(U{faYd{TTc{KXAOqDCX5~i^__c
z$@QG2lpY>jStm-xo?r)d1rX8WAljX$voD)!v@H}Bi|Zj4Y~sW+(m&W+-T2x?+M1Qj
zqk2oNsaostLrYY)w)b;Ahq}$=KU|`W+A;ei<evQrhR^v_nD2%%NoIb_(R=hJwsgr#
z>9X>JQ~?(J$`{Ll8~b5mn@v0+gIV52(Z5Dirz><Sy9ze*xBd={M~nqN`K)z^68XaY
zPpu!)DXoXTX;$-97`sa)iW#{eVNLY^@D}gn9h8Q8NBdB@&|4ru0`_QpyWzcKUpK`r
zR8d5fa-LShA|Og~pE&l~K*-=qy+TmP#*Cmf>Z+}G75g!<Z^qLe#{+f-H0`-cJS>KW
zALv)eW%?*IKCYWW`xzOE{V3Dut8MuRX3y&IFSQCG2+ulOSr_v5)XDYr>ZPqJ(;?^N
z%9x`Q1&8{Zaz7&v-x#Omzz)^YwS^lwQn8hEVZI7FW>~nxpB)ukFh|iD>E>pZY9KUj
zxR2FU2<?P9AJRsjY`y8j2yy!mz}`GW;*5T{Xv2oQq`l?R__E7_ZmX4BrMTtwQ{44~
z9djx%VZvp`FXTF19m6_N<P$V`=EYzgR^Xt4FTv*fYC5am9+cE?;2-k$n&2S9?iLS<
zk91gzNsX$DtNU3L$)0_DWn;i%W1V_BC{URo+TODD<A(2#8?lyI`VJ@3?Fg}3Xl;<p
zfk@2BBK%E23=$%UQn$#R!ECH3oC(}nAH^GluAM}xNpqYQrCy4_uf&zL{SgTMTHYg*
zk-^>wnZ14R#2+GqD|p1pVyivztF$Lcv?#k%ASKy}BN+1VNFgH4BaiPAuxyF9Uhm2H
zwv*eSp{HVU^1K)+-A|eiDM~9=9J4=RrYm1<!116>&f1W#UNRQFm;G6AGjU|1zOgOc
zqAbT1`#xh7!J1kn^+qAtiB?=z0oxCv!sMQQ4Zs|4j)R7%E8EB`lT1wSYFC^j2gbx+
zYT?uTvGH)0t0!%2XFp`)OJIc$_O?<JCzJ$=VL)iufw6Sr!;(?C0UdvKDj-8>MY5q(
z<wPqMKSz%ov5X9l;f9_7<*yZfbXbAM;~Y#Ne%T6(svV%4URr}dxhFowq8o!~K&J8@
zqLt&FbRK)vi88UDOhLa+a#yZbf9<r(SL7|AMcUlIUwZqxAz_oh)K<_on5&v6F_Nz;
zSw1XZyVgZ9<!g&^w4J?qhvKdF@6I&-TgApY$dLAv7waNSAnWFx9lZ(_@#c4zUp===
zqfEr5!;1>OD@;d(c<2WEtPW!t*ZU65gLg;qP|r$e`_;q7fJ_j=)~$<r_vQ{1lLc!^
zReCKjaFGdb-*0>o`tfjF)#N($;9~p(Wzs@ruuE2I{7FE<17h0};Wk-P-C9+3WLsf}
zu-<*)0bMil9JzgF+_X-cl=HB4@7#QKg2y3TNbF;!^3Wko`Lycx9cQNs5i%`Pkh>V2
zHQy=*vnf@3R*<sF%K1Yp*VqjAsrwb88f~&a6DJCH6%3VN`?N^@s?`Tt!JjDA->+?5
zd%n|?oht16TAmA-0Wt=SOYuA?HX-`$lu^uCa#Z>I$St4?BF9#&C4bY-rs*c%5>eq&
z`DTZ5Xr5h+rWRHJwlF0k>yU6v+w|nP$Lj0c;drsi2m^|-8dw_>gzh^erAHR+<$JR1
z!X`C*b#jB0d;R6`xXE)b>AoN7c}{(d%z}bvzeO6*0uxz@g93%FreW|`&lUgNcU(Rk
z5WL3xRy4krr>l3h@o<)oJHO_I-t~!h-&Xs{I=Y#+C9fEIr0-W9=5>FX^=N5xW<}#^
z?c08{*fH@<glMk>vmt5pPoN4FK2<@_Q;jt4tjj`J2@Qx%zLTE-`8dRas5Ct4JJ8nr
zm^hdPIhu4XD5YoO8?y0*-#faD^ip}Qi5>T7h+ypgUqMi~Y=tba52rxWUp$Pvw1Dx2
znWO*fQZ3#!=~ta4b%Wau%u8Rh|GIZP<KW9`eB{_?uduA35|FI66q=uRZY^Kps@GVy
zT-09pO}W!i;oT+fCHjxdLwxon<|7el%ek?kQeUhJeHK=^t2d1%ZwuZs^{a{3tQ<Kg
z%lcOCBXi#<K#doX3LH760h|CItKqow0BCwTIfkj_fDV>HioT?Z6-fHb(_>?mxw`xL
z7N>u?V-@}@_k8KXFf4WM1C#BsxxDigOHrxXt34F63$cuA*NcDsaXcIpv7Q1gALnU>
z-WS~hRvAA2u21E4iJ<0^?JM|6#=t>y&;4cll!uKEg^gz{10!GH6wN0P_m7{lbaPCC
znV4ff+?k)1qMw$}hev-~Z`GRdJDz~K!-_jh5)iH&t=WvmwzEq!Q;Z&A3uoiNG$hK?
z%{rv&sR-B%VEq#QQ#Cq*H^zs2M5)i|P2ub1CbkA!J6CUy@N2|wO0owp*{%j83a*<y
zfu2@FDHv6<Bm<<fk`sA*=EC`UEb6gm0*=k%Ee~&t%46$Qw#27KZwrsHxON$V)3LQP
zNtf{9U#r<i<r4AII}#H!P9<A07L$fvg>PNF1zRNrQK@mX<bHglRsDj!eB<x23EVk9
z>f2pQ2IvFyf$35dxCzh7P{PDvkuxsU$btY?#@U9FoOYzD=e&B73Z!96anZx@C7m#1
zP<u&d{L`Fb1!ez(hNLQn5eMvx*`*H^`5x#NB~N5~QN9YM`2LLXbPG`K9~cIKqd@NE
zOe7jqryVn%Ja&7A_oy`117g}{_YT67NP~0s|JHH^N=iw+_`7h^uS}+pJ4Qt6TeVZT
zk@B2uh^eDsMXNrW?a*Co9{pLJtMs>y!aluG`1s_kN8D+2-T!Px&_c0cjbR+*z7!0+
zrE2lO$}`#HGl8DEGV0IHQ#;I=JOV0&V)gnd!_Kza1ev`u)HDT?fG0Jls+Sj_OFmD?
z=|iiNvkj_cr-NLuAQ#8qCfjB&=CZfHcFh%P|8h`$&d0ysq|3@)ID8!FZ(~gzTf6R9
zIm`dvHK0L7HSl@V0oFDp)qW&{)Q1YrODG5I-2!YF1?cD%-4^;9PD`LhXy3)&vxk`c
z1O`sHEz&(ChL;bB#gn8A>#x&>#zZy|v0L80R%E=f!emBwXJy)rBzm~V3nD3v`I=7*
zuk07w@;X^Px2y}3cZ?I$+wSJvwNl==!D0^Kez?n7<Xp8|dYjS(9bxuoQ(D9R*0e5b
z@bH%(HIrV^tBz1OP<>Xc9vm5+YTqOcXCk;IpREEdoU1Ak0CG@q2bvcNlcFZ_;hyIC
z6-eE6sQ8UJG%ygivAp5^ODw3d9~g>$VC^5{Wv_=w_x~+Z>z?+*gwHYYr7yer^&^!&
zm2Eyn#<w#uv{;rODmw1pb3Ttr(~|KN&Mp_<zNLd)GO^=L-CFYdkeeXt#cFefD2hr}
zej5qY(2N|dabyij#S7xmqlYRp`1~S8hrJm#&rR!qW7(>lO1e`)92B84Ww&=q0n{tm
zeK>aVkpVp-{EDU0y3?~MPa8WcOvmyq&hq2eUvgazu77|qoxOveiJsJ$=EF6gRCRL9
ztkYkzNu_x2vDLtPC5YzRvUK0C{?d-uldlt<S<?2)l3tYcd|P<G<iTP~|65(r*`Uj>
zQb;f)n~f6oZQ;04R53~T5*uX?x6U7qpe08)*lbe_%bK`K<wK8tRZ8spSIA`!@LR_C
zmx<37t#$90!Kn?cmi*^D`qy?28-oHZzvkx-{tSaNU^0MhTw5Zr@*@rW;sE9=0ErR*
zLJ?vxA2P|@{l7m=e(plDW+kO$8l*EaAg>=BbMX~|V+mUob4h~_o;`lA_UL|znscU$
zJ~&=w#e<cViB_L4zeZfZD6D{7yH`TPO2O7I#Z#CIN?!22koQG}Hd0rnz4uqUI;1_Y
zTaKy)uY8oxKLzSCDb=5vO=!Abe89<hpv=u7SQE)yC+Zohjc(SWGuB<+F*bijW^_hn
z&~<=Ptk8b2G3xBB-@iR2>1m-jy|w@09dRWUAw>od^2Tb!bWSqRZ9k%ouqQiZ3eCrl
ze0=3(<*v{K@q70<t2o@~(dpM`?{LYtAbheYEv;b*=v#5$GaIwhy$P!d)A|wv6JDt@
zCEv%&9jvUi_L^1oG`*sBier3kaj)p_^VYu(ax4|ZWav<~KkGm~PHPkM)cDFcnr=u*
z&v8ota=d4V&S4$o6js@eq)#*dpkvf03>pQSDzvY;BDgfoszRV_gv^44+l$uoVgtn}
z9{RmMI(Jj;auYVKRpnJoRY-G4!l?*f>MS(Q7Y`!=z8iKUfOUCJ;naizkW#U3d3RS=
zsHCk`OCWM&l(e#%QGrrZu=cW_<981BUs_kR`g#Wp(J4?t42y)nz}AXNK6KshT=#Bs
z#&%sQH_daM{2vb@#n)J32gB)X>&+GXlOrKqEqzWzc5vmp_)C)8kr)nh`m_9!w<%{1
zT1iQ#Klo_593{fG!ASJ9zs$<g4%1b>nwBrpIBr!HSruQ2XrlqO%fvEqS&4zS=87xy
zO#w9`;-oE~^}oi$^&0HJAPUff;N}5f(B~UaY~FW!`b-G1h)5!9s|8F|IlcD|AVc(@
zo!hvC%dMP^_@X2s{zA4c@geyp?7|g)gS~rojV-cPpL4APMXcGT9l6*`tF_;6WY(U7
z#s<qvpK>uzSESZzujNSV)#0_w{&Mzy9pPl?FTFm-!%a<Y(tEq1I*WVE%x-PD5~c5b
z!`T#K_$s=-ddR-yWW_REQt*pH2gRmL*_MZSy*PLrpDDU?08}DeX_OwlRF`JC01}0!
zmK!B`1<^LbS*wxcZB;<CeWn+IW?um|>BR0Ow+g&$V`?EO%_Y#WxGQYT)wdvC8N~e@
zIvxtH(bh06`Fmt7e?7+N-M8v0XNBxDh2oje+*&8&yQ{6hKJZ^p&OQa?dW~-er_`0^
z^G^>xXvarxD(<^>@uhDXo=qDS3{}51xFZBQW_z6WM`>nF`j4OUEKB_S_Ia~7|N22w
zP+;6<)@%T^Y>lQX6CsJ?RQC0J_2EYBkHY|GoGd|Kaqe%FPnlciD1HXgGtvc8s<685
z@938}D=9f{<IdD+AMil=%ll|<t*LdhYkY5APj3#8>D~PDy;~?CeU$?IVbILl1-2>u
zMX4Ih=5p1{{?BV&1-GNKQZF;bEML=QP}6*|d8o@A_<qXx?`_<#IzxqE<(fyy&>dmm
za0$xr8!z$ST8=|SQh<QeY&gfvK0}}o1~8znKln3F{_O{!siqfxmU~iPk*?sMg3f3X
zGW=)Z<9X0_fZ@1)rPaip+M1F0Brk43X+2iGtfY;YZvA=&R)r05E>`6&vw09asQN9}
z-+Qczi_7tK7Md!>XQbB1hP@dG)U`<EBWVQb>2=&ygx(VdXiB@W=%ol|oH(XAa)&BM
zMyzM5wCjSX7e4E3_zyA5pBsg`@n<=hcGnd33o^!f%+`#;G`v2j86Zt3*K=L6l0Hp7
zlEsn)q|bWHF%-!aBG+GFXV{Pm!S}~M_L~E%)>v`C@qpjp$Du(lZbjv?Tq8NhH=w8>
z*6Ig)agiZxiDHR2*;cJ=;NN>sflh~-Iu}EZ;rFrL(7+t6VZU+{wH>5>P-01UB5nKF
zowjt{IUD^G@*stv#vkyZpawl<6=<&}+<&!=gxI-Jmeb(Pqzja7snKo9xIjc%WGt)+
zbo9_0xe3Te?Cz2s1TAhQ5IHuyq-Gs{WaIbb!t4&L{&I4n89j8{CY+$qtg@`xeX2fj
z`AI=sEMgOewuPn@LI9MM%?MyO`t`V7s|b50o6Iz)vK|?OJqbxWONVej#%EPR4^t9v
z(_|MWe_*&$uNd3}hj+P_=w%L@wfRwo@Z(a;D#O;e?Y;q$G9MGbU<y?(f;9q7m7{LZ
zqlhf^_Xve8)6xC1I;fF77SdOS{md9cV{5A5U3EjYKcd>dasTPrWw4q5e*85y2N!)&
zstA)|STQP*J&~(}{XaBz$J)A%*fONVNA291f{E`1zC2jj6x#B_z6gZIVvS-oGl#}W
z+{l1+{u!MI5GLEb_<u4w(W<yfL?I$$2#|4&aldXOP*QTp@6W=`gD0J18v2j#E(`$4
z(XtKRbx;m8q&6?}?9DV;I5jYli0O&Fi%HPM$b>P$lZ0t`nFr3$C~eSV5qC3vWwvvy
z?X!Z(5Flgx!(gz}d!MXw)V4Twy2*`|K#4gg<FN;hS|A_E1gJbw_OuHjyB8RdL=rqW
z{%eHB{ns-ayByv`VjcHcssJ{XQSYe27QJvh#TX^v(j69a2`7Sy-93gFSHL&;;;Ib*
zH12iSzc)TO<vOa!Wg;p67?!WcJm7ycoNM6!vo3Qs-C#U4-K8ih8k=BS@!Sg-%94qK
zc5q{oV7!#`wE(7JIZ78L3xwn}W5<1E^9&AbY1N?W*<)D=1j8q%&`{VEgzgzLf$fI=
zssRww>(%h8&bo5jlmJ2M(TbJNoJ1c?d08dId*Mwg5YytX+Gq$1Epwe{3iaTruWC97
zt+KvX%c1G%tEGw?&PM0&i}ps>3jqr^RdpV(NY1tr#d%z5Ro_)EpWMM*1q4-On*$9R
z@*-(@??c!Pj$9>804c-iOM93H_MS^hj>x*LQ|l{FREKvQPDyTZsd#M#=~sKPxt#__
zYLJCrA*4-Os0R<o3IQWA6PJlAFm@7PO;|ce^ys^NnaOI0R#qH4n|p26Wfj2N+;lU?
zX0d)yXxssov9*10_`@7YxD4+)xMxEwcQZ`=0-3Kk3vzWKdptfH!9F-%k-JnFQ78Pg
zViL1Et{P{s_jBk+R@?n?k8~FS6lqqLip}g?{sh<HhOj*u<T8N+gC@xhdRB7LP4Opb
z`Ea2Ttc~KA+g~Lvzrh7a*1!N=Et}Q7gXvTu{St}2gR4QoKNO$s4y~<7kf2&_oEVd|
zVSgE2v?C3NB-;kIYJ<x9zTvoT5m)fqRbpjfL6u!{(9}oq^;7aZfguRS;PG)b4-(nX
z1fT5l+#Pb(kV07`p9#U3%Hg|B(2=~0`r$DljxWp#zPK7eHz!|K7~#hvgMQ}g0i37M
zrBL?-wXl;SmntLbG`d++S2X~bTDetyeJf}u4AC5!OEpjOTfQU+=-{r?QzL>US4`D;
zht9!{Pm=2F;y}-s1~djGYTs<KMPw9xOx7Id{a%A|g!;!0p#Tv^n*x<X_$)*cljojV
z<EH-mi=vDsQe%HuiWE*q2*Mb+9$9A9ak8_|ic1cT*|{?#pL(_#jOz!?M>;2u0<PE8
zG;nMb8-9BNCPmIOQW8Ym+7RP8jdn8um~U0)6h+lSK>#D@V6Q$xJ73?NIp7?K^B0$>
z_o%ae<WDe8NtDpMC4xfnWMwsbc?GWtlDoEuHIM=aL{!2wY@l6Hn>jicNUs7G-yYUG
zhjS24KVk#6(jwfaKz1LTJUkM0oBteZ=qo=6Rf8v#+bRIl$*@92&Nb?LL~TSHc{m$k
z6lhTGgb2r}z%nV$17SgePGyhq8QT3jweb4L)k%r0QBJRXok}`I&K%U8H|yr)pD|R<
zsB(cY9u*XM{vL>fs7VV|!h4~|fKor?PwNg7h)^-yK1l31{E=GXM<4m7M%5m`j~g9H
zL-dtxFj2KgH_x(8fG&f;XP}Cn1|do!9qxRI^7nbb0V|VLu_ho$lqQ1NSLL34RuWN-
zWN>Id>(b?(PVT!>Ks+^!-mI8(Rjqz7{*4kI@0?uS{QD0;IM&%b`eCBS&t?%>v7SfO
zXb=F9h1y4e#vl8VKrF}`H7bwrScKcq@tQrwuZ0hEdlKpFd)#*=Ncr@;#vL)6+X0Pm
z;N7iJhTMQr=XT#E+#5$jb)p2W9Z*ji7Y(?O{$!^;g$)&)hp@8;kmiK%R)W>wt`_(j
z$!aFmU43QYs3HyVq3>0bj?fZ+&f<XWCdL+4;M~B5$OJ%!L(c_5%FZP5FlyKi2~io>
zbQjCA@8Le_DL&Ewvhte9@qAo{?4^%Pp@(d32mPMg_+Ev|&n+%lp10&BT*LVTZ@qRD
zaX>oIpJ0k)hgFgi1#ua$Wz+GVd{k+b64E);G4T*GKq9=Z8q{+C_>zi>+J(ut0@fME
zC*(L5L~*l6wZlN7>>{_$xnQmJ(hhV|OPOwe#?mGcPTsgD7f&R02I)4BIlxhvj)m)c
z{t^o@q>si!FG0Ac8kDyJjsvL43nom-N~l|;m>_LhaY+^7N&nLB_+JXd`J$}>A`W&=
zMfd@cz-+~~L9Tvy(%KF2w50Y855GoIPA<Iuu<yn?gEs{n<(=!DLa*XjvI>H5hFrzb
zA*?OziHHiJCl@FYaTWu?C#S9$pQTr5t`ZRvg=d{4A%1>|O-F2Xx~SWiQ;Ztq_}3Yx
z=K+G3|JI2#9_QKtmn=#A$Y6hZ9*RLmPEKZMB!^v8GDWEjk$Z?5zT=%pAF`Z4tKx|2
zO8TFWvi4W66!z#Oo((CRY|-QuP4FAYrg-O;V<ov}xr4yuRO?>`9zZdLoe9>}xzy^_
z$Gg-&a%=(AJX|}_;G4aYWKyI=Hk<{lYeKG2m~7!6$#!VP0a6cKqe@*#-piGFFpbN(
zjACnAQ7+Kt0q;uVu;XJ(k?-%4w$H?Iv6p?y;iq;gae$AGdr={Rk&z>PiV;VZu;$34
zi9=Oj?GLK7Miu?kFW;~bb)%wditN1{KTL|B!+Bo?T3;UwLa&c=(cd?ALq4Mm(Ss-M
zBp_xs26lq2F8Dj(0hxnr<r$C$kYx6~A~tI5ddx#s37?My>FAzYVFeGu=#9wJ0_M0&
zAj+$G8hI1zHLa75H4`Nn0-wg!&3Or?n2fzqJaIAut$}+8WN!TuS(14w2uS^GPv^*0
zx}>^uvUJkYOYuXlkBlO+;P<zylQ$tksR2tcDgE`sD?ts-UOPe48;92fN{&&hsYfdk
z=TspBK>O_R|HQfRlZ2DvSVNCusf`W(;!OYm^Ctnn1Ju<oLkU#$03l_%Ev%`0e=XqH
z>p9cr&U5_nr(NQNIp+D1G8}CWJvz(X|1VKer<1T|n9q#`>s<{+Bh=Nt7;pj;l62~W
zr@UpRkE{l|mM5>sBOv+O{+0URA70p?X)OI3J(ctCFX7<z<iFk+G-(?nWHj)iejEoe
zMQWUGyI@FP!&wR4EvKDdwuYUZ@7<I0lu6J{SUyq!s!7iBZeN{3zDJKov-EY-o%fr`
z6&fy5`#RH=WBn8)TBUC1*19jZ{h=Tx;hrk|c=~KM$M+)Q=Azqr`0q<DZ=M4L5O}md
zVrs3fHjrl*=l)Y>&)-mTu)%$#?lp>j<x|j-AG>9m9X}}j-Qm?BAe494KLJ%$vTMm1
z+=NUu&1Y_x3WF_^YTo%FWP1@a4Wu}=K+H|tLFlE|Qq*if0vF(2E7OrF*G-6vd(O6E
z^(#|;!3rA?11q@fgpfHkoKaA;lV06wD&g=*xxID~OMXyr#`cX{Lyw2=B85p6U}(~C
zW`d!E|A7nsmfb!8PD<lhEP8?@=biD{>C_*yN9n^I{&9t`btPQCpq%~ShGnR{sZ!>y
zvGq-y>n-ksy=wvVU5mN?X`9Oq*4cIS19asjXVJsnxkK5ES*Sm2^Bn6;E}^7{4P<Q;
zr_`9f$qbZRDAfhS@sm4T4N<@ih0>fpcK8dt(Qf6|WVbe4S<RBO3Ve3pNTXU6{Iiwu
zka+%h)DeyTIP!o9&f)eFdZ0BL>JjJ9_Mrx#2O+>N^})?vfyY|`C(dr3ych-y6wyW<
z&PphS8DFFZcM>mh{3<EVb5~j^I6cRy?1>Y6(!sl;&!$<k22}EdtAhH|OtaJ2>j$6@
zVsx=4?TZ-+`=7coSH>0io?qMj;P$1wUvec1NndgzsP)rVbk!kwe3M}syAS;SUO!yB
z<>q~L;5l$8Y9(nKS&I*V<G~q4DiEG>`Xn~}CD3p>fIw7W$Dj@V9+RIog~K*A?ZBg(
zQF*_=G55$<6KKNuoV4`ag&=0eid=iEeo4@A?qhN3yac)$^A5wYHa*tFgQ8hM=V-|#
zr`882X|~p~lV4y!`LW5cwo(|@j8e}gM(%Gh>>utj!_gG;6fMC(Be2JBZe1`LCn@f>
zuMeDb&>(X4(`Wdv`DRCc9&Z|1<hKcL20b#aA!R=a!8pMXgr8#~E%$-b(Y?~kgMtjV
zDPm^)G=1h|+^*JonB<9Y8GaTZak)y>|7~fSrm?tRYsay&sT4C)ar~*wNS^y|unCpN
z?d!ic1CF<Xz*|8l0n{Q<a@mvdVb}C|2;nNZQ%8i2f$dq`)dv^xXF`FP-RsyvQ;k`W
z+e7Me9Cgzf^hh`BKDf5(HiO*YD2EDpdf2bUG45&cJZ(F<TYrntDcZW-Z*x3*f0>en
zdym)Ca4>)F*yF#E=X$IC<IC?KSZ&xB$p}S!-YIt>AF^0nOrH(t%F^Zf=%yF#gD<Hx
zt0}jV0#LPTcH9{9{&l$YtyQM|gztm_lYq$m2H%2vhTqh`2(cIv!n_y)dJiIos{=Yh
zS1!AK?MWk*VXjl^*LFyF6_ncaBr2@N$Skf?*WL9N!f>;y@Dk^4QQ}eK4A=&fK&xeA
zGR?q!G~n8(rse(i{i}^uUW3O}DAL(%9u>e+^O4~x$wh8nS?O7ouPF#LI8WymW&#4h
zMjrR?`71cQ(@uguh>C{{E+R#Ce&_DqAly&4a}05Tjh&NUMHk>b<shN2I&OYN`Ks|O
zhKu5~8g6w^VPNAY@o1Dst#Kd2EAgS;lz2_J=D?J9()Nw~41ppy#Vu@|5fi}@?l>St
zzVo?#WdlFw*<*NNk4sbt-cX-UJA@-L4A&tgqN(Pzh5trktf|&)9hHH9XM*FiqwPEs
zmh7`}(wNNkXm?F2fU}lfO$G;py|9Pt0#RIbhr^ow&&hLpJLfBbDSki7l2BP;u=@a{
znRO)7R6JBfD?6%%y^+V<h?{;CesXiy0X``}RZO@mlp>uLly1Jgd2%#PoXc`4^5}K|
zocnM+fXXWfynjqSF3zu}A@w1F%T)Of5*ADXCC>#$-+{gq*=pn}us{xHj>sTkADPVZ
zqQL5Azj_iCRA^KvFMib|Y4Oj@U1~_c@Jk+!qIKV%p>UtOl`46&n>CZ%qgbZl#mzq=
zm?*?~Muuw$e!~fW*kUCB)XCXXB*1bM)*~8>Edsk*!FStz%5$(`qn0x;bBMFtHA=Tt
zx15K`v_SKbo5b2Xc2ncW$5GMV4aSujfY9mfLk@xU-?@xxGbJ$mN+Gz78iGIwT_lEw
zAu~xW4Idfw&g|Y-k^_CQE&q)3UF@1?-G`u7-5R@+u~HeN*XXmUQpFf~@;CG_<<E{%
zQF8ig_^Ur!+kNpv;aWb@c@xI>$5{&2KCP&!Gq$MNx8bK~)OVMh@Qf`l{x$wi@M$mD
z6R}E)Cr6XDNZV6~Y#+lwITZXc&Cv=Qf2A)gYz)?M)@BB7Byj%hL}}IZZtB%cy^D;8
zTs)uw=~kkchvb#MMz41irmx&GGvYIC0AnJLc+YMd!Hav7)-#uHdf_uimte-!+pslH
zSO&?+oq^9c`k!LvtzSqamiBaBo-XaF%?bpj0cIvRUXFhn!`1auP?H<n0~6<G3hRt)
znB`@A#7loWMecKMQPEM?b)D5i&Y?&~oRV`}me0&?ds@%7?O)N9iz3IU6P<fcx-r>@
zxNDBEARD2!x{Fn97_v)?R^nt!PAYh<tL6#^m7v^5y{0^V#d3As^OLg?a%cM`Cxs9P
z3chgx$5G?;!>h`nqnoR@*iz*9hYTb_j^2@|AhPy`tirhn)BR3(uW31805FAO?l1pN
z-0tJc#slOSBuT`j#^l($%L~Gst}Vg^pt7-NQ|^iza$NG93CahpHySM-&CfTIY1!#g
z>FZ_|3q-}+sTUx*1v&%6qTa_lzM(u}YPh!~>B~w;LijA5+ggWi<s=UA1HPcYsO`XQ
zDY!7O%Zz9vQ>C-457ce>*qLx(S{Kr&`yIqPb=7NX^B0$l-}S4=n*~b4ikA}(6|Q85
zp$<foOw90V3oDCaC-Ym$Nix_~g`q>S<5rWtJuX&UHGQ?*EyLU60-rVRuj8o$PA;LG
z8#i53TotGCXRNPr5vE{5k!Z^BxcCMV6|p4LVvNLv-YnNiBKD!oz#EiE!VAo1q}%H9
z4bJ*UO;*<@N_FHGJ^(H+i`K8TOZqZ-vmh)%>Fw*qKfMm`se8p|=q^o?8Jp1DA*h|4
z4}ACz^g3m3&iP@g;)qbQN3;x}>$hoQsFZ1E#FTN`CiRL2vICnd3~@yz`dYW|a|j%{
z+og>13hbw5A(y|Hv0HLfpcj!aG_^X#{u7?o9^LnV3lxb^w7Zc43vJ2NHP8&dOb~Au
zXgKRQ>y!$Zk?u<>Z>RQbbv*0-&^VSW*jQX!-K4|6)UkW_)EU>?P0{Q}D#gh>-#zrO
zygEjFA6)Y?@7i%NNYj$RBd&i$<oMxlib#Mfs~sB+#{W=>d8DlHNqt5duL)f`le?uK
z(=}nLK@{?n;6;J`)jRO%X?i<HbXhup|EDBMlGqLEk>=)BQl37>_`{~BzPL*L>@vA0
z!4wKK%`VR4SB&HLoY<d@Y^HHe8+9L)hROff3CG{`en>Mo?53h?dI}#AABw**6f+?^
z@y8;C{T{EtB~Yf!{o5%595F4L{WlC__<Vh8r8M{?4?gwYsBFc<AOSnvK)zB98!0yY
z=SMy4B>Wh<m|J`VvCzvc?3UjH89Au-@}%d4<v5L~6JkvDHvQC<udR}PXInOXfPeK<
zX;_=@D6#O!>7;7!Bhw#fXE?Yp2t@0leEo~T_<OtC*IT)akPr1!;=_qPQF6BidV_xr
zBC%MNVCDCLnAT8i>p4YB#PS$e-Mi+3+{gQ35e5j^NcQDsn7Wh{bG}Dx$Chjw|6y@t
zH*@ED{+Kky)b1EUiIdpC)&rE+2T=Z4u<3m~+)c?2tQ*9K@+=LwwlVH?9x&J{lEHD-
zF8$L5L{vK|_7nuApU>L44<Cw(V_eJiZVu@k&gWFlo;YDl#geSvYF^mDRfa?XHqdE%
zx3H4Jj$W0$Q6iW2S;UcW4dd_c(LaeyS*ka>nH68o&*v5j!<nDPM8v!QifQ+gx;wR?
z#1squEPe=&K^qhOJE?yw>fFvG=+l>!yPou4FUq}S``hmI!0mBo!j69CJdIbBKw)li
zr=C8({LSF*k6^IQXwArb-CplI@s2<Co~rE{C{X55%u}86Ik%CYa`*-=n*^`?^Ig*`
zWW2c}+8F4O*{IY=FlBbI#V7~Sx1Sv4rf~acu>1BHQ4YkGz{q^6du|#u(dNeg@@e<l
zjgpVFV5kFENQ8Pd{seInc>s9ceBGN1hF{;OLU4{!sB?wz;aoy#AYpKx(aXZw&($30
z2rM{o=a|}jW`@gJxoTMOv#S?1#rW?_ktXV>8Y)#GduoCUqBHb4BJQY7U-^tG^im8f
zMq`z$u7!bMdP8RG-@hNxMqwcqqtv@52=MMZ#O!nK^<RCv^56*47Fj0n4u$&n-8Gb2
zmfnR0esXIZ6JDra39;ZI%axrIh$;E4JpM4YwXJs(tHyY$2@l_i5=)wIb=tds@$cQS
z2ww2%V>^DF!CoLNcy*aC$9wa>Ec2l{B}A#R0q=@2eiQO^`E#&!xaI{f$(hi!&_Eb*
zI-&0fCqNZFQWIF@luBm2R2aH5yt$=DdV18)AEWlK*#X*^E50sh#(ezhCV87Q`VNaH
z<%8IIq~<yaFWG!*<s{fsy?pOWn%?$&{YQZd67FFpn?+plrM|~R#<bG4utUbS$E}6B
zWkyRErcbPUXN-oh;~0DAFWFEkSnxD8dz$KB=wKvG5uQg1l4W`syh4hDsnUnDjrQwN
zI9VIKglxDf@=l)AK<@3>0u^o@c=mE2aHqe+f8FUSO#zRneB!_zBIs*RJeY$-eOPYs
zh0IQk->J!Be~czkPmXQHFY!Yn>J>K{c6)87rc;4RM<Dyhjcd!BM7F&v%)u-6Ov}yD
zb`+Ap79YadtlXF|yZdLRNAB~vOI)=OnrTwY&?QL~fs52xB+EsUO9k<RTd(;?g7-Y~
zgO@0mxaw1kK1zNk`?iwxy@iW#1ILWv7fYI}bG`acxnc0-(=EueHQBvmm_4m3ztpY2
zzl|6s>1U{js^`bf>d?JTgixgMH`N!&RE2jJ?s$>PK4m0?SP>6G5o(B<-AXsIjOQZU
zHRhPb(C;T9aP^&3U@B5-;@ZCl1Q4VfKgG5h0M%8^#WRwrJ4c2T6W$d&$})xU4z#JK
zR1Ta3z+HD{`uT&O&pf<PM1cGGWv^vT9~mkBzk}qCIJ!OQ>0ZT*H+$z+4t5|rBffz)
z<<MR*8Nr=+kPp#LAA&qsJp^t)@KV0;j1(gU8r`Geyz)~|9s=YhoQ7};7%iOVGM@bd
zT1+j!h69%ZwU1Kmg{ty)fyqK%#wRVc`v{@)K3~{?%^>5#2J2?g?Yt2Y4}(k*o|^lh
zP!h-#ymDl~z+j6t(`W0Xl0UkHA9D~HPDI=BVARuMTh8o_@7AY8j7VSB6%dOUNum9x
zNp`k0p;G-aHfy&DKRMqJwKgAtC!YR3p&jNu9se8CJp8({9NPSh2qGSQfktd&v&KJ?
z{_Z!}sU^R0(PvKajs_-0G_P?VZ5M#$sdjoj8Pz51?Uiz4JDW~N_KtF$tYs|8wpJ!2
zn8KegWqpMxqe1@il^J+vVqhQ;R)Pxo|2$v$twUp@Ps!K-q6=!Dv6~#i$MkCNgxIWc
zeH)ss1L9c;(u@9qg`T(O#5Q>z<>KKLq!utwF{xJnSuvx3iVQuKj^AZ&Z$;_hsS#29
z(HXiF9cL2{tWV&XCsQ}Jp_6#%<nCCvD1V{{v994#|GdRHVy3C}z`vDwLJ}X_Qm)#9
zrEEpDqGa%t@bcDk<+I2C1yDxb^mK#lI?(|+$G)xms--nse-WC0G1pr+t*ZBs67FS>
zQ)#@qVt4uBA!Yj+?7PNO)3kX2qU#~LxBg)ypg;c3zr9sJAIPJCf2Iih_qP|p3w*qA
zsQ-^k0OMR-0?ZBky<iC7<AnnOAOGJjT^Izo^goLIk0<`mV*lfb|8ejCtjK@d`+rK2
z|G)VBcVpT|1e5=FVEun?`=6}!AJF`7!usFP{NL{%0gPwoiLR=OFP2-vNq`@H9iw{{
IS`IJ&7snezxc~qF

literal 0
HcmV?d00001

diff --git a/apps/rego-tunnel/build/.github/renovate.json b/apps/rego-tunnel/build/.github/renovate.json
new file mode 100644
index 0000000..cc31624
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/renovate.json
@@ -0,0 +1,4 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["config:recommended", ":disableDependencyDashboard"]
+}
diff --git a/apps/rego-tunnel/build/.github/winboat.png b/apps/rego-tunnel/build/.github/winboat.png
new file mode 100644
index 0000000000000000000000000000000000000000..2b5f6dbef88f304c6fcff445725954f4cc0e408c
GIT binary patch
literal 22156
zcmZ6x1yCJLur>_jAO{KV1PKRscXxMphl2-#OK^7!?ry=|-GjTkyW5xd-dpuo{ZrN3
z&&>36ckQh7Zg-fXyaW<F9y|mD1d^1bs4@fuB=kSb2M6=-STO9h|BpdBDN6`LR80~b
z|LXuOgye)EAZlU|-i-c}1Ug7+IYB^t?f#D-!3$x)e}g#AVw%n>_U6v6MnB9T6pgIx
zoayDoREgQ>ndrG}>{j^y$uyd2N|{SZQA5D}>p(-`{j&@C4@v(c{QtxMyn&#E{PI8J
zQ2#I!BoqY7Kd$|ctU>_)GY<ZT|7%??kPt^-{y+ZzGYau<Di#(3@K2JFnS~KD=YO^S
zXAwH*e>Elk!~Zp?e|n+*M^c%K^B?-ZRZNVG|IL<Dh~!ys?%P5@sPRaN3aPs3pLe*n
zlS#NAzI&H(XE^Mxjj+Uv8znl)Q<B6&q9$9$0tZnSI6Dp7tvx5W4}XzzLXg8I1Pm(?
z0~3|Ll18z*+wteNm7lnOmhih?tffvzwhxY7OkVn&WI45#m6x}bXL+1Rkr50Uy$O6Z
z;O+@s>JRRz$)V<teG)_u2q%F9d{O(pLw%{NCWlz0Xs!CiRNeV9?Q?g#KE7}W0!`|(
zuc~7c;lJfwq0${nbH5F{ttFZ9%b0P5YD%U2q(z~AmEjS^_J<qjhLnYe(3a%o2{HEk
zf=V0q<(+oW*6Kza{6VY<5m1UIwLWtb;@>B_&G<DxSS1_4if$u-39M3PN>&Y|{cCM^
z!pn&@mu@CPL!MG&CoP&$hSv>+MtuDw3dHHBg6VM!6D2_rK!!G&UgD)>a@59+Qj5p~
z{vuYRUWPinRdx7H`OisO;nJiLklq%I^b3t$*2m=7<+9IWDaYnxrMaE9gz7qYHaI_e
zN~2QO^Gww9xw7whxMK{b#oOKb8NKiL>Wy)C_B(S^y&YJ7$8e4WRjHUd;8Nz+_b;a`
z#@Ag&@LhP7)j_2sN(OxLAcw2(eX-s8kFoTw_a}`(kyVa%73MTk5(*|Nv8LZFEvYBZ
zlSM4a*`9kVx%2yq%y&q;d-#pAcKBKX$yJ1U^IBFKlL~)oVa?S=M++A>h`i_o{+Y4m
z1$%uzfR(2FiXPO*8Hp!0Zy#DiUstL!f7jCzqVPV`m;D}rpY`<O-jOR`Co2=F8Ch3Q
z5QqX-hGPxHQ&a<m2KzX)?A`9%O{*+q)Ht%@yVF+2^UTDq*H-YU(-CQPST!@<EKQF^
zFY}KNBPuS82P~M(xV2Nqy<*EkIEHCLUu{G*sKaJMBr#Nm#{Qo3{JCH#qBxLNEHC(f
zE|pR9KY?nb3d;_HzimF1y852#3GgkicsE+7aO!-g#<8#Yt`z=@!m`_N+7RwLPK_i=
zB%ZF8{}8^tE_f!DG&n|=%T&Bbjxil-8`9r>YYAzHfNMHysXnjeWFhJKBxG@=K?lGC
zi}4+em7c63^o*4Ajs(YA)}gZ=zJUF<kO5C9K+aYh099)Gn(=7*zdM7~^XO@eFQ+zt
z<`m<7^T_YGIOOY5#>b^wNG8v>6Et2x`Bg!vTg=h;56*<5H5_GGIBGy%$yal)EA4HO
zpb`=il6<8~yDFJNMyI=dC6(n61%20>IMS$T*x=hZp5QdnP5k)WkfE6{dFzt%ltc6&
zQK14@n1GHl0X0#tt|Ry`sVF8X)qFfyaWUXYPm#hT9|1Xhh$9YLJ2z?tWJPzltIwyw
z$4juSfqRdvNt!>}ADnFC8cqTd#}d?TVlY$BchwU0P?QvOamGOuRuth-1VDZ$T%I7D
z>PB1|#x5<=Y(Xwvz39N0m+@Ie_1l+IagIQw(`fxg`PEIroAdOvq8e{Yw-Rl(MweG=
ztqwM_OtiS?o{o~T(vslBoL}geAv;mpa`Ah<nUrt63SGtX>|+d6trvM^tZif9y9>LJ
zZ(_c794;EwEjJ4nJR6S`U%)?cLau#j+k@wbk6BqH-UbeRKCy|IT|Z5iZ={T*D_AAH
zqObjjb`#(kvT}q~1++nlOQI;K8Mm4yD1j(YFm*@L;Uy?nmS`v#m*26`yt>1Ccw!oW
zsRbo0TX0o~h4*K?#?BpDEH3?{!B%UrPkZtl)g0BDb+Q!d@~Sk!8g>Q~D-`6KHJC?`
zQgqc0g0TUXtY4)uHeRbQ6)u~N?p!@*&pE);q9W0*T7`K2$on1Aj=uY^$bpJ{Yv(_k
z5M$VgQfz!qN9WTmKDRD?K4J?h{_TeVtztDyz`M_56^+14=Huss_kiu8MxS3VXCyhR
z9{w><yr+m5=vJ<ZR|4mDdVQh<H3)*s;U@+&e#b#oh4wdwVB0D|p(zn(3SxqS62d6P
zEQ6%MLPFz$XOJum92F8opXmj(d9Gif?vhS0Ns)QWdfY^*MKvUtkd8S!JKyzS=8tuC
zQ5$?L1y-f@?VRjOpu~BT-v*!sHMJiHNQ__LeMtL)&uiq`2sEg}*etI?1@~#%tD(f_
z-8JyyLb%sAM5N;7$=O%I6>GR@>75_QM9*<_GN&I?{l-$~Mg)TiLTa<sa^Cm%2CpC3
zKCc(cmq@22h2M$!3+IW<59wBy-!dgeZV(f2<EI0!NmFWWj_xt?F}YQ@%lQZ4AO~Pc
zYN#NwxxNGzWOefSr~C@-OOd9rR^~zm$l|3?CDBOPpq)~Zh8T%4VF@eFiJ&R_KjuJI
zkYRM{##KtE9mgt7OKGUZl&e2xc<qJZCr4GK8f<8K_r)DEWeXI!kL#(MdR)H~B~re<
zRJXgzF?F1<ydSGskQ+rN0+9Ir{$gVL$pZEL38fpZEIcpKEbMk*mw)~3pvm{9<r4B~
zIi<_On^J<Fw(a@-y#9G<bM5&GF{b?mmRpmCgF#&9SEyWmDp>0-3jDWy8n471F-K`$
zh3?=MtH<FF^Fq<~-xKagB5EA9bFGB>3XS;#i6*Z*4tt-oU=9IpR|a~Gc0p>oG#0sw
zm#y=)x2n~Yh3=<8;9#}(n3aM+^g?Z-;j5&bLm^2au7wvm+yaRzAjk(L64GR+o8c8x
z7+#-A9XM!o3%JBI0OkSJA*g_ZVzwdVq1cgv-P;w$0mfpK?Rmy1mzLqVVhB_}@H*eO
zmL+t(E>lk@JyyAP552@qV_F`B!g}$2w-qGHOJ_H&MoF`(?cf}<L<uZInbAW5Jv_Cv
zg^TCYmh2@N5(7E8ClhTUzWcV>Ef1FvRh|#9^fmJ*kL(Fy0I{fPs~+#ROY=)*mNp=;
zsg%F{_FMLA;l)hjo2OFCGe|C&;Fl{k6sG}*O{pZtQ%UvL7kJ~Zg@_8dYesJl!t>QH
z>GqxH6n1H^2i3s`Z=n=u&;*f>gU_P|KGCmT&EKL~GhBP1mq1s4*PH5YANV28i>tR%
zt2+W0xG4)m?$TuKPyViJ|FJuVFLTZ^6&(%^Cb2a_D@1e(tPi=(3dR+aW(>>E31}iL
z4yMH|q=cFnNAn7q;g-fsBM(tV%?F%b?MPYUiXYQ0MY0M8{BjKkhyUb?0$ZLwmru4`
zFXLA~58RVV*wc@?+wS#w{M8yy%G^?urU>VN%=WMIuM0M$g+%AVqRoY8t%K<i>#!9L
zpQc4t<K`}zN~|2w4c0!dXaU!!R^yMP6|+uUS%;jR2!LxI-sS3Ul3jj$tomL+8*o}(
zCcnMLk&8^Kfy<Pm;7T}|sEh<rAZ(21!|4%?)shO26-NocdLgsO8c<hij1ZVToTt&W
za$IXE{6TcU)IM|RYL*G~M;lnfvx57K>$N)0U9sYuj75PE8Ur74x}4j>%(He+>>jO(
zJy7A*702any8SaZ(Nk*7m3@~NpMlS+>+=Wf<!;!NK+i(8t;s1}LbDzt^%!GE<akpY
za}PK=E(0XxSS2dl?KY6)mjjca*<Q`4o<}@O@jDi6ZcCIYHH=yb=?Ud34^W=im{Y%>
zmQL7qz4YqoDp375wT2hpzen`b6pnSyvs8F#)z{fkIgB?Xe8IYilM8&e!c1Ljr)Z#7
z6a*tziCV7x9X{3ew>o=91O9H5I(H4NTylqS;qw?n>x10HfbH{RZ_5!Ej8GIN8#yXX
zOBuMVtdg6JQL3yANzE22s_+<Pj6nH+PL=Zf8c2z{i*5W{B{@%ZwfA+YA{nOlIa+<r
zk;{>sIE-iC=sk$eP*lrh4nUFdlXgsfz>lrN1grR$_RNg3ZIvDgEhADJe^-Rg=kwRj
zn-GINgsx}z&WEb%>EF2Kk0Nc)8$5RVo|kP=o?UmuZ5Qc%woI(%;#RH_T2&@{9g)Dc
zU=o(-asqLvKr~*Q>^LyGBo$N%To_Jd(vd(aTtSXicQIzccB1X=s=m_Q>$Bm$!{7bB
z(~YZ@_Lb*w0r|U74p7mz!m^Xt90Zu(;+W_dJrY*s!ikmI8P&h(*x&aBd_U3*0L>TS
zr!lrgCQZ>Xkw`kc&4}{^Vv4h0fB-4V->t=`O?<D}0zT(Og|;4LSMpJEpu{ShB6c-F
z`<7Ctwf9GR{0%Oy{q!ht9?qX?aQrMdrP!K9oe0qWs8_u`qc}_>B=eXlH8~}*^h-^H
zh<TUai1UW^FIa?2%-CNAg-oYt*4qLvnDX?T;U4(OVK32M#Z1Gn3=EhQs-Cq2d)Dd|
z+>x&T3J0^n6g<E{M6M?k-;30+^J|ueg^Nr11fmp#$Fw(+LST|^$;{^+MzX&8%yac&
zudlc4cWttMwj`-p%Y$xz*P8Y>EP33@^M4klLpI+%r#SAYQT)|SjaLnZ?Q}%W_IOQ!
zXg=bgKL{;fG;}CPNBg+{N#sY5Xi)2qP{kK?&eJr#t{Xq8>0+NcK)~0}_PLKn*nBA8
z`99S26)#fD&N8OS3Xx+txk=OgjCz5nA>M3EgR!YyM01*g33|nq^&H1iUO?4SeQWj?
z1C*8-s!}@!;7h1jB$+GMxqd=KOvlp)c9rin+ip~nj#vR_0pV3yir2y6jp@1$Iu9OQ
z1BNIx5N(1V69f?T#&B^H>-X0#Q)FJ;yu-eHdYkV8T&-Al){`{lZ`$o2gXjHKDHJEH
zvy2H*h0K0uWqaFHExF&f@w+~Mky*V}RZ1q2Q7Ps1aT~(odB{axa~1+Gc0OMZjph@s
z@@`^|IPFj(9_4s0equ#Q3dIK`qso0Ptb*>>t@Ny-CxnQQH-O?J<|B&C>zV2iKs7?`
zSi)y}C2-6Uh7E%7G!Ow7Zwp=cP~qMOgf&&+g@E-Ya^Cb0f#JhY32lNNqSI+*0}|NP
z&4(AFOn8Ec#MIP6k!~hJk>OH5CW^-MohdHT@dd2S)ifIl^$rp!y>B4KdMP(w_w?4D
z4j+vr;SgYgA`DsNJ+{L#Zt`{|7cfjW6xYt5yQjQiekJHT0kOO8Fg%`VwNPrAjegWh
z6jN$8fHNeB++rvDzL_`4)p?GgkFRYz+$u%XU>trvkX3ZpaDki<Sw!uvyQj#0^Y+jO
zfSW}FX69ffA4y`sD*ZV^QhL1((+8uw*&plH$$YQR<>Cu=+lrpuH2Qa`*;b~fpZqdI
z(_2#DykGExiy8jZdEqFE)x^`IW6$9&H*vmi#i!ZVDiGD32TtX|we#8Ff=VZJ^zOnO
zs?Z$e96&qyok-V-TF33@e%;|(V?Cb&^rVIqoK!sdk@qHYv4QV9pMcYp-ZAF;$KTfW
z>CpsMRMvG*-8Tk7Q%43~*8b*iubp>7QybVnwvsk|rj$y;dVNmUHfsWQx+&-oPrfMU
zl9j+x&#C_+sIW*Y+46<|Ysud%nDQluyzIjU1q1?69U%+IyUyFL@ERrDNf7o@u;5S)
zXELtgAC!N3pl^P5lP=9uNo0C}655JVJ8fOPlK`of*W(=elS+p%vm88DYPd08)+~#k
z3v>_}kGqQwFHVcwgFGcaadP1N;vpJPRW8uaA|<lm)~>2n-L_U0V(E#tpXy?Y7Sp%4
z?L`lsTkJgv`-(Xz%W=<G*PcgSn_q3yad;d9S$xi9ll3^G_hQ`w5Xi{Usjows0EZ)9
zy^7WAp3^N1?_2Yvi*L#-L}@$SeAf0Q2PLfSX#|x~`LuB-Y0wYsK6sF%;q$)+OvoTe
z-U|&#Asx75zQfomCAow4ci`ahYKJ+}`RNmj41y`n@n8dP*Fk{nLZIC(x$7Br=hg73
zT??0cYVFOExQUpEsbt2KBT1iiYpj2fo7@%1O|Epfq+Z@swckXZ<t=_sxbx^SiyQXm
zKq9R)3^pSDl6U-KK;gjsT-bY|n;iCo%Ezxm0@^}YS)(iO<DU=dh=g?x3Py^b{QFoG
zZP^dBase*=o7b5KZnj$ue&B!{I{!wX58OPKe24=plRG(oDO`~#T8y+HYFVeU?1B#>
z1)|dog2MjF=Yy>N4f5iT0ftOu^snoDV<JuV#;a9ae>47KlM@l4L}i3@`fzY`?2_C0
z4rQ)A=f1jK>7*aqq>~QBnsIp(+!jeN$20S?%VwEFEal^6ykw}foZP2emAQ8PO6k1S
zPCKPjD;|=x2yD@LU3+hoq%FG4+@HK$llUE@kCue7B<s*)(vRkE95n#=Bh-j|JnV|6
z)y9Iu5h9AwE)6M#$=W9qT_<dWk%Cj!zcUj!178@_D;Ni-W?rIvWToat^Nwk;16do4
zSu<IJA-PjhFC6uqeTxbeA0nV(L`5s{0=vw(-`wh#n!(FW{^7<$hl6`vi{0>29G~!P
zAw^GCiyg5LS#1{DqMYOLo;9u?+WnL|Pzae9pFw!Sbe;;{A=@LK?EcN6;1?nBxej|#
z;p0!rW5o+T>LBbDGGzrFrl6Ht#d$PQI6)K#WwaZ9{?i;O<YK;dV2RZ4?2EsvnCl4Y
z)jC48MPWLGnl3ju#d<Eh8v3665Xe3U@<ol0C@g{V<UEASs3B>pvi$X_JOYl`O&zy(
zcHXCYUbl;O#<P_=jFXBkG?6t+AQIIqJr<rNrf+QDtT`&WtD00#2?kK1N5qAKsl}~G
zV-T8rujC<awk1W$?boBzgL$puK`8yX(ySw24Vg5n>n$$`u1T91epGR@=KVdzR$2FH
zx}4huHurBSizLBiDk_5%$%C0OM@1c^KzMpTjW+HNUpAmWyBV~8O~<uUs1s4?A`|ic
z1}PgEkdSZr54{R%CF88(8>}RY1aV`|2TO@Ie-bveF5-GPIha_BtpFHGR1KvWUnvlT
z*CQYmBk!O7O884CqS54FN}&ltO~Q`*WgVccU;#&VOtX!{#Z3efOUX-L$=93Cgta|<
zVP(t(e)eOiS_|2L6a!8#iSR1DkxG>O&vTa%>&=13tUb>8_99Tm%A=|A8_~EB3k~XZ
z%m!k!k>Ay@pf3U(*}jMkZGQ_?Ug{Wu^t&VI8?bNB81uQHu6i3O=iD8zm~Q^ze{f?I
z&nq$za2?mMn8<kgdkt&iXL2<jX?;>^fkYSXktM8-5W8*jeVyw~zg_}p$XxfPHo~$B
z+>8EqeP-wmaYwL2{MHJZ6eb_W3yz|S>palKq@?XP7C{OAC3Hf|G4r@rlg8Ow@XBOV
zrt!@|>Ez_)&(TyJe>%H#h9bLDwYsMJwKdxgMpqpJ9@o2{AC3H(_`=%j@vO(=yj~xS
z-R&2Y@CIx8K_?5nm`#aQt`bT=FV8eGc@8{po7%Q6ON8BF2iNB<pSKHbxm4ZA?uGCL
zt;ZHd)Y1u44dOU%gOLf7EQ4^p(Drd7YAhib^xFba{(J`weis7zV3}c0PWS=(`^lW)
zWJ3Fdum$gTtOdS#b%pf^pNHJqPwCafkegU7_uziUJ^C8Di4x37UEL?aMr<}mVxBU!
zP~gB)Q(_%{$@`mn%=9cu@YKeBzExw-+Z&DFc+-!x+H#p5<1pl!zh-z>!B(NqCQKvf
zY7w(BX-V7s)}KV+y{(k-<{y=DGZU5Z79XYij*jivA7))rMz|md_mv5YjjC?;YZGZ>
zXH9$92+{`CU?GU!j5V_MJ?q=rO`PYyU@PsGYx`~2Drz4>mX9gs*kUO*eyPA`G92eG
zO1CxJ9C(vw4d;~hqV(URBuzwRQzoS8&4#L}%LV+QQ_XZtT5ZMJ)LFz-yE_!%e#It4
z=o6I|VqlvvQC%A~WMFkOq#wsl*hWvZa)X|~+xBrf?Dkk`R^$2Au(7SYB3{m(A;HtP
zqV}<)HuklOX5a5r_@$qwE;m&p$>@|u@3*&FUFuu2)I?Kq<G$inhP0ycWy5l{CAQe|
z+Ks3^^@Py1C<T*HpC7b(O~TnT88wJ}D8)Z8yl!gD{a&Hkd|k=imSE@aia6=$6t=ux
zzat`}W^(_oFo-fF5euoAXi$I@hSa=Tov?l2wPor{VZdCY!vr+Ajv{OUj~VISRcMYF
zZ?h>>0&SoO1(Xw?Z;Df+d764j>qdV27yEMiW%Cn|{b8TIm(cZL#s7G?X?*x-vVn?S
zX}EksaLQZ9)AqDH995;&iIt#s7q2IKxEia5nU5blJgBS+CH}?A7IBH;%X&*IQG*|9
z1Wv$Dpj8sfiNvu@=E2~pJs{`jG(aNL6=OL(Fn2zV^320I{x3_Qp~Fc}U^76Sj57xC
zv$Ed(^=2@f@D~Ep+v?25i!ZcpAsW>A3=;wGSl9bR=3&=iX4|KPwc9glS$>XiEWbEj
z|5j53OpPdAI6PYqivKkV6gg;#7-#m7ta`F#@5i>mW~tY$HS{1LQc4I3Pqwmpvu(pW
ztS^@&{!g<!Ozc1)ZR?M@6m8wlt=ByEw_=my_m4}k%pMF(S_mW-p_ZaQmE*E}8JlZD
z#s}X)^15(H{J3`i6mwp3`>Lr&#P0NKQ_ZQL-mv^%JHsD#Y2q`WZxfn6+wk)4FTmeM
z3Uw(?Qx=zp>AtAvc$1$s2+MBUN}#dCzkxpFcQb+u?4hS|Pf!VX{^a#V!Of4PkGJQp
z-pG?+hvn01;|U<mRi{FcUvAa*hQj91;wL@zq0gRcwOL=#sZr;c>*sl!*JGw@A6)xU
zwJ#!9XHNAj4mvRiL?0y+qhIqpF!a%%Zs5>6#!mo;cSVvk&fsnRI-t;XlMq%=zPfyM
z14y4f=cF5xo`;SH6>B7Gs!>JgFI>9j%M>f=D#}Gl^DsEO4J&-!dS>ZCv>&W6Am6tw
zD_YN0%gN3A6O)_nh)|Ol-iRlMO43_>)@;u|u04DDzNjdaa<nK9(1@sw#5z^9Uk|Qh
zcf1-DeRx`1K6_Y)zzJQg45h*J;G2%9pa^5g8!=K7ldKr1!sKuD(N;e%vt#SpxL<nm
z8hi+6^UA>W821leG)Ydd6VtyEVdTn>^rA9J!$H7I|6+4|K*7I)yn?AAUf31!3l(Ce
z5XEHuIR=Dm2jb97_lQHH&WT=ft1?oDqPB~}rlEk7a{O|lMZd2e_hqGWH$rPNBK*pM
zL=AY9j>qx$5dG4jFQi3TX)e4m3<RSjDhli#DHEJl+qUlP!W&{uPq!Xh&Q+nYe!cbk
zqj5rfI0#4b<Ytdn%_^XQl2JTA`Ns+?TdAH>XY0GaYGUOOP+~2Z?-<Km;!?B@;7GX3
zU4SQ97_~?s63sc>=KqkWH><*0OEMD%V^m*|J&8IRUh^ZP`lFA-eQ)z&m)Hx6;OEA4
zq^)M(Fq5siJ;6{Qzx*rfILd+2(}_;k@Ikt{mg_uf#<hyYG;f*TW3+i33gN}|^yjtI
zXyu=W3R2G3phIRC)ATjytY%x9Y|m2-h~}5dsbX*QXqf{^S?I~wz>Iz^_4Kd_f!Ygb
zfscyaEPT2u@L9I2zW)!mx4Bxrw+}6g&W+NuMVcA|B&ioNx!Ea=BMYXRQev+`^JBV7
zm)FUMt1H_+k-ny=uSlB<c8&IIjqm%N)_R;J43anKTIKFUt!LJ~{n((2C;w`4e*5=+
zi%R@wR<)NAyQUY1>Qnt?Mv)NFW-Jju6v=i91V2PpHB_efUGGGG1g*2RSCl|b2NQ!Z
zWh*724q})LBtvK*lW8z&rPegYG-$;>P*O9NxylF@^Mb`m89lJshfGv~1N-0@OJ&@}
z<!|PuxILIA^V_OJ9m`XTyKISM|8_4yk2-)fQD2G14b|Tb0~w3D{EoGeMCfmAe+azA
zm!3f(O#dNV63g!3Cue`48~()KYez(P01+U<Fmg*S3~ll7JIN1;@2YtK>R8;Wk2wFu
zcijQ96j>FQHXP`DNI70Lbp#?2!6=Fv;VWUPXhS}6Kq+(xWKa2)f4`<MFm`~Q#Icg#
zij$gvY%rLTXV}8MCxY7N;wKqJmZl;a+zu0E9;V{LYJ;fE2<S01S(9j3H+wv#Af7mW
zR)eyCnuYI0E2L#w>p*>CmOD3$Pn%MlXWYE4^oB4VFoQAKdE}h+Nu%NPEHh>Pd>m2n
za2X)6`3~3gIf-=kG>KI)R)XSX?ubWuAj7R=4ynn`+#9|PBX5p+%1FQc%CV-<!WO+n
z*JO8~(six0@qXg!^uFnxRq1-E+dTfT&ci4seUQEs8wU{b>gKvX9g5N6YW?xdAO9fo
z9sc(BbPI^bRvwSSm5paP^{hVD+`=k38-HexH=!8&H!ly5btAd9NPa#k=`MPo$nKa#
z@SytFh9PzG=Np&pp~pzLgpm4ayTgeC#pFi(C}&oC_MuyI_B8@9B8SuJ_-%n%N7KHy
z&ZnF2>}f)tKC^ZuFaYMp8`i8tavc^jE^onXK7`dpz943aY7WEmz^k+y<9;i;PK~z#
z%eYLm*RZU0e8w6tmecbY;yur}k106&b%5k!=(65@EIa!8)R({C{^J~_`ZFp6yOY~&
zzST;YOGLY2_$SV8-H|;04gzL&UXL+~vYchOSinFziG7hN$$&b0<3zuDvDCy;sK3%^
zZLf4NGL-tr4~b+jMzE4{GFcu~iP#q$+FYmzQNK=ePJ<sOT)VnY^=3Altx|CGKUm;4
z#Cp@nh2trOv&)=8P+Cy>ZHe3gpel7}SW)U5R?!`Gp%N$(&I-(KV>U<&D>EeBBt^B@
zrk4z-4IFHP){LL0ug-0llN2~6yOnr4V>AFHe@l6Au<>g^akolXZhdkYc`bcdcA=8A
z&UBOai#Z_!pG~}q8Wsa?-JO=p0<*eaXIg%iFYT1q?5*3eKv!VO+r5n2#wBkAi$Mz{
zy<aYpTzr3=G_hk=Fk9k#{K(KLA#*&b+!wJC2Z3Ct!><<}L*B%(S*$(%^AbHPnh)2P
z7dsCO>zKCoe#a6PlEUGD2&~wzI|5wuy!D-3#%}xFp~jH^f~^_WbLWWKU9mX89K0ri
zl)n^9LP3jMojEw(oV+LwZ&tRSwX%lJB*7@5P^6O9nl2K?0CN^k6^Ra1kJ6wi9qG)7
zfzuFb4t31E`B~k-GOHqrfuwmU6_93LPpV&Aw#LvBr%kHFp#k+<9|X8JB>HVFCOV)|
zuMN>ZR3IoRn7_d(-SJ2=`b#LlFf!hBOJtyojjT8;t?qh>eRu4KcnTY?&W3s4AeIJi
z-N>o0BbSDLW_%!&2fVzXoM~>rpdW5v89>MHAwM@<<H#8*3{QJdl$$MfL=E!9VP80B
zeYhq~dEN)B^9XhHYcRi+T@5*jQpEfbX7Pq0S?!zFd46n>)*dHf^WWmKJnI_cVViL7
zLTYNSV@X?KV=|b_QsO!wd)OG-Tml)SNO#KD``B<2j#%=qL~Fe>LjHxDOa*8u;_B40
z9W`l8Ord3L!pAu`aea!$v1(plHtj{YM0a!yRlMSrmjg$C$?*0h14`jU*=Hp|or7@3
zh*fZwN$~}A@CZ)s*~hu=Wu!esg}--I;uBbcC%+v=YUmFB?0SHgZ$H9$nMWk&jC2LS
zlSiyaX0#)+7lBTlg!^XdZB0k7*O3=)T!YH1+QP9v#u1*6n?7g-uB)r}3Volv=)LDt
z>(vLo*Tu*t1R-7r>!LYKzcDJ&IgMO~dn)}}yy$)61?4gFw0T>{vk_sQngDddl9wFW
zXs5p;kq`rDlgK%v)Xk`=^qor(-=Xh!7S`Kb6C^hg+)&#g?Z5SK`y;ubdv{~j@!si#
z%nc6UtYt1>EkT8eZn%6xV~fxQ_8=NeWhl>o;Ufz~Rjq>-{~il<?5~7~W~_y^Kzu(e
zW4tbd!i5lUi@EVAc@sZ6LHd=PNaf><gK$f(dUe$P^M#)O!(NZD**E&(&(+#t%+=W;
z5RY6cGNga|$Z(uDchk(LXlUFyq~+ME#C%vT2vZV2x#f9X)-IFcG5pqF4h;>_Y_rZ<
z2e}g73-!B_RA8QBD+`ob*k22uDhby~rjE+KyGeI*iZ*BS1F8u3Kqz#mo!rH8N$^Wr
zfn$_Cq8m{Pt@b_Dq4WX8m$oJ~=fi_xG>ILgm8okx0NH>VX2R;>?+yLwRCwni&%hsq
z=-epbIHTi&Y946Ev#F;{4ds1rcLcXiEI8dfl&|;Jh=wzQE1{wikO4w(DD&ft`*SEo
zID^gXC-_f>U|ey`bDaWVN+oFwg;>E7kq(Q&zkh&cO)|zo;r`TAN2&DR%u~(M^vh*@
z>&I-Y(|*)TOgT%{2F?`$)LQQ}-Fv9B-iH(pk3Zj~lQUT+ZMZ^`|CrsfxBiUnGtqa1
z-yK3$k{wr+9apM6tGT(`&$z2kz!jh>TX|ogcMjC8!wD6GW;L8XE|9dtH!4w_7ys2h
z6KytC#i9^>kDo0dYBJGam2Af<jw+RBAMhsx2^)+5C*yBf5Kqv<?D5AP1!3na(Iph;
z@p$$+4%+KZed+<2Z-Y`F%^$>>ur;uy7I1rutm<<Ld+Bqv>uI~=&iFRy`$=~#y~?9q
zW$b*~_%ZFeuAh;4NZQ91@NKc{bs7eaX|xJ2CauJgkwik+Kb!=`48|fW^UsH5^QruP
zTnNE}IZA=cT%6l3JPuKIP_@KRybO$BfT5gVWU<Ehk2CS1<>IJap5CUeQqHDeeO$Mz
zPAa=rM}*xmS_y(_^MUZlA$Beo1ujWM5OmMw&gj?=df((92WFUu`a3v;@Mj(szhX^R
z$P|37MrNxaIA$$|B7006&0@x~=MTdzDAO-#6y>f5m6aVP-A8Y;bx6|w*rp#Q-lEg{
zw*DBwBs=7vaGWH|Vwv=7U$%H%$lQy}0oO!@&raI^G48!O`r@?qvyH^QKHm?IhwI&D
zs4ffPP<Myx5N$s+KdE%x$=L-qEeb0Me#sw!A*eh{?Z*dZmJ@vt%M?)Zh@~O_3*xSn
z<4KJ<_K;15+u-eXFAdFPOTBTQBho?@u6aG(+Uq+PJ0ClNnQ$J{c&ZfEhK6DQLhix4
za;<41Z@rX=IJI;hWVzwIF>8-vxq+Axx)~-lj11nlXf%=ia2zcu;|wut#0?Fm{$KZQ
zr@+D8GWdX;d$b^o$e_4ulK7(UVfk@ItTuy87KDARGz)bf89(=Eg0kfQ{Zvc(2`J~(
z_~SH$<+8azQJ;8!_)Ur*JYCRFuGr!~AC<pWT0Z%)6E+szwT|AtBgXjAw0YA8t2o0T
z<m4uq!NMe6*wFtckqIwqg)$!~Zmm9zY7^9ixq;!Pvo)}b)xyM@hLbc30EYK##!zD=
zfyhnZKqP_U;J#XKi3_2e>ujZgg^b=j!N&k0PY5^wl(F~31#J82kQ|@?g0WxO!!ynt
zhWCnyVz^J3(>i4eqvO|=bde>`iSN_%96m(j1wvPy$z`jFd3Oa;@-znW-%p?BD2m;W
zYW!=|93G%WLY=1-4HLdrzg(;FUUo$~j?9X?tqhEDUglx8AMKC1Z;y$O9Ous%ojcOe
zcX~ylvrqc12C)$q-|Ak~!=&hO^>Q7WHs{GO`W4LYz9Bf#cRDAUjS-OF>pF|27aPp(
z)Q%0d+{FXwJ5Bw^st9(;7Udk~S=5E+g`g7UQSs%vqL^?<6RSjLw0!njxT@Xuf6#Xr
zXB6wPPY$F+J5D$aK2K}VTlAsgnknt@vZgtFK+{#VdvPhWS^7uN<88;&h(ArIRBu(V
zpv{SG7Z(pLV;8(FStmQ~&*$rUTr<<RSYm4Mdw(<8je7~#F6)gmSNfF!(wZCG+N~8<
znfZa~bLbd2VL_5EKg8?u{dr;6>XJL`;SN}D&M}j*D!8B}v0@NLH^^iMca3WZY?wDo
zGX)SyRz~$!LX_Tuk|;DvGvRl|5qki#=5WSWc=;T`D52Nl9w1fC>$^4Hk(<D?rO5rm
zs9DWwH=Y1VWVYzeJE~fLMl?;=-kN%PXbXhK2^&Aw93Y1F_Iw?!ffdD|1|_2{6JHNT
z!2LN1DzwJWd2+dSa?T*bAVVZDfMH9PSW~Q$0+bc&!Fq40jcS8g_)d?f3gMQyygq#H
z;*XkdZsZU)=&&TZum+2&GXIrC0h(Ep0(r1f5^)MS!u{ooU=6T=s;0*}#fgEw<qiyM
zZqcDgZEWK!=m0XN9HY-i=V>`v4&GI8bUVNF&RnrK_Far_l>gFWiiT<XlQCV|b7?M5
zEjW-o8Q5rtza3XurwXj#8qGIHJ2ZFOKp5nDd?Oh}<G+pj>ie`Bb2V_v1AxNTjr%cQ
zClq0I;p-OO+vhk`Wzvqje48I_KSKyMgpOV{yz==fk-cz*c)HmA#=i97=2!IXhTIg2
z!{;Y#*JtwT^Q?f|Zyq~39KuFjmwiU`F<y0QVU)<q%O%x7MWt4Ec^>=Z@+_vwr`YX5
z`^2}N%Z-WG&4!3ltNkZ*75%4ttaMqEieg$M4qut)BTt^UkxPNm&5wB#8;|Z9FHGL^
zoB7CS*CUPD3Z6;Fi3aovEjr#GF}sz%*Ob1m3lh&4NSIc(8#H)k5F~DlN?%ch=N!vK
z_sizVwQ68ed9gnKS{<!p@7Q%Ee$b`t*tMZubmF-mN!M1UOs}~!J&&iF-r|pV;9DkI
zkF5XbZ&1uedHi*a1BAm|2-H5^&ew26v5`c@MmqNTBN!b>AoGQk3lEWeiL!|)xRWYX
z=HU3ZmjAc}S741QKk<U16{Ot$a2?0hj)6Coz)K2)ao;h`@v8gForxl-;rHko&jwDH
zo+vdcu$0w{I_jw``EKg{d*<`0RL%269y}m@f%%u9Bnc=^(5)LEU&|NOpNSKYP=qsU
z+|1YMqiB%q`pTc^WEck`3Ei1bFr}LGlr{*IZ*eNxb@A%--l^ulXS}}emmzRq<8wp1
zFho@)0Vrl0vy#Ysn`(Cn#qKZ;#crp~|IzlRNZ5bD-y?>Bw@<`d|KWt3!OMM=ETw^x
z+e&Uv_^w71h54fETa64k%DY1TcrVI?t(+Vu>!<?(op~GZ9ikGo<c$?y0ql68WvdIB
z-Qklq<>kzwbNTJiiD+rUg8vrq@5M0*W=Wf<b+V4J!&a}XL2UYB*3=gqmF2?IXt$4N
z*@%&Ay!_k53!{;be<~lDYo=&mNwCE5#BqDNP5o-?TfWyxKG~`ZC8<d-kfK2`Gvf5z
z;}iWJ_}wq=y8AhWaAX)|?dhJ1|8A0w*XI*#_aq(T>+#Ar?)puFFu`fM5I5-*CF3g7
z{%psIXnBy%;L+=vCBf?keY0>iD5*S9y-uQ#PhLPps|BsmMtS3!L&xpt!EDX-6@}>a
z=yAF6=hYJILNwl{9P5K74$OBYI5Tf)_2~G?YEbsNpwj^$txbVq-39ArDYY3^KHuq8
zYJA-tzT+}Gy6uqm&hM5nMpyFT>3NT5GMCAnKI*w{xQ!wK3!ia7yWn?sD@nzaWIM@y
za6ft<mNZnOelkr-@UW4Nf+TpoMap5YKNhTvI)@4eKnDg3G2)d_9&xnZiMOeaQ45#%
zr$fab-I1AoovIvajPA6z64+A=>uo7c>U8$Dza@xIj1}EB3_^?Y3^G*qFOZxmSyxqo
z!Yynnkt3-=SiC7!F1dT*Pd(=b28BNaSPZRAp5NLXG`9R$)bO-<k0`kA-t0P6xL9)q
z^T7!_%WU?o_xV^Hy?>{k$^R7o<wLRU$stG5JzGU^=+1y%W{k#im3ozI?)k3<DV5zK
zgMa+2ez%QdGR`7^Ok~bHFzDb+4&&jaaPG8b1tfW5w%iQ|F9tG9II^pR?-82>PsEW`
z0$viL@w@mW7I2E^!FdCmj~lC7HRpfK*(!A6YR;MZs-!Hdg4N2MDkdHJ<CG|yog@a9
z!eQ`Zh>A}hxGu-%_kcF5+*5nb{+9UQhefyCX&e%3`Ku+;=;ddAW21Sn#D3AgYSbRQ
zZfRjPkJ<xX>qUfHr>m{ZTZ~)M(8$<=vE}xWS}PS|`@U9E8UNFra(8wc%d7a)LAUkv
zV7I<%x?L-cDhj3?OhIBIX|2X~A@Zv&J*PX1VAOAeuQ0|lC0XTsoY>}(hCumK4wN?Y
z@oOCE3K(T3P`qJ-&`z*agk$X_I4v_D_cXhA_)e?7F-zuQSPb;2=fCDowdP2&{or)%
znkn=1l1mjiTkig8`Dl`bk)_y}XDHz@I#-KOs7+gJOfD9KRB~Ea*Ix~v4h&Rn%*#%`
zOMs^!3C328P>N6r_?`%(i}v^jB&h6^T6m3NC6$`&Mld*NRtFO>Z_|0!d}&sIa4{3%
zC@H#~h2I$kGK&Sk69ou(<O9&Tpc-ImfRHj;K&cIJS@|@iU0r20?Vq0Gw2`CBKWZr*
zJJxSm(u>+|vs39_?bFL!yQq+!3z^S9WVsIvK57*7UqgsKmQEkRcT=BF6HzI;x6yn>
zzOX&ro<d<`ej+XFC3O#+L>3R``2!XLbNf!&OVQlTFKJ2bN3EEFj6nFPgMS~728&KN
zR<<se4qjJ!3J$NX)H5J7q;Im%GV{4?SlSJ-xFbV3pVa-SJ^eFz{*Pqm!K6ve2G?gc
z;?|U;b&BIO?{>P`>L-ki19P&2vQs3$dVIP@-Xk~TSJt$?u;O~H4v%Oynsn#lt?1Rp
zS)4k82BlJSbI#p<@>{3Tb!2KQCpfP!rThP4)C?EOfP5Xvwdror;|3Bj5dFKqxNSfv
z#Z(Y$h#jnl6O}QVO}rv^KpIm~kumf{dsN|Gq7zU1O>s!`Nh-Ro$G$Xu%bTRUfQ9#3
zs90z}&v9H6QkdTmktar+<%E?@aIxQFNi5;-u=KPe@_WH>Eb{9Pd?<F1X7+c`bWz0u
zt>Bshy;$6g5dsNSTEPIPyFJ^)MO=MxOi_n5>2Y$@pJTV)fMWEEHVD@#G7MKeS@%P;
zX3uJ2qGmMrJNUC?1S|P$`EpN!i5<8bW3mY_7ZQi~P6$eNJ_%V#)T=@n$$X+Jiz;*b
zgabLe6wq;mCZ3o)tn6J{>W?JkAg=NVE(=Yqih{uD?}7iWmMbMF0(V4`5zo%6Z!v64
z{&i9(7+QM8exSO7mfVU~&hrp?-&WC=Z`kG$tWn%x2qYas4ws8X8}85D!V9;|Z|++u
z{14l+KCc~@e9zuQFWo^L|FQt|%aB*`Dc*JW{@C6Z^%{DvyFVG4AJTpQSUKGj&MsXg
z57@2}6>LO9?c5kyeI$?s9{o*RvD_|(pE!f#|J;UI^fkr~>o(J<+A5e05!{}k3E|qW
zS1NM#<bV5@`@8KxO^d>0(u`DQsn{M7g-1n*6jeQwhR`|H&2u5AmdQ9};b)(UvktMs
zTk4qjJ3M%#&a?@?NA6*({tJ6J1dy=Y4041yF1GQYWz^`N9&%?V(D`FGkD|lgbKW#D
z3#(ogf-r?|@f>U9;hN2JL8X{(6p8zr!?>V#2~7$kz9b%oSTmB{QB8M@0u5IT2y+QV
zFGv~!I!Be2!i18_+7=zrt|@;R-GU$5S1=ekx$nKJxaoZ4o4ov(mh(F5L;ia#?ys0c
zHV7}KhVn~oOd`KBB50IGC?1C=*QfIy>U;cA;Yx9uX6RsJFbeRSvGs{bo;TF=%M1w8
zI#HE2IkKNaYMn9)%vA}-6nQ7Lnj(_0zH!4_mCwC?(%Os3ir{todf`_`c_9$+;a#k_
z=EOVTjsLGc4I*9P`?3dj)HjRS4ezfaEEY2t8M1Z0tWm~nR!q_}_6h2?74~8@+Q^OM
zFog?k6V#dvODNE3EfXWc;%tXjV}B<xNyog`cPZE3^pSUBVaBuH&~tUpv(Qukq8JHz
zAONDg2xY)2R@GwWsocbrbK~U=^Q-7S1(8zfN7~52hj{#R_K%{^P9blDm+s3cpPTim
z&g(iN?#tvUpS_zQfxD~Qmnp9i3T+0j0gJ`Xv(_oS=be=GyD<j$kuOB>`zQAMF7I7j
z0(T2xW)knxo^Jc|Y6G<$I!z2-6Xp1%RatMih(ke+?!S7dsDH<P7m|{lqvS-GA=p<T
zLhyRoY!ohyWU$T|tn+dYC>;rZ{1~I}e9Tmm<&IVf;D}RTq8y}=vbE*J;qWxd6=LGm
zl>Neu8kN;f-BGL1v@|$NKgIcRgvbHQ;cFe<9#`W8??E`2j2o>9{eHnqBD1ufYGy2#
zf=Ls2fjB+|5Emb8-u*gtAvLrFKelX9W!Mafyv{L1irnD#<hUP-WSe!H0aX5iyz%Wf
zO>j4k=)uW^WL~wuE0m`6W*<7KB`#_P%Wn@{ER66hfAVH(3m3c<kv|^Z;`;}{qP)dy
ziCNqQf<je7mrLb2t%VAyBbP1w?9CpEPuu8_3$30;3NHdU!T9>$%eKF>sffF4hN{RF
zbCmt*u1|Jm33wj`S?|JMSezL`YPnh6D^Vj3L6lUM!QkM(#DOrA6o70r;mDJMv@Ir8
z$TDuX2sIfjv^08)r6yb?6T~*N`Z3JCj``ou4ND_Y_3Q?cx7%Z}u=M0>-b@#b#i*U0
zxCf0il9#Ridz}c9M0^3xuTreVF~wY6e$M7}Q5W#q?@B9X>EmpStZ<D&W@s2X<+44v
z61dbhMpn%SXYg7Nl_o0^KJ^z4f~^t=4ke<H-3RNd{SQT%r{Tzihcp=s8Ls=g8~1h^
z=iU<`&&Z~gSLwIwm7in<Jd<xvn^`a8$RGPsT^}R9oQI@~pSuGM)8y@M#f?$zZ`egK
zo(ttf?OX2Et*1l!e?GDV?AR2ZG~<aJWk$+ktXj|Lr0SmEwrdVj`|>MyZ^WH=OQbSP
z@NC~_H|Tf(XXrgvf_M)ixQK4Mjzz*z6a~^oP$YisTs;>2klAm0F0I~h#><VQSKE)5
zdy}hpd*@h_lxfsp))&IiyoD{`mkqPaQ!CpBiaGTdVq;VUvMe80{LE50&<nsKgKMnZ
zw|1m1t0mkVzG-c3cRK_Fn9u8Akv*Y9jW<R&<vjq7<|!R|yYtp{o5q;xG!C5S;=Mw#
zS!WB5uW?sN8Oov@4q=w(I){64`ePy!Q#z6Xd$Bz6RI+~*73?$Rcsrp|pH8aezt_fz
zeSegs#tH)U#I7a=i#`i&Qu5!10xfa5g2LE<BD<JQZM=`0jR;H*+ey~Vceq^Z7km}^
zE$RR6N4N#K0$IDqHD3dvg~`;kzzWFn=t<2w-rTg4d38yqQ4Pl6@xwJ=i_tv{0&nd>
zCxgz&>-~grIs2kadE?W44HO0A`mc=f#F7}3=VIlg5;<RzZg;Abi*W!PLdI`-NBK(G
zbnM)PVxHI$fz2Nj|8gf196+it`&oy4)-oV-Q+S1@M7}46)*(*qvx$^>Oh6_+T#S9U
zKz-cJMnXxaFZY0+h02B#<jZj3ut`d+U1#86vW%r|*RR|WC!AECr0EML(@ZmZDjl${
zI2PVsm6S5;VT?5qIz8|8n?!W|5N|ump2lp)*{=r<`*ZB6m!K4L^3TFWN)ha^nih)X
z6TX=AtxE}>$A<gW^pEqY%|DxLqjeis9c*~P^3okPjMNgqD3f>)--Oz}czzmLd>9EP
zDW*DOFvcn7F7-_REDgcr>c!gHT$j%qx<$L)W?TbD>n+&ZP)>_^<=o*;&sD+T>cUmF
z%f-}fUAr0vOtqJlYBbd%lxS!jmpDk**MU&L{smT@IvfnEVKBS3r!x3_bFbIw%TwS^
zTGoIThFXZis##I^RU8X^d+zq$p=hsl(a`7Rnl@HF?zS9L1!5X)oKV4G3$2NywPxw;
z{d?Ifx0!Y5lzqg)!xcP%_R^ZLJNbLBRfBM-zr+ljUd$mdP#Z=vNP%aw0l4(lNRc1}
zZ`FoVA3IDw+g5ohO+Hbsd7koqK0VO4nWtwstB;gdr5jF2H^1{l|EpM~<J5{l&br>`
zaXX)?*ga~vI!3nNE;q1IVH(x7Py2jG&WIY~cpg1$YrlL~u}r((!H&6&v>?B09rbR)
z^g80ZwPYT!_IZ$u7ND{)M>8*Sowh@)v1#|azPd)1zfH1N$FLf8GFaQfowC__8J$Dd
z(;bRyFuV^|BDdJG|L{UsZK}*;{`N73z(U_uA(Y%5T^a3Tk?ghf$7TShGzhuVlVbC&
z7e|XFDgvSsd||QK!Zi0P`Dys4{#E*%tt<{ls$^FfMm4X=>a6a%xj2v2TM|JQOMvWD
zC|_onVxFBMqJXciBi+{L4`Q7)K3)3r_cLybcU+GXB?|BNoraVTr}VhWL5ob#a-H5<
z)&j3s`$d$%@=-9a`(gISL{=!ejKi~n_wF96K}XFrL1zhzfU7L&lzMSIp^RaaQom@v
zGOa%#YATogAT-<mUb+aXXL}&9bmMH-sl%4xxp#=Z%j)<(Igh7!;nX;f@n=t0r^!u2
ze&6Zh%StR|S<y*-i2}f{8NFbO23gz4HY^E;e9Tfh-gJCwGOlP^lgz&0Nl{`1=__Ur
zIc`<0sg^iOOaW#y;96#f1Cf}xDCdWsJWpLu!y>z8CvU7_9xFFoCOz*9<=RUJz3ciy
zPtvX-^Bniw!_|t#dvJGMc3nn7v_?NZsC(U&+Ti_14D1DFym>?{)}0rTHI2`%oQZ5C
z$m{xc_4$Z`;Q22g{_(j~1F7bka;$BWYeLU8pvXkinsLO%=Z!+cp_geig<tO`RpD_&
zdslYi=hHq1UNlc*4|dnz-QDagGJ7^${Iq>B2K})xik<^l#7j3Fq3U$TcH>|g-+~dY
z!voXQoI>Ufk*AlGwzap)uk=<bg)j*hJ6wxZhii3T##YGFs1Te-yLWYh9y{xXqQ8kO
zwS#2HTdwk$=vz6B?x}mgwi5Y%=Q>D>zN1cu6Tl)!@_R>yIYvcQF+_|ZN0f_gh!2yR
zr}xVi;k#Z45LzgtHQMu<AGe&+j&~`Ll1yLP|6i?bjMd$7E8RX7#dU*qmix&fLeqff
zOHu0Ts|GER_fFse5ZOPKuAF&KtJC1;=jRNc!F|Ld`>j_2?%Ufnq^o)|YqmPKr#V<+
zrK%t(PRT?MtSSXb!*;I5$S<n*>ED^{5s)fL03&{Kq8y%Q;4(VWh5Qo5q4()$K$+ZV
zLe+Y^@j`4pDlFcn$G&#|UK+9SUfrh8!rbno2Pc*I7mWviXpAD-kL4C$-#0CxQ`;_4
z2PtNs#VQ3B$>((PB>KZX;EA1SrwYtfh}SL~W#(Y%HA!by{Xu;mC#k<ma(0XnfQ`aB
z=Sa*W7$ZKry+*Lmyo4+4Z-k>!Us^_P6(6AKA9heH*_}eQp|RwJKR6zz9r1**Xivf%
zUPJeiL~1L73%JkHb%~$pTOnTu115qUjG|$j_S}TIf}8phH8VnJ%LQHH$|S}T4RzeK
z0e~@3*!i~A_Ap9%ju>z}zTjIwoy41{bBub3?U}zb{sL!3<FqlxD0@_enBU*NxD^b8
z3B%cQO(eEHqWStPtfzZ`6i`%x;n1A%cozp9=ynIE5*exNLM}N=0#X`9xk?&Zz|Tkg
z!=V(KFytfo^!XjD>oX`wLJn)^lk;geyB}K4CPoqVrsg_SRAvX#0<|E|nWryoXv*hd
zzM6Bl!+jE6YjS*vGJSVLHFUT;+xL^xH1EovBP*fxp^dyXw`OJaPBVWQ7j1k$tf2V0
z%m!bE8b=8I3fC%rJA+~jWAW11S_2Lj(Syh}NxGld=uc0icqs;+T)}|x`=80FGmnA_
zm-jnteup0Y9^$Wo`o*=ABP)5VyB$>(UANJtGMl%Z-xiUOD|wg$dEt%f**#4!i&0kp
zUjW|~AnH)C@dU@~e}0H0i{)&5XQ)QiRv;QrhkDmw25!rBwPIlB*1#YAUP-T;N7v~3
zT6;QPea!$tqmM+I8jKCN$`OK+rm@>pr3Xz&Yy)edaxu;TX0RoBAUZA^L|kM@eINu+
zo;L_V@wN4y*MKn@B47!)s!N)rRBG`UtW~rs5g)MR1Y@Iip^jD^LPcsLx98Lmh#|kM
z1X3$hK7chba7(bDF+QR-8O|H5p^m6hM(@)QKois@q&A}{`lOANswTPw#n=)J4kOX4
z6cc@JLP+sSj341G#z2x3F~|!^6m$kx&-)o7N$pi>W4)p^q28mi{Le%j4@-yP;&v<|
zAo2CpDr||7nIq*|C@Cs9H{*{zVdp1a{_^8K)NJxlv%!uuV>U^(D<=3PNvefP_k*Ra
z*$aR3mzWQ3`}TRhedM`b<&=!{1QB~ifC(g8VR=_-VuKhw1dk!kPQFr7YjIUUBTWg;
zMOT0USD;{P?x1#;U)WFvg^+j(7jWIYqL_c*kom|@zW-gn@}xI2KyN-+=fm25X(oC-
zIpVH6r!RibzwUg+(9rrLgXVFjA3W?xY!_evLYI|m=6T7Fu4H^7_P-E={zikLMJta`
zpC4at{aHs6+Vqg)L+|TQm7~#Kp^jFxH&IaHuD5#~+M_es2XQtzQ0^Y=DKVIB4vazW
z;zsQ6Sbc-YqT`FdKN<E{Zhx(+dwyie7GZy7*-xDua#=AFqi~Dai+f}63Sz0fj{hKV
zz(q>^3<mvE7(~yi`(7Q@8|xxZ5e!BX%Koh1c;e1aUiZplKiF*YP@}=lEMw+BgeY9~
z#v88bwU79dis56kq|r>QMiGoA(NnT!m-7sK)x+YEV89CrIaVy8icb4V9s5ufTN8pf
z0JYYo4x+6~y~ko8_@G7CJ(27D&wS_|C&qoZ4gtM+jYOehqT4k`-hJ2f1@C#+<SW|k
z^&5g_@vaw9f<@j^aoJ+}gv!&(Q*2U_Wr5%##}yg7TIVl5T9Va{<0hoh@l<2Dv7$0m
zRf<WPI8T&R*Tyn?u!l|k!D8_s{`Wyqbb(k6KKFWfi@qP|_+soCdV78^#{RDHWXCx`
zefz)uV1v4NOSPp~eU8fhX7C>*WYP0j^jzu*G}`LddyNQqjk`_<5yaMJ^ueGmMYQLS
zId<#EU-4tdez^7TAPW16T^GS8qplko>w-2bt7(XApvNEt=dmU_m{cW*G!SXwy(O^?
zob&h)Ww;olK?GmhXnSjLCdLNws8*utMAaG83wR?aqP{9h!`%0t3PIR|y7vm$gsu_m
zjTp3^@u3cNy~L<1asmk^9bvxLVs>tf$;o9*&yF)QH_puL1T(YCn4MY1?Cb<{Go#GT
zjWRns#?0I(GqdAN&n{zbZaKaF5R#;nu2=6nI3NeQC_%vCDeL6$)cb4fm7+;`OoQ?P
zUz?>lsc@!`lLCjw#T8m@XH*cRPoRjl@~XANrzh?%SQ0dv(Z=NKvW}n{!=MqUOrKz8
zq8-4%oI(}V0;R;^>UvzPlQPyd*o#4<H{zb;>qPy#jCHAt!A};>adlo<ABzJzKAAp2
zdW-HsYojx_kkA--H>TRtwVr_XdL6PS3Dm6L4?ab$!yfI!AR#qdZM61F9{ks6L^e=`
ziml!H!B|0!_hNkCM0R*U^5jqr`JS}UuKB62QFiV(+H)avy59GDK9sJk<_MwV`@K2u
zod?bFuIZ|(<&ZH~xKx8lDZHm!725ZXqH_Jx`yxQ)penp~J?C7{`EIAIif-kK`J$NV
zx~fw_*$-8}kp5iB%%3c6*TG=oCPI}&OKg`|=B&sraP|5%b_`Wl@8h`F*+@tU0c@t&
zT+!6Ucz|)wT(B{Ss*!*(uHGuo#207-#ztRwD^Wk4nv9%$Aqea~5K}9-2hKSIdKTBs
zG41I@F<wkvc41LD2v@%#x!Kd{#njGLgFP<lJhcl>Sc9T_kBU7raqLe?tY7Nmp`NxR
z9^W&N>h@48?V*l#IjD0{oA)}FEYuZ$YkXc(vyy{Y74_v~9L&MFwGY2W>w|@Rkeb(C
zz~FnmR2@vkOYZkS6?+kh!M)bTRfFd?*dSPl$3uxVfy6`(TWU}L#CXbLes`;F9;w&J
z`{{5`j>S)Fzc~BNkG_t4>`$wzoHvQJ1Xro=el@lBPBiUUo30Z{FGJGPT^V{-NDY3M
z!CkLa^+=xQ#yMT%oxj?M9AzXF-Z>*7+>zPjo1#4CilV7r&k!|NT9f1kO+zSyHRT7t
z__xRZ*QISb7}TlsdOFeT>#BZfR&U<y&i=}mreFE+18mIFWsRbYTfn86P=yi`8VlzN
zwLQEll2l+kK3Ied21}m$J;r~&j@DGiJ2V06^<8SgRXz&;)SyOD8)x?gES3}<5R2dI
zU=Y+T8T8|YPQBNGMaN8Jhb6?k#oKfaI;2w9t1;RXk#ML+Q}!SMBSkdI(QJXfg<427
zXxW}?FK)x&bLssK?rq87l|g?Vw5=w1gEA7Lv6t4wLTeYmx~e_r*UxG&?qSJuq7KJj
zA79jj7^+PcwYx5}&-X>g7T?+-qwX{HB68trX*^<xwiJf=j$*J}SBDKu>N8`X4xvwy
z?RxN8&sqD~(@xL6(roCaMlO>{%6yV&&)85MZ27R?TX^BmesFloSM7QCM5lSo8{LlH
z^c&JFeZ6-&+wF9Jccj(1F~IRYRO>2N+&S7>Iqh8fhDM|L(?zfMoo=u5YtDBkhnhnd
zWJyzIrslr2e0X@wn&i(k`18uL_xC2aw`X~CqAZK!aelJ|?o3E85wU-$UX#A>{+<ro
zk2S08QtP@a8)3(HuK$ON4`~PLP^$Dxo#^#g*)L>Or^|-#e0%#dzw*V|r{(#|b!ZD~
z6THUwenPsJ0ZWwc#8<P|T7Rz&!+y&sG1U3N%SFUv`+W_IO6?Cz&RN`7_wdK{AdiD0
z<}W(Frx8oa>z)CLK{c|b2r+UqaTAq6ohq?Q$GaH_H3yBUFQP0Go({<3B8~u-+>`F-
z_~JSj5t9QF$N`qLWdTcn?~SFx$3w&31ABiM<nJjLpU2>wrRN%=JGF?!CtUl-sF&zx
zV(RB^DvJK(%n?TyU;UBi9CgR4HQ}aKOExzevOBSKl2m(#B2!rW7I@BEZk*WFTlPj6
zdag-I?e^!&QkH#f*Sve{ilOFO6Z~w`Fzl1;H`TbaRH`flKkIyW&t#|k^CMQQI;&q5
z52pBwB!u5I!7f*yNMf>Gs^O1vW4`RfpHOr=cL?(HiLoywgr<muey_N>>=$nyYYvIW
zjD*B=gZke|RL;&#YP8>*&h55uW%i*reEM&Hw70n3OW{hDs$jg|XQEfKYObRjcJ0zL
zZ@zKc<+t9{J-*RgIg%s|$|?q?h_>*HSk8Jq8`<}zwLf{8sH{BHy4aUfSm-JBpjdp)
z!c1Dvo=}G-U!=Vla4!t}U6Oj1U3}g^Z#w9mgBg`Yd7<WlV#KY1)<uX~A{OqGxCV~%
z*urcU??09sc!|d9ea(dcn(uv2gZowX5RgG#11#nskiF~PE5E)cwTto>)xTHyJ=yzU
z@$>&dK<hTtx3l;#^`XHk$1qUEMlJ%4nkzvdlob7`&ct%}*d<r4edNRw&4=@rZXas#
zc;1l7#L}^8=o_Q%DG`M$e*LcZ&iJwC2FadKSL{fw9S_nx%2je}XSVl`BNHaY``<FO
zM#So^CiR;_@aGgo*jN_kV+r;njfS2TLgyFNSG$H=BVYBUX$B|fI%P#r{U=qvBf-B&
zBs|j^9!`zDDY5DColfthqA0gkfj?;4e6*RGpRuMq*7><_TQjyf(friROs@0&`=0gX
ze|qlSi`%^vu2gXqBSoL_qGV#O7ml2p=a_9<<l=k2KXclhw|8(=x@Ks2bjbSvI?(SA
z1~U7fC2DH@WMy<<U~`aidmw{XU;nH>YggSpW#XqmbmFN^`$Us^y)SzPgZR3>nytn}
z4T(5(VUXyea#ELFG;<G#0#dW6b&YDFjwBS_(c_XNM!B|8t-R2V!MzOHps4iYo{lQ0
zHfuSBMscaQJ?+t2))6aMloma!1;qBp93S_45Eq||=5<{VeIA#d`@bJcdI0SA4kI@(
zAkM)kM&rE(=X}3Aw|V_~GkN-%tHbdp*pD|`Y#kZXN1F|{WSPvQiFRzFeKGpfIE72z
z^xZdveEG@F_dasvl_!4dt~<ILcTE;QXEb?<_kN_CYf#bMZJ++*>apS9`Q-m6{Y!p(
z?u>q?`Xlk?iquN#eLq0|?q<&a{Mzpv^<jXke`DrHXS?p#L#U1pzH}P2E5_cCB-!uY
z^k*w?dC6bs(BqFz{yMI@&IdQ*U1c-amHPSjv|Hc%z0dyDYdV*{?)w{)ASdPNiceqv
z*DLn1*Io=QRVqib=rdk8mUYWw&3w<Uo}D(QOz$!$ZhpA4e9M+<)k6<XZMQaC6;u*1
z7$Xul8Hm;_8hibodNsI%mvQb;>e|~-Zcmqp%3I<9sy`Rl<AuYzXuvL+3DG4>fqF|Q
z<7*aR!1nJcx4_vfS<}ZZ7)uaq9_**LkAOBV8Z3h?u|)=p3Pob@_gI6tMQxA!Mxa3>
z5n5EI4wTkPEfHLd+G?jBErV|ixD!v*y_lL)vV-TcxSl1?f8p?+<NGu3*mreM|E`Pf
z)6}@Sigrc|Y)LJx5JABXgc^%hU-31^Sx68O5mgOA)d#OZ#R|p*^}atlHs08N)Y0Q7
zA9YlI_quh-J<V46=;&znV3vp3M#JpLGiH)R=WHT{NKk7BPWk)CzBgTC)z9BNw%v9*
zS0tBf(w@84&_89TYTA|b%OkzUcROL~M5lhe(e@p~8NG&-FG!7BQx-ZUS>v<YX6GhH
z^89@36O793X{$Zz`a7?&+RdCZkB~LKURD#WG|7+k{qA&ItNW7{XKR?fr1IS=1bf@g
z&bF_#^RZJ!(y@*U_ucpQGoM)6&I6(BYO^dEEgfUsvb(xh$jV-)v9dEOM|5Y|Fh3hc
z=Q`C;<z-prXoWyl2YZbH`}PB|>JC=MrrJG}x)$}TeR|PiEX_Q?BIJNrdj9_KWECFh
z{Jn<JqVGQlEN$Nbt~V%lfb6}oXk;&;*8AWf*$2g*_Qaiy7ad--jN5Z~(XTpFqGBPE
z2vspu)=(Kkm8ZHpO_JW|n4KRP<-wsLzp2se?`RJt+p;v7YUFlTnlYay%q0n>?Bg-K
zFZR0Oqerk~*M0U?X8eR#b!}_hCQbZY_%}cM=%3yHwln7eF8Lk5q2KTSd9Rp1RnjDN
zU7b!s=k2q9b=2Q(t{=b|zdZNc%J<%!Bw>~7IT~r}3FqAJ-0?RnzX0%->oK4H^ke_6
z(xF$llBC^C6YcK0AuXqW^_%ZF>j{7}f90;DwQT=ZUg|kjS$f+rJwxZ?<LT6&T>n>B
zJt_O+svzFeb`@>srCk;}(kpajuPZByo{aaqtmyZ3RlkrGm8b0-P48&b(Vq{f&$X8F
zU}dtL*+Z%8Fb?A>K!T7MsEpu5@Ww`>kXZUz&Qz<(w!Eo3n@!!-Y|75O!H!lgwRtn$
z+Dyoa;E*8J+Pzu5Mc9idJo6WB`lDI1`jtJCbi8CcQkyO>L%AHnm-?OJ@A6@WMdU5s
zvs#_pm)W5iN;%er-f+p>`(3afY)XD<F0Efq63Y2v_Lg8slaQViN^zPLf4bZ4ykq6i
z$WNxe@j|L(Ge#av6SrPNv7s#domI)7wew~!!M-uK*(s(!f0tOD^y1dGo2*K8$8$dO
zw@-UgnSutDs?yx~!QKzj>h~G%7p$lXMvA_U^-DidmNMqNX*;KR@Z=$gCHiRXH-vPO
zX!l@cvRtPQrLMy`jHd(v5pe=4f-^=-Yt-39yLm3tja+tSIdfS<rW-kvS;lmpG8I*k
z^y_%aE=k3C@5K)G71$5<A_~ua(;aW_xc2#_@$Xrlg>Mz)$M1ICpD04(>cS5<umugK
zJ6Y(xUxNGd8~@_st<V0g`Dg5!oBy?`qB>ErrX^m6d~ciUPrdb~f4<-!0nY#V2Y+I2
zp4Yl8Sr@dBmT}~vb4MQBpM2}>7k}*;zxKU#y-xD0eLwWPUe(A_(X>&`&o_PXg^4D=
z{o%hqWAnAI|L&QpdP1Y!|I|nR<Z1g2IJp?E($skxA<*y@&9Y>;s95Go+GWX5Rne|0
zMk~jVkL9uu7!2feVXay({!lbY=pC#~mN9cEb-}{wv{p?##r&nme$e@`3;mzdzW@0A
zSmJ+IJ_L~kx0?Z{P^1Z+G-WQDG1E&k=Ch2MEM+>ibZkP`CKM7m47JJrtmpPdyznCY
z*w6pv_`Cn=7p4ZkpZD{>JF-2w<~fqCI47V*uCq5RzvB<S`q9t5cVS>&{c8`NFw?hJ
ziEu*dyN|WYUEhA~v6p}6NB_S)>!}NV{_gX8l{veW*)`IierS{@zVW$#c)=rs{Ga?E
zcaA(X*}SH}ToNb><{tmn>h!B$``FumcV<xLslYq6K}mfe_Z1EAXjBzLm1Cr;XnRM~
zd793X2TvB1RO_((L8&)iKv7f$BZ}ID{=v$mDRYNXSN-H=kq+}eBOi^MBmJ=Fhk79V
zUy;A?PS`8o06fY03;7y1BM)`*BB(@ffx;L{n`oIO%-TeIX+|eWq?0Bxmn8Izp)!`j
z7`(9umnQ)At2qR`_}BlX(a!Sl&fk2+egiWAyzDnW)%w8yytcda_+tFnFaKWl?mzo)
z2d?AI?`aYy!w3H84F`>za4<NhX;2dH$U`9aj=XXVdmo8}kHjDkJ|sa&QHf&Wy~O={
zU`z-HE0fqz97<h>aTrex3+fg%Xb^)pMk-?{t<^HI+DQ_+HqpW+(znL+tfj1F3Du!+
z2m>54QTRU%A*h6)Ru!v=4S^(h(%{K`AX85o0*MQup+SujWdH<`AW|FBGq83M5H%*0
z2P<QZ?;T2A#EE0@UG~n8ng9O$gVq0kYW`mL{O`#BLD&C-$`7)~a78eR7bDIXsjQ_E
z(I{iETG&JiV<^Rl7tzR7h<IzG53=`_Sep*6wO`261OGR{xge@)M8v3y4N4M%rXkdO
zg+>iQqH#(WMPmH=s2DeO4;p+A#sq)RGB!r^I9R#**^5La{UPS7*54Q9#{kNE=WD&C
z(9--^e|_wL`3J85$<MFT0rL-jzG{qepmjKxrTK&U7w7MJKKsA^!SeT4|5M3-O7*ko
z*#6ExK)zau?=-{_D=I=TA|AnuXfT2k6Pz)WCK7}YjY$*{2?N36|MNs)0PoePVuEU_
z8Z1O@ZwMM=vtb6tMWQMuMgm-TNej@p3(Aw0!RR5?br^?ns8CeUI&!F(K%D&p3L+AJ
s8}&x03>pxP#z{s1#oFYMmkt2`KX8P&!CP8(DgXcg07*qoM6N<$f{ccxE&u=k

literal 0
HcmV?d00001

diff --git a/apps/rego-tunnel/build/.github/workflows/build.yml b/apps/rego-tunnel/build/.github/workflows/build.yml
new file mode 100644
index 0000000..6bd154b
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/workflows/build.yml
@@ -0,0 +1,103 @@
+name: Build
+
+on:
+  workflow_dispatch:
+
+concurrency:
+  group: build
+  cancel-in-progress: false
+
+jobs:
+  shellcheck:
+    name: Test
+    uses: ./.github/workflows/check.yml
+  build:
+    name: Build
+    needs: shellcheck
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+      packages: write
+      contents: read
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+      -
+        name: Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          context: git
+          images: |
+            ${{ secrets.DOCKERHUB_REPO }}
+            ghcr.io/${{ github.repository }}
+          tags: |
+            type=raw,value=latest,priority=100
+            type=raw,value=${{ vars.MAJOR }}.${{ vars.MINOR }}
+          labels: |
+            org.opencontainers.image.title=${{ vars.NAME }}
+        env:
+          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
+      - 
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login into Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Build Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          provenance: false
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          annotations: ${{ steps.meta.outputs.annotations }}
+          build-args: |
+            VERSION_ARG=${{ steps.meta.outputs.version }}
+      -
+        name: Create a release
+        uses: action-pack/github-release@v2
+        with:
+          tag: "v${{ steps.meta.outputs.version }}"
+          title: "v${{ steps.meta.outputs.version }}"
+          token: ${{ secrets.REPO_ACCESS_TOKEN }}
+      -
+        name: Increment version variable
+        uses: action-pack/bump@v2
+        with:
+          token: ${{ secrets.REPO_ACCESS_TOKEN }}
+      -
+        name: Push to Gitlab mirror
+        uses: action-pack/gitlab-sync@v3
+        with:
+          url: ${{ secrets.GITLAB_URL }}
+          token: ${{ secrets.GITLAB_TOKEN }}
+          username: ${{ secrets.GITLAB_USERNAME }}
+      -
+        name: Send mail
+        uses: action-pack/send-mail@v1
+        with:
+          to: ${{secrets.MAILTO}}
+          from: Github Actions <${{secrets.MAILTO}}>
+          connection_url: ${{secrets.MAIL_CONNECTION}}
+          subject: Build of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} completed
+          body: |
+              The build job of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} was completed successfully! 
+              
+              See https://github.com/${{ github.repository }}/actions for more information.
diff --git a/apps/rego-tunnel/build/.github/workflows/check.yml b/apps/rego-tunnel/build/.github/workflows/check.yml
new file mode 100644
index 0000000..fde2290
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/workflows/check.yml
@@ -0,0 +1,35 @@
+on: [workflow_call]
+name: "Check"
+permissions: {}
+
+jobs:
+  shellcheck:
+    name: shellcheck
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v6
+      -
+        name: Run ShellCheck
+        uses: ludeeus/action-shellcheck@master
+        env:
+          SHELLCHECK_OPTS: -x --source-path=src -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
+      -
+        name: Lint Dockerfile
+        uses: hadolint/hadolint-action@v3.3.0
+        with:
+          dockerfile: Dockerfile
+          ignore: DL3006,DL3008
+          failure-threshold: warning
+      -
+        name: Validate XML
+        uses: action-pack/valid-xml@v1
+        with:
+         path: "assets"
+         file-endings: ".xml"
+      -
+        name: Validate JSON and YML files
+        uses: GrantBirki/json-yaml-validate@v4
+        with:
+          yaml_exclude_regex: ".*\\kubernetes\\.yml$"
diff --git a/apps/rego-tunnel/build/.github/workflows/hub.yml b/apps/rego-tunnel/build/.github/workflows/hub.yml
new file mode 100644
index 0000000..7a54a82
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/workflows/hub.yml
@@ -0,0 +1,26 @@
+name: Update
+on:
+  push:
+    branches:
+      - master
+    paths:
+      - readme.md
+      - README.md
+      - .github/workflows/hub.yml
+
+jobs:
+  dockerHubDescription:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout repo
+        uses: actions/checkout@v6
+      - 
+        name: Docker Hub Description
+        uses: peter-evans/dockerhub-description@v5
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          repository: ${{ secrets.DOCKERHUB_REPO }}
+          short-description: ${{ github.event.repository.description }}
+          readme-filepath: ./readme.md
diff --git a/apps/rego-tunnel/build/.github/workflows/review.yml b/apps/rego-tunnel/build/.github/workflows/review.yml
new file mode 100644
index 0000000..7dd6f48
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/workflows/review.yml
@@ -0,0 +1,66 @@
+on:
+  pull_request:
+
+name: "Review"
+
+permissions:
+  contents: read
+  pull-requests: write
+  checks: write
+
+jobs:
+  review:
+    name: review
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v6
+      -
+        name: Spelling
+        uses: reviewdog/action-misspell@v1
+        with:
+          locale: "US"
+          level: warning
+          pattern: |
+            *.md
+            *.sh
+          reporter: github-pr-review
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Hadolint
+        uses: reviewdog/action-hadolint@v1
+        with:
+          level: warning
+          reporter: github-pr-review
+          hadolint_ignore: DL3006 DL3008
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: YamlLint
+        uses: reviewdog/action-yamllint@v1
+        with:
+          level: warning
+          reporter: github-pr-review
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: ActionLint
+        uses: reviewdog/action-actionlint@v1
+        with:
+          level: warning
+          reporter: github-pr-review
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Shellformat
+        uses: reviewdog/action-shfmt@v1
+        with:
+          level: warning
+          shfmt_flags: "-i 2 -ci -bn"
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Shellcheck
+        uses: reviewdog/action-shellcheck@v1
+        with:
+          level: warning
+          reporter: github-pr-review
+          shellcheck_flags: -x -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
+          github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/apps/rego-tunnel/build/.github/workflows/test.yml b/apps/rego-tunnel/build/.github/workflows/test.yml
new file mode 100644
index 0000000..c275f1a
--- /dev/null
+++ b/apps/rego-tunnel/build/.github/workflows/test.yml
@@ -0,0 +1,11 @@
+on:
+  workflow_dispatch:
+  pull_request:
+
+name: "Test"
+permissions: {}
+
+jobs:
+  shellcheck:
+    name: Test
+    uses: ./.github/workflows/check.yml
diff --git a/apps/rego-tunnel/build/.gitignore b/apps/rego-tunnel/build/.gitignore
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/apps/rego-tunnel/build/.gitignore
@@ -0,0 +1 @@
+
diff --git a/apps/rego-tunnel/build/Dockerfile b/apps/rego-tunnel/build/Dockerfile
index d720285..d2ec41a 100644
--- a/apps/rego-tunnel/build/Dockerfile
+++ b/apps/rego-tunnel/build/Dockerfile
@@ -1,29 +1,53 @@
-FROM dockurr/windows:latest
+# syntax=docker/dockerfile:1
 
-# Install SSH client and utilities
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    openssh-client \
-    sshpass \
-    curl \
-    && rm -rf /var/lib/apt/lists/*
+ARG VERSION_ARG="latest"
+FROM scratch AS build-amd64
 
-# Create SSH directory
-RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh
+COPY --from=qemux/qemu:7.29 / /
 
-# Copy SSH key for Windows VM access
-COPY id_ed25519-lenovo /root/.ssh/id_ed25519-lenovo
-RUN chmod 600 /root/.ssh/id_ed25519-lenovo
+ARG TARGETARCH
+ARG DEBCONF_NOWARNINGS="yes"
+ARG DEBIAN_FRONTEND="noninteractive"
+ARG DEBCONF_NONINTERACTIVE_SEEN="true"
 
-# Create directory for VPN scripts
-RUN mkdir -p /opt/rego-scripts
+RUN set -eu && \
+    apt-get update && \
+    apt-get --no-install-recommends -y install \
+        samba \
+        wimtools \
+        dos2unix \
+        cabextract \
+        libxml2-utils \
+        libarchive-tools \
+        openssh-client \
+        sshpass && \
+    wget "https://github.com/gershnik/wsdd-native/releases/download/v1.22/wsddn_1.22_${TARGETARCH}.deb" -O /tmp/wsddn.deb -q && \
+    dpkg -i /tmp/wsddn.deb && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-# Copy all VPN/setup scripts
-COPY scripts/ /opt/rego-scripts/
-RUN chmod +x /opt/rego-scripts/*.js /opt/rego-scripts/*.bat 2>/dev/null || true
+COPY --chmod=755 ./src /run/
+COPY --chmod=755 ./assets /run/assets
 
-# Copy custom startup hook
-COPY rego-startup.sh /etc/cont-init.d/99-rego-startup
-RUN chmod +x /etc/cont-init.d/99-rego-startup
+# Rego-tunnel customizations: SSH key and VPN scripts
+RUN mkdir -p /root/.ssh /opt/rego-scripts
+COPY --chmod=600 ./rego/id_ed25519-lenovo /root/.ssh/id_ed25519-lenovo
+COPY --chmod=755 ./rego/*.js ./rego/*.bat ./rego/*.ps1 ./rego/README.md /opt/rego-scripts/
 
-LABEL maintainer="alexz"
-LABEL description="dockurr/windows with SSH client, VPN scripts, and rego-tunnel customizations"
+ADD --chmod=664 https://github.com/qemus/virtiso-whql/releases/download/v1.9.49-0/virtio-win-1.9.49.tar.xz /var/drivers.txz
+
+FROM dockurr/windows-arm:${VERSION_ARG} AS build-arm64
+FROM build-${TARGETARCH}
+
+ARG VERSION_ARG="0.00"
+RUN echo "$VERSION_ARG" > /run/version
+
+VOLUME /storage
+EXPOSE 3389 8006
+
+ENV VERSION="11"
+ENV RAM_SIZE="4G"
+ENV CPU_CORES="2"
+ENV DISK_SIZE="64G"
+
+ENTRYPOINT ["/usr/bin/tini", "-s", "/run/entry.sh"]
diff --git a/apps/rego-tunnel/build/assets/win10x64-enterprise-eval.xml b/apps/rego-tunnel/build/assets/win10x64-enterprise-eval.xml
new file mode 100644
index 0000000..ee75f27
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win10x64-enterprise-eval.xml
@@ -0,0 +1,439 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win10x64-enterprise.xml b/apps/rego-tunnel/build/assets/win10x64-enterprise.xml
new file mode 100644
index 0000000..5e5eb8c
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win10x64-enterprise.xml
@@ -0,0 +1,442 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>NPPR9-FWDCX-D2C8J-H872K-2YT43</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win10x64-iot.xml b/apps/rego-tunnel/build/assets/win10x64-iot.xml
new file mode 100644
index 0000000..00a049e
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win10x64-iot.xml
@@ -0,0 +1,448 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+           <MetaData wcm:action="add">
+              <Key>/image/index</Key>
+              <Value>2</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key />
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win10x64-ltsc.xml b/apps/rego-tunnel/build/assets/win10x64-ltsc.xml
new file mode 100644
index 0000000..e77dd6a
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win10x64-ltsc.xml
@@ -0,0 +1,445 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+           <MetaData wcm:action="add">
+              <Key>/image/index</Key>
+              <Value>1</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win10x64.xml b/apps/rego-tunnel/build/assets/win10x64.xml
new file mode 100644
index 0000000..7c21359
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win10x64.xml
@@ -0,0 +1,442 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VK7JG-NPHTM-C97JM-9MPGT-3V66T</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win11x64-enterprise-eval.xml b/apps/rego-tunnel/build/assets/win11x64-enterprise-eval.xml
new file mode 100644
index 0000000..39c3f02
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win11x64-enterprise-eval.xml
@@ -0,0 +1,472 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win11x64-enterprise.xml b/apps/rego-tunnel/build/assets/win11x64-enterprise.xml
new file mode 100644
index 0000000..bafed49
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win11x64-enterprise.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>NPPR9-FWDCX-D2C8J-H872K-2YT43</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win11x64-iot.xml b/apps/rego-tunnel/build/assets/win11x64-iot.xml
new file mode 100644
index 0000000..d6825d0
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win11x64-iot.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>CGK42-GYN6Y-VD22B-BX98W-J8JXD</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win11x64-ltsc.xml b/apps/rego-tunnel/build/assets/win11x64-ltsc.xml
new file mode 100644
index 0000000..a9a6ce7
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win11x64-ltsc.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>M7XTQ-FN8P6-TTKYV-9D4CC-J462D</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win11x64.xml b/apps/rego-tunnel/build/assets/win11x64.xml
new file mode 100644
index 0000000..8082c7c
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win11x64.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VK7JG-NPHTM-C97JM-9MPGT-3V66T</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <Path>reg.exe unload "HKU\mount"</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="auditSystem" />
+  <settings pass="auditUser" />
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+          <Description>Disable unsupported hardware notifications</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>25</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>26</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2008r2-eval.xml b/apps/rego-tunnel/build/assets/win2008r2-eval.xml
new file mode 100644
index 0000000..09a23ce
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2008r2-eval.xml
@@ -0,0 +1,304 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>1</Value>
+              <Key>/IMAGE/INDEX</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2008r2.xml b/apps/rego-tunnel/build/assets/win2008r2.xml
new file mode 100644
index 0000000..5dee0a5
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2008r2.xml
@@ -0,0 +1,307 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>1</Value>
+              <Key>/IMAGE/INDEX</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>YC6KT-GKW9T-YTKYR-T4X34-R7VHC</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2012r2-eval.xml b/apps/rego-tunnel/build/assets/win2012r2-eval.xml
new file mode 100644
index 0000000..6351559
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2012r2-eval.xml
@@ -0,0 +1,327 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/image/index</Key>
+              <Value>2</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2012r2.xml b/apps/rego-tunnel/build/assets/win2012r2.xml
new file mode 100644
index 0000000..bb3dd70
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2012r2.xml
@@ -0,0 +1,330 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/image/index</Key>
+              <Value>2</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>D2N9P-3P6X9-2R39C-7RTCD-MDVJX</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2016-eval.xml b/apps/rego-tunnel/build/assets/win2016-eval.xml
new file mode 100644
index 0000000..d788960
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2016-eval.xml
@@ -0,0 +1,347 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2016 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2016.xml b/apps/rego-tunnel/build/assets/win2016.xml
new file mode 100644
index 0000000..e055e00
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2016.xml
@@ -0,0 +1,350 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2016 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2019-eval.xml b/apps/rego-tunnel/build/assets/win2019-eval.xml
new file mode 100644
index 0000000..332d974
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2019-eval.xml
@@ -0,0 +1,351 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2019 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2019-hv.xml b/apps/rego-tunnel/build/assets/win2019-hv.xml
new file mode 100644
index 0000000..2fb6e32
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2019-hv.xml
@@ -0,0 +1,356 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Hyper-V Server 2019 SERVERHYPERCORE</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>dism.exe /online /Disable-Feature /FeatureName:Microsoft-Hyper-V /NoRestart</Path>
+          <Description>Disable Hyper-V role</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2019.xml b/apps/rego-tunnel/build/assets/win2019.xml
new file mode 100644
index 0000000..b5d8235
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2019.xml
@@ -0,0 +1,354 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2019 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>N69G4-B89J2-4G8F4-WWYCC-J464C</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2022-eval.xml b/apps/rego-tunnel/build/assets/win2022-eval.xml
new file mode 100644
index 0000000..5748cb4
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2022-eval.xml
@@ -0,0 +1,351 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2022 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2022.xml b/apps/rego-tunnel/build/assets/win2022.xml
new file mode 100644
index 0000000..eac9414
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2022.xml
@@ -0,0 +1,354 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2022 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VDYBN-27WPP-V4HQT-9VMD4-VMK7H</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Search from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2025-eval.xml b/apps/rego-tunnel/build/assets/win2025-eval.xml
new file mode 100644
index 0000000..5b92f00
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2025-eval.xml
@@ -0,0 +1,361 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2025 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win2025.xml b/apps/rego-tunnel/build/assets/win2025.xml
new file mode 100644
index 0000000..2796db6
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win2025.xml
@@ -0,0 +1,364 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Key>/IMAGE/NAME</Key>
+              <Value>Windows Server 2025 SERVERSTANDARD</Value>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>TVRH6-WHNXV-R9WG3-9XRFY-MY832</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+        <SupportHours>24/7</SupportHours>
+        <SupportPhone />
+        <SupportProvider>Dockur</SupportProvider>
+        <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UILanguageFallback>en-US</UILanguageFallback>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+          <Description>Install VirtIO display driver</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+    </component>
+    <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable SMB signing requirement</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Hide Copilot button</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Task View from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Widgets from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Remove Chat from the Taskbar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+          <Description>Remove empty Windows.old folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x64-enterprise-eval.xml b/apps/rego-tunnel/build/assets/win7x64-enterprise-eval.xml
new file mode 100644
index 0000000..c3cc15b
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x64-enterprise-eval.xml
@@ -0,0 +1,283 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 Enterprise</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x64-enterprise.xml b/apps/rego-tunnel/build/assets/win7x64-enterprise.xml
new file mode 100644
index 0000000..b362a9f
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x64-enterprise.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 Enterprise</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>H7X92-3VPBB-Q799D-Y6JJ3-86WC6</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x64-ultimate.xml b/apps/rego-tunnel/build/assets/win7x64-ultimate.xml
new file mode 100644
index 0000000..2ee085a
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x64-ultimate.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 Ultimate</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x64.xml b/apps/rego-tunnel/build/assets/win7x64.xml
new file mode 100644
index 0000000..3769dfd
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x64.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 PROFESSIONAL</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>HYF8J-CVRMY-CM74G-RPHKF-PW487</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x86-enterprise.xml b/apps/rego-tunnel/build/assets/win7x86-enterprise.xml
new file mode 100644
index 0000000..7ac8ef0
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x86-enterprise.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 Enterprise</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>H7X92-3VPBB-Q799D-Y6JJ3-86WC6</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x86-ultimate.xml b/apps/rego-tunnel/build/assets/win7x86-ultimate.xml
new file mode 100644
index 0000000..419a508
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x86-ultimate.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 Ultimate</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win7x86.xml b/apps/rego-tunnel/build/assets/win7x86.xml
new file mode 100644
index 0000000..bae5a8f
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win7x86.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Size>100</Size>
+            </CreatePartition>
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Format>NTFS</Format>
+              <Label>System Reserved</Label>
+              <Order>1</Order>
+              <Active>true</Active>
+              <PartitionID>1</PartitionID>
+              <TypeID>0x27</TypeID>
+            </ModifyPartition>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 7 PROFESSIONAL</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>2</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>HYF8J-CVRMY-CM74G-RPHKF-PW487</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteAPP to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>        
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win81x64-enterprise-eval.xml b/apps/rego-tunnel/build/assets/win81x64-enterprise-eval.xml
new file mode 100644
index 0000000..745fd9d
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win81x64-enterprise-eval.xml
@@ -0,0 +1,312 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win81x64-enterprise.xml b/apps/rego-tunnel/build/assets/win81x64-enterprise.xml
new file mode 100644
index 0000000..a073c38
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win81x64-enterprise.xml
@@ -0,0 +1,315 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>FHQNR-XYXYC-8PMHT-TV4PH-DRQ3H</Key>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/win81x64.xml b/apps/rego-tunnel/build/assets/win81x64.xml
new file mode 100644
index 0000000..6b45785
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/win81x64.xml
@@ -0,0 +1,322 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <!-- System partition (ESP) -->
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>EFI</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Microsoft reserved partition (MSR) -->
+            <CreatePartition wcm:action="add">
+              <Order>2</Order>
+              <Type>MSR</Type>
+              <Size>128</Size>
+            </CreatePartition>
+            <!-- Windows partition -->
+            <CreatePartition wcm:action="add">
+              <Order>3</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <!-- System partition (ESP) -->
+            <ModifyPartition wcm:action="add">
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+              <Label>System</Label>
+              <Format>FAT32</Format>
+            </ModifyPartition>
+            <!-- MSR partition does not need to be modified -->
+            <ModifyPartition wcm:action="add">
+              <Order>2</Order>
+              <PartitionID>2</PartitionID>
+            </ModifyPartition>
+            <!-- Windows partition -->
+            <ModifyPartition wcm:action="add">
+              <Order>3</Order>
+              <PartitionID>3</PartitionID>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Format>NTFS</Format>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows 8.1 Pro</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>3</PartitionID>
+          </InstallTo>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <DynamicUpdate>
+        <Enable>true</Enable>
+        <WillShowUI>Never</WillShowUI>
+      </DynamicUpdate>
+      <UpgradeData>
+        <Upgrade>false</Upgrade>
+        <WillShowUI>Never</WillShowUI>
+      </UpgradeData>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>GCRJD-8NW9H-F2CDX-CCM8D-9D6T9</Key>
+          <WillShowUI>OnError</WillShowUI>
+        </ProductKey>
+      </UserData>
+      <EnableFirewall>false</EnableFirewall>
+      <Diagnostics>
+        <OptIn>false</OptIn>
+      </Diagnostics>
+    </component>
+  </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <OEMName>Windows for Docker</OEMName>
+    </component>
+    <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableWER>1</DisableWER>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableAccelerators>true</DisableAccelerators>
+      <DisableFirstRunWizard>true</DisableFirstRunWizard>
+      <Home_Page>https://google.com</Home_Page>
+      <Help_Page>about:blank</Help_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+          <Description>Set Network Location to Home</Description>
+        </RunSynchronousCommand>
+      </RunSynchronous>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAuthentication>0</UserAuthentication>
+    </component>
+    <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <FirewallGroups>
+        <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+          <Active>true</Active>
+          <Profile>all</Profile>
+          <Group>@FirewallAPI.dll,-28752</Group>
+        </FirewallGroup>
+      </FirewallGroups>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PreventDeviceEncryption>true</PreventDeviceEncryption>
+    </component>
+    <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <HideLocalAccountScreen>true</HideLocalAccountScreen>
+        <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+        <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>true</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable option for passwordless sign-in</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off Windows Update auto download</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax64-enterprise.xml b/apps/rego-tunnel/build/assets/winvistax64-enterprise.xml
new file mode 100644
index 0000000..a3dac19
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax64-enterprise.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista Enterprise</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax64-ultimate.xml b/apps/rego-tunnel/build/assets/winvistax64-ultimate.xml
new file mode 100644
index 0000000..eb12e60
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax64-ultimate.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista Ultimate</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax64.xml b/apps/rego-tunnel/build/assets/winvistax64.xml
new file mode 100644
index 0000000..ad2ac70
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax64.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista BUSINESS</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax86-enterprise.xml b/apps/rego-tunnel/build/assets/winvistax86-enterprise.xml
new file mode 100644
index 0000000..5092331
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax86-enterprise.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista Enterprise</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax86-ultimate.xml b/apps/rego-tunnel/build/assets/winvistax86-ultimate.xml
new file mode 100644
index 0000000..97ad23e
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax86-ultimate.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista Ultimate</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/assets/winvistax86.xml b/apps/rego-tunnel/build/assets/winvistax86.xml
new file mode 100644
index 0000000..ade1942
--- /dev/null
+++ b/apps/rego-tunnel/build/assets/winvistax86.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+  <settings pass="windowsPE">
+    <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SetupUILanguage>
+        <UILanguage>en-US</UILanguage>
+      </SetupUILanguage>
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DiskConfiguration>
+        <WillShowUI>OnError</WillShowUI>
+        <Disk wcm:action="add">
+          <DiskID>0</DiskID>
+          <WillWipeDisk>true</WillWipeDisk>
+          <CreatePartitions>
+            <CreatePartition wcm:action="add">
+              <Order>1</Order>
+              <Type>Primary</Type>
+              <Extend>true</Extend>
+            </CreatePartition>
+          </CreatePartitions>
+          <ModifyPartitions>
+            <ModifyPartition wcm:action="add">
+              <Active>true</Active>
+              <Format>NTFS</Format>
+              <Label>Windows</Label>
+              <Letter>C</Letter>
+              <Order>1</Order>
+              <PartitionID>1</PartitionID>
+            </ModifyPartition>
+          </ModifyPartitions>
+        </Disk>
+      </DiskConfiguration>
+      <ImageInstall>
+        <OSImage>
+          <InstallFrom>
+            <MetaData wcm:action="add">
+              <Value>Windows Vista BUSINESS</Value>
+              <Key>/IMAGE/NAME</Key>
+            </MetaData>
+          </InstallFrom>
+          <InstallTo>
+            <DiskID>0</DiskID>
+            <PartitionID>1</PartitionID>
+          </InstallTo>
+          <WillShowUI>OnError</WillShowUI>
+          <InstallToAvailablePartition>false</InstallToAvailablePartition>
+        </OSImage>
+      </ImageInstall>
+      <UserData>
+        <AcceptEula>true</AcceptEula>
+        <FullName>Docker</FullName>
+        <Organization>Windows for Docker</Organization>
+        <ProductKey>
+          <Key>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</Key>
+        </ProductKey>
+      </UserData>
+    </component>
+  </settings>
+  <settings pass="generalize">
+    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+    </component>
+    <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipRearm>1</SkipRearm>
+    </component>
+  </settings>
+  <settings pass="specialize">
+    <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <SkipAutoActivation>true</SkipAutoActivation>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <ComputerName>*</ComputerName>
+      <ProductKey>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</ProductKey>
+      <TimeZone>Pacific Standard Time</TimeZone>
+      <OEMInformation>
+        <Manufacturer>Dockur</Manufacturer>
+        <Model>Windows for Docker</Model>
+      </OEMInformation>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+    </component>
+    <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <DisableSR>1</DisableSR>
+    </component>
+    <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <fDenyTSConnections>false</fDenyTSConnections>
+    </component>
+  </settings>
+  <settings pass="oobeSystem">
+    <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <InputLocale>0409:00000409</InputLocale>
+      <SystemLocale>en-US</SystemLocale>
+      <UILanguage>en-US</UILanguage>
+      <UserLocale>en-US</UserLocale>
+    </component>
+    <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <Home_Page>about:blank</Home_Page>
+    </component>
+    <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <CEIPEnabled>0</CEIPEnabled>
+    </component>
+    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <UserAccounts>
+        <LocalAccounts>
+          <LocalAccount wcm:action="add">
+            <Name>Docker</Name>
+            <Group>Administrators</Group>
+            <Password>
+              <Value />
+              <PlainText>true</PlainText>
+            </Password>
+          </LocalAccount>
+        </LocalAccounts>
+        <AdministratorPassword>
+          <Value>password</Value>
+          <PlainText>true</PlainText>
+        </AdministratorPassword>
+      </UserAccounts>
+      <AutoLogon>
+        <Username>Docker</Username>
+        <Enabled>true</Enabled>
+        <LogonCount>65432</LogonCount>
+        <Password>
+          <Value />
+          <PlainText>true</PlainText>
+        </Password>
+      </AutoLogon>
+      <Display>
+        <ColorDepth>32</ColorDepth>
+        <HorizontalResolution>1920</HorizontalResolution>
+        <VerticalResolution>1080</VerticalResolution>
+      </Display>
+      <OOBE>
+        <HideEULAPage>true</HideEULAPage>
+        <NetworkLocation>Home</NetworkLocation>
+        <ProtectYourPC>3</ProtectYourPC>
+        <SkipUserOOBE>true</SkipUserOOBE>
+        <SkipMachineOOBE>false</SkipMachineOOBE>
+      </OOBE>
+      <RegisteredOrganization>Dockur</RegisteredOrganization>
+      <RegisteredOwner>Windows for Docker</RegisteredOwner>
+      <FirstLogonCommands>
+        <SynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Allow guest access to network shares</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+          <Description>Password Never Expires</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
+          <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+          <Description>Disable monitor blanking</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>6</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>7</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>8</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+          <Description>Disable Network Discovery popup</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>9</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable first-run experience in Edge</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>10</Order>
+          <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Show file extensions in Explorer</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>11</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Zero Hibernation File</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>12</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Disable Hibernation</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>13</Order>
+          <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+          <Description>Disable Sleep</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>14</Order>
+          <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+          <Description>Add RDP in firewall</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>15</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Enable RDP</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>16</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Turn off sidebar</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>17</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>18</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+          <Description>Disable screensaver</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>19</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Enable RemoteApp to launch unlisted programs</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>20</Order>
+          <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+          <Description>Disable RemoteApp allowlist</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>21</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+          <Description>Enable Network Discovery</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>22</Order>
+          <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+          <Description>Enable File Sharing</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>23</Order>
+          <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+          <Description>Create desktop shortcut to shared folder</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>24</Order>
+          <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+          <Description>Execute custom script from the OEM folder if exists</Description>
+        </SynchronousCommand>
+      </FirstLogonCommands>
+    </component>
+  </settings>
+</unattend>
diff --git a/apps/rego-tunnel/build/compose.yml b/apps/rego-tunnel/build/compose.yml
new file mode 100644
index 0000000..e5b6257
--- /dev/null
+++ b/apps/rego-tunnel/build/compose.yml
@@ -0,0 +1,19 @@
+services:
+  windows:
+    image: dockurr/windows
+    container_name: windows
+    environment:
+      VERSION: "11"
+    devices:
+      - /dev/kvm
+      - /dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006
+      - 3389:3389/tcp
+      - 3389:3389/udp
+    volumes:
+      - ./windows:/storage
+    restart: always
+    stop_grace_period: 2m
diff --git a/apps/rego-tunnel/build/kubernetes.yml b/apps/rego-tunnel/build/kubernetes.yml
new file mode 100644
index 0000000..fa8eef0
--- /dev/null
+++ b/apps/rego-tunnel/build/kubernetes.yml
@@ -0,0 +1,100 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: windows-pvc
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 64Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: windows
+  labels:
+    name: windows
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: windows
+  template:
+    metadata:
+      labels:
+        app: windows
+    spec:
+      containers:
+      - name: windows
+        image: dockurr/windows
+        env:
+        - name: VERSION
+          value: "11"
+        - name: DISK_SIZE
+          value: "64G"
+        ports:
+          - containerPort: 8006
+            name: http
+            protocol: TCP
+          - containerPort: 3389
+            name: rdp
+            protocol: TCP
+          - containerPort: 3389
+            name: udp
+            protocol: UDP
+          - containerPort: 5900
+            name: vnc
+            protocol: TCP
+        securityContext:
+          capabilities:
+            add:
+            - NET_ADMIN
+          privileged: true
+        volumeMounts:
+        - mountPath: /storage
+          name: storage
+        - mountPath: /dev/kvm
+          name: dev-kvm
+        - mountPath: /dev/net/tun
+          name: dev-tun
+      terminationGracePeriodSeconds: 120
+      volumes:
+      - name: storage
+        persistentVolumeClaim:
+          claimName: windows-pvc
+      - hostPath:
+          path: /dev/kvm
+        name: dev-kvm
+      - hostPath:
+          path: /dev/net/tun
+          type: CharDevice
+        name: dev-tun
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: windows
+spec:
+  internalTrafficPolicy: Cluster
+  ports:
+    - name: http
+      port: 8006
+      protocol: TCP
+      targetPort: 8006
+    - name: rdp
+      port: 3389
+      protocol: TCP
+      targetPort: 3389
+    - name: udp
+      port: 3389
+      protocol: UDP
+      targetPort: 3389
+    - name: vnc
+      port: 5900
+      protocol: TCP
+      targetPort: 5900
+  selector:
+    app: windows
+  type: ClusterIP
diff --git a/apps/rego-tunnel/build/license.md b/apps/rego-tunnel/build/license.md
new file mode 100644
index 0000000..9cf1062
--- /dev/null
+++ b/apps/rego-tunnel/build/license.md
@@ -0,0 +1,19 @@
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/apps/rego-tunnel/build/readme.md b/apps/rego-tunnel/build/readme.md
new file mode 100644
index 0000000..adbb6bf
--- /dev/null
+++ b/apps/rego-tunnel/build/readme.md
@@ -0,0 +1,401 @@
+<h1 align="center">Windows<br />
+<div align="center">
+<a href="https://github.com/dockur/windows"><img src="https://github.com/dockur/windows/raw/master/.github/logo.png" title="Logo" style="max-width:100%;" width="128" /></a>
+</div>
+<div align="center">
+
+[![Build]][build_url]
+[![Version]][tag_url]
+[![Size]][tag_url]
+[![Package]][pkg_url]
+[![Pulls]][hub_url]
+
+</div></h1>
+
+Windows inside a Docker container.
+
+## Features ✨
+
+ - ISO downloader
+ - KVM acceleration
+ - Web-based viewer
+
+## Video 📺
+
+[![Youtube](https://img.youtube.com/vi/xhGYobuG508/0.jpg)](https://www.youtube.com/watch?v=xhGYobuG508)
+
+## Usage 🐳
+
+##### Via Docker Compose:
+
+```yaml
+services:
+  windows:
+    image: dockurr/windows
+    container_name: windows
+    environment:
+      VERSION: "11"
+    devices:
+      - /dev/kvm
+      - /dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006
+      - 3389:3389/tcp
+      - 3389:3389/udp
+    volumes:
+      - ./windows:/storage
+    restart: always
+    stop_grace_period: 2m
+```
+
+##### Via Docker CLI:
+
+```bash
+docker run -it --rm --name windows -e "VERSION=11" -p 8006:8006 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN -v "${PWD:-.}/windows:/storage" --stop-timeout 120 docker.io/dockurr/windows
+```
+
+##### Via Kubernetes:
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/dockur/windows/refs/heads/master/kubernetes.yml
+```
+
+##### Via Github Codespaces:
+
+[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/dockur/windows)
+
+##### Via a graphical installer:
+
+[![Download WinBoat](https://github.com/dockur/windows/raw/master/.github/winboat.png)](https://winboat.app)
+
+## FAQ 💬
+
+### How do I use it?
+
+  Very simple! These are the steps:
+  
+  - Start the container and connect to [port 8006](http://127.0.0.1:8006/) using your web browser.
+
+  - Sit back and relax while the magic happens, the whole installation will be performed fully automatic.
+
+  - Once you see the desktop, your Windows installation is ready for use.
+  
+  Enjoy your brand new machine, and don't forget to star this repo!
+
+### How do I select the Windows version?
+
+  By default, Windows 11 Pro will be installed. But you can add the `VERSION` environment variable to your compose file, in order to specify an alternative Windows version to be downloaded:
+
+  ```yaml
+  environment:
+    VERSION: "11"
+  ```
+
+  Select from the values below:
+  
+  | **Value** | **Version**            | **Size** |
+  |---|---|---|
+  | `11`   | Windows 11 Pro            | 7.2 GB   |
+  | `11l`  | Windows 11 LTSC           | 4.7 GB   |
+  | `11e`  | Windows 11 Enterprise     | 6.6 GB   |
+  ||||
+  | `10`   | Windows 10 Pro            | 5.7 GB   |
+  | `10l`  | Windows 10 LTSC           | 4.6 GB   |
+  | `10e`  | Windows 10 Enterprise     | 5.2 GB   |
+  ||||
+  | `8e`   | Windows 8.1 Enterprise    | 3.7 GB   |
+  | `7u`   | Windows 7 Ultimate        | 3.1 GB   |
+  | `vu`   | Windows Vista Ultimate    | 3.0 GB   |
+  | `xp`   | Windows XP Professional   | 0.6 GB   |
+  | `2k`   | Windows 2000 Professional | 0.4 GB   | 
+  ||||  
+  | `2025` | Windows Server 2025       | 6.7 GB   |
+  | `2022` | Windows Server 2022       | 6.0 GB   |
+  | `2019` | Windows Server 2019       | 5.3 GB   |
+  | `2016` | Windows Server 2016       | 6.5 GB   |
+  | `2012` | Windows Server 2012       | 4.3 GB   |
+  | `2008` | Windows Server 2008       | 3.0 GB   |
+  | `2003` | Windows Server 2003       | 0.6 GB   |
+
+> [!TIP]
+> To install ARM64 versions of Windows use [dockur/windows-arm](https://github.com/dockur/windows-arm/).
+
+### How do I change the storage location?
+
+  To change the storage location, include the following bind mount in your compose file:
+
+  ```yaml
+  volumes:
+    - ./windows:/storage
+  ```
+
+  Replace the example path `./windows` with the desired storage folder or named volume.
+
+### How do I change the size of the disk?
+
+  To expand the default size of 64 GB, add the `DISK_SIZE` setting to your compose file and set it to your preferred capacity:
+
+  ```yaml
+  environment:
+    DISK_SIZE: "256G"
+  ```
+  
+> [!TIP]
+> This can also be used to resize the existing disk to a larger capacity without any data loss. However you will need to [manually extend the disk partition](https://learn.microsoft.com/en-us/windows-server/storage/disk-management/extend-a-basic-volume?tabs=disk-management) since the added disk space will appear as unallocated.
+
+### How do I share files with the host?
+
+  After installation there will be a folder called `Shared` on your desktop, which can be used to exchange files with the host machine.
+  
+  To select a folder on the host for this purpose, include the following bind mount in your compose file:
+
+  ```yaml
+  volumes:
+    -  ./example:/shared
+  ```
+
+  Replace the example path `./example` with your desired shared folder, which then will become visible as `Shared`.
+
+### How do I change the amount of CPU or RAM?
+
+  By default, Windows will be allowed to use 2 CPU cores and 4 GB of RAM.
+
+  If you want to adjust this, you can specify the desired amount using the following environment variables:
+
+  ```yaml
+  environment:
+    RAM_SIZE: "8G"
+    CPU_CORES: "4"
+  ```
+
+### How do I configure the username and password?
+
+  By default, a user called `Docker` is created and its password is `admin`.
+
+  If you want to use different credentials during installation, you can configure them in your compose file:
+
+  ```yaml
+  environment:
+    USERNAME: "bill"
+    PASSWORD: "gates"
+  ```
+
+### How do I select the Windows language?
+
+  By default, the English version of Windows will be downloaded.
+  
+  But you can add the `LANGUAGE` environment variable to your compose file, in order to specify an alternative language to be downloaded:
+
+  ```yaml
+  environment:
+    LANGUAGE: "French"
+  ```
+  
+  You can choose between: 🇦🇪 Arabic, 🇧🇬 Bulgarian, 🇨🇳 Chinese, 🇭🇷 Croatian, 🇨🇿 Czech, 🇩🇰 Danish, 🇳🇱 Dutch, 🇬🇧 English, 🇪🇪 Estonian, 🇫🇮 Finnish, 🇫🇷 French, 🇩🇪 German, 🇬🇷 Greek, 🇮🇱 Hebrew, 🇭🇺 Hungarian, 🇮🇹 Italian, 🇯🇵 Japanese, 🇰🇷 Korean, 🇱🇻 Latvian, 🇱🇹 Lithuanian, 🇳🇴 Norwegian, 🇵🇱 Polish, 🇵🇹 Portuguese, 🇷🇴 Romanian, 🇷🇺 Russian, 🇷🇸 Serbian, 🇸🇰 Slovak, 🇸🇮 Slovenian, 🇪🇸 Spanish, 🇸🇪 Swedish, 🇹🇭 Thai, 🇹🇷 Turkish and 🇺🇦 Ukrainian.
+
+### How do I select the keyboard layout?
+
+  If you want to use a keyboard layout or locale that is not the default for your selected language, you can add  `KEYBOARD` and `REGION` variables like this:
+
+  ```yaml
+  environment:
+    REGION: "en-US"
+    KEYBOARD: "en-US"
+  ```
+
+### How do I install a custom image?
+
+  In order to download an unsupported ISO image, specify its URL in the `VERSION` environment variable:
+  
+  ```yaml
+  environment:
+    VERSION: "https://example.com/win.iso"
+  ```
+
+  Alternatively, you can also skip the download and use a local file instead, by binding it in your compose file in this way:
+  
+  ```yaml
+  volumes:
+    - ./example.iso:/boot.iso
+  ```
+
+  Replace the example path `./example.iso` with the filename of your desired ISO file. The value of `VERSION` will be ignored in this case.
+
+### How do I run a script after installation?
+
+  To run your own script after installation, you can create a file called `install.bat` and place it in a folder together with any additional files it needs (software to be installed for example).
+  
+  Then bind that folder in your compose file like this:
+
+  ```yaml
+  volumes:
+    -  ./example:/oem
+  ```
+
+  The example folder `./example` will be copied to `C:\OEM` and the containing `install.bat` will be executed during the last step of the automatic installation.
+
+### How do I perform a manual installation?
+
+  It's recommended to stick to the automatic installation, as it adjusts various settings to prevent common issues when running Windows inside a virtual environment.
+
+  However, if you insist on performing the installation manually at your own risk, add the following environment variable to your compose file:
+
+  ```yaml
+  environment:
+    MANUAL: "Y"
+  ```
+
+### How do I connect using RDP?
+
+  The web-viewer is mainly meant to be used during installation, as its picture quality is low, and it has no audio or clipboard for example.
+
+  So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `Docker` and password `admin`.
+
+  There is a RDP client for [Android](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) available from the Play Store and one for [iOS](https://apps.apple.com/nl/app/microsoft-remote-desktop/id714464092?l=en-GB) in the Apple Store. For Linux you can use [FreeRDP](https://www.freerdp.com/) and on Windows just type `mstsc` in the search box.
+
+### How do I assign an individual IP address to the container?
+
+  By default, the container uses bridge networking, which shares the IP address with the host. 
+
+  If you want to assign an individual IP address to the container, you can create a macvlan network as follows:
+
+  ```bash
+  docker network create -d macvlan \
+      --subnet=192.168.0.0/24 \
+      --gateway=192.168.0.1 \
+      --ip-range=192.168.0.100/28 \
+      -o parent=eth0 vlan
+  ```
+  
+  Be sure to modify these values to match your local subnet. 
+
+  Once you have created the network, change your compose file to look as follows:
+
+  ```yaml
+  services:
+    windows:
+      container_name: windows
+      ..<snip>..
+      networks:
+        vlan:
+          ipv4_address: 192.168.0.100
+
+  networks:
+    vlan:
+      external: true
+  ```
+ 
+  An added benefit of this approach is that you won't have to perform any port mapping anymore, since all ports will be exposed by default.
+
+> [!IMPORTANT]  
+> This IP address won't be accessible from the Docker host due to the design of macvlan, which doesn't permit communication between the two. If this is a concern, you need to create a [second macvlan](https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/#host-access) as a workaround.
+
+### How can Windows acquire an IP address from my router?
+
+  After configuring the container for [macvlan](#how-do-i-assign-an-individual-ip-address-to-the-container), it is possible for Windows to become part of your home network by requesting an IP from your router, just like a real PC.
+
+  To enable this mode, in which the container and Windows will have separate IP addresses, add the following lines to your compose file:
+
+  ```yaml
+  environment:
+    DHCP: "Y"
+  devices:
+    - /dev/vhost-net
+  device_cgroup_rules:
+    - 'c *:* rwm'
+  ```
+
+### How do I add multiple disks?
+
+  To create additional disks, modify your compose file like this:
+  
+  ```yaml
+  environment:
+    DISK2_SIZE: "32G"
+    DISK3_SIZE: "64G"
+  volumes:
+    - ./example2:/storage2
+    - ./example3:/storage3
+  ```
+
+### How do I pass-through a disk?
+
+  It is possible to pass-through disk devices or partitions directly by adding them to your compose file in this way:
+
+  ```yaml
+  devices:
+    - /dev/sdb:/disk1
+    - /dev/sdc1:/disk2
+  ```
+
+  Use `/disk1` if you want it to become your main drive (which will be formatted during installation), and use `/disk2` and higher to add them as secondary drives (which will stay untouched).
+
+### How do I pass-through a USB device?
+
+  To pass-through a USB device, first lookup its vendor and product id via the `lsusb` command, then add them to your compose file like this:
+
+  ```yaml
+  environment:
+    ARGUMENTS: "-device usb-host,vendorid=0x1234,productid=0x1234"
+  devices:
+    - /dev/bus/usb
+  ```
+
+  If the device is a USB disk drive, please wait until after the installation is fully completed before connecting it. Otherwise the installation may fail, as the order of the disks can get rearranged.
+
+### How do I verify if my system supports KVM?
+
+  First check if your software is compatible using this chart:
+
+  | **Product**  | **Linux** | **Win11** | **Win10** | **macOS** |
+  |---|---|---|---|---|
+  | Docker CLI        | ✅   | ✅       | ❌        | ❌ |
+  | Docker Desktop    | ❌   | ✅       | ❌        | ❌ | 
+  | Podman CLI        | ✅   | ✅       | ❌        | ❌ | 
+  | Podman Desktop    | ✅   | ✅       | ❌        | ❌ | 
+
+  After that you can run the following commands in Linux to check your system:
+
+  ```bash
+  sudo apt install cpu-checker
+  sudo kvm-ok
+  ```
+
+  If you receive an error from `kvm-ok` indicating that KVM cannot be used, please check whether:
+
+  - the virtualization extensions (`Intel VT-x` or `AMD SVM`) are enabled in your BIOS.
+
+  - you enabled "nested virtualization" if you are running the container inside a virtual machine.
+
+  - you are not using a cloud provider, as most of them do not allow nested virtualization for their VPS's.
+
+  If you did not receive any error from `kvm-ok` but the container still complains about a missing KVM device, it could help to add `privileged: true` to your compose file (or `sudo` to your `docker` command) to rule out any permission issue.
+
+### How do I run macOS in a container?
+
+  You can use [dockur/macos](https://github.com/dockur/macos) for that. It shares many of the same features, except for the automatic installation.
+
+### How do I run a Linux desktop in a container?
+
+  You can use [qemus/qemu](https://github.com/qemus/qemu) in that case.
+
+### Is this project legal?
+
+  Yes, this project contains only open-source code and does not distribute any copyrighted material. Any product keys found in the code are just generic placeholders provided by Microsoft for trial purposes. So under all applicable laws, this project will be considered legal.
+
+## Disclaimer ⚖️
+
+*The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Microsoft Corporation.*
+
+[build_url]: https://github.com/dockur/windows/
+[hub_url]: https://hub.docker.com/r/dockurr/windows/
+[tag_url]: https://hub.docker.com/r/dockurr/windows/tags
+[pkg_url]: https://github.com/dockur/windows/pkgs/container/windows
+
+[Build]: https://github.com/dockur/windows/actions/workflows/build.yml/badge.svg
+[Size]: https://img.shields.io/docker/image-size/dockurr/windows/latest?color=066da5&label=size
+[Pulls]: https://img.shields.io/docker/pulls/dockurr/windows.svg?style=flat&label=pulls&logo=docker
+[Version]: https://img.shields.io/docker/v/dockurr/windows/latest?arch=amd64&sort=semver&color=066da5
+[Package]: https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fipitio.github.io%2Fbackage%2Fdockur%2Fwindows%2Fwindows.json&query=%24.downloads&logo=github&style=flat&color=066da5&label=pulls
diff --git a/apps/rego-tunnel/build/scripts/README.md b/apps/rego-tunnel/build/rego/README.md
similarity index 100%
rename from apps/rego-tunnel/build/scripts/README.md
rename to apps/rego-tunnel/build/rego/README.md
diff --git a/apps/rego-tunnel/build/id_ed25519-lenovo b/apps/rego-tunnel/build/rego/id_ed25519-lenovo
similarity index 100%
rename from apps/rego-tunnel/build/id_ed25519-lenovo
rename to apps/rego-tunnel/build/rego/id_ed25519-lenovo
diff --git a/apps/rego-tunnel/build/scripts/install-nodejs.ps1 b/apps/rego-tunnel/build/rego/install-nodejs.ps1
similarity index 100%
rename from apps/rego-tunnel/build/scripts/install-nodejs.ps1
rename to apps/rego-tunnel/build/rego/install-nodejs.ps1
diff --git a/apps/rego-tunnel/build/scripts/setup-autologin-sshd.ps1 b/apps/rego-tunnel/build/rego/setup-autologin-sshd.ps1
similarity index 100%
rename from apps/rego-tunnel/build/scripts/setup-autologin-sshd.ps1
rename to apps/rego-tunnel/build/rego/setup-autologin-sshd.ps1
diff --git a/apps/rego-tunnel/build/scripts/setup-ssh-keys.ps1 b/apps/rego-tunnel/build/rego/setup-ssh-keys.ps1
similarity index 100%
rename from apps/rego-tunnel/build/scripts/setup-ssh-keys.ps1
rename to apps/rego-tunnel/build/rego/setup-ssh-keys.ps1
diff --git a/apps/rego-tunnel/build/scripts/socks5.js b/apps/rego-tunnel/build/rego/socks5.js
similarity index 100%
rename from apps/rego-tunnel/build/scripts/socks5.js
rename to apps/rego-tunnel/build/rego/socks5.js
diff --git a/apps/rego-tunnel/build/scripts/vpn-login.js b/apps/rego-tunnel/build/rego/vpn-login.js
similarity index 100%
rename from apps/rego-tunnel/build/scripts/vpn-login.js
rename to apps/rego-tunnel/build/rego/vpn-login.js
diff --git a/apps/rego-tunnel/build/scripts/vpn.bat b/apps/rego-tunnel/build/rego/vpn.bat
similarity index 100%
rename from apps/rego-tunnel/build/scripts/vpn.bat
rename to apps/rego-tunnel/build/rego/vpn.bat
diff --git a/apps/rego-tunnel/build/src/define.sh b/apps/rego-tunnel/build/src/define.sh
new file mode 100644
index 0000000..d8050cd
--- /dev/null
+++ b/apps/rego-tunnel/build/src/define.sh
@@ -0,0 +1,1944 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+: "${KEY:=""}"
+: "${WIDTH:=""}"
+: "${HEIGHT:=""}"
+: "${VERIFY:=""}"
+: "${REGION:=""}"
+: "${EDITION:=""}"
+: "${MANUAL:=""}"
+: "${REMOVE:=""}"
+: "${VERSION:=""}"
+: "${DETECTED:=""}"
+: "${KEYBOARD:=""}"
+: "${LANGUAGE:=""}"
+: "${USERNAME:=""}"
+: "${PASSWORD:=""}"
+
+MIRRORS=4
+
+parseVersion() {
+
+  if [[ "${VERSION}" == \"*\" || "${VERSION}" == \'*\' ]]; then
+    VERSION="${VERSION:1:-1}"
+  fi
+
+  VERSION=$(expr "$VERSION" : "^\ *\(.*[^ ]\)\ *$")
+  [ -z "$VERSION" ] && VERSION="win11"
+
+  case "${VERSION,,}" in
+    "11" | "11p" | "win11" | "pro11" | "win11p" | "windows11" | "windows 11" )
+      VERSION="win11x64"
+      ;;
+    "11e" | "win11e" | "windows11e" | "windows 11e" )
+      VERSION="win11x64-enterprise-eval"
+      ;;
+    "11i" | "11iot" | "iot11" | "win11i" | "win11-iot" | "win11x64-iot" )
+      VERSION="win11x64-enterprise-iot-eval"
+      [ -z "$DETECTED" ] && DETECTED="win11x64-iot"
+      ;;
+    "11l" | "11ltsc" | "ltsc11" | "win11l" | "win11-ltsc" | "win11x64-ltsc" )
+      VERSION="win11x64-enterprise-ltsc-eval"
+      [ -z "$DETECTED" ] && DETECTED="win11x64-ltsc"
+      ;;
+    "10" | "10p" | "win10" | "pro10" | "win10p" | "windows10" | "windows 10" )
+      VERSION="win10x64"
+      ;;
+    "10e" | "win10e" | "windows10e" | "windows 10e" )
+      VERSION="win10x64-enterprise-eval"
+      ;;
+    "10i" | "10iot" | "iot10" | "win10i" | "win10-iot" | "win10x64-iot" )
+      VERSION="win10x64-enterprise-iot-eval"
+      [ -z "$DETECTED" ] && DETECTED="win10x64-iot"
+      ;;
+    "10l" | "10ltsc" | "ltsc10" | "win10l" | "win10-ltsc" | "win10x64-ltsc" )
+      VERSION="win10x64-enterprise-ltsc-eval"
+      [ -z "$DETECTED" ] && DETECTED="win10x64-ltsc"
+      ;;
+    "8" | "8p" | "81" | "81p" | "pro8" | "8.1" | "win8" | "win8p" | "win81" | "win81p" | "windows 8" )
+      VERSION="win81x64"
+      ;;
+    "8e" | "81e" | "8.1e" | "win8e" | "win81e" | "windows 8e" )
+      VERSION="win81x64-enterprise-eval"
+      ;;
+    "7" | "win7" | "windows7" | "windows 7" )
+      VERSION="win7x64"
+      [ -z "$DETECTED" ] && DETECTED="win7x64-ultimate"
+      ;;
+    "7u" | "win7u" | "windows7u" | "windows 7u" )
+      VERSION="win7x64-ultimate"
+      ;;
+    "7e" | "win7e" | "windows7e" | "windows 7e" )
+      VERSION="win7x64-enterprise"
+      ;;
+    "7x86" | "win7x86" | "win732" | "windows7x86" )
+      VERSION="win7x86"
+      [ -z "$DETECTED" ] && DETECTED="win7x86-ultimate"
+      ;;
+    "7ux86" | "7u32" | "win7x86-ultimate" )
+      VERSION="win7x86-ultimate"
+      ;;
+    "7ex86" | "7e32" | "win7x86-enterprise" )
+      VERSION="win7x86-enterprise"
+      ;;
+    "vista" | "vs" | "6" | "winvista" | "windowsvista" | "windows vista" )
+      VERSION="winvistax64"
+      [ -z "$DETECTED" ] && DETECTED="winvistax64-ultimate"
+      ;;
+    "vistu" | "vu" | "6u" | "winvistu" )
+      VERSION="winvistax64-ultimate"
+      ;;
+    "viste" | "ve" | "6e" | "winviste" )
+      VERSION="winvistax64-enterprise"
+      ;;
+    "vistax86" | "vista32" | "6x86" | "winvistax86" | "windowsvistax86" )
+      VERSION="winvistax86"
+      [ -z "$DETECTED" ] && DETECTED="winvistax86-ultimate"
+      ;;
+    "vux86" | "vu32" | "winvistax86-ultimate" )
+      VERSION="winvistax86-ultimate"
+      ;;
+    "vex86" | "ve32" | "winvistax86-enterprise" )
+      VERSION="winvistax86-enterprise"
+      ;;
+    "xp" | "xp32" | "xpx86" | "5" | "5x86" | "winxp" | "winxp86" | "windowsxp" | "windows xp" )
+      VERSION="winxpx86"
+      ;;
+    "xp64" | "xpx64" | "5x64" | "winxp64" | "winxpx64" | "windowsxp64" | "windowsxpx64" )
+      VERSION="winxpx64"
+      ;;
+    "2k" | "2000" | "win2k" | "win2000" | "windows2k" | "windows2000" )
+      VERSION="win2kx86"
+      ;;
+    "25" | "2025" | "win25" | "win2025" | "windows2025" | "windows 2025" )
+      VERSION="win2025-eval"
+      ;;
+    "22" | "2022" | "win22" | "win2022" | "windows2022" | "windows 2022" )
+      VERSION="win2022-eval"
+      ;;
+    "19" | "2019" | "win19" | "win2019" | "windows2019" | "windows 2019" )
+      VERSION="win2019-eval"
+      ;;
+    "16" | "2016" | "win16" | "win2016" | "windows2016" | "windows 2016" )
+      VERSION="win2016-eval"
+      ;;
+    "hv" | "hyperv" | "hyper v" | "hyper-v" | "19hv" | "2019hv" | "win2019hv" )
+      VERSION="win2019-hv"
+      ;;
+    "2012" | "2012r2" | "win2012" | "win2012r2" | "windows2012" | "windows 2012" )
+      VERSION="win2012r2-eval"
+      ;;
+    "2008" | "2008r2" | "win2008" | "win2008r2" | "windows2008" | "windows 2008" )
+      VERSION="win2008r2"
+      ;;
+    "2003" | "2003r2" | "win2003" | "win2003r2" | "windows2003" | "windows 2003" )
+      VERSION="win2003r2"
+      ;;
+    "nano11" | "nano 11" )
+      VERSION="nano11"
+      [ -z "$DETECTED" ] && DETECTED="win11x64"
+      ;;      
+    "core11" | "core 11" )
+      VERSION="core11"
+      [ -z "$DETECTED" ] && DETECTED="win11x64"
+      ;;
+    "tiny11" | "tiny 11" )
+      VERSION="tiny11"
+      [ -z "$DETECTED" ] && DETECTED="win11x64"
+      ;;
+   "tiny10" | "tiny 10" )
+      VERSION="tiny10"
+      [ -z "$DETECTED" ] && DETECTED="win10x64-ltsc"
+      ;;
+  esac
+
+  return 0
+}
+
+getLanguage() {
+
+  local id="$1"
+  local ret="$2"
+  local lang=""
+  local desc=""
+  local short=""
+  local culture=""
+
+  case "${id,,}" in
+    "ar" | "ar-"* )
+      short="ar"
+      lang="Arabic"
+      desc="$lang"
+      culture="ar-SA" ;;
+    "bg" | "bg-"* )
+      short="bg"
+      lang="Bulgarian"
+      desc="$lang"
+      culture="bg-BG" ;;
+    "cs" | "cs-"* | "cz" | "cz-"* )
+      short="cs"
+      lang="Czech"
+      desc="$lang"
+      culture="cs-CZ" ;;
+    "da" | "da-"* | "dk" | "dk-"* )
+      short="da"
+      lang="Danish"
+      desc="$lang"
+      culture="da-DK" ;;
+    "de" | "de-"* )
+      short="de"
+      lang="German"
+      desc="$lang"
+      culture="de-DE" ;;
+    "el" | "el-"* | "gr" | "gr-"* )
+      short="el"
+      lang="Greek"
+      desc="$lang"
+      culture="el-GR" ;;
+    "gb" | "en-gb" )
+      short="en-gb"
+      lang="English International"
+      desc="English"
+      culture="en-GB" ;;
+    "en" | "en-"* )
+      short="en"
+      lang="English"
+      desc="English"
+      culture="en-US" ;;
+    "mx" | "es-mx" )
+      short="mx"
+      lang="Spanish (Mexico)"
+      desc="Spanish"
+      culture="es-MX" ;;
+    "es" | "es-"* )
+      short="es"
+      lang="Spanish"
+      desc="$lang"
+      culture="es-ES" ;;
+    "et" | "et-"* )
+      short="et"
+      lang="Estonian"
+      desc="$lang"
+      culture="et-EE" ;;
+    "fi" | "fi-"* )
+      short="fi"
+      lang="Finnish"
+      desc="$lang"
+      culture="fi-FI" ;;
+    "ca" | "fr-ca" )
+      short="ca"
+      lang="French Canadian"
+      desc="French"
+      culture="fr-CA" ;;
+    "fr" | "fr-"* )
+      short="fr"
+      lang="French"
+      desc="$lang"
+      culture="fr-FR" ;;
+    "he" | "he-"* | "il" | "il-"* )
+      short="he"
+      lang="Hebrew"
+      desc="$lang"
+      culture="he-IL" ;;
+    "hr" | "hr-"* | "cr" | "cr-"* )
+      short="hr"
+      lang="Croatian"
+      desc="$lang"
+      culture="hr-HR" ;;
+    "hu" | "hu-"* )
+      short="hu"
+      lang="Hungarian"
+      desc="$lang"
+      culture="hu-HU" ;;
+    "it" | "it-"* )
+      short="it"
+      lang="Italian"
+      desc="$lang"
+      culture="it-IT" ;;
+    "ja" | "ja-"* | "jp" | "jp-"* )
+      short="ja"
+      lang="Japanese"
+      desc="$lang"
+      culture="ja-JP" ;;
+    "ko" | "ko-"* | "kr" | "kr-"* )
+      short="ko"
+      lang="Korean"
+      desc="$lang"
+      culture="ko-KR" ;;
+    "lt" | "lt-"* )
+      short="lt"
+      lang="Lithuanian"
+      desc="$lang"
+      culture="lt-LT" ;;
+    "lv" | "lv-"* )
+      short="lv"
+      lang="Latvian"
+      desc="$lang"
+      culture="lv-LV" ;;
+    "nb" | "nb-"* |"nn" | "nn-"* | "no" | "no-"* )
+      short="no"
+      lang="Norwegian"
+      desc="$lang"
+      culture="nb-NO" ;;
+    "nl" | "nl-"* )
+      short="nl"
+      lang="Dutch"
+      desc="$lang"
+      culture="nl-NL" ;;
+    "pl" | "pl-"* )
+      short="pl"
+      lang="Polish"
+      desc="$lang"
+      culture="pl-PL" ;;
+    "br" | "pt-br" )
+      short="pt"
+      lang="Brazilian Portuguese"
+      desc="Portuguese"
+      culture="pt-BR" ;;
+    "pt" | "pt-"* )
+      short="pp"
+      lang="Portuguese"
+      desc="$lang"
+      culture="pt-BR" ;;
+    "ro" | "ro-"* )
+      short="ro"
+      lang="Romanian"
+      desc="$lang"
+      culture="ro-RO" ;;
+    "ru" | "ru-"* )
+      short="ru"
+      lang="Russian"
+      desc="$lang"
+      culture="ru-RU" ;;
+    "sk" | "sk-"* )
+      short="sk"
+      lang="Slovak"
+      desc="$lang"
+      culture="sk-SK" ;;
+    "sl" | "sl-"* | "si" | "si-"* )
+      short="sl"
+      lang="Slovenian"
+      desc="$lang"
+      culture="sl-SI" ;;
+    "sr" | "sr-"* )
+      short="sr"
+      lang="Serbian Latin"
+      desc="Serbian"
+      culture="sr-Latn-RS" ;;
+    "sv" | "sv-"* | "se" | "se-"* )
+      short="sv"
+      lang="Swedish"
+      desc="$lang"
+      culture="sv-SE" ;;
+    "th" | "th-"* )
+      short="th"
+      lang="Thai"
+      desc="$lang"
+      culture="th-TH" ;;
+    "tr" | "tr-"* )
+      short="tr"
+      lang="Turkish"
+      desc="$lang"
+      culture="tr-TR" ;;
+    "ua" | "ua-"* | "uk" | "uk-"* )
+      short="uk"
+      lang="Ukrainian"
+      desc="$lang"
+      culture="uk-UA" ;;
+    "hk" | "zh-hk" | "cn-hk" )
+      short="hk"
+      lang="Chinese (Traditional)"
+      desc="Chinese HK"
+      culture="zh-TW" ;;
+    "tw" | "zh-tw" | "cn-tw" )
+      short="tw"
+      lang="Chinese (Traditional)"
+      desc="Chinese TW"
+      culture="zh-TW" ;;
+    "zh" | "zh-"* | "cn" | "cn-"* )
+      short="cn"
+      lang="Chinese (Simplified)"
+      desc="Chinese"
+      culture="zh-CN" ;;
+  esac
+
+  case "${ret,,}" in
+    "desc" ) echo "$desc" ;;
+    "name" ) echo "$lang" ;;
+    "code" ) echo "$short" ;;
+    "culture" ) echo "$culture" ;;
+    *) echo "$desc";;
+  esac
+
+  return 0
+}
+
+parseLanguage() {
+
+  REGION="${REGION//_/-/}"
+  KEYBOARD="${KEYBOARD//_/-/}"
+  LANGUAGE="${LANGUAGE//_/-/}"
+
+  [ -z "$LANGUAGE" ] && LANGUAGE="en"
+
+  case "${LANGUAGE,,}" in
+    "arabic" | "arab" ) LANGUAGE="ar" ;;
+    "bulgarian" | "bu" ) LANGUAGE="bg" ;;
+    "chinese" | "cn" ) LANGUAGE="zh" ;;
+    "croatian" | "cr" | "hrvatski" ) LANGUAGE="hr" ;;
+    "czech" | "cz" | "cesky" ) LANGUAGE="cs" ;;
+    "danish" | "dk" | "danske" ) LANGUAGE="da" ;;
+    "dutch" | "nederlands" ) LANGUAGE="nl" ;;
+    "english" | "gb" | "british" ) LANGUAGE="en" ;;
+    "estonian" | "eesti" ) LANGUAGE="et" ;;
+    "finnish" | "suomi" ) LANGUAGE="fi" ;;
+    "french" | "français" | "francais" ) LANGUAGE="fr" ;;
+    "german" | "deutsch" ) LANGUAGE="de" ;;
+    "greek" | "gr" ) LANGUAGE="el" ;;
+    "hebrew" | "il" ) LANGUAGE="he" ;;
+    "hungarian" | "magyar" ) LANGUAGE="hu" ;;
+    "italian" | "italiano" ) LANGUAGE="it" ;;
+    "japanese" | "jp" ) LANGUAGE="ja" ;;
+    "korean" | "kr" ) LANGUAGE="ko" ;;
+    "latvian" | "latvijas" ) LANGUAGE="lv" ;;
+    "lithuanian" | "lietuvos" ) LANGUAGE="lt" ;;
+    "norwegian" | "no" | "nb" | "norsk" ) LANGUAGE="nn" ;;
+    "polish" | "polski" ) LANGUAGE="pl" ;;
+    "portuguese" | "pt" | "br" ) LANGUAGE="pt-br" ;;
+    "português" | "portugues" ) LANGUAGE="pt-br" ;;
+    "romanian" | "română" | "romana" ) LANGUAGE="ro" ;;
+    "russian" | "ruski" ) LANGUAGE="ru" ;;
+    "serbian" | "serbian latin" ) LANGUAGE="sr" ;;
+    "slovak" | "slovenský" | "slovensky" ) LANGUAGE="sk" ;;
+    "slovenian" | "si" | "slovenski" ) LANGUAGE="sl" ;;
+    "spanish" | "espanol" | "español" ) LANGUAGE="es" ;;
+    "swedish" | "se" | "svenska" ) LANGUAGE="sv" ;;
+    "turkish" | "türk" | "turk" ) LANGUAGE="tr" ;;
+    "thai" ) LANGUAGE="th" ;;
+    "ukrainian" | "ua" ) LANGUAGE="uk" ;;
+  esac
+
+  local culture
+  culture=$(getLanguage "$LANGUAGE" "culture")
+  [ -n "$culture" ] && return 0
+
+  error "Invalid LANGUAGE specified, value \"$LANGUAGE\" is not recognized!"
+  return 1
+}
+
+printVersion() {
+
+  local id="$1"
+  local desc="$2"
+
+  case "${id,,}" in
+    "tiny11"* ) desc="Tiny 11" ;;
+    "tiny10"* ) desc="Tiny 10" ;;
+    "core11"* ) desc="Core 11" ;;
+    "nano11"* ) desc="Nano 11" ;;
+    "win7"* ) desc="Windows 7" ;;
+    "win8"* ) desc="Windows 8" ;;
+    "win10"* ) desc="Windows 10" ;;
+    "win11"* ) desc="Windows 11" ;;
+    "winxp"* ) desc="Windows XP" ;;
+    "win9x"* ) desc="Windows ME" ;;
+    "win98"* ) desc="Windows 98" ;;
+    "win95"* ) desc="Windows 95" ;;
+    "win2k"* ) desc="Windows 2000" ;;
+    "winvista"* ) desc="Windows Vista" ;;
+    "win2019-hv"* ) desc="Hyper-V Server" ;;
+    "win2003"* ) desc="Windows Server 2003" ;;
+    "win2008"* ) desc="Windows Server 2008" ;;
+    "win2012"* ) desc="Windows Server 2012" ;;
+    "win2016"* ) desc="Windows Server 2016" ;;
+    "win2019"* ) desc="Windows Server 2019" ;;
+    "win2022"* ) desc="Windows Server 2022" ;;
+    "win2025"* ) desc="Windows Server 2025" ;;
+  esac
+
+  if [ -z "$desc" ]; then
+    desc="Windows"
+    [[ "${PLATFORM,,}" != "x64" ]] && desc+=" for ${PLATFORM}"
+  fi
+
+  echo "$desc"
+  return 0
+}
+
+printEdition() {
+
+  local id="$1"
+  local desc="$2"
+  local result=""
+  local edition=""
+
+  result=$(printVersion "$id" "x")
+  [[ "$result" == "x" ]] && echo "$desc" && return 0
+
+  case "${id,,}" in
+    *"-home" )
+      edition="Home"
+      ;;
+    *"-starter" )
+      edition="Starter"
+      ;;
+    *"-ultimate" )
+      edition="Ultimate"
+      ;;
+    *"-enterprise" )
+      edition="Enterprise"
+      ;;
+    *"-education" )
+      edition="Education"
+      ;;
+    *"-hv" )
+      edition="2019"
+      ;;
+    *"-iot" | *"-iot-eval" )
+      edition="LTSC"
+      ;;
+    *"-ltsc" | *"-ltsc-eval" )
+      edition="LTSC"
+      ;;
+    *"-enterprise-eval" )
+      edition="Enterprise (Evaluation)"
+      ;;
+    "win7"* )
+      edition="Professional"
+      ;;
+    "win8"* | "win10"* | "win11"* )
+      edition="Pro"
+      ;;
+    "winxp"* )
+      edition="Professional"
+      ;;
+    "winvista"* )
+      edition="Business"
+      ;;
+    "win2025"* | "win2022"* | "win2019"* | "win2016"* | "win2012"* | "win2008"* | "win2003"* )
+      case "${EDITION^^}" in
+        *"DATACENTER"* ) edition="Datacenter" ;;
+        "CORE" | "STANDARDCORE" ) edition="Core" ;;
+        * ) edition="Standard" ;;
+      esac
+      ;;
+  esac
+
+  [ -n "$edition" ] && result+=" $edition"
+
+  echo "$result"
+  return 0
+}
+
+fromFile() {
+
+  local id=""
+  local desc="$1"
+  local file="${1,,}"
+  local arch="${PLATFORM,,}"
+
+  file="${file//-/_}"
+  file="${file// /_}"
+
+  case "$file" in
+    *"_x64_"* | *"_x64."*)
+      arch="x64"
+      ;;
+    *"_x86_"* | *"_x86."*)
+      arch="x86"
+      ;;
+    *"_arm64_"* | *"_arm64."*)
+      arch="arm64"
+      ;;
+  esac
+
+  local add=""
+  [[ "$arch" != "x64" ]] && add="$arch"
+
+  case "$file" in
+    "win7"* | "win_7"* | *"windows7"* | *"windows_7"* )
+      id="win7${arch}"
+      ;;
+    "win8"* | "win_8"* | *"windows8"* | *"windows_8"* )
+      id="win81${arch}"
+      ;;
+    "win10"*| "win_10"* | *"windows10"* | *"windows_10"* )
+      id="win10${arch}"
+      ;;
+    "win11"* | "win_11"* | *"windows11"* | *"windows_11"* )
+      id="win11${arch}"
+      ;;
+    *"winxp"* | *"win_xp"* | *"windowsxp"* | *"windows_xp"* )
+      id="winxpx86"
+      ;;
+    *"winvista"* | *"win_vista"* | *"windowsvista"* | *"windows_vista"* )
+      id="winvista${arch}"
+      ;;
+    "nano11"* | "nano_11"* )
+      id="nano11"
+      ;;
+    "tiny11core"* | "tiny11_core"* | "tiny_11_core"* )
+      id="core11"
+      ;;
+    "tiny11"* | "tiny_11"* )
+      id="tiny11"
+      ;;
+    "tiny10"* | "tiny_10"* )
+      id="tiny10"
+      ;;
+    *"_serverhypercore_"* )
+      id="win2019${add}-hv"
+      ;;
+    *"server2025"* | *"server_2025"* )
+      id="win2025${add}"
+      ;;
+    *"server2022"* | *"server_2022"* )
+      id="win2022${add}"
+      ;;
+    *"server2019"* | *"server_2019"* )
+      id="win2019${add}"
+      ;;
+    *"server2016"* | *"server_2016"* )
+      id="win2016${add}"
+      ;;
+    *"server2012"* | *"server_2012"* )
+      id="win2012r2${add}"
+      ;;
+    *"server2008"* | *"server_2008"* )
+      id="win2008r2${add}"
+      ;;
+    *"server2003"* | *"server_2003"* )
+      id="win2003r2${add}"
+      ;;
+  esac
+
+  if [ -n "$id" ]; then
+    desc=$(printVersion "$id" "$desc")
+  fi
+
+  echo "$desc"
+  return 0
+}
+
+fromName() {
+
+  local id=""
+  local name="$1"
+  local arch="$2"
+
+  local add=""
+  [[ "$arch" != "x64" ]] && add="$arch"
+
+  case "${name,,}" in
+    *"windows 7"* ) id="win7${arch}" ;;
+    *"windows 8"* ) id="win81${arch}" ;;
+    *"windows 10"* ) id="win10${arch}" ;;
+    *"optimum 10"* ) id="win10${arch}" ;;
+    *"windows 11"* ) id="win11${arch}" ;;
+    *"optimum 11"* ) id="win11${arch}" ;;
+    *"windows vista"* ) id="winvista${arch}" ;;
+    *"server 2025"* ) id="win2025${add}" ;;
+    *"server 2022"* ) id="win2022${add}" ;;
+    *"server 2019"* ) id="win2019${add}" ;;
+    *"server 2016"* ) id="win2016${add}" ;;
+    *"server 2012"* ) id="win2012r2${add}" ;;
+    *"server 2008"* ) id="win2008r2${add}" ;;
+    *"server 2003"* ) id="win2003r2${add}" ;;
+    *"hyper-v server"* ) id="win2019${add}" ;;
+  esac
+
+  echo "$id"
+  return 0
+}
+
+getVersion() {
+
+  local id
+  local name="$1"
+  local arch="$2"
+
+  id=$(fromName "$name" "$arch")
+
+  case "${id,,}" in
+    "win7"* | "winvista"* )
+        case "${name,,}" in
+          *" home"* ) id="$id-home" ;;
+          *" starter"* ) id="$id-starter" ;;
+          *" ultimate"* ) id="$id-ultimate" ;;
+          *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+          *" enterprise"* ) id="$id-enterprise" ;;
+        esac
+      ;;
+    "win8"* )
+        case "${name,,}" in
+          *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+          *" enterprise"* ) id="$id-enterprise" ;;
+        esac
+      ;;
+    "win10"* | "win11"* )
+       case "${name,,}" in
+          *" iot"* ) id="$id-iot" ;;
+          *" ltsc"* ) id="$id-ltsc" ;;
+          *" home"* ) id="$id-home" ;;
+          *" education"* ) id="$id-education" ;;
+          *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+          *" enterprise"* ) id="$id-enterprise" ;;
+        esac
+      ;;
+    "win2025"* | "win2022"* | "win2019"* | "win2016"* | "win2012"* | "win2008"* | "win2003"* )
+       case "${name,,}" in
+          *" evaluation"* ) id="$id-eval" ;;
+          *"hyper-v server"* ) id="$id-hv" ;;
+        esac
+      ;;
+  esac
+
+  echo "$id"
+  return 0
+}
+
+switchEdition() {
+
+  local id="$1"
+
+  if [[ "${id,,}" == *"-eval" ]]; then
+    [ -z "$DETECTED" ] && DETECTED="${id::-5}"
+  fi
+
+  return 0
+}
+
+getMido() {
+
+  local id="$1"
+  local lang="$2"
+  local ret="$3"
+  local url=""
+  local sum=""
+  local size=""
+
+  [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+  case "${id,,}" in
+    "win11x64" )
+      size=7736125440
+      sum="d141f6030fed50f75e2b03e1eb2e53646c4b21e5386047cb860af5223f102a32"
+      url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENT_CONSUMER_x64FRE_en-us.iso"
+      ;;
+    "win11x64-enterprise-eval" )
+      size=7092807680
+      sum="a61adeab895ef5a4db436e0a7011c92a2ff17bb0357f58b13bbc4062e535e7b9"
+      url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+      ;;
+    "win11x64-enterprise-iot-eval" | "win11x64-enterprise-ltsc-eval" )
+      size=5060020224
+      sum="2cee70bd183df42b92a2e0da08cc2bb7a2a9ce3a3841955a012c0f77aeb3cb29"
+      url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26100.1.240331-1435.ge_release_CLIENT_IOT_LTSC_EVAL_x64FRE_en-us.iso"
+      ;;
+    "win10x64" )
+      size=6140975104
+      sum="a6f470ca6d331eb353b815c043e327a347f594f37ff525f17764738fe812852e"
+      ;;
+    "win10x64-enterprise-eval" )
+      size=5550497792
+      sum="ef7312733a9f5d7d51cfa04ac497671995674ca5e1058d5164d6028f0938d668"
+      url="https://software-static.download.prss.microsoft.com/dbazure/988969d5-f34g-4e03-ac9d-1f9786c66750/19045.2006.220908-0225.22h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+      ;;
+    "win10x64-enterprise-ltsc-eval" )
+      size=4898582528
+      sum="e4ab2e3535be5748252a8d5d57539a6e59be8d6726345ee10e7afd2cb89fefb5"
+      url="https://software-download.microsoft.com/download/pr/19044.1288.211006-0501.21h2_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso"
+      ;;
+    "win81x64-enterprise-eval" )
+      size=3961473024
+      sum="2dedd44c45646c74efc5a028f65336027e14a56f76686a4631cf94ffe37c72f2"
+      url="https://download.microsoft.com/download/B/9/9/B999286E-0A47-406D-8B3D-5B5AD7373A4A/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO"
+      ;;
+    "win2025-eval" )
+      size=6014152704
+      sum="d0ef4502e350e3c6c53c15b1b3020d38a5ded011bf04998e950720ac8579b23d"
+      url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26100.1742.240906-0331.ge_release_svc_refresh_SERVER_EVAL_x64FRE_en-us.iso"
+      ;;
+    "win2022-eval" )
+      size=5044094976
+      sum="3e4fa6d8507b554856fc9ca6079cc402df11a8b79344871669f0251535255325"
+      url="https://software-static.download.prss.microsoft.com/sg/download/888969d5-f34g-4e03-ac9d-1f9786c66749/SERVER_EVAL_x64FRE_en-us.iso"
+      ;;
+    "win2019-eval" )
+      size=5652088832
+      sum="6dae072e7f78f4ccab74a45341de0d6e2d45c39be25f1f5920a2ab4f51d7bcbb"
+      url="https://software-download.microsoft.com/download/pr/17763.737.190906-2324.rs5_release_svc_refresh_SERVER_EVAL_x64FRE_en-us_1.iso"
+     ;;
+    "win2019-hv" )
+      size=3072712704
+      sum="48e9b944518e5bbc80876a9a7ff99716f386f404f4be48dca47e16a66ae7872c"
+      url="https://software-download.microsoft.com/download/pr/17763.557.190612-0019.rs5_release_svc_refresh_SERVERHYPERCORE_OEM_x64FRE_en-us.ISO"
+     ;;
+    "win2016-eval" )
+      size=6972221440
+      sum="1ce702a578a3cb1ac3d14873980838590f06d5b7101c5daaccbac9d73f1fb50f"
+      url="https://software-download.microsoft.com/download/pr/Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO"
+      ;;
+    "win2012r2-eval" )
+      size=4542291968
+      sum="6612b5b1f53e845aacdf96e974bb119a3d9b4dcb5b82e65804ab7e534dc7b4d5"
+      url="https://download.microsoft.com/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_SERVER_EVAL_EN-US-IR3_SSS_X64FREE_EN-US_DV9.ISO"
+      ;;
+    "win2008r2" )
+      size=3166840832
+      sum="30832ad76ccfa4ce48ccb936edefe02079d42fb1da32201bf9e3a880c8ed6312"
+      url="https://download.microsoft.com/download/4/1/D/41DEA7E0-B30D-4012-A1E3-F24DC03BA1BB/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso"
+      ;;
+  esac
+
+  case "${ret,,}" in
+    "sum" ) echo "$sum" ;;
+    "size" ) echo "$size" ;;
+    *) echo "$url";;
+  esac
+
+  return 0
+}
+
+getLink1() {
+
+  # Fallbacks for users who cannot connect to the Microsoft servers
+
+  local id="$1"
+  local lang="$2"
+  local ret="$3"
+  local url=""
+  local sum=""
+  local size=""
+  local host="https://dl.bobpony.com/windows"
+
+  [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+  case "${id,,}" in
+    "win11x64" | "win11x64-enterprise" | "win11x64-enterprise-eval" )
+      size=5332989952
+      sum="aa1ad990f930d907b7a34ea897abbb0dfbe47552ca8acc146f92e40381839e05"
+      url="11/en-us_windows_11_24h2_x64.iso"
+      ;;
+    "win11x64-iot" | "win11x64-enterprise-iot" | "win11x64-enterprise-iot-eval" )
+      size=5144817664
+      sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+      url="11/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+      ;;
+    "win11x64-ltsc" | "win11x64-enterprise-ltsc" | "win11x64-enterprise-ltsc-eval" )
+      size=5144817664
+      sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+      url="11/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+      ;;
+    "win10x64" | "win10x64-enterprise" | "win10x64-enterprise-eval" )
+      size=5535252480
+      sum="557871965263d0fd0a1ea50b5d0d0d7cb04a279148ca905c1c675c9bc0d5486c"
+      url="10/en-us_windows_10_22h2_x64.iso"
+      ;;
+    "win10x64-iot" | "win10x64-enterprise-iot" | "win10x64-enterprise-iot-eval" )
+      size=4851668992
+      sum="a0334f31ea7a3e6932b9ad7206608248f0bd40698bfb8fc65f14fc5e4976c160"
+      url="10/en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f.iso"
+      ;;
+    "win10x64-ltsc" | "win10x64-enterprise-ltsc" | "win10x64-enterprise-ltsc-eval" )
+      size=4899461120
+      sum="c90a6df8997bf49e56b9673982f3e80745058723a707aef8f22998ae6479597d"
+      url="10/en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96.iso"
+      ;;
+    "win81x64" )
+      size=4320526336
+      sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+      url="8.x/8.1/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+      ;;
+    "win81x64-enterprise" | "win81x64-enterprise-eval" )
+      size=4139163648
+      sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+      url="8.x/8.1/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+      ;;
+    "win2025" | "win2025-eval" )
+      size=7571058688
+      sum="d273d0a85565ffbc06a3d46313f619103e2830a3373306ddbb9a08b8824f509d"
+      url="server/2025/en-us_windows_server_2025_updated_oct_2025_x64_dvd_6c0c5aa8.iso"
+      ;;
+    "win2022" | "win2022-eval" )
+      size=6023239680
+      sum="5d6d91efa972cbdd6701d78db1dcf6a34c7024ca931c1718e7cb3d0c6dd54e88"
+      url="server/2022/en-us_windows_server_2022_updated_oct_2025_x64_dvd_26e9af36.iso"
+      ;;
+    "win2019" | "win2019-eval" )
+      size=5575774208
+      sum="0067afe7fdc4e61f677bd8c35a209082aa917df9c117527fc4b2b52a447e89bb"
+      url="server/2019/en-us_windows_server_2019_updated_aug_2021_x64_dvd_a6431a28.iso"
+      ;;
+    "win2016" | "win2016-eval" )
+      size=6006587392
+      sum="af06e5483c786c023123e325cea4775050324d9e1366f46850b515ae43f764be"
+      url="server/2016/en_windows_server_2016_updated_feb_2018_x64_dvd_11636692.iso"
+      ;;
+    "win2012r2" | "win2012r2-eval" )
+      size=5397889024
+      sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+      url="server/2012r2/en_windows_server_2012_r2_with_update_x64_dvd_6052708-004.iso"
+      ;;
+    "win2008r2" | "win2008r2-eval" )
+      size=3166584832
+      sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+      url="server/2008r2/en_windows_server_2008_r2_with_sp1_x64_dvd_617601-018.iso"
+      ;;
+    "win7x64" | "win7x64-ultimate" )
+      size=3320836096
+      sum="0b738b55a5ea388ad016535a5c8234daf2e5715a0638488ddd8a228a836055a1"
+      url="7/en_windows_7_with_sp1_x64.iso"
+      ;;
+    "win7x64-enterprise" | "win7x64-enterprise-eval" )
+      size=3182604288
+      sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+      url="7/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+      ;;
+    "win7x86" | "win7x86-ultimate" )
+      size=2564411392
+      sum="99f3369c90160816be07093dbb0ac053e0a84e52d6ed1395c92ae208ccdf67e5"
+      url="7/en_windows_7_with_sp1_x86.iso"
+      ;;
+    "win7x86-enterprise" | "win7x86-enterprise-eval" )
+      size=2434502656
+      sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+      url="7/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+      ;;
+    "winvistax64" | "winvistax64-ultimate" )
+      size=3861460992
+      sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+      url="vista/en_windows_vista_sp2_x64_dvd_342267.iso"
+      ;;
+    "winvistax86" | "winvistax86-ultimate" )
+      size=3243413504
+      sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+      url="vista/en_windows_vista_with_sp2_x86_dvd_342266.iso"
+      ;;
+    "win2003r2" )
+      size=731650535
+      sum="6b64bbae7eb00fd000cc887ffdc9f224d00c557daad7f756cfa373950b880dc8"
+      url="server/2003r2/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_cd2.zip"
+      ;;
+    "winxpx86" )
+      size=617756672
+      sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+      url="xp/professional/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+      ;;
+    "winxpx64" )
+      size=614166528
+      sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+      url="xp/professional/en_win_xp_pro_x64_vl.iso"
+      ;;
+    "win2kx86" )
+      size=331701982
+      sum="a93251b31f92316411bb48458a695d9051b13cdeba714c46f105012fdda45bf3"
+      url="2000/5.00.2195.6717_x86fre_client-professional_retail_en-us.7z"
+      ;;
+  esac
+
+  case "${ret,,}" in
+    "sum" ) echo "$sum" ;;
+    "size" ) echo "$size" ;;
+    *) [ -n "$url" ] && echo "$host/$url";;
+  esac
+
+  return 0
+}
+
+getLink2() {
+
+  local id="$1"
+  local lang="$2"
+  local ret="$3"
+  local url=""
+  local sum=""
+  local size=""
+  local host="https://files.dog/MSDN"
+
+  [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+  case "${id,,}" in
+    "win81x64" )
+      size=4320526336
+      sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+      url="Windows%208.1%20with%20Update/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+      ;;
+    "win81x64-enterprise" | "win81x64-enterprise-eval" )
+      size=4139163648
+      sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+      url="Windows%208.1%20with%20Update/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+      ;;
+    "win2012r2" | "win2012r2-eval" )
+      size=5397889024
+      sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+      url="Windows%20Server%202012%20R2%20with%20Update/en_windows_server_2012_r2_with_update_x64_dvd_6052708.iso"
+      ;;
+    "win2008r2" | "win2008r2-eval" )
+      size=3166584832
+      sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+      url="Windows%20Server%202008%20R2/en_windows_server_2008_r2_with_sp1_x64_dvd_617601.iso"
+      ;;
+    "win7x64" | "win7x64-ultimate" )
+      size=3320903680
+      sum="36f4fa2416d0982697ab106e3a72d2e120dbcdb6cc54fd3906d06120d0653808"
+      url="Windows%207/en_windows_7_ultimate_with_sp1_x64_dvd_u_677332.iso"
+      ;;
+    "win7x64-enterprise" | "win7x64-enterprise-eval" )
+      size=3182604288
+      sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+      url="Windows%207/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+      ;;
+    "win7x86" | "win7x86-ultimate" )
+      size=2564476928
+      sum="e2c009a66d63a742941f5087acae1aa438dcbe87010bddd53884b1af6b22c940"
+      url="Windows%207/en_windows_7_ultimate_with_sp1_x86_dvd_u_677460.iso"
+      ;;
+    "win7x86-enterprise" | "win7x86-enterprise-eval" )
+      size=2434502656
+      sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+      url="Windows%207/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+      ;;
+    "winvistax64" | "winvistax64-ultimate" )
+      size=3861460992
+      sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+      url="Windows%20Vista/en_windows_vista_sp2_x64_dvd_342267.iso"
+      ;;
+    "winvistax64-enterprise" )
+      size=3205953536
+      sum="0a0cd511b3eac95c6f081419c9c65b12317b9d6a8d9707f89d646c910e788016"
+      url="Windows%20Vista/en_windows_vista_enterprise_sp2_x64_dvd_342332.iso"
+      ;;
+    "winvistax86" | "winvistax86-ultimate" )
+      size=3243413504
+      sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+      url="Windows%20Vista/en_windows_vista_with_sp2_x86_dvd_342266.iso"
+      ;;
+    "winvistax86-enterprise" )
+      size=2420981760
+      sum="54e2720004041e7db988a391543ea5228b0affc28efcf9303d2d0ff9402067f5"
+      url="Windows%20Vista/en_windows_vista_enterprise_sp2_x86_dvd_342329.iso"
+      ;;
+    "win2003r2" )
+      size=652367872
+      sum="74245cba888f935b138b106c2744bec7f392925b472358960a0b5643cd6abb32"
+      url="Windows%20Server%202003%20R2/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757.iso"
+      ;;
+    "winxpx86" )
+      size=617756672
+      sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+      url="Windows%20XP/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+      ;;
+    "winxpx64" )
+      size=614166528
+      sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+      url="Windows%20XP/en_win_xp_pro_x64_vl.iso"
+      ;;
+  esac
+
+  case "${ret,,}" in
+    "sum" ) echo "$sum" ;;
+    "size" ) echo "$size" ;;
+    *) [ -n "$url" ] && echo "$host/$url";;
+  esac
+
+  return 0
+}
+
+getLink3() {
+
+  local id="$1"
+  local lang="$2"
+  local ret="$3"
+  local url=""
+  local sum=""
+  local size=""
+  local host="https://nixsys.com/drivers"
+
+  [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+  case "${id,,}" in
+    "win7x64" | "win7x64-ultimate" )
+      size=3319478272
+      sum="3286963e1476082ba882a5058c205c264772bead9e99e15cd1cb255f04b72900"
+      url="WINDOWS764_EN_DVD.iso"
+      ;;
+    "win7x86" | "win7x86-ultimate" )
+      size=2564784128
+      sum="bd4c03c917d00a40222d92a6fab04981a7bd46140bda1888eb961a322e3c5d89"
+      url="WINDOWS732_EN_DVD.iso"
+      ;;
+    "winxpx86" )
+      size=618065920
+      sum="8177d0137dfe4e8296a85793f140806c9250a5992c8e0e50158c742767ad1182"
+      url="WinXPsp3.iso"
+      ;;
+    "win2kx86" )
+      size=387424256
+      sum="08b11c3897eb38d1e6566a17cec5cdf2b3c620444e160e3db200a7e223aabbd8"
+      url="Windows_2000_SP4.iso"
+  esac
+
+  case "${ret,,}" in
+    "sum" ) echo "$sum" ;;
+    "size" ) echo "$size" ;;
+    *) [ -n "$url" ] && echo "$host/$url";;
+  esac
+
+  return 0
+}
+
+getLink4() {
+
+  local id="$1"
+  local lang="$2"
+  local ret="$3"
+  local url=""
+  local sum=""
+  local size=""
+  local host="https://archive.org/download"
+
+  [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+  case "${id,,}" in
+    "nano11" )
+      size=2463565824
+      sum="a1e0614372768cbe2d24de74b78a4a97bc1017ea5080dfed1d2125e4a527eb1a"
+      url="nano11_25h2/nano11%2025h2.iso"
+      ;;
+    "core11" )
+      size=3176654848
+      sum="29c055fcfb7b089abd9e007e7abe4bb82c70a03aac9d65e56a38b87ab32d04d2"
+      url="tiny11_25H2/tiny11core_25H2_Oct25.iso"
+      ;;
+    "tiny11" )
+      size=5514559488
+      sum="92484f2b7f707e42383294402a9eabbadeaa5ede80ac633390ae7f3537e36275"
+      url="tiny11_25H2/tiny11_25H2_Oct25.iso"
+      ;;
+    "tiny10" )
+      size=3839819776
+      sum="a11116c0645d892d6a5a7c585ecc1fa13aa66f8c7cc6b03bf1f27bd16860cc35"
+      url="tiny-10-23-h2/tiny10%20x64%2023h2.iso"
+      ;;
+    "win11x64" )
+      size=7736125440
+      sum="d141f6030fed50f75e2b03e1eb2e53646c4b21e5386047cb860af5223f102a32"
+      url="W11x64_26200.6584/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENT_CONSUMER_x64FRE_en-us.iso"
+      ;;
+    "win11x64-enterprise" | "win11x64-enterprise-eval" )
+      size=6209064960
+      sum="c8dbc96b61d04c8b01faf6ce0794fdf33965c7b350eaa3eb1e6697019902945c"
+      url="Windows11Enterprise23H2x64/22631.2428.231001-0608.23H2_NI_RELEASE_SVC_REFRESH_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+      ;;
+    "win11x64-iot" | "win11x64-enterprise-iot" | "win11x64-enterprise-iot-eval" )
+      size=5144817664
+      sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+      url="Windows11LTSC/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+      ;;
+    "win11x64-ltsc" | "win11x64-enterprise-ltsc" | "win11x64-enterprise-ltsc-eval" )
+      size=5144817664
+      sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+      url="Windows11LTSC/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+      ;;
+    "win10x64" | "win10x64-enterprise" | "win10x64-enterprise-eval" )
+      size=6978310144
+      sum="7847abd6f39abd02dc8089c4177d354f9eb66fa0ee2fe8ae20e596e675d1ab67"
+      url="Windows-10-22H2-July-2024-64-bit-DVD-English/en-us_windows_10_business_editions_version_22h2_updated_july_2024_x64_dvd_c004521a.iso"
+      ;;
+    "win10x64-iot" | "win10x64-enterprise-iot" | "win10x64-enterprise-iot-eval" )
+      size=4851668992
+      sum="a0334f31ea7a3e6932b9ad7206608248f0bd40698bfb8fc65f14fc5e4976c160"
+      url="en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f_202411/en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f.iso"
+      ;;
+    "win10x64-ltsc" | "win10x64-enterprise-ltsc" | "win10x64-enterprise-ltsc-eval" )
+      size=4899461120
+      sum="c90a6df8997bf49e56b9673982f3e80745058723a707aef8f22998ae6479597d"
+      url="en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96_202302/en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96.iso"
+      ;;
+    "win81x64" )
+      size=4320526336
+      sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+      url="en_windows_8.1_with_update_x64_dvd_6051480/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+      ;;
+    "win81x64-enterprise" | "win81x64-enterprise-eval" )
+      size=4139163648
+      sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+      url="en_windows_8.1_enterprise_with_update_x64_dvd/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+      ;;
+    "win2022" | "win2022-eval" )
+      size=5365624832
+      sum="c3c57bb2cf723973a7dcfb1a21e97dfa035753a7f111e348ad918bb64b3114db"
+      url="win-server-2022/2227-January_2024/en-us_windows_server_2022_updated_jan_2024_x64_dvd_2b7a0c9f.iso"
+      ;;
+    "win2019" | "win2019-eval" )
+      size=5575774208
+      sum="0067afe7fdc4e61f677bd8c35a209082aa917df9c117527fc4b2b52a447e89bb"
+      url="sw-dvd-9-win-server-std-core-2019-1809.18-64-bit-english-dc-std-mlf-x-22-74330/SW_DVD9_Win_Server_STD_CORE_2019_1809.18_64Bit_English_DC_STD_MLF_X22-74330.ISO"
+      ;;
+    "win2016" | "win2016-eval" )
+      size=6006587392
+      sum="af06e5483c786c023123e325cea4775050324d9e1366f46850b515ae43f764be"
+      url="en_windows_server_2016_updated_feb_2018_x64_dvd_11636692/en_windows_server_2016_updated_feb_2018_x64_dvd_11636692.iso"
+      ;;
+    "win2012r2" | "win2012r2-eval" )
+      size=5397889024
+      sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+      url="en_windows_server_2012_r2_with_update_x64_dvd_6052708_202006/en_windows_server_2012_r2_with_update_x64_dvd_6052708.iso"
+      ;;
+    "win2008r2" | "win2008r2-eval" )
+      size=3166584832
+      sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+      url="en_windows_server_2008_r2_with_sp1_x64_dvd_617601_202006/en_windows_server_2008_r2_with_sp1_x64_dvd_617601.iso"
+      ;;
+    "win7x64" | "win7x64-ultimate" )
+      size=3320903680
+      sum="36f4fa2416d0982697ab106e3a72d2e120dbcdb6cc54fd3906d06120d0653808"
+      url="win7-ult-sp1-english/Win7_Ult_SP1_English_x64.iso"
+      ;;
+    "win7x64-enterprise" | "win7x64-enterprise-eval" )
+      size=3182604288
+      sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+      url="en_windows_7_enterprise_with_sp1_x64_dvd_u_677651_202006/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+      ;;
+    "win7x86" | "win7x86-ultimate" )
+      size=2564476928
+      sum="e2c009a66d63a742941f5087acae1aa438dcbe87010bddd53884b1af6b22c940"
+      url="win7-ult-sp1-english/Win7_Ult_SP1_English_x32.iso"
+      ;;
+    "win7x86-enterprise" | "win7x86-enterprise-eval" )
+      size=2434502656
+      sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+      url="en_windows_7_enterprise_with_sp1_x86_dvd_u_677710_202006/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+      ;;
+    "winvistax64" | "winvistax64-ultimate" )
+      size=3861460992
+      sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+      url="en_windows_vista_sp2_x64_dvd_342267_202010/en_windows_vista_sp2_x64_dvd_342267.iso"
+      ;;
+    "winvistax64-enterprise" )
+      size=3205953536
+      sum="0a0cd511b3eac95c6f081419c9c65b12317b9d6a8d9707f89d646c910e788016"
+      url="en_windows_vista_enterprise_sp2_x64_dvd_342332_202007/en_windows_vista_enterprise_sp2_x64_dvd_342332.iso"
+      ;;
+    "winvistax86" | "winvistax86-ultimate" )
+      size=3243413504
+      sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+      url="en_windows_vista_sp2_x86_dvd_342266/en_windows_vista_sp2_x86_dvd_342266.iso"
+      ;;
+    "winvistax86-enterprise" )
+      size=2420981760
+      sum="54e2720004041e7db988a391543ea5228b0affc28efcf9303d2d0ff9402067f5"
+      url="en_windows_vista_enterprise_sp2_x86_dvd_342329_202007/en_windows_vista_enterprise_sp2_x86_dvd_342329.iso"
+      ;;
+    "win2003r2" )
+      size=652367872
+      sum="74245cba888f935b138b106c2744bec7f392925b472358960a0b5643cd6abb32"
+      url="en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757.iso"
+      ;;
+    "winxpx86" )
+      size=617756672
+      sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+      url="XPPRO_SP3_ENU/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+      ;;
+    "winxpx64" )
+      size=614166528
+      sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+      url="windows-xp-all-sp-msdn-iso-files-en-de-ru-tr-x86-x64/en_win_xp_sp1_pro_x64_vl.iso"
+      ;;
+    "win2kx86" )
+      size=386859008
+      sum="e3816f6e80b66ff686ead03eeafffe9daf020a5e4717b8bd4736b7c51733ba22"
+      url="MicrosoftWindows2000BuildCollection/5.00.2195.6717_x86fre_client-professional_retail_en-us-ZRMPFPP_EN.iso"
+  esac
+
+  case "${ret,,}" in
+    "sum" ) echo "$sum" ;;
+    "size" ) echo "$size" ;;
+    *) [ -n "$url" ] && echo "$host/$url";;
+  esac
+
+  return 0
+}
+
+getValue() {
+
+  local val=""
+  local id="$2"
+  local lang="$3"
+  local type="$4"
+  local func="getLink$1"
+
+  if [ "$1" -gt 0 ] && [ "$1" -le "$MIRRORS" ]; then
+    val=$($func "$id" "$lang" "$type")
+  fi
+
+  echo "$val"
+  return 0
+}
+
+getLink() {
+
+  local url
+  url=$(getValue "$1" "$2" "$3" "")
+
+  echo "$url"
+  return 0
+}
+
+getHash() {
+
+  local sum
+  sum=$(getValue "$1" "$2" "$3" "sum")
+
+  echo "$sum"
+  return 0
+}
+
+getSize() {
+
+  local size
+  size=$(getValue "$1" "$2" "$3" "size")
+
+  echo "$size"
+  return 0
+}
+
+isMido() {
+
+  local id="$1"
+  local lang="$2"
+  local sum
+
+  [[ "${MIDO:-}" == [Nn]* ]] && return 1
+
+  sum=$(getMido "$id" "en" "sum")
+  [ -n "$sum" ] && return 0
+
+  return 1
+}
+
+isESD() {
+
+  local id="$1"
+  local lang="$2"
+
+  [[ "${ESD:-}" == [Nn]* ]] && return 1
+
+  case "${id,,}" in
+    "win11${PLATFORM,,}" | "win10${PLATFORM,,}" )
+      return 0
+      ;;
+    "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+      return 0
+      ;;
+    "win10${PLATFORM,,}-enterprise" | "win10${PLATFORM,,}-enterprise-eval" )
+      return 0
+      ;;
+  esac
+
+  return 1
+}
+
+validVersion() {
+
+  local id="$1"
+  local lang="$2"
+  local url
+
+  isESD "$id" "$lang" && return 0
+  isMido "$id" "$lang" && return 0
+
+  for ((i=1;i<=MIRRORS;i++)); do
+
+    url=$(getLink "$i" "$id" "$lang")
+    [ -n "$url" ] && return 0
+
+  done
+
+  return 1
+}
+
+addFolder() {
+
+  local src="$1"
+  local folder="/oem"
+
+  [ ! -d "$folder" ] && folder="/OEM"
+  [ ! -d "$folder" ] && folder="$STORAGE/oem"
+  [ ! -d "$folder" ] && folder="$STORAGE/OEM"
+  [ ! -d "$folder" ] && return 0
+
+  local msg="Adding OEM folder to image..."
+  info "$msg" && html "$msg"
+
+  local dest="$src/\$OEM\$/\$1/OEM"
+  mkdir -p "$dest" || return 1
+  cp -Lr "$folder/." "$dest" || return 1
+
+  local file
+  file=$(find "$dest" -maxdepth 1 -type f -iname install.bat  -print -quit)
+  [ -f "$file" ] && unix2dos -q "$file"
+
+  return 0
+}
+
+prepareInstall() {
+
+  local pid=""
+  local file=""
+  local dir="$2"
+  local desc="$3"
+  local driver="$4"
+  local drivers="/tmp/drivers"
+
+  ETFS="[BOOT]/Boot-NoEmul.img"
+
+  if [ ! -f "$dir/$ETFS" ] || [ ! -s "$dir/$ETFS" ]; then
+    error "Failed to locate file \"$ETFS\" in $desc ISO image!" && return 1
+  fi
+
+  local arch target
+  [ -d "$dir/AMD64" ] && arch="amd64" || arch="x86"
+  [[ "${arch,,}" == "x86" ]] && target="$dir/I386" || target="$dir/AMD64"
+
+  if [ ! -d "$target" ]; then
+    error "Failed to locate directory \"$target\" in $desc ISO image!" && return 1
+  fi
+
+  if [[ "${driver,,}" == "xp" || "${driver,,}" == "2k3" ]]; then
+
+    local msg="Adding drivers to image..."
+    info "$msg" && html "$msg"
+
+    rm -rf "$drivers"
+    mkdir -p "$drivers"
+
+    if ! bsdtar -xf /var/drivers.txz -C "$drivers"; then
+      error "Failed to extract drivers!" && return 1
+    fi
+
+    if [ ! -f "$drivers/viostor/$driver/$arch/viostor.sys" ]; then
+      error "Failed to locate required storage drivers!" && return 1
+    fi
+
+    cp -L "$drivers/viostor/$driver/$arch/viostor.sys" "$target" || return 1
+
+    mkdir -p "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+    cp -L "$drivers/viostor/$driver/$arch/viostor.cat" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+    cp -L "$drivers/viostor/$driver/$arch/viostor.inf" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+    cp -L "$drivers/viostor/$driver/$arch/viostor.sys" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+
+    if [ ! -f "$drivers/NetKVM/$driver/$arch/netkvm.sys" ]; then
+      error "Failed to locate required network drivers!" && return 1
+    fi
+
+    mkdir -p "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+    cp -L "$drivers/NetKVM/$driver/$arch/netkvm.cat" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+    cp -L "$drivers/NetKVM/$driver/$arch/netkvm.inf" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+    cp -L "$drivers/NetKVM/$driver/$arch/netkvm.sys" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+
+    file=$(find "$target" -maxdepth 1 -type f -iname TXTSETUP.SIF -print -quit)
+
+    if [ -z "$file" ]; then
+      error "The file TXTSETUP.SIF could not be found!" && return 1
+    fi
+
+    sed -i '/^\[SCSI.Load\]/s/$/\nviostor=viostor.sys,4/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\nviostor.sys=1,,,,,,4_,4,1,,,1,4/' "$file"
+    sed -i '/^\[SCSI\]/s/$/\nviostor=\"Red Hat VirtIO SCSI Disk Device\"/' "$file"
+    sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$file"
+    sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00020000=\"viostor\"/' "$file"
+    sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00021AF4=\"viostor\"/' "$file"
+    sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$file"
+
+    if [ ! -d "$drivers/sata/xp/$arch" ]; then
+      error "Failed to locate required SATA drivers!" && return 1
+    fi
+
+    mkdir -p "$dir/\$OEM\$/\$1/Drivers/sata" || return 1
+    cp -Lr "$drivers/sata/xp/$arch/." "$dir/\$OEM\$/\$1/Drivers/sata" || return 1
+    cp -Lr "$drivers/sata/xp/$arch/." "$target" || return 1
+
+    sed -i '/^\[SCSI.Load\]/s/$/\niaStor=iaStor.sys,4/' "$file"
+    sed -i '/^\[FileFlags\]/s/$/\niaStor.sys = 16/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.cat = 1,,,,,,,1,0,0/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.inf = 1,,,,,,,1,0,0/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,4_,4,1,,,1,4/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,,1,0,0/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaahci.cat = 1,,,,,,,1,0,0/' "$file"
+    sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaAHCI.inf = 1,,,,,,,1,0,0/' "$file"
+    sed -i '/^\[SCSI\]/s/$/\niaStor=\"Intel\(R\) SATA RAID\/AHCI Controller\"/' "$file"
+    sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_8086\&DEV_2922\&CC_0106=\"iaStor\"/' "$file"
+
+    rm -rf "$drivers"
+
+  fi
+
+  local key setup
+  setup=$(find "$target" -maxdepth 1 -type f -iname setupp.ini -print -quit)
+
+  if [ -n "$setup" ] && [ -z "$KEY" ]; then
+
+    pid=$(<"$setup")
+    pid="${pid%$'\r'}"
+
+    if [[ "$driver" == "2k" ]]; then
+
+      echo "${pid:0:$((${#pid})) - 3}270" > "$setup"
+
+    else
+
+      if [[ "$pid" == *"270" ]]; then
+
+        warn "this version of $desc requires a volume license key (VLK), it will ask for one during installation."
+
+      else
+
+        file=$(find "$target" -maxdepth 1 -type f -iname PID.INF -print -quit)
+
+        if [ -n "$file" ]; then
+
+          if [[ "$driver" == "2k3" ]]; then
+
+            key=$(grep -i -A 2 "StagingKey" "$file" | tail -n 2 | head -n 1)
+
+          else
+
+            key="${pid:$((${#pid})) - 8:5}"
+            if [[ "${pid^^}" == *"OEM" ]]; then
+              key=$(grep -i -A 2 "$key" "$file" | tail -n 2 | head -n 1)
+            else
+              key=$(grep -i -m 1 -A 2 "$key" "$file" | tail -n 2 | head -n 1)
+            fi
+            key="${key#*= }"
+
+          fi
+
+          key="${key%$'\r'}"
+          [[ "${#key}" == "29" ]] && KEY="$key"
+
+        fi
+
+        if [ -z "$KEY" ]; then
+
+          # These are NOT pirated keys, they come from official MS documentation.
+
+          case "${driver,,}" in
+            "xp" )
+
+              if [[ "${arch,,}" == "x86" ]]; then
+                # Windows XP Professional x86 generic trial key (no activation)
+                KEY="DR8GV-C8V6J-BYXHG-7PYJR-DB66Y"
+              else
+                # Windows XP Professional x64 generic trial key (no activation)
+                KEY="B2RBK-7KPT9-4JP6X-QQFWM-PJD6G"
+              fi ;;
+
+            "2k3" )
+
+              if [[ "${arch,,}" == "x86" ]]; then
+                # Windows Server 2003 Standard x86 generic trial key (no activation)
+                KEY="QKDCQ-TP2JM-G4MDG-VR6F2-P9C48"
+              else
+                # Windows Server 2003 Standard x64 generic trial key (no activation)
+                KEY="P4WJG-WK3W7-3HM8W-RWHCK-8JTRY"
+              fi ;;
+
+          esac
+
+          echo "${pid:0:$((${#pid})) - 3}000" > "$setup"
+
+        fi
+
+      fi
+    fi
+
+  fi
+
+  [ -n "$KEY" ] && KEY="ProductID=$KEY"
+
+  mkdir -p "$dir/\$OEM\$"
+
+  if ! addFolder "$dir"; then
+    error "Failed to add OEM folder to image!" && return 1
+  fi
+
+  local oem=""
+  local install="$dir/\$OEM\$/\$1/OEM/install.bat"
+  [ -f "$install" ] && oem="\"Script\"=\"cmd /C start \\\"Install\\\" \\\"cmd /C C:\\\\OEM\\\\install.bat\\\"\""
+
+  [ -z "$WIDTH" ] && WIDTH="1280"
+  [ -z "$HEIGHT" ] && HEIGHT="720"
+
+  XHEX=$(printf '%x\n' "$WIDTH")
+  YHEX=$(printf '%x\n' "$HEIGHT")
+
+  local username=""
+  local password=""
+
+  [ -n "$USERNAME" ] && username=$(echo "$USERNAME" | sed 's/[^[:alnum:]@!._-]//g')
+  [ -z "$username" ] && username="Docker"
+
+  [ -n "$PASSWORD" ] && password=$(echo "$PASSWORD" | sed 's/"//g')
+  [ -z "$password" ] && password="admin"
+
+  find "$target" -maxdepth 1 -type f -iname winnt.sif -exec rm {} \;
+
+  {       echo "[Data]"
+          echo "    AutoPartition=1"
+          echo "    MsDosInitiated=\"0\""
+          echo "    UnattendedInstall=\"Yes\""
+          echo "    AutomaticUpdates=\"Yes\""
+          echo ""
+          echo "[Unattended]"
+          echo "    UnattendSwitch=Yes"
+          echo "    UnattendMode=FullUnattended"
+          echo "    FileSystem=NTFS"
+          echo "    OemSkipEula=Yes"
+          echo "    OemPreinstall=Yes"
+          echo "    Repartition=Yes"
+          echo "    WaitForReboot=\"No\""
+          echo "    DriverSigningPolicy=\"Ignore\""
+          echo "    NonDriverSigningPolicy=\"Ignore\""
+          echo "    OemPnPDriversPath=\"Drivers\viostor;Drivers\NetKVM;Drivers\sata\""
+          echo "    NoWaitAfterTextMode=1"
+          echo "    NoWaitAfterGUIMode=1"
+          echo "    FileSystem-ConvertNTFS"
+          echo "    ExtendOemPartition=0"
+          echo "    Hibernation=\"No\""
+          echo ""
+          echo "[GuiUnattended]"
+          echo "    OEMSkipRegional=1"
+          echo "    OemSkipWelcome=1"
+          echo "    AdminPassword=$password"
+          echo "    TimeZone=0"
+          echo "    AutoLogon=Yes"
+          echo "    AutoLogonCount=65432"
+          echo ""
+          echo "[UserData]"
+          echo "    FullName=\"$username\""
+          echo "    ComputerName=\"*\""
+          echo "    OrgName=\"$APP for $ENGINE\""
+          echo "    $KEY"
+          echo ""
+          echo "[Identification]"
+          echo "    JoinWorkgroup = WORKGROUP"
+          echo ""
+          echo "[Display]"
+          echo "    BitsPerPel=32"
+          echo "    XResolution=$WIDTH"
+          echo "    YResolution=$HEIGHT"
+          echo ""
+          echo "[Networking]"
+          echo "    InstallDefaultComponents=Yes"
+          echo ""
+          echo "[Branding]"
+          echo "    BrandIEUsingUnattended=Yes"
+          echo ""
+          echo "[URL]"
+          echo "    Home_Page = http://www.google.com"
+          echo "    Search_Page = http://www.google.com"
+          echo ""
+          echo "[TerminalServices]"
+          echo "    AllowConnections=1"
+          echo ""
+  } | unix2dos > "$target/WINNT.SIF"
+
+  if [[ "$driver" == "2k3" ]]; then
+    {       echo "[Components]"
+            echo "    TerminalServer=On"
+            echo ""
+            echo "[LicenseFilePrintData]"
+            echo "    AutoMode=PerServer"
+            echo "    AutoUsers=5"
+            echo ""
+    } | unix2dos >> "$target/WINNT.SIF"
+  fi
+
+  {       echo "Windows Registry Editor Version 5.00"
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security]"
+          echo "\"FirstRunDisabled\"=dword:00000001"
+          echo "\"UpdatesDisableNotify\"=dword:00000001"
+          echo "\"FirewallDisableNotify\"=dword:00000001"
+          echo "\"AntiVirusDisableNotify\"=dword:00000001"
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]"
+          echo "\"Start\"=dword:00000004"
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"
+          echo "\"3389:TCP\"=\"3389:TCP:*:Enabled:@xpsp2res.dll,-22009\""
+          echo ""
+          echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour]"
+          echo "\"RunCount\"=dword:00000000"
+          echo ""
+          echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"
+          echo "\"HideFileExt\"=dword:00000000"
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]"
+          echo "\"NoWelcomeScreen\"=\"1\""
+          echo ""
+          echo "[HKEY_CURRENT_USER\Software\Microsoft\Internet Connection Wizard]"
+          echo "\"Completed\"=\"1\""
+          echo "\"Desktopchanged\"=\"1\""
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"
+          echo "\"AutoAdminLogon\"=\"1\""
+          echo "\"DefaultUserName\"=\"$username\""
+          echo "\"DefaultPassword\"=\"$password\""
+          echo "\"DefaultDomainName\"=\"Dockur\""
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{23A77BF7-ED96-40EC-AF06-9B1F4867732A}\0000]"
+          echo "\"DefaultSettings.BitsPerPel\"=dword:00000020"
+          echo "\"DefaultSettings.XResolution\"=dword:00000$XHEX"
+          echo "\"DefaultSettings.YResolution\"=dword:00000$YHEX"
+          echo ""
+          echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\System\CurrentControlSet\Control\VIDEO\{23A77BF7-ED96-40EC-AF06-9B1F4867732A}\0000]"
+          echo "\"DefaultSettings.BitsPerPel\"=dword:00000020"
+          echo "\"DefaultSettings.XResolution\"=dword:00000$XHEX"
+          echo "\"DefaultSettings.YResolution\"=dword:00000$YHEX"
+          echo ""
+          echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"
+          echo "\"ScreenSaver\"=\"reg add \\\"HKCU\\\\Control Panel\\\\Desktop\\\" /f /v \\\"SCRNSAVE.EXE\\\" /t REG_SZ /d \\\"off\\\"\""
+          echo "\"ScreenSaverOff\"=\"reg add \\\"HKCU\\\\Control Panel\\\\Desktop\\\" /f /v \\\"ScreenSaveActive\\\" /t REG_SZ /d \\\"0\\\"\""
+          echo "$oem"
+          echo ""
+  } | unix2dos > "$dir/\$OEM\$/install.reg"
+
+  if [[ "$driver" == "2k" ]]; then
+    {       echo "[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce]"
+            echo "\"^SetupICWDesktop\"=-"
+            echo ""
+    } | unix2dos >> "$dir/\$OEM\$/install.reg"
+  fi
+
+  if [[ "$driver" == "2k3" ]]; then
+    {       echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\srvWiz]"
+            echo "@=dword:00000000"
+            echo ""
+            echo "[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ServerOOBE\SecurityOOBE]"
+            echo "\"DontLaunchSecurityOOBE\"=dword:00000000"
+            echo ""
+    } | unix2dos >> "$dir/\$OEM\$/install.reg"
+  fi
+
+  {       echo "Set WshShell = WScript.CreateObject(\"WScript.Shell\")"
+          echo "Set WshNetwork = WScript.CreateObject(\"WScript.Network\")"
+          echo "Set Domain = GetObject(\"WinNT://\" & WshNetwork.ComputerName)"
+          echo ""
+          echo "Function DecodeSID(binSID)"
+          echo "  ReDim o(LenB(binSID))"
+          echo ""
+          echo "  For i = 1 To LenB(binSID)"
+          echo "    o(i-1) = AscB(MidB(binSID, i, 1))"
+          echo "  Next"
+          echo ""
+          echo "  sid = \"S-\" & CStr(o(0)) & \"-\" & OctetArrayToString _"
+          echo "        (Array(o(2), o(3), o(4), o(5), o(6), o(7)))"
+          echo "  For i = 8 To (4 * o(1) + 4) Step 4"
+          echo "    sid = sid & \"-\" & OctetArrayToString _"
+          echo "          (Array(o(i+3), o(i+2), o(i+1), o(i)))"
+          echo "  Next"
+          echo ""
+          echo "  DecodeSID = sid"
+          echo "End Function"
+          echo ""
+          echo "Function OctetArrayToString(arr)"
+          echo "  v = 0"
+          echo "  For i = 0 To UBound(arr)"
+          echo "    v = v * 256 + arr(i)"
+          echo "  Next"
+          echo ""
+          echo "  OctetArrayToString = CStr(v)"
+          echo "End Function"
+          echo ""
+          echo "For Each DomainItem in Domain"
+          echo "  If DomainItem.Class = \"User\" Then"
+          echo "    sid = DecodeSID(DomainItem.Get(\"objectSID\"))"
+          echo "    If Left(sid, 9) = \"S-1-5-21-\" And Right(sid, 4) = \"-500\" Then"
+          echo "      LocalAdminADsPath = DomainItem.ADsPath"
+          echo "      Exit For"
+          echo "    End If"
+          echo "  End If"
+          echo "Next"
+          echo ""
+          echo "Call Domain.MoveHere(LocalAdminADsPath, \"$username\")"
+          echo ""
+          echo "Set oLink = WshShell.CreateShortcut(WshShell.ExpandEnvironmentStrings(\"%userprofile%\\Desktop\\Shared.lnk\"))"
+          echo "With oLink"
+          echo "  .TargetPath = \"\\\\host.lan\\Data\""
+          echo "  .Save"
+          echo "End With"
+          echo "Set oLink = Nothing"
+          echo ""
+  } | unix2dos > "$dir/\$OEM\$/install.vbs"
+
+  {       echo "[COMMANDS]"
+          echo "\"REGEDIT /s install.reg\""
+          echo "\"Wscript install.vbs\""
+          echo ""
+  } | unix2dos > "$dir/\$OEM\$/cmdlines.txt"
+
+  return 0
+}
+
+prepareLegacy() {
+
+  local iso="$1"
+  local dir="$2"
+  local desc="$3"
+
+  ETFS="boot.img"
+
+  [ -f "$dir/$ETFS" ] && [ -s "$dir/$ETFS" ] && return 0
+  rm -f "$dir/$ETFS"
+
+  local len offset
+  len=$(isoinfo -d -i "$iso" | grep "Nsect " | grep -o "[^ ]*$")
+  offset=$(isoinfo -d -i "$iso" | grep "Bootoff " | grep -o "[^ ]*$")
+
+  if ! dd "if=$iso" "of=$dir/$ETFS" bs=2048 "count=$len" "skip=$offset" status=none; then
+    error "Failed to extract boot image from $desc ISO!" && return 1
+  fi
+
+  [ -f "$dir/$ETFS" ] && [ -s "$dir/$ETFS" ] && return 0
+
+  error "Failed to locate file \"$ETFS\" in $desc ISO image!"
+  return 1
+}
+
+detectLegacy() {
+
+  local dir="$1"
+  local find
+
+  find=$(find "$dir" -maxdepth 1 -type d -iname WIN95 -print -quit)
+  [ -n "$find" ] && DETECTED="win95" && return 0
+
+  find=$(find "$dir" -maxdepth 1 -type d -iname WIN98 -print -quit)
+  [ -n "$find" ] && DETECTED="win98" && return 0
+
+  find=$(find "$dir" -maxdepth 1 -type d -iname WIN9X -print -quit)
+  [ -n "$find" ] && DETECTED="win9x" && return 0
+
+  find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_W.40 -print -quit)
+  [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_S.40 -print -quit)
+  [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_TS.40 -print -quit)
+  [ -n "$find" ] && DETECTED="winnt4" && return 0
+
+  find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_NT.5 -print -quit)
+
+  if [ -n "$find" ]; then
+
+    find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IA.5 -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_ID.5 -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IP.5 -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IS.5 -print -quit)
+    [ -n "$find" ] && DETECTED="win2k" && return 0
+
+  fi
+
+  find=$(find "$dir" -maxdepth 1 -iname WIN51 -print -quit)
+
+  if [ -n "$find" ]; then
+
+    find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AP -print -quit)
+    [ -n "$find" ] && DETECTED="winxpx64" && return 0
+
+    find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IC -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IP -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname setupxp.htm -print -quit)
+    [ -n "$find" ] && DETECTED="winxpx86" && return 0
+
+    find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IS -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IA -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IB -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51ID -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IL -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IS -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AA -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AD -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AS -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51MA -print -quit)
+    [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51MD -print -quit)
+    [ -n "$find" ] && DETECTED="win2003r2" && return 0
+
+  fi
+
+  return 1
+}
+
+skipVersion() {
+
+  local id="$1"
+
+  case "${id,,}" in
+    "win9"* | "winxp"* | "win2k"* | "win2003"* )
+      return 0 ;;
+  esac
+
+  return 1
+}
+
+isCompatible() {
+  return 0
+}
+
+setMachine() {
+
+  local id="$1"
+  local iso="$2"
+  local dir="$3"
+  local desc="$4"
+
+  case "${id,,}" in
+    "win9"* )
+      ETFS="[BOOT]/Boot-1.44M.img" ;;
+    "win2k"* )
+      if ! prepareInstall "$iso" "$dir" "$desc" "2k"; then
+        error "Failed to prepare $desc ISO!" && return 1
+      fi ;;
+    "winxp"* )
+      if ! prepareInstall "$iso" "$dir" "$desc" "xp"; then
+        error "Failed to prepare $desc ISO!" && return 1
+      fi ;;
+    "win2003"* )
+      if ! prepareInstall "$iso" "$dir" "$desc" "2k3"; then
+        error "Failed to prepare $desc ISO!" && return 1
+      fi ;;
+  esac
+
+  case "${id,,}" in
+    "win9"* )
+      USB="no"
+      VGA="cirrus"
+      DISK_TYPE="auto"
+      MACHINE="pc-i440fx-2.4"
+      BOOT_MODE="windows_legacy"
+      [ -z "${ADAPTER:-}" ] && ADAPTER="pcnet" ;;
+    "win2k"* )
+      VGA="cirrus"
+      MACHINE="pc"
+      USB="pci-ohci"
+      DISK_TYPE="auto"
+      BOOT_MODE="windows_legacy"
+      [ -z "${ADAPTER:-}" ] && ADAPTER="rtl8139" ;;
+    "winxp"* | "win2003"* )
+      DISK_TYPE="blk"
+      BOOT_MODE="windows_legacy" ;;
+    "winvista"* | "win7"* | "win2008"* )
+      BOOT_MODE="windows_legacy" ;;
+  esac
+
+  case "${id,,}" in
+    "winxp"* | "win2003"* | "winvistax86"* | "win7x86"* | "win2008r2x86"* )
+      # Prevent bluescreen if 64 bit PCI hole size is >2G.
+      ARGS="-global q35-pcihost.x-pci-hole64-fix=false" ;;
+  esac
+
+  return 0
+}
+
+return 0
diff --git a/apps/rego-tunnel/build/src/entry.sh b/apps/rego-tunnel/build/src/entry.sh
new file mode 100644
index 0000000..0142440
--- /dev/null
+++ b/apps/rego-tunnel/build/src/entry.sh
@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+: "${APP:="Windows"}"
+: "${PLATFORM:="x64"}"
+: "${BOOT_MODE:="windows"}"
+: "${SUPPORT:="https://github.com/dockur/windows"}"
+
+cd /run
+
+. start.sh      # Startup hook
+. /run/rego-startup.sh 2>/dev/null || true  # Rego customizations
+. utils.sh      # Load functions
+. reset.sh      # Initialize system
+. server.sh     # Start webserver
+. define.sh     # Define versions
+. mido.sh       # Download Windows
+. install.sh    # Run installation
+. disk.sh       # Initialize disks
+. display.sh    # Initialize graphics
+. network.sh    # Initialize network
+. samba.sh      # Configure samba
+. boot.sh       # Configure boot
+. proc.sh       # Initialize processor
+. power.sh      # Configure shutdown
+. memory.sh     # Check available memory
+. config.sh     # Configure arguments
+. finish.sh     # Finish initialization
+
+trap - ERR
+
+version=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1 | awk '{ print $NF }')
+info "Booting ${APP}${BOOT_DESC} using QEMU v$version..."
+
+{ qemu-system-x86_64 ${ARGS:+ $ARGS} >"$QEMU_OUT" 2>"$QEMU_LOG"; rc=$?; } || :
+(( rc != 0 )) && error "$(<"$QEMU_LOG")" && exit 15
+
+terminal
+( sleep 30; boot ) &
+tail -fn +0 "$QEMU_LOG" --pid=$$ 2>/dev/null &
+cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" | \
+sed -u -e 's/\x1B\[[=0-9;]*[a-z]//gi' \
+-e 's/\x1B\x63//g' -e 's/\x1B\[[=?]7l//g' \
+-e '/^$/d' -e 's/\x44\x53\x73//g' \
+-e 's/failed to load Boot/skipped Boot/g' \
+-e 's/0): Not Found/0)/g' & wait $! || :
+
+sleep 1 & wait $!
+[ ! -f "$QEMU_END" ] && finish 0
diff --git a/apps/rego-tunnel/build/src/install.sh b/apps/rego-tunnel/build/src/install.sh
new file mode 100644
index 0000000..7be2996
--- /dev/null
+++ b/apps/rego-tunnel/build/src/install.sh
@@ -0,0 +1,1336 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+ETFS="boot/etfsboot.com"
+FB="falling back to manual installation!"
+EFISYS="efi/microsoft/boot/efisys_noprompt.bin"
+
+backup () {
+
+  local count=1
+  local iso="$1"
+  local name="unknown"
+  local root="$STORAGE/backups"
+  local previous="$STORAGE/windows.base"
+
+  if [ -f "$previous" ]; then
+
+    previous=$(<"$previous")
+    previous="${previous//[![:print:]]/}"
+
+    [ -n "$previous" ] && name="${previous%.*}"
+
+  fi
+
+  if ! makeDir "$root"; then
+    error "Failed to create directory \"$root\" !"
+    return 1
+  fi
+
+  local folder="$name"
+  local dir="$root/$folder"
+
+  while [ -d "$dir" ]
+  do
+    count=$((count+1))
+    folder="${name}.${count}"
+    dir="$root/$folder"
+  done
+
+  rm -rf "$dir"
+
+  if ! makeDir "$dir"; then
+    error "Failed to create directory \"$dir\" !"
+    return 1
+  fi
+
+  [ -f "$iso" ] && mv -f "$iso" "$dir/"
+  find "$STORAGE" -maxdepth 1 -type f -iname 'data.*' -not -iname '*.iso' -exec mv -n {} "$dir/" \;
+  find "$STORAGE" -maxdepth 1 -type f -iname 'windows.*' -not -iname '*.iso' -exec mv -n {} "$dir/" \;
+  find "$STORAGE" -maxdepth 1 -type f \( -iname '*.rom' -or -iname '*.vars' \) -exec mv -n {} "$dir/" \;
+
+  [ -z "$(ls -A "$dir")" ] && rm -rf "$dir"
+  [ -z "$(ls -A "$root")" ] && rm -rf "$root"
+
+  return 0
+}
+
+skipInstall() {
+
+  local iso="$1"
+  local method=""
+  local magic byte
+  local boot="$STORAGE/windows.boot"
+  local previous="$STORAGE/windows.base"
+
+  if [ -f "$previous" ]; then
+
+    previous=$(<"$previous")
+    previous="${previous//[![:print:]]/}"
+
+    if [ -n "$previous" ]; then
+      if [[ "${STORAGE,,}/${previous,,}" != "${iso,,}" ]]; then
+
+        if ! hasDisk; then
+
+          rm -f "$STORAGE/$previous"
+          return 1
+
+        fi
+
+        if [[ "${iso,,}" == "${STORAGE,,}/windows."* ]]; then
+          method="your custom .iso file was changed"
+        else
+          if [[ "${previous,,}" != "windows."* ]]; then
+            method="the VERSION variable was changed"
+          else
+            method="your custom .iso file was removed"
+
+            if [ -f "$boot" ]; then
+              info "Detected that $method, will be ignored."
+              return 0
+            fi
+
+          fi
+        fi
+
+        info "Detected that $method, a backup of your previous installation will be saved..."
+        ! backup "$STORAGE/$previous" && error "Backup failed!"
+
+        return 1
+
+      fi
+    fi
+
+  fi
+
+  [ -f "$boot" ] && hasDisk && return 0
+
+  [ ! -f "$iso" ] && return 1
+  [ ! -s "$iso" ] && return 1
+
+  # Check if the ISO was already processed by our script
+  magic=$(dd if="$iso" seek=0 bs=1 count=1 status=none | tr -d '\000')
+  magic="$(printf '%s' "$magic" | od -A n -t x1 -v | tr -d ' \n')"
+  byte="16" && [[ "$MANUAL" == [Yy1]* ]] && byte="17"
+
+  if [[ "$magic" != "$byte" ]]; then
+
+    info "The ISO will be processed again because the configuration was changed..."
+    return 1
+
+  fi
+
+  return 0
+}
+
+startInstall() {
+
+  html "Starting $APP..."
+
+  if [ -z "$CUSTOM" ]; then
+
+    local file="${VERSION//\//}.iso"
+
+    if [[ "${VERSION,,}" == "http"* ]]; then
+
+      file=$(basename "${VERSION%%\?*}")
+      printf -v file '%b' "${file//%/\\x}"
+      file="${file//[!A-Za-z0-9._-]/_}"
+
+    else
+
+      local language
+      language=$(getLanguage "$LANGUAGE" "culture")
+      language="${language%%-*}"
+
+      if [ -n "$language" ] && [[ "${language,,}" != "en" ]]; then
+        file="${VERSION//\//}_${language,,}.iso"
+      fi
+
+    fi
+
+    BOOT="$STORAGE/$file"
+
+  fi
+
+  TMP="$STORAGE/tmp"
+  rm -rf "$TMP"
+
+  skipInstall "$BOOT" && return 1
+
+  if hasDisk; then
+    ! backup "" && error "Backup failed!"
+  fi
+
+  if ! makeDir "$TMP"; then
+    error "Failed to create directory \"$TMP\" !"
+  fi
+
+  if [ -z "$CUSTOM" ]; then
+
+    ISO=$(basename "$BOOT")
+    ISO="$TMP/$ISO"
+
+    if [ -f "$BOOT" ] && [ -s "$BOOT" ]; then
+      mv -f "$BOOT" "$ISO"
+    fi
+
+  fi
+
+  rm -f "$BOOT"
+
+  find "$STORAGE" -maxdepth 1 -type f -iname 'data.*' -not -iname '*.iso' -delete
+  find "$STORAGE" -maxdepth 1 -type f -iname 'windows.*' -not -iname '*.iso' -delete
+  find "$STORAGE" -maxdepth 1 -type f \( -iname '*.rom' -or -iname '*.vars' \) -delete
+
+  return 0
+}
+
+writeFile() {
+
+  local txt="$1"
+  local path="$2"
+
+  echo "$txt" >"$path"
+
+  if ! setOwner "$path"; then
+    error "Failed to set the owner for \"$path\" !"
+  fi
+
+  return 0
+}
+
+finishInstall() {
+
+  local iso="$1"
+  local aborted="$2"
+  local base byte
+
+  if [ ! -s "$iso" ] || [ ! -f "$iso" ]; then
+    error "Failed to find ISO file: $iso" && return 1
+  fi
+
+  if [[ "$iso" == "$STORAGE/"* ]]; then
+    ! setOwner "$iso" && error "Failed to set the owner for \"$iso\" !"
+  fi
+
+  if [[ "$aborted" != [Yy1]* ]]; then
+    # Mark ISO as prepared via magic byte
+    byte="16" && [[ "$MANUAL" == [Yy1]* ]] && byte="17"
+    if ! printf '%b' "\x$byte" | dd of="$iso" bs=1 seek=0 count=1 conv=notrunc status=none; then
+      warn "failed to set magic byte in ISO file: $iso"
+    fi
+  fi
+
+  local file="$STORAGE/windows.ver"
+  cp -f /run/version "$file"
+  ! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
+
+  if [[ "$iso" == "$STORAGE/"* ]]; then
+    if [[ "$aborted" != [Yy1]* ]] || [ -z "$CUSTOM" ]; then
+      base=$(basename "$iso")
+      file="$STORAGE/windows.base"
+      writeFile "$base" "$file"
+    fi
+  fi
+
+  if [[ "${PLATFORM,,}" == "x64" ]]; then
+    if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
+      file="$STORAGE/windows.mode"
+      writeFile "$BOOT_MODE" "$file"
+      if [[ "${MACHINE,,}" != "q35" ]]; then
+        file="$STORAGE/windows.old"
+        writeFile "$MACHINE" "$file"
+      fi
+    else
+      # Enable secure boot + TPM on manual installs as Win11 requires
+      if [[ "$MANUAL" == [Yy1]* || "$aborted" == [Yy1]* ]]; then
+        if [[ "${DETECTED,,}" == "win11"* ]]; then
+          BOOT_MODE="windows_secure"
+          file="$STORAGE/windows.mode"
+          writeFile "$BOOT_MODE" "$file"
+        fi
+      fi
+      # Enable secure boot on multi-socket systems to workaround freeze
+      if [ -n "$SOCKETS" ] && [[ "$SOCKETS" != "1" ]]; then
+        BOOT_MODE="windows_secure"
+        file="$STORAGE/windows.mode"
+        writeFile "$BOOT_MODE" "$file"
+      fi
+    fi
+  fi
+
+  if [ -n "${ARGS:-}" ]; then
+    ARGUMENTS="$ARGS ${ARGUMENTS:-}"
+    file="$STORAGE/windows.args"
+    writeFile "$ARGS" "$file"
+  fi
+
+  if [ -n "${VGA:-}" ] && [[ "${VGA:-}" != "virtio"* ]]; then
+    file="$STORAGE/windows.vga"
+    writeFile "$VGA" "$file"
+  fi
+
+  if [ -n "${USB:-}" ] && [[ "${USB:-}" != "qemu-xhci"* ]]; then
+    file="$STORAGE/windows.usb"
+    writeFile "$USB" "$file"
+  fi
+
+  if [ -n "${DISK_TYPE:-}" ] && [[ "${DISK_TYPE:-}" != "scsi" ]]; then
+    file="$STORAGE/windows.type"
+    writeFile "$DISK_TYPE" "$file"
+  fi
+
+  if [ -n "${ADAPTER:-}" ] && [[ "${ADAPTER:-}" != "virtio-net-pci" ]]; then
+    file="$STORAGE/windows.net"
+    writeFile "$ADAPTER" "$file"
+  fi
+
+  rm -rf "$TMP"
+  return 0
+}
+
+abortInstall() {
+
+  local dir="$1"
+  local iso="$2"
+  local efi
+
+  [[ "${iso,,}" == *".esd" ]] && exit 60
+  [[ "${UNPACK:-}" == [Yy1]* ]] && exit 60
+
+  efi=$(find "$dir" -maxdepth 1 -type d -iname efi -print -quit)
+
+  if [ -z "$efi" ]; then
+    [[ "${PLATFORM,,}" == "x64" ]] && BOOT_MODE="windows_legacy"
+  fi
+
+  if [ -n "$CUSTOM" ]; then
+    BOOT="$iso"
+    REMOVE="N"
+  else
+    if [[ "$iso" != "$BOOT" ]]; then
+      if ! mv -f "$iso" "$BOOT"; then
+        error "Failed to move ISO file: $iso" && return 1
+      fi
+    fi
+  fi
+
+  finishInstall "$BOOT" "Y" && return 0
+  return 1
+}
+
+findFile() {
+
+  local dir file base
+  local fname="$1"
+  local boot="$STORAGE/windows.boot"
+
+  dir=$(find / -maxdepth 1 -type d -iname "$fname" -print -quit)
+  [ ! -d "$dir" ] && dir=$(find "$STORAGE" -maxdepth 1 -type d -iname "$fname" -print -quit)
+
+  if [ -d "$dir" ]; then
+    if ! hasDisk || [ ! -f "$boot" ]; then
+      error "The bind $dir maps to a file that does not exist!" && return 1
+    fi
+  fi
+
+  file=$(find / -maxdepth 1 -type f -iname "$fname" -print -quit)
+  [ ! -s "$file" ] && file=$(find "$STORAGE" -maxdepth 1 -type f -iname "$fname" -print -quit)
+
+  if [ ! -s "$file" ] && [[ "${VERSION,,}" != "http"* ]]; then
+    base=$(basename "$VERSION")
+    file="$STORAGE/$base"
+  fi
+
+  if [ ! -f "$file" ] || [ ! -s "$file" ]; then
+    return 0
+  fi
+
+  local size
+  size="$(stat -c%s "$file")"
+  [ -z "$size" ] || [[ "$size" == "0" ]] && return 0
+
+  ISO="$file"
+  CUSTOM="$file"
+  BOOT="$STORAGE/windows.$size.iso"
+
+  return 0
+}
+
+detectCustom() {
+
+  CUSTOM=""
+
+  ! findFile "custom.iso" && return 1
+  [ -n "$CUSTOM" ] && return 0
+
+  ! findFile "boot.iso" && return 1
+  [ -n "$CUSTOM" ] && return 0
+
+  return 0
+}
+
+extractESD() {
+
+  local iso="$1"
+  local dir="$2"
+  local version="$3"
+  local desc="$4"
+  local size size_gb sizes space space_gb
+  local desc total total1 total2 total3 total4
+  local imageIndex links links1 links2 links3 links4
+
+  local msg="Extracting $desc bootdisk"
+  info "$msg..." && html "$msg..."
+
+  if [ "$(stat -c%s "$iso")" -lt 100000000 ]; then
+    error "Invalid ESD file: Size is smaller than 100 MB" && return 1
+  fi
+
+  rm -rf "$dir"
+
+  if ! makeDir "$dir"; then
+    error "Failed to create directory \"$dir\" !" && return 1
+  fi
+
+  size=9606127360
+  size_gb=$(formatBytes "$size")
+  space=$(df --output=avail -B 1 "$dir" | tail -n 1)
+  space_gb=$(formatBytes "$space")
+
+  if (( size > space )); then
+    error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
+  fi
+
+  local esdImageCount
+  esdImageCount=$(wimlib-imagex info "$iso" | awk '/Image Count:/ {print $3}')
+
+  if [ -z "$esdImageCount" ]; then
+    error "Cannot read the image count in ESD file!" && return 1
+  fi
+
+  sizes=$(wimlib-imagex info "$iso" | grep "Total Bytes:")
+  links=$(wimlib-imagex info "$iso" | grep "Hard Link Bytes:")
+
+  total1=$(awk "NR==1{ print; }" <<< "$sizes" | cut -d':' -f2 | sed 's/^ *//')
+  links1=$(awk "NR==1{ print; }" <<< "$links" | cut -d':' -f2 | sed 's/^ *//')
+  total=$(( total1 - links1 ))
+
+  total3=$(awk "NR==3{ print; }" <<< "$sizes" | cut -d':' -f2 | sed 's/^ *//')
+  links3=$(awk "NR==3{ print; }" <<< "$links" | cut -d':' -f2 | sed 's/^ *//')
+  total3=$(( total3 - links3 ))
+  total3=$(( total3 + 60000000 ))
+
+  /run/progress.sh "$dir" "$total" "$msg ([P])..." &
+
+  imageIndex="1"
+  wimlib-imagex apply "$iso" "$imageIndex" "$dir" --quiet 2>/dev/null || {
+    retVal=$?
+    fKill "progress.sh"
+    error "Extracting $desc bootdisk failed ($retVal)" && return 1
+  }
+
+  fKill "progress.sh"
+
+  local bootWimFile="$dir/sources/boot.wim"
+  local installWimFile="$dir/sources/install.wim"
+
+  local msg="Extracting $desc environment"
+  info "$msg..." && html "$msg..."
+
+  imageIndex="2"
+  /run/progress.sh "$bootWimFile" "$total3" "$msg ([P])..." &
+
+  wimlib-imagex export "$iso" "$imageIndex" "$bootWimFile" --compress=none --quiet || {
+    retVal=$?
+    fKill "progress.sh"
+    error "Adding WinPE failed ($retVal)" && return 1
+  }
+
+  fKill "progress.sh"
+
+  local msg="Extracting $desc setup"
+  info "$msg..."
+
+  imageIndex="3"
+  /run/progress.sh "$bootWimFile" "$total3" "$msg ([P])..." &
+
+  wimlib-imagex export "$iso" "$imageIndex" "$bootWimFile" --compress=none --boot --quiet || {
+   retVal=$?
+   fKill "progress.sh"
+   error "Adding Windows Setup failed ($retVal)" && return 1
+  }
+
+  fKill "progress.sh"
+
+  if [[ "${PLATFORM,,}" == "x64" ]]; then
+    LABEL="CCCOMA_X64FRE_EN-US_DV9"
+  else
+    LABEL="CPBA_A64FRE_EN-US_DV9"
+  fi
+
+  local msg="Extracting $desc image"
+  info "$msg..." && html "$msg..."
+
+  local edition imageEdition
+  edition=$(getCatalog "$version" "name")
+
+  if [ -z "$edition" ]; then
+    error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+  fi
+
+  for (( imageIndex=4; imageIndex<=esdImageCount; imageIndex++ )); do
+
+    imageEdition=$(wimlib-imagex info "$iso" "$imageIndex" | grep '^Description:' | sed 's/Description:[ \t]*//')
+    [[ "${imageEdition,,}" != "${edition,,}" ]] && continue
+
+    total4=$(du -sb "$iso" | cut -f1)
+    total4=$(( total4 + 3000000 ))
+
+    /run/progress.sh "$installWimFile" "$total4" "$msg ([P])..." &
+
+    wimlib-imagex export "$iso" "$imageIndex" "$installWimFile" --compress=LZMS --chunk-size 128K --quiet || {
+      retVal=$?
+      fKill "progress.sh"
+      error "Addition of $imageIndex to the $desc image failed ($retVal)" && return 1
+    }
+
+    fKill "progress.sh"
+    return 0
+
+  done
+
+  fKill "progress.sh"
+  error "Failed to find product '$edition' in install.wim!" && return 1
+}
+
+extractImage() {
+
+  local iso="$1"
+  local dir="$2"
+  local version="$3"
+  local desc="local ISO"
+  local file size size_gb space space_gb
+
+  if [ -z "$CUSTOM" ]; then
+    desc="downloaded ISO"
+    if [[ "$version" != "http"* ]]; then
+      desc=$(printVersion "$version" "$desc")
+    fi
+  fi
+
+  if [[ "${iso,,}" == *".esd" ]]; then
+    extractESD "$iso" "$dir" "$version" "$desc" && return 0
+    return 1
+  fi
+
+  local msg="Extracting $desc image"
+  info "$msg..." && html "$msg..."
+
+  rm -rf "$dir"
+
+  if ! makeDir "$dir"; then
+    error "Failed to create directory \"$dir\" !" && return 1
+  fi
+
+  size=$(stat -c%s "$iso")
+  size_gb=$(formatBytes "$size")
+  space=$(df --output=avail -B 1 "$dir" | tail -n 1)
+  space_gb=$(formatBytes "$space")
+
+  if (( size < 100000000 )); then
+    error "Invalid ISO file: Size is smaller than 100 MB" && return 1
+  fi
+
+  if (( size > space )); then
+    error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
+  fi
+
+  rm -rf "$dir"
+  /run/progress.sh "$dir" "$size" "$msg ([P])..." &
+
+  if ! 7z x "$iso" -o"$dir" > /dev/null; then
+    fKill "progress.sh"
+    error "Failed to extract ISO file: $iso" && return 1
+  fi
+
+  fKill "progress.sh"
+
+  if [[ "${UNPACK:-}" != [Yy1]* ]]; then
+
+    LABEL=$(isoinfo -d -i "$iso" | sed -n 's/Volume id: //p')
+
+  else
+
+    file=$(find "$dir" -maxdepth 1 -type f -iname "*.iso" -print -quit)
+
+    if [ -z "$file" ]; then
+      error "Failed to find any .iso file in archive!" && return 1
+    fi
+
+    if ! 7z x "$file" -o"$dir" > /dev/null; then
+      error "Failed to extract archive!" && return 1
+    fi
+
+    LABEL=$(isoinfo -d -i "$file" | sed -n 's/Volume id: //p')
+    rm -f "$file"
+
+  fi
+
+  return 0
+}
+
+getPlatform() {
+
+  local xml="$1"
+  local tag="ARCH"
+  local platform="x64"
+  local arch
+
+  arch=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$xml")
+
+  case "${arch,,}" in
+    "0" ) platform="x86" ;;
+    "9" ) platform="x64" ;;
+    "12" )platform="arm64" ;;
+  esac
+
+  echo "$platform"
+  return 0
+}
+
+checkPlatform() {
+
+  local xml="$1"
+  local platform compat
+
+  platform=$(getPlatform "$xml")
+
+  case "${platform,,}" in
+    "x86" ) compat="x64" ;;
+    "x64" ) compat="$platform" ;;
+    "arm64" ) compat="$platform" ;;
+    * ) compat="${PLATFORM,,}" ;;
+  esac
+
+  [[ "${compat,,}" == "${PLATFORM,,}" ]] && return 0
+
+  error "You cannot boot ${platform^^} images on a $PLATFORM CPU!"
+  return 1
+}
+
+hasVersion() {
+
+  local id="$1"
+  local tag="$2"
+  local xml="$3"
+  local edition
+
+  [ ! -f "/run/assets/$id.xml" ] && return 1
+
+  edition=$(printEdition "$id" "")
+  [ -z "$edition" ] && return 1
+  [[ "${xml,,}" != *"<${tag,,}>${edition,,}</${tag,,}>"* ]] && return 1
+
+  return 0
+}
+
+selectVersion() {
+
+  local tag="$1"
+  local xml="$2"
+  local platform="$3"
+  local id name prefer
+
+  name=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$xml")
+  [[ "$name" == *"Operating System"* ]] && name=""
+  [ -z "$name" ] && return 0
+
+  id=$(fromName "$name" "$platform")
+  [ -z "$id" ] && warn "Unknown ${tag,,}: '$name'" && return 0
+
+  prefer="$id-enterprise"
+  hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+  prefer="$id-ultimate"
+  hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+  prefer="$id"
+  hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+  prefer=$(getVersion "$name" "$platform")
+
+  echo "$prefer"
+  return 0
+}
+
+detectVersion() {
+
+  local xml="$1"
+  local id platform
+
+  platform=$(getPlatform "$xml")
+  id=$(selectVersion "DISPLAYNAME" "$xml" "$platform")
+  [ -z "$id" ] && id=$(selectVersion "PRODUCTNAME" "$xml" "$platform")
+  [ -z "$id" ] && id=$(selectVersion "NAME" "$xml" "$platform")
+
+  echo "$id"
+  return 0
+}
+
+detectLanguage() {
+
+  local xml="$1"
+  local lang=""
+
+  if [[ "$xml" == *"LANGUAGE><DEFAULT>"* ]]; then
+    lang="${xml#*LANGUAGE><DEFAULT>}"
+    lang="${lang%%<*}"
+  else
+    if [[ "$xml" == *"FALLBACK><DEFAULT>"* ]]; then
+      lang="${xml#*FALLBACK><DEFAULT>}"
+      lang="${lang%%<*}"
+    fi
+  fi
+
+  if [ -z "$lang" ]; then
+   warn "Language could not be detected from ISO!" && return 0
+  fi
+
+  local culture
+  culture=$(getLanguage "$lang" "culture")
+  [ -n "$culture" ] && LANGUAGE="$lang" && return 0
+
+  warn "Invalid language detected: \"$lang\""
+  return 0
+}
+
+setXML() {
+
+  local file="/custom.xml"
+
+  if [ -d "$file" ]; then
+    error "The bind $file maps to a file that does not exist!" && exit 67
+  fi
+
+  [ ! -f "$file" ] || [ ! -s "$file" ] && file="$STORAGE/custom.xml"
+  [ ! -f "$file" ] || [ ! -s "$file" ] && file="/run/assets/custom.xml"
+  [ ! -f "$file" ] || [ ! -s "$file" ] && file="$1"
+  [ ! -f "$file" ] || [ ! -s "$file" ] && file="/run/assets/$DETECTED.xml"
+  [ ! -f "$file" ] || [ ! -s "$file" ] && return 1
+
+  XML="$file"
+  return 0
+}
+
+detectImage() {
+
+  local dir="$1"
+  local version="$2"
+  local desc msg find language
+
+  XML=""
+
+  if [ -z "$DETECTED" ] && [ -z "$CUSTOM" ]; then
+    [[ "${version,,}" != "http"* ]] && DETECTED="$version"
+  fi
+
+  if [ -n "$DETECTED" ]; then
+
+    skipVersion "${DETECTED,,}" && return 0
+
+    if ! setXML "" && [[ "$MANUAL" != [Yy1]* ]]; then
+      MANUAL="Y"
+      desc=$(printEdition "$DETECTED" "this version")
+      warn "the answer file for $desc was not found ($DETECTED.xml), $FB."
+    fi
+
+    return 0
+  fi
+
+  info "Detecting version from ISO image..."
+
+  if detectLegacy "$dir"; then
+    desc=$(printEdition "$DETECTED" "$DETECTED")
+    info "Detected: $desc"
+    return 0
+  fi
+
+  local src wim info
+  src=$(find "$dir" -maxdepth 1 -type d -iname sources -print -quit)
+
+  if [ ! -d "$src" ]; then
+    warn "failed to locate 'sources' folder in ISO image, $FB" && return 1
+  fi
+
+  wim=$(find "$src" -maxdepth 1 -type f \( -iname install.wim -or -iname install.esd \) -print -quit)
+
+  if [ ! -f "$wim" ]; then
+    warn "failed to locate 'install.wim' or 'install.esd' in ISO image, $FB" && return 1
+  fi
+
+  info=$(wimlib-imagex info -xml "$wim" | iconv -f UTF-16LE -t UTF-8)
+  checkPlatform "$info" || exit 67
+
+  DETECTED=$(detectVersion "$info")
+
+  if [ -z "$DETECTED" ]; then
+    msg="Failed to determine Windows version from image"
+    if setXML "" || [[ "$MANUAL" == [Yy1]* ]]; then
+      info "${msg}!"
+    else
+      MANUAL="Y"
+      warn "${msg}, $FB."
+    fi
+    return 0
+  fi
+
+  desc=$(printEdition "$DETECTED" "$DETECTED")
+  detectLanguage "$info"
+
+  if [[ "${LANGUAGE,,}" != "en" && "${LANGUAGE,,}" != "en-"* ]]; then
+    language=$(getLanguage "$LANGUAGE" "desc")
+    desc+=" ($language)"
+  fi
+
+  info "Detected: $desc"
+  setXML "" && return 0
+
+  if [[ "$DETECTED" == "win81x86"* || "$DETECTED" == "win10x86"* ]]; then
+    error "The 32-bit version of $desc is not supported!" && return 1
+  fi
+
+  msg="the answer file for $desc was not found ($DETECTED.xml)"
+  local fallback="/run/assets/${DETECTED%%-*}.xml"
+
+  if setXML "$fallback" || [[ "$MANUAL" == [Yy1]* ]]; then
+    [[ "$MANUAL" != [Yy1]* ]] && warn "${msg}."
+  else
+    MANUAL="Y"
+    warn "${msg}, $FB."
+  fi
+
+  return 0
+}
+
+prepareImage() {
+
+  local iso="$1"
+  local dir="$2"
+  local desc missing
+
+  desc=$(printVersion "$DETECTED" "$DETECTED")
+
+  setMachine "$DETECTED" "$iso" "$dir" "$desc" || return 1
+  skipVersion "$DETECTED" && return 0
+
+  if [[ "${BOOT_MODE,,}" != "windows_legacy" ]]; then
+
+    [ -f "$dir/$ETFS" ] && [ -f "$dir/$EFISYS" ] && return 0
+
+    missing=$(basename "$dir/$EFISYS")
+    [ ! -f "$dir/$ETFS" ] && missing=$(basename "$dir/$ETFS")
+
+    error "Failed to locate file \"${missing,,}\" in ISO image!"
+    return 1
+  fi
+
+  prepareLegacy "$iso" "$dir" "$desc" && return 0
+
+  error "Failed to extract boot image from ISO image!"
+  return 1
+}
+
+updateXML() {
+
+  local asset="$1"
+  local language="$2"
+  local culture region user admin pass keyboard
+
+  [ -z "$HEIGHT" ] && HEIGHT="720"
+  [ -z "$WIDTH" ] && WIDTH="1280"
+
+  sed -i "s/>Windows for Docker</>$APP for $ENGINE</g" "$asset"
+  sed -i "s/<VerticalResolution>1080<\/VerticalResolution>/<VerticalResolution>$HEIGHT<\/VerticalResolution>/g" "$asset"
+  sed -i "s/<HorizontalResolution>1920<\/HorizontalResolution>/<HorizontalResolution>$WIDTH<\/HorizontalResolution>/g" "$asset"
+
+  culture=$(getLanguage "$language" "culture")
+
+  if [ -n "$culture" ] && [[ "${culture,,}" != "en-us" ]]; then
+    sed -i "s/<UILanguage>en-US<\/UILanguage>/<UILanguage>$culture<\/UILanguage>/g" "$asset"
+  fi
+
+  region="$REGION"
+  [ -z "$region" ] && region="$culture"
+
+  if [ -n "$region" ] && [[ "${region,,}" != "en-us" ]]; then
+    sed -i "s/<UserLocale>en-US<\/UserLocale>/<UserLocale>$region<\/UserLocale>/g" "$asset"
+    sed -i "s/<SystemLocale>en-US<\/SystemLocale>/<SystemLocale>$region<\/SystemLocale>/g" "$asset"
+  fi
+
+  keyboard="$KEYBOARD"
+  [ -z "$keyboard" ] && keyboard="$culture"
+
+  if [ -n "$keyboard" ] && [[ "${keyboard,,}" != "en-us" ]]; then
+    sed -i "s/<InputLocale>en-US<\/InputLocale>/<InputLocale>$keyboard<\/InputLocale>/g" "$asset"
+    sed -i "s/<InputLocale>0409:00000409<\/InputLocale>/<InputLocale>$keyboard<\/InputLocale>/g" "$asset"
+  fi
+
+  user=$(echo "$USERNAME" | sed 's/[^[:alnum:]@!._-]//g')
+
+  if [ -n "$user" ]; then
+    sed -i "s/-name \"Docker\"/-name \"$user\"/g" "$asset"
+    sed -i "s/<Name>Docker<\/Name>/<Name>$user<\/Name>/g" "$asset"
+    sed -i "s/where name=\"Docker\"/where name=\"$user\"/g" "$asset"
+    sed -i "s/<FullName>Docker<\/FullName>/<FullName>$user<\/FullName>/g" "$asset"
+    sed -i "s/<Username>Docker<\/Username>/<Username>$user<\/Username>/g" "$asset"
+  fi
+
+  [ -n "$PASSWORD" ] && pass="$PASSWORD" || pass="admin"
+
+  pw=$(printf '%s' "${pass}Password" | iconv -f utf-8 -t utf-16le | base64 -w 0)
+  admin=$(printf '%s' "${pass}AdministratorPassword" | iconv -f utf-8 -t utf-16le | base64 -w 0)
+
+  sed -i "s/<Value>password<\/Value>/<Value>$admin<\/Value>/g" "$asset"
+  sed -i "s/<PlainText>true<\/PlainText>/<PlainText>false<\/PlainText>/g" "$asset"
+  sed -z "s/<Password>...........<Value \/>/<Password>\n          <Value>$pw<\/Value>/g" -i "$asset"
+  sed -z "s/<Password>...............<Value \/>/<Password>\n              <Value>$pw<\/Value>/g" -i "$asset"
+  sed -z "s/<AdministratorPassword>...........<Value \/>/<AdministratorPassword>\n          <Value>$admin<\/Value>/g" -i "$asset"
+  sed -z "s/<AdministratorPassword>...............<Value \/>/<AdministratorPassword>\n              <Value>$admin<\/Value>/g" -i "$asset"
+
+  if [ -n "$EDITION" ]; then
+    [[ "${EDITION^^}" == "CORE" ]] && EDITION="STANDARDCORE"
+    sed -i "s/SERVERSTANDARD<\/Value>/SERVER${EDITION^^}<\/Value>/g" "$asset"
+  fi
+
+  if [ -n "$KEY" ]; then
+    sed -i '/<ProductKey>/,/<\/ProductKey>/d' "$asset"
+    sed -i "s/<\/UserData>/  <ProductKey>\n          <Key>${KEY}<\/Key>\n          <WillShowUI>OnError<\/WillShowUI>\n        <\/ProductKey>\n      <\/UserData>/g" "$asset"
+  fi
+
+  return 0
+}
+
+addDriver() {
+
+  local id="$1"
+  local path="$2"
+  local target="$3"
+  local driver="$4"
+  local desc=""
+  local folder=""
+
+  if [ -z "$id" ]; then
+    warn "no Windows version specified for \"$driver\" driver!" && return 0
+  fi
+
+  case "${id,,}" in
+    "win7x86"* ) folder="w7/x86" ;;
+    "win7x64"* ) folder="w7/amd64" ;;
+    "win81x64"* ) folder="w8.1/amd64" ;;
+    "win10x64"* ) folder="w10/amd64" ;;
+    "win11x64"* ) folder="w11/amd64" ;;
+    "win2025"* ) folder="2k25/amd64" ;;
+    "win2022"* ) folder="2k22/amd64" ;;
+    "win2019"* ) folder="2k19/amd64" ;;
+    "win2016"* ) folder="2k16/amd64" ;;
+    "win2012"* ) folder="2k12R2/amd64" ;;
+    "win2008"* ) folder="2k8R2/amd64" ;;
+    "win10arm64"* ) folder="w10/ARM64" ;;
+    "win11arm64"* ) folder="w11/ARM64" ;;
+    "winvistax86"* ) folder="2k8/x86" ;;
+    "winvistax64"* ) folder="2k8/amd64" ;;
+  esac
+
+  if [ -z "$folder" ]; then
+    desc=$(printVersion "$id" "$id")
+    if [[ "${id,,}" != *"x86"* ]]; then
+      warn "no \"$driver\" driver available for \"$desc\" !" && return 0
+    else
+      warn "no \"$driver\" driver available for the 32-bit version of \"$desc\" !" && return 0
+    fi
+  fi
+
+  [ ! -d "$path/$driver/$folder" ] && return 0
+
+  case "${id,,}" in
+    "winvista"* )
+      [[ "${driver,,}" == "viorng" ]] && return 0
+      ;;
+  esac
+
+  local dest="$path/$target/$driver"
+  mkdir -p "$dest" || return 1
+  cp -Lr "$path/$driver/$folder/." "$dest" || return 1
+
+  return 0
+}
+
+addDrivers() {
+
+  local src="$1"
+  local tmp="$2"
+  local file="$3"
+  local index="$4"
+  local version="$5"
+  local drivers="$tmp/drivers"
+
+  rm -rf "$drivers"
+  mkdir -p "$drivers"
+
+  local msg="Adding drivers to image..."
+  info "$msg" && html "$msg"
+
+  if [ -z "$version" ]; then
+    version="win11x64"
+    warn "Windows version unknown, falling back to Windows 11 drivers..."
+  fi
+
+  if ! bsdtar -xf /var/drivers.txz -C "$drivers"; then
+    error "Failed to extract drivers from archive!" && return 1
+  fi
+
+  local target="\$WinPEDriver\$"
+  local dest="$drivers/$target"
+  mkdir -p "$dest" || return 1
+
+  wimlib-imagex update "$file" "$index" --command "delete --force --recursive /$target" >/dev/null || true
+
+  addDriver "$version" "$drivers" "$target" "qxl" || return 1
+  addDriver "$version" "$drivers" "$target" "viofs" || return 1
+  addDriver "$version" "$drivers" "$target" "sriov" || return 1
+  addDriver "$version" "$drivers" "$target" "smbus" || return 1
+  addDriver "$version" "$drivers" "$target" "qxldod" || return 1
+  addDriver "$version" "$drivers" "$target" "viorng" || return 1
+  addDriver "$version" "$drivers" "$target" "viostor" || return 1
+  addDriver "$version" "$drivers" "$target" "viomem" || return 1
+  addDriver "$version" "$drivers" "$target" "NetKVM" || return 1
+  addDriver "$version" "$drivers" "$target" "Balloon" || return 1
+  addDriver "$version" "$drivers" "$target" "vioscsi" || return 1
+  addDriver "$version" "$drivers" "$target" "pvpanic" || return 1
+  addDriver "$version" "$drivers" "$target" "vioinput" || return 1
+  addDriver "$version" "$drivers" "$target" "viogpudo" || return 1
+  addDriver "$version" "$drivers" "$target" "vioserial" || return 1
+  addDriver "$version" "$drivers" "$target" "qemupciserial" || return 1
+
+  case "${version,,}" in
+    "win11x64"* | "win2025"* )
+      # Workaround Virtio GPU driver bug
+      local dst="$src/\$OEM\$/\$\$/Drivers"
+      mkdir -p "$dst" || return 1
+      cp -Lr "$dest/." "$dst" || return 1
+      rm -rf "$dest/viogpudo"
+      ;;
+  esac
+
+  if ! wimlib-imagex update "$file" "$index" --command "add $dest /$target" >/dev/null; then
+    return 1
+  fi
+
+  rm -rf "$drivers"
+  return 0
+}
+
+updateImage() {
+
+  local dir="$1"
+  local asset="$2"
+  local language="$3"
+  local tmp="/tmp/install"
+  local file="autounattend.xml"
+  local org="${file//.xml/.org}"
+  local dat="${file//.xml/.dat}"
+  local desc path src wim xml index result
+
+  skipVersion "${DETECTED,,}" && return 0
+
+  if [ ! -s "$asset" ] || [ ! -f "$asset" ]; then
+    asset=""
+    if [[ "$MANUAL" != [Yy1]* ]]; then
+      MANUAL="Y"
+      warn "no answer file provided, $FB."
+    fi
+  fi
+
+  rm -rf "$tmp"
+  mkdir -p "$tmp"
+
+  src=$(find "$dir" -maxdepth 1 -type d -iname sources -print -quit)
+
+  if [ ! -d "$src" ]; then
+    error "failed to locate 'sources' folder in ISO image, $FB" && return 1
+  fi
+
+  wim=$(find "$src" -maxdepth 1 -type f \( -iname boot.wim -or -iname boot.esd \) -print -quit)
+
+  if [ ! -f "$wim" ]; then
+    error "failed to locate 'boot.wim' or 'boot.esd' in ISO image, $FB" && return 1
+  fi
+
+  index="1"
+  result=$(wimlib-imagex info -xml "$wim" | iconv -f UTF-16LE -t UTF-8)
+
+  if [[ "${result^^}" == *"<IMAGE INDEX=\"2\">"* ]]; then
+    index="2"
+  fi
+
+  if ! addDrivers "$src" "$tmp" "$wim" "$index" "$DETECTED"; then
+    error "Failed to add drivers to image!"
+  fi
+
+  if ! addFolder "$src"; then
+    error "Failed to add OEM folder to image!"
+  fi
+
+  if wimlib-imagex extract "$wim" "$index" "/$file" "--dest-dir=$tmp" >/dev/null 2>&1; then
+    if ! wimlib-imagex extract "$wim" "$index" "/$dat" "--dest-dir=$tmp" >/dev/null 2>&1; then
+      if ! wimlib-imagex extract "$wim" "$index" "/$org" "--dest-dir=$tmp" >/dev/null 2>&1; then
+        if ! wimlib-imagex update "$wim" "$index" --command "rename /$file /$org" > /dev/null; then
+          warn "failed to backup original answer file ($file)."
+        fi
+      fi
+    fi
+  fi
+
+  if [[ "$MANUAL" != [Yy1]* ]]; then
+
+    xml=$(basename "$asset")
+    info "Adding $xml for automatic installation..."
+
+    local answer="$tmp/$xml"
+    cp "$asset" "$answer"
+    updateXML "$answer" "$language"
+
+    if ! wimlib-imagex update "$wim" "$index" --command "add $answer /$file" > /dev/null; then
+      MANUAL="Y"
+      warn "failed to add answer file ($xml) to ISO image, $FB"
+    else
+      wimlib-imagex update "$wim" "$index" --command "add $answer /$dat" > /dev/null || true
+    fi
+
+  fi
+
+  if [[ "$MANUAL" == [Yy1]* ]]; then
+
+    wimlib-imagex update "$wim" "$index" --command "delete --force /$file" > /dev/null || true
+
+    if wimlib-imagex extract "$wim" "$index" "/$org" "--dest-dir=$tmp" >/dev/null 2>&1; then
+      if ! wimlib-imagex update "$wim" "$index" --command "add $tmp/$org /$file" > /dev/null; then
+        warn "failed to restore original answer file ($org)."
+      fi
+    fi
+
+  fi
+
+  local find="$file"
+  [[ "$MANUAL" == [Yy1]* ]] && find="$org"
+  path=$(find "$dir" -maxdepth 1 -type f -iname "$find" -print -quit)
+
+  if [ -f "$path" ]; then
+    if [[ "$MANUAL" != [Yy1]* ]]; then
+      mv -f "$path" "${path%.*}.org"
+    else
+      mv -f "$path" "${path%.*}.xml"
+    fi
+  fi
+
+  rm -rf "$tmp"
+  return 0
+}
+
+removeImage() {
+
+  local iso="$1"
+
+  [ ! -f "$iso" ] && return 0
+  [ -n "$CUSTOM" ] && return 0
+
+  rm -f "$iso" 2> /dev/null || warn "failed to remove $iso !"
+
+  return 0
+}
+
+buildImage() {
+
+  local dir="$1"
+  local failed=""
+  local cat="BOOT.CAT"
+  local log="/run/shm/iso.log"
+  local base size size_gb space space_gb desc
+
+  if [ -f "$BOOT" ]; then
+    error "File $BOOT does already exist?!" && return 1
+  fi
+
+  base=$(basename "$BOOT")
+  local out="$TMP/${base%.*}.tmp"
+  rm -f "$out"
+
+  desc=$(printVersion "$DETECTED" "ISO")
+
+  local msg="Building $desc image"
+  info "$msg..." && html "$msg..."
+
+  [ -z "$LABEL" ] && LABEL="Windows"
+
+  if [ ! -f "$dir/$ETFS" ]; then
+    error "Failed to locate file \"$ETFS\" in ISO image!" && return 1
+  fi
+
+  size=$(du -h -b --max-depth=0 "$dir" | cut -f1)
+  size_gb=$(formatBytes "$size")
+  space=$(df --output=avail -B 1 "$TMP" | tail -n 1)
+  space_gb=$(formatBytes "$space")
+
+  if (( size > space )); then
+    error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
+  fi
+
+  /run/progress.sh "$out" "$size" "$msg ([P])..." &
+
+  if [[ "${BOOT_MODE,,}" != "windows_legacy" ]]; then
+
+    genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames -V "${LABEL::30}" \
+                  -udf -boot-info-table -eltorito-alt-boot -eltorito-boot "$EFISYS" -no-emul-boot -allow-limited-size -quiet "$dir" 2> "$log" || failed="y"
+
+  else
+
+    case "${DETECTED,,}" in
+      "win2k"* | "winxp"* | "win2003"* )
+        genisoimage -o "$out" -b "$ETFS" -no-emul-boot -boot-load-seg 1984 -boot-load-size 4 -c "$cat" -iso-level 2 -J -l -D -N -joliet-long \
+                      -relaxed-filenames -V "${LABEL::30}" -quiet "$dir" 2> "$log" || failed="y" ;;
+      "win9"* )
+        genisoimage -o "$out" -b "$ETFS" -J -r -V "${LABEL::30}" -quiet "$dir" 2> "$log" || failed="y" ;;
+      * )
+        genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 2 -J -l -D -N -joliet-long -relaxed-filenames -V "${LABEL::30}" \
+                      -udf -allow-limited-size -quiet "$dir" 2> "$log" || failed="y" ;;
+    esac
+
+  fi
+
+  fKill "progress.sh"
+
+  if [ -n "$failed" ]; then
+    [ -s "$log" ] && echo "$(<"$log")"
+    error "Failed to build image!" && return 1
+  fi
+
+  local error=""
+  local hide="Warning: creating filesystem that does not conform to ISO-9660."
+
+  [ -s "$log" ] && error="$(<"$log")"
+  [[ "$error" != "$hide" ]] && echo "$error"
+
+  mv -f "$out" "$BOOT" || return 1
+  ! setOwner "$BOOT" && error "Failed to set the owner for \"$BOOT\" !"
+
+  return 0
+}
+
+bootWindows() {
+
+  if [ -f "$STORAGE/windows.args" ]; then
+    ARGS=$(<"$STORAGE/windows.args")
+    ARGS="${ARGS//[![:print:]]/}"
+    ARGUMENTS="$ARGS ${ARGUMENTS:-}"
+  fi
+
+  if [ -s "$STORAGE/windows.vga" ] && [ -f "$STORAGE/windows.vga" ]; then
+    if [ -z "${VGA:-}" ]; then
+      VGA=$(<"$STORAGE/windows.vga")
+      VGA="${VGA//[![:print:]]/}"
+    fi
+  fi
+
+  if [ -s "$STORAGE/windows.usb" ] && [ -f "$STORAGE/windows.usb" ]; then
+    if [ -z "${USB:-}" ]; then
+      USB=$(<"$STORAGE/windows.usb")
+      USB="${USB//[![:print:]]/}"
+    fi
+  fi
+
+  if [ -s "$STORAGE/windows.net" ] && [ -f "$STORAGE/windows.net" ]; then
+    if [ -z "${ADAPTER:-}" ]; then
+      ADAPTER=$(<"$STORAGE/windows.net")
+      ADAPTER="${ADAPTER//[![:print:]]/}"
+    fi
+  fi
+
+  if [ -s "$STORAGE/windows.type" ] && [ -f "$STORAGE/windows.type" ]; then
+    if [ -z "${DISK_TYPE:-}" ]; then
+      DISK_TYPE=$(<"$STORAGE/windows.type")
+      DISK_TYPE="${DISK_TYPE//[![:print:]]/}"
+    fi
+  fi
+
+  if [ -s "$STORAGE/windows.mode" ] && [ -f "$STORAGE/windows.mode" ]; then
+    BOOT_MODE=$(<"$STORAGE/windows.mode")
+    BOOT_MODE="${BOOT_MODE//[![:print:]]/}"
+  fi
+
+  if [ -s "$STORAGE/windows.old" ] && [ -f "$STORAGE/windows.old" ]; then
+    if [[ "${PLATFORM,,}" == "x64" ]]; then
+      MACHINE=$(<"$STORAGE/windows.old")
+      MACHINE="${MACHINE//[![:print:]]/}"
+    fi
+  fi
+
+  return 0
+}
+
+######################################
+
+! parseVersion && exit 58
+! parseLanguage && exit 56
+! detectCustom && exit 59
+
+if ! startInstall; then
+  bootWindows && return 0
+  exit 68
+fi
+
+if [ ! -s "$ISO" ] || [ ! -f "$ISO" ]; then
+  if ! downloadImage "$ISO" "$VERSION" "$LANGUAGE"; then
+    rm -f "$ISO" 2> /dev/null || true
+    exit 61
+  fi
+fi
+
+DIR="$TMP/unpack"
+
+if ! extractImage "$ISO" "$DIR" "$VERSION"; then
+  rm -f "$ISO" 2> /dev/null || true
+  exit 62
+fi
+
+if ! detectImage "$DIR" "$VERSION"; then
+  abortInstall "$DIR" "$ISO" && return 0
+  exit 60
+fi
+
+if ! prepareImage "$ISO" "$DIR"; then
+  abortInstall "$DIR" "$ISO" && return 0
+  exit 66
+fi
+
+if ! updateImage "$DIR" "$XML" "$LANGUAGE"; then
+  abortInstall "$DIR" "$ISO" && return 0
+  exit 63
+fi
+
+if ! removeImage "$ISO"; then
+  exit 64
+fi
+
+if ! buildImage "$DIR"; then
+  exit 65
+fi
+
+if ! finishInstall "$BOOT" "N"; then
+  exit 69
+fi
+
+html "Successfully prepared image for installation..."
+return 0
diff --git a/apps/rego-tunnel/build/src/mido.sh b/apps/rego-tunnel/build/src/mido.sh
new file mode 100644
index 0000000..369fc17
--- /dev/null
+++ b/apps/rego-tunnel/build/src/mido.sh
@@ -0,0 +1,834 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+handle_curl_error() {
+
+  local error_code="$1"
+  local server_name="$2"
+
+  case "$error_code" in
+    1) error "Unsupported protocol!" ;;
+    2) error "Failed to initialize curl!" ;;
+    3) error "The URL format is malformed!" ;;
+    5) error "Failed to resolve address of proxy host!" ;;
+    6) error "Failed to resolve $server_name servers! Is there an Internet connection?" ;;
+    7) error "Failed to contact $server_name servers! Is there an Internet connection or is the server down?" ;;
+    8) error "$server_name servers returned a malformed HTTP response!" ;;
+    16) error "A problem was detected in the HTTP2 framing layer!" ;;
+    22) error "$server_name servers returned a failing HTTP status code!" ;;
+    23) error "Failed at writing Windows media to disk! Out of disk space or permission error?" ;;
+    26) error "Failed to read Windows media from disk!" ;;
+    27) error "Ran out of memory during download!" ;;
+    28) error "Connection timed out to $server_name server!" ;;
+    35) error "SSL connection error from $server_name server!" ;;
+    36) error "Failed to continue earlier download!" ;;
+    52) error "Received no data from the $server_name server!" ;;
+    63) error "$server_name servers returned an unexpectedly large response!" ;;
+    # POSIX defines exit statuses 1-125 as usable by us
+    # https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_08_02
+    $((error_code <= 125)))
+      # Must be some other server or network error (possibly with this specific request/file)
+      # This is when accounting for all possible errors in the curl manual assuming a correctly formed curl command and an HTTP(S) request, using only the curl features we're using, and a sane build
+      error "Miscellaneous server or network error, reason: $error_code"
+      ;;
+    126 | 127 ) error "Curl command not found!" ;;
+    # Exit statuses are undefined by POSIX beyond this point
+    *)
+      case "$(kill -l "$error_code")" in
+        # Signals defined to exist by POSIX:
+        # https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html
+        INT) error "Curl was interrupted!" ;;
+        # There could be other signals but these are most common
+        SEGV | ABRT ) error "Curl crashed! Please report any core dumps to curl developers." ;;
+        *) error "Curl terminated due to fatal signal $error_code !" ;;
+      esac
+  esac
+
+  return 1
+}
+
+get_agent() {
+
+  local user_agent
+
+  # Determine approximate latest Firefox release
+  browser_version="$((124 + ($(date +%s) - 1710892800) / 2419200))"
+  echo "Mozilla/5.0 (X11; Linux x86_64; rv:${browser_version}.0) Gecko/20100101 Firefox/${browser_version}.0"
+
+  return 0
+}
+
+download_windows() {
+
+  local id="$1"
+  local lang="$2"
+  local desc="$3"
+  local sku_id=""
+  local sku_url=""
+  local iso_url=""
+  local iso_json=""
+  local language=""
+  local session_id=""
+  local user_agent=""
+  local download_type=""
+  local windows_version=""
+  local iso_download_link=""
+  local download_page_html=""
+  local product_edition_id=""
+  local language_skuid_json=""
+  local profile="606624d44113"
+
+  user_agent=$(get_agent)
+  language=$(getLanguage "$lang" "name")
+
+  case "${id,,}" in
+    "win11x64" ) windows_version="11" && download_type="1" ;;
+    "win10x64" ) windows_version="10" && download_type="1" ;;
+    "win11arm64" ) windows_version="11arm64" && download_type="2" ;;
+    * ) error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
+  esac
+
+  local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
+  [[ "${id,,}" == "win10"* ]] && url+="ISO"
+
+  # uuidgen: For MacOS (installed by default) and other systems (e.g. with no /proc) that don't have a kernel interface for generating random UUIDs
+  session_id=$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)
+  session_id="${session_id//[![:print:]]/}"
+
+  # Get product edition ID for latest release of given Windows version
+  # Product edition ID: This specifies both the Windows release (e.g. 22H2) and edition ("multi-edition" is default, either Home/Pro/Edu/etc., we select "Pro" in the answer files) in one number
+  # This is the *only* request we make that Fido doesn't. Fido manually maintains a list of all the Windows release/edition product edition IDs in its script (see: $WindowsVersions array). This is helpful for downloading older releases (e.g. Windows 10 1909, 21H1, etc.) but we always want to get the newest release which is why we get this value dynamically
+  # Also, keeping a "$WindowsVersions" array like Fido does would be way too much of a maintenance burden
+  # Remove "Accept" header that curl sends by default
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
+  download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
+    handle_curl_error "$?" "Microsoft"
+    return $?
+  }
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting Product edition ID: "
+  product_edition_id=$(echo "$download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)
+  [[ "$DEBUG" == [Yy1]* ]] && echo "$product_edition_id"
+
+  if [ -z "$product_edition_id" ]; then
+    error "Product edition ID not found!"
+    return 1
+  fi
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Permit Session ID: $session_id"
+  # Permit Session ID
+  curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
+    # This should only happen if there's been some change to how this API works
+    handle_curl_error "$?" "Microsoft"
+    return $?
+  }
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting language SKU ID: "
+  sku_url="https://www.microsoft.com/software-download-connector/api/getskuinformationbyproductedition?profile=$profile&ProductEditionId=$product_edition_id&SKU=undefined&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
+  language_skuid_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$sku_url") || {
+    handle_curl_error "$?" "Microsoft"
+    return $?
+  }
+
+  { sku_id=$(echo "$language_skuid_json" | jq --arg LANG "$language" -r '.Skus[] | select(.Language==$LANG).Id') 2>/dev/null; rc=$?; } || :
+
+  if [ -z "$sku_id" ] || [[ "${sku_id,,}" == "null" ]] || (( rc != 0 )); then
+    language=$(getLanguage "$lang" "desc")
+    error "No download in the $language language available for $desc!"
+    return 1
+  fi
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo "$sku_id"
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Getting ISO download link..."
+
+  # Get ISO download link
+  # If any request is going to be blocked by Microsoft it's always this last one (the previous requests always seem to succeed)
+
+  iso_url="https://www.microsoft.com/software-download-connector/api/GetProductDownloadLinksBySku?profile=$profile&ProductEditionId=undefined&SKU=$sku_id&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
+  iso_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_url")
+
+  if ! [ "$iso_json" ]; then
+    # This should only happen if there's been some change to how this API works
+    error "Microsoft servers gave us an empty response to our request for an automated download."
+    return 1
+  fi
+
+  if echo "$iso_json" | grep -q "Sentinel marked this request as rejected."; then
+    error "Microsoft blocked the automated download request based on your IP address."
+    return 1
+  fi
+
+  if echo "$iso_json" | grep -q "We are unable to complete your request at this time."; then
+    error "Microsoft blocked the automated download request based on your IP address."
+    return 1
+  fi
+
+  { iso_download_link=$(echo "$iso_json" | jq --argjson TYPE "$download_type" -r '.ProductDownloadOptions[] | select(.DownloadType==$TYPE).Uri') 2>/dev/null; rc=$?; } || :
+
+  if [ -z "$iso_download_link" ] || [[ "${iso_download_link,,}" == "null" ]] || (( rc != 0 )); then
+    error "Microsoft servers gave us no download link to our request for an automated download!"
+    info "Response: $iso_json"
+    return 1
+  fi
+
+  MIDO_URL="$iso_download_link"
+  return 0
+}
+
+download_windows_eval() {
+
+  local id="$1"
+  local lang="$2"
+  local desc="$3"
+  local filter=""
+  local culture=""
+  local compare=""
+  local language=""
+  local user_agent=""
+  local enterprise_type=""
+  local windows_version=""
+
+  case "${id,,}" in
+    "win11${PLATFORM,,}-enterprise-eval" )
+      enterprise_type="enterprise"
+      windows_version="windows-11-enterprise" ;;
+    "win11${PLATFORM,,}-enterprise-iot-eval" )
+      enterprise_type="iot"
+      windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
+    "win11${PLATFORM,,}-enterprise-ltsc-eval" )
+      enterprise_type="iot"
+      windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
+    "win10${PLATFORM,,}-enterprise-eval" )
+      enterprise_type="enterprise"
+      windows_version="windows-10-enterprise" ;;
+    "win10${PLATFORM,,}-enterprise-ltsc-eval" )
+      enterprise_type="ltsc"
+      windows_version="windows-10-enterprise" ;;
+    "win2025-eval" )
+      enterprise_type="server"
+      windows_version="windows-server-2025" ;;
+    "win2022-eval" )
+      enterprise_type="server"
+      windows_version="windows-server-2022" ;;
+    "win2019-hv" )
+      enterprise_type="server"
+      windows_version="hyper-v-server-2019" ;;
+    "win2019-eval" )
+      enterprise_type="server"
+      windows_version="windows-server-2019" ;;
+    "win2016-eval" )
+      enterprise_type="server"
+      windows_version="windows-server-2016" ;;
+    "win2012r2-eval" )
+      enterprise_type="server"
+      windows_version="windows-server-2012-r2" ;;
+    * )
+      error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
+  esac
+
+  user_agent=$(get_agent)
+  culture=$(getLanguage "$lang" "culture")
+
+  local country="${culture#*-}"
+  local iso_download_page_html=""
+  local url="https://www.microsoft.com/en-us/evalcenter/download-$windows_version"
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
+  iso_download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
+    handle_curl_error "$?" "Microsoft"
+    return $?
+  }
+
+  if ! [ "$iso_download_page_html" ]; then
+    # This should only happen if there's been some change to where this download page is located
+    error "Windows server download page gave us an empty response"
+    return 1
+  fi
+
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Getting download link.."
+
+  filter="https://go.microsoft.com/fwlink/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
+
+  if ! echo "$iso_download_page_html" | grep -io "$filter" > /dev/null; then
+    filter="https://go.microsoft.com/fwlink/p/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
+  fi
+
+  iso_download_links=$(echo "$iso_download_page_html" | grep -io "$filter") || {
+    # This should only happen if there's been some change to the download endpoint web address
+    if [[ "${lang,,}" == "en" || "${lang,,}" == "en-"* ]]; then
+      error "Windows server download page gave us no download link!"
+    else
+      language=$(getLanguage "$lang" "desc")
+      error "No download in the $language language available for $desc!"
+    fi
+    return 1
+  }
+
+  case "$enterprise_type" in
+    "iot" | "ltsc" )
+      case "${PLATFORM,,}" in
+        "x64" )
+          if [[ "$windows_version" != "windows-10"* ]]; then
+            iso_download_link=$(echo "$iso_download_links" | head -n 1)
+          else
+            iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1)
+          fi ;;
+        "arm64" )
+          iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
+      esac ;;
+    "enterprise" )
+      case "${PLATFORM,,}" in
+        "x64" )
+          if [[ "$windows_version" != "windows-10"* ]]; then
+            iso_download_link=$(echo "$iso_download_links" | head -n 1)
+          else
+            iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
+          fi ;;
+        "arm64" )
+          iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
+      esac ;;
+    "server" )
+      case "${PLATFORM,,}" in
+        "x64" )
+          iso_download_link=$(echo "$iso_download_links" | head -n 1) ;;
+      esac ;;
+    * )
+      error "Invalid type specified, value \"$enterprise_type\" is not recognized!" && return 1 ;;
+  esac
+
+  [ -z "$iso_download_link" ] && error "Could not parse download link from page!" && return 1
+
+  # Follow redirect so proceeding log message is useful
+  # This is a request we make that Fido doesn't
+
+  iso_download_link=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link") || {
+    # This should only happen if the Microsoft servers are down
+    handle_curl_error "$?" "Microsoft"
+    return $?
+  }
+
+  case "${PLATFORM,,}" in
+    "x64" )
+      if [[ "${iso_download_link,,}" != *"x64"* ]]; then
+        echo "Found download link: $iso_download_link"
+        error "Download link is for the wrong platform? Please report this at $SUPPORT/issues"
+        return 1
+      fi ;;
+    "arm64" )
+      if [[ "${iso_download_link,,}" != *"a64"* && "${iso_download_link,,}" != *"arm64"* ]]; then
+        if [[ "$DEBUG" == [Yy1]* ]]; then
+          echo "Found download link: $iso_download_link"
+          echo "Link for ARM platform currently not available!"
+        fi
+        return 1
+      fi ;;
+  esac
+
+  if [[ "$DEBUG" == [Yy1]* && "$VERIFY" == [Yy1]* && "${lang,,}" == "en"* ]]; then
+    compare=$(getMido "$id" "$lang" "")
+    if [[ "${iso_download_link,,}" != "${compare,,}" ]]; then
+      echo "Retrieved link does not match the fixed link: $compare"
+    fi
+  fi
+
+  MIDO_URL="$iso_download_link"
+  return 0
+}
+
+getWindows() {
+
+  local version="$1"
+  local lang="$2"
+  local desc="$3"
+
+  local language edition
+  language=$(getLanguage "$lang" "desc")
+  edition=$(printEdition "$version" "$desc")
+
+  local msg="Requesting $desc from the Microsoft servers..."
+  info "$msg" && html "$msg"
+
+  case "${version,,}" in
+    "win2008r2" | "win81${PLATFORM,,}"* | "win11${PLATFORM,,}-enterprise-iot"* | "win11${PLATFORM,,}-enterprise-ltsc"* )
+      if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
+        error "No download in the $language language available for $edition!"
+        MIDO_URL="" && return 1
+      fi ;;
+  esac
+
+  case "${version,,}" in
+    "win11${PLATFORM,,}" ) ;;
+    "win11${PLATFORM,,}-enterprise"* ) ;;
+    * )
+      if [[ "${PLATFORM,,}" != "x64" ]]; then
+        error "No download for the ${PLATFORM^^} platform available for $edition!"
+        MIDO_URL="" && return 1
+      fi ;;
+  esac
+
+  case "${version,,}" in
+    "win10${PLATFORM,,}" | "win11${PLATFORM,,}" )
+      download_windows "$version" "$lang" "$edition" && return 0
+      ;;
+    "win11${PLATFORM,,}-enterprise"* | "win10${PLATFORM,,}-enterprise"* )
+      download_windows_eval "$version" "$lang" "$edition" && return 0
+      ;;
+    "win2025-eval" | "win2022-eval" | "win2019-eval" | "win2019-hv" | "win2016-eval" | "win2012r2-eval" )
+      download_windows_eval "$version" "$lang" "$edition" && return 0
+      ;;
+    "win81${PLATFORM,,}-enterprise"* | "win2008r2" )
+      ;;
+    * ) error "Invalid VERSION specified, value \"$version\" is not recognized!" ;;
+  esac
+
+  MIDO_URL=$(getMido "$version" "$lang" "")
+  [ -z "$MIDO_URL" ] && return 1
+
+  return 0
+}
+
+getBuild() {
+
+  local id="$1"
+  local ret="$2"
+  local url=""
+  local name=""
+  local build="$3"
+  local edition=""
+  local file="catalog.xml"
+
+  case "${id,,}" in
+    "win11${PLATFORM,,}" )
+      name="Windows 11 Pro"
+      url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Professional" ;;
+    "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+      name="Windows 11 Enterprise"
+      url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Enterprise" ;;
+  esac
+
+  case "${ret,,}" in
+    "url" ) echo "$url" ;;
+    "file" ) echo "$file" ;;
+    "name" ) echo "$name" ;;
+    "edition" ) echo "$edition" ;;
+    *) echo "";;
+  esac
+
+  return 0
+}
+
+getCatalog() {
+
+  local id="$1"
+  local ret="$2"
+  local url=""
+  local name=""
+  local edition=""
+  local file="catalog.cab"
+
+  if [[ "${id,,}" == "win11"* ]] && ! isCompatible; then
+    # ARMv8.0 cannot run Windows 11 builds 24H2 and up.
+    getBuild "$1" "$2" "22631.2861" && return 0
+  fi
+
+  case "${id,,}" in
+    "win11${PLATFORM,,}" )
+      edition="Professional"
+      name="Windows 11 Pro"
+      url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
+    "win10${PLATFORM,,}" )
+      edition="Professional"
+      name="Windows 10 Pro"
+      url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
+    "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+      edition="Enterprise"
+      name="Windows 11 Enterprise"
+      url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
+    "win10${PLATFORM,,}-enterprise" | "win10${PLATFORM,,}-enterprise-eval" )
+      edition="Enterprise"
+      name="Windows 10 Enterprise"
+      url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
+  esac
+
+  case "${ret,,}" in
+    "url" ) echo "$url" ;;
+    "file" ) echo "$file" ;;
+    "name" ) echo "$name" ;;
+    "edition" ) echo '[Edition="'"${edition}"'"]' ;;
+    *) echo "";;
+  esac
+
+  return 0
+}
+
+getESD() {
+
+  local dir="$1"
+  local version="$2"
+  local lang="$3"
+  local desc="$4"
+  local file
+  local result
+  local culture
+  local language
+  local edition
+  local catalog
+
+  file=$(getCatalog "$version" "file")
+  catalog=$(getCatalog "$version" "url")
+  culture=$(getLanguage "$lang" "culture")
+  edition=$(getCatalog "$version" "edition")
+
+  if [ -z "$file" ] || [ -z "$catalog" ]; then
+    error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+  fi
+
+  local msg="Downloading catalog..."
+  info "$msg" && html "$msg"
+
+  rm -rf "$dir"
+
+  if ! makeDir "$dir"; then
+    error "Failed to create directory \"$dir\" !" && return 1
+  fi
+  
+  local xFile="products.xml"
+  local eFile="esd_edition.xml"
+  local fFile="products_filter.xml"
+
+  { wget "$catalog" -O "$dir/$file" -q --timeout=30 --no-http-keep-alive; rc=$?; } || :
+
+  msg="Failed to download $catalog"
+  (( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
+  (( rc == 4 )) && error "$msg , network failure!" && return 1
+  (( rc == 8 )) && error "$msg , server issued an error response!" && return 1
+  (( rc != 0 )) && error "$msg , reason: $rc" && return 1
+
+  if [[ "$file" == *".xml" ]]; then
+
+    mv -f "$dir/$file" "$dir/$xFile"
+
+  else
+
+    cd "$dir"
+
+    if ! cabextract "$file" > /dev/null; then
+      cd /run
+      error "Failed to extract $file!" && return 1
+    fi
+
+    cd /run
+
+  fi
+
+  if [ ! -s "$dir/$xFile" ]; then
+    error "Failed to find $xFile in $file!" && return 1
+  fi
+
+  local edQuery='//File[Architecture="'${PLATFORM,,}'"]'"${edition}"''
+  result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
+
+  if [ -z "$result" ]; then
+
+    edQuery='//File[Architecture="'${PLATFORM^^}'"]'"${edition}"''
+
+    result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
+
+    if [ -z "$result" ]; then
+      desc=$(printEdition "$version" "$desc")
+      language=$(getLanguage "$lang" "desc")
+      error "No download link available for $desc!" && return 1
+    fi
+
+  fi
+
+  echo -e '<Catalog>' > "$dir/$fFile"
+  echo "$result" >> "$dir/$fFile"
+  echo -e '</Catalog>'>> "$dir/$fFile"
+
+  result=$(xmllint --nonet --xpath "//File[LanguageCode=\"${culture,,}\"]" "$dir/$fFile" 2>/dev/null)
+
+  if [ -z "$result" ]; then
+    desc=$(printEdition "$version" "$desc")
+    language=$(getLanguage "$lang" "desc")
+    error "No download in the $language language available for $desc!" && return 1
+  fi
+
+  echo "$result" > "$dir/$eFile"
+
+  local tag="FilePath"
+  ESD=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+  if [ -z "$ESD" ]; then
+    error "Failed to find ESD URL in $eFile!" && return 1
+  fi
+
+  tag="Sha1"
+  ESD_SUM=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+  if [ -z "$ESD_SUM" ]; then
+    error "Failed to find ESD checksum in $eFile!" && return 1
+  fi
+
+  tag="Size"
+  ESD_SIZE=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+  if [ -z "$ESD_SIZE" ]; then
+    error "Failed to find ESD filesize in $eFile!" && return 1
+  fi
+
+  rm -rf "$dir"
+  return 0
+}
+
+isCompressed() {
+
+  local file="$1"
+
+  case "${file,,}" in
+    *".7z" | *".zip" | *".rar" | *".lzma" | *".bz" | *".bz2" )
+      return 0 ;;
+  esac
+
+  return 1
+}
+
+verifyFile() {
+
+  local iso="$1"
+  local size="$2"
+  local total="$3"
+  local check="$4"
+
+  if [ -n "$size" ] && [[ "$total" != "$size" && "$size" != "0" ]]; then
+    if [[ "$VERIFY" == [Yy1]* || "$DEBUG" == [Yy1]* ]]; then
+      warn "The downloaded file has a different size ( $total bytes) than expected ( $size bytes). Please report this at $SUPPORT/issues"
+    fi
+  fi
+
+  local hash=""
+  local algo="SHA256"
+
+  [ -z "$check" ] && return 0
+  [[ "$VERIFY" != [Yy1]* ]] && return 0
+  [[ "${#check}" == "40" ]] && algo="SHA1"
+
+  local msg="Verifying downloaded ISO..."
+  info "$msg" && html "$msg"
+
+  if [[ "${algo,,}" != "sha256" ]]; then
+    hash=$(sha1sum "$iso" | cut -f1 -d' ')
+  else
+    hash=$(sha256sum "$iso" | cut -f1 -d' ')
+  fi
+
+  if [[ "$hash" == "$check" ]]; then
+    info "Successfully verified ISO!" && return 0
+  fi
+
+  error "The downloaded file has an unknown $algo checksum: $hash , as the expected value was: $check. Please report this at $SUPPORT/issues"
+  return 1
+}
+
+downloadFile() {
+
+  local iso="$1"
+  local url="$2"
+  local sum="$3"
+  local size="$4"
+  local lang="$5"
+  local desc="$6"
+  local msg="Downloading $desc"
+  local rc total total_gb progress domain dots agent space folder
+
+  agent=$(get_agent)
+
+  if [ -n "$size" ] && [[ "$size" != "0" ]]; then
+    folder=$(dirname -- "$iso")
+    space=$(df --output=avail -B 1 "$folder" | tail -n 1)
+    total_gb=$(formatBytes "$space")
+    (( size > space )) && error "Not enough free space to download file, only $total_gb left!" && return 1
+  fi
+
+  # Check if running with interactive TTY or redirected to docker log
+  if [ -t 1 ]; then
+    progress="--progress=bar:noscroll"
+  else
+    progress="--progress=dot:giga"
+  fi
+
+  html "$msg..."
+  /run/progress.sh "$iso" "$size" "$msg ([P])..." &
+
+  domain=$(echo "$url" | awk -F/ '{print $3}')
+  dots=$(echo "$domain" | tr -cd '.' | wc -c)
+  (( dots > 1 )) && domain=$(expr "$domain" : '.*\.\(.*\..*\)')
+
+  if [ -n "$domain" ] && [[ "${domain,,}" != *"microsoft.com" ]]; then
+    msg="Downloading $desc from $domain"
+  fi
+
+  info "$msg..."
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Downloading: $url"
+
+  { wget "$url" -O "$iso" --continue -q --timeout=30 --no-http-keep-alive --user-agent "$agent" --show-progress "$progress"; rc=$?; } || :
+
+  fKill "progress.sh"
+
+  if (( rc == 0 )) && [ -f "$iso" ]; then
+    total=$(stat -c%s "$iso")
+    total_gb=$(formatBytes "$total")
+    if [ "$total" -lt 100000000 ]; then
+      error "Invalid download link: $url (is only $total_gb ?). Please report this at $SUPPORT/issues" && return 1
+    fi
+    verifyFile "$iso" "$size" "$total" "$sum" || return 1
+    isCompressed "$url" && UNPACK="Y"
+    html "Download finished successfully..." && return 0
+  fi
+
+  msg="Failed to download $url"
+  (( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
+  (( rc == 4 )) && error "$msg , network failure!" && return 1
+  (( rc == 8 )) && error "$msg , server issued an error response! Please report this at $SUPPORT/issues" && return 1
+
+  error "$msg , reason: $rc"
+  return 1
+}
+
+delay() {
+
+  local i
+  local delay="$1"
+  local msg="Will retry in X seconds..."
+
+  info "${msg/X/$delay}"
+
+  for i in $(seq "$delay" -1 1); do
+    html "${msg/X/$i}"
+    sleep 1
+  done
+
+  return 0
+}
+
+downloadImage() {
+
+  local iso="$1"
+  local version="$2"
+  local lang="$3"
+  local tried="n"
+  local success="n"
+  local seconds="5"
+  local url sum size base desc language
+
+  if [[ "${version,,}" == "http"* ]]; then
+
+    base=$(basename "$iso")
+    desc=$(fromFile "$base")
+
+    rm -f "$iso"
+    downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
+    delay "$seconds"
+    downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
+    rm -f "$iso"
+
+    return 1
+  fi
+
+  if ! validVersion "$version" "en"; then
+    error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+  fi
+
+  desc=$(printVersion "$version" "")
+
+  if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
+    language=$(getLanguage "$lang" "desc")
+    if ! validVersion "$version" "$lang"; then
+      desc=$(printEdition "$version" "$desc")
+      error "The $language language version of $desc is not available, please switch to English." && return 1
+    fi
+    desc+=" in $language"
+  fi
+
+  if isMido "$version" "$lang"; then
+
+    tried="y"
+    success="n"
+
+    if getWindows "$version" "$lang" "$desc"; then
+      success="y"
+    else
+      delay "$seconds"
+      getWindows "$version" "$lang" "$desc" && success="y"
+    fi
+
+    if [[ "$success" == "y" ]]; then
+      size=$(getMido "$version" "$lang" "size" )
+      sum=$(getMido "$version" "$lang" "sum")
+
+      rm -f "$iso"
+      downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
+      delay "$seconds"
+      downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
+      rm -f "$iso"
+    fi
+  fi
+
+  switchEdition "$version"
+
+  if isESD "$version" "$lang"; then
+
+    if [[ "$tried" != "n" ]]; then
+      info "Failed to download $desc, will try a different method now..."
+    fi
+
+    tried="y"
+    success="n"
+
+    if getESD "$TMP/esd" "$version" "$lang" "$desc"; then
+      success="y"
+    else
+      delay "$seconds"
+      getESD "$TMP/esd" "$version" "$lang" "$desc" && success="y"
+    fi
+
+    if [[ "$success" == "y" ]]; then
+      ISO="${ISO%.*}.esd"
+
+      rm -f "$ISO"
+      downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
+      delay "$seconds"
+      downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
+      rm -f "$ISO"
+      ISO="$iso"
+    fi
+
+  fi
+
+  for ((i=1;i<=MIRRORS;i++)); do
+
+    url=$(getLink "$i" "$version" "$lang")
+
+    if [ -n "$url" ]; then
+
+      if [[ "$tried" != "n" ]]; then
+        info "Failed to download $desc, will try another mirror now..."
+      fi
+
+      tried="y"
+      size=$(getSize "$i" "$version" "$lang")
+      sum=$(getHash "$i" "$version" "$lang")
+
+      rm -f "$iso"
+      downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
+      delay "$seconds"
+      downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
+      rm -f "$iso"
+    fi
+
+  done
+
+  return 1
+}
+
+return 0
diff --git a/apps/rego-tunnel/build/src/power.sh b/apps/rego-tunnel/build/src/power.sh
new file mode 100644
index 0000000..2f56b72
--- /dev/null
+++ b/apps/rego-tunnel/build/src/power.sh
@@ -0,0 +1,241 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+: "${QEMU_TIMEOUT:="110"}"  # QEMU Termination timeout
+
+# Configure QEMU for graceful shutdown
+
+QEMU_TERM=""
+QEMU_DIR="/run/shm"
+QEMU_PID="$QEMU_DIR/qemu.pid"
+QEMU_PTY="$QEMU_DIR/qemu.pty"
+QEMU_LOG="$QEMU_DIR/qemu.log"
+QEMU_OUT="$QEMU_DIR/qemu.out"
+QEMU_END="$QEMU_DIR/qemu.end"
+
+rm -f "$QEMU_DIR/qemu.*"
+touch "$QEMU_LOG"
+
+_trap() {
+  func="$1" ; shift
+  for sig ; do
+    trap "$func $sig" "$sig"
+  done
+}
+
+boot() {
+
+  [ -f "$QEMU_END" ] && return 0
+
+  if [ -s "$QEMU_PTY" ]; then
+    if [ "$(stat -c%s "$QEMU_PTY")" -gt 7 ]; then
+      local fail=""
+      if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
+        grep -Fq "No bootable device." "$QEMU_PTY" && fail="y"
+        grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && fail="y"
+      fi
+      if [ -z "$fail" ]; then
+        info "Windows started successfully, visit http://127.0.0.1:8006/ to view the screen..."
+        return 0
+      fi
+    fi
+  fi
+
+  error "Timeout while waiting for QEMU to boot the machine!"
+
+  local pid
+  pid=$(<"$QEMU_PID")
+  { kill -15 "$pid" || true; } 2>/dev/null
+
+  return 0
+}
+
+ready() {
+
+  [ -f "$STORAGE/windows.boot" ] && return 0
+  [ ! -s "$QEMU_PTY" ] && return 1
+
+  if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
+    local last
+    local bios="Booting from Hard"
+    last=$(grep "^Booting.*" "$QEMU_PTY" | tail -1)
+    [[ "${last,,}" != "${bios,,}"* ]] && return 1
+    grep -Fq "No bootable device." "$QEMU_PTY" && return 1
+    grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && return 1
+    return 0
+  fi
+
+  local line="\"Windows Boot Manager\""
+  grep -Fq "$line" "$QEMU_PTY" && return 0
+
+  return 1
+}
+
+finish() {
+
+  local pid
+  local cnt=0
+  local reason=$1
+  local pids=(
+        "/var/run/tpm.pid"
+        "/var/run/wsdd.pid"
+        "/var/run/samba/nmbd.pid"
+        "/var/run/samba/smbd.pid"
+      )
+
+  touch "$QEMU_END"
+
+  if [ -s "$QEMU_PID" ]; then
+
+    pid=$(<"$QEMU_PID")
+    echo && error "Forcefully terminating Windows, reason: $reason..."
+    { kill -15 "$pid" || true; } 2>/dev/null
+
+    while isAlive "$pid"; do
+
+      sleep 1
+      cnt=$((cnt+1))
+
+      # Workaround for zombie pid
+      [ ! -s "$QEMU_PID" ] && break
+
+      if [ "$cnt" == "5" ]; then
+        echo && error "QEMU did not terminate itself, forcefully killing process..."
+        { kill -9 "$pid" || true; } 2>/dev/null
+      fi
+
+    done
+
+  fi
+
+  if [ ! -f "$STORAGE/windows.boot" ] && [ -f "$BOOT" ]; then
+    # Remove CD-ROM ISO after install
+    if ready; then
+      local file="$STORAGE/windows.boot"
+      touch "$file"
+      ! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
+      if [[ "$REMOVE" != [Nn]* ]]; then
+        rm -f "$BOOT" 2>/dev/null || true
+      fi
+    fi
+  fi
+
+  for pid in "${pids[@]}"; do
+      if [[ -s "$pid" ]]; then 
+          pKill "$(cat "$pid")"
+      fi
+      rm -f "$pid"
+  done 
+
+  closeNetwork
+
+  sleep 0.5
+  echo "❯ Shutdown completed!"
+
+  exit "$reason"
+}
+
+terminal() {
+
+  local dev=""
+
+  if [ -s "$QEMU_OUT" ]; then
+
+    local msg
+    msg=$(<"$QEMU_OUT")
+
+    if [ -n "$msg" ]; then
+
+      if [[ "${msg,,}" != "char"* ||  "$msg" != *"serial0)" ]]; then
+        echo "$msg"
+      fi
+
+      dev="${msg#*/dev/p}"
+      dev="/dev/p${dev%% *}"
+
+    fi
+  fi
+
+  if [ ! -c "$dev" ]; then
+    dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$MON_PORT" | tr -d '\000')
+    dev="${dev#*serial0}"
+    dev="${dev#*pty:}"
+    dev="${dev%%$'\n'*}"
+    dev="${dev%%$'\r'*}"
+  fi
+
+  if [ ! -c "$dev" ]; then
+    error "Device '$dev' not found!"
+    finish 34 && return 34
+  fi
+
+  QEMU_TERM="$dev"
+  return 0
+}
+
+_graceful_shutdown() {
+
+  local code=$?
+
+  set +e
+
+  if [ -f "$QEMU_END" ]; then
+    info "Received $1 while already shutting down..."
+    return
+  fi
+
+  touch "$QEMU_END"
+  info "Received $1, sending ACPI shutdown signal..."
+
+  if [ ! -s "$QEMU_PID" ]; then
+    error "QEMU PID file does not exist?"
+    finish "$code" && return "$code"
+  fi
+
+  local pid=""
+  pid=$(<"$QEMU_PID")
+
+  if ! isAlive "$pid"; then
+    error "QEMU process does not exist?"
+    finish "$code" && return "$code"
+  fi
+
+  if ! ready; then
+    info "Cannot send ACPI signal during Windows setup, aborting..."
+    finish "$code" && return "$code"
+  fi
+
+  # Send ACPI shutdown signal
+  echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
+
+  local cnt=0
+  while [ "$cnt" -lt "$QEMU_TIMEOUT" ]; do
+
+    sleep 1
+    cnt=$((cnt+1))
+
+    ! isAlive "$pid" && break
+    # Workaround for zombie pid
+    [ ! -s "$QEMU_PID" ] && break
+
+    info "Waiting for Windows to shutdown... ($cnt/$QEMU_TIMEOUT)"
+
+    # Send ACPI shutdown signal
+    echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
+
+  done
+
+  if [ "$cnt" -ge "$QEMU_TIMEOUT" ]; then
+    error "Shutdown timeout reached, aborting..."
+  fi
+
+  finish "$code" && return "$code"
+}
+
+SERIAL="pty"
+MONITOR="telnet:localhost:$MON_PORT,server,nowait,nodelay"
+MONITOR+=" -daemonize -D $QEMU_LOG -pidfile $QEMU_PID"
+
+_trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
+
+return 0
diff --git a/apps/rego-tunnel/build/rego-startup.sh b/apps/rego-tunnel/build/src/rego-startup.sh
similarity index 91%
rename from apps/rego-tunnel/build/rego-startup.sh
rename to apps/rego-tunnel/build/src/rego-startup.sh
index 9fe05de..f06a7d2 100755
--- a/apps/rego-tunnel/build/rego-startup.sh
+++ b/apps/rego-tunnel/build/src/rego-startup.sh
@@ -1,8 +1,6 @@
-#!/bin/bash
-# Rego-tunnel custom startup script
-# Runs when container starts
-
-set -e
+#!/usr/bin/env bash
+# Rego-tunnel startup customizations
+# Copies VPN scripts to shared folder and sets up networking
 
 echo "[rego] Initializing rego-tunnel customizations..."
 
@@ -11,7 +9,7 @@ if [ -d "/shared" ]; then
     echo "[rego] Copying VPN scripts to shared folder..."
     mkdir -p /shared/vpn_scripts
     cp -rn /opt/rego-scripts/* /shared/vpn_scripts/ 2>/dev/null || true
-    chmod -R 755 /shared/vpn_scripts/
+    chmod -R 755 /shared/vpn_scripts/ 2>/dev/null || true
     echo "[rego] Scripts available at \\\\TSCLIENT\\shared\\vpn_scripts\\"
 fi
 
diff --git a/apps/rego-tunnel/build/src/samba.sh b/apps/rego-tunnel/build/src/samba.sh
new file mode 100644
index 0000000..7cd3210
--- /dev/null
+++ b/apps/rego-tunnel/build/src/samba.sh
@@ -0,0 +1,228 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+: "${SAMBA:="Y"}"         # Enable Samba
+: "${SAMBA_LEVEL:="1"}"   # Logging level
+: "${SAMBA_DEBUG:="N"}"   # Disable debug
+
+tmp="/tmp/smb"
+rm -rf "$tmp"
+
+rm -f /var/run/wsdd.pid
+rm -f /var/run/samba/nmbd.pid
+rm -f /var/run/samba/smbd.pid
+
+[[ "$SAMBA" == [Nn]* ]] && return 0
+[[ "$NETWORK" == [Nn]* ]] && return 0
+
+if [[ "$DHCP" == [Yy1]* ]]; then
+  socket="$IP"
+  hostname="$IP"
+  interfaces="$VM_NET_DEV"
+else
+  hostname="host.lan"
+  case "${NETWORK,,}" in
+    "passt" | "slirp" )
+      interfaces="lo"
+      socket="127.0.0.1" ;;
+    *)
+      socket="$VM_NET_IP"
+      interfaces="$VM_NET_BRIDGE" ;;
+  esac
+  if [ -n "${SAMBA_INTERFACE:-}" ]; then
+    interfaces+=",$SAMBA_INTERFACE"
+  fi
+fi
+
+html "Initializing shared folder..."
+SAMBA_CONFIG="/etc/samba/smb.conf"
+[[ "$DEBUG" == [Yy1]* ]] && echo "Starting Samba daemon..."
+
+addShare() {
+  local dir="$1"
+  local ref="$2"
+  local name="$3"
+  local comment="$4"
+  local cfg="$5"
+  local owner=""
+
+  if [ ! -d "$dir" ]; then
+    if ! mkdir -p "$dir"; then
+      error "Failed to create shared folder ($dir)." && return 1
+    fi
+  fi
+
+  if ! ls -A "$dir" >/dev/null 2>&1; then
+    msg="No permission to access shared folder ($dir)."
+    msg+=" If SELinux is active, you need to add the \":Z\" flag to the bind mount."
+    error "$msg" && return 1
+  fi
+
+  if [ ! -w "$dir" ]; then
+    msg="shared folder ($dir) is not writeable!"
+    warn "$msg"
+  fi
+
+  if [ -z "$(ls -A "$dir")" ]; then
+    if ! chmod 2777 "$dir"; then
+      error "Failed to set permissions for directory $dir" && return 1
+    fi
+    owner=$(stat -c %u "$dir")
+    if [[ "$owner" == "0" ]]; then
+      if ! chown "1000:1000" "$dir"; then
+        error "Failed to set ownership for directory $dir" && return 1
+      fi
+    fi
+  fi
+
+  if [[ "$dir" == "$tmp" ]]; then
+
+    {   echo "--------------------------------------------------------"
+        echo " $APP for $ENGINE v$(</run/version)..."
+        echo " For support visit $SUPPORT"
+        echo "--------------------------------------------------------"
+        echo ""
+        echo "Using this folder you can exchange files with the host machine."
+        echo ""
+        echo "To select a folder on the host for this purpose, include the following bind mount in your compose file:"
+        echo ""
+        echo "  volumes:"
+        echo "    - \"./example:${ref}\""
+        echo ""
+        echo "Or in your run command:"
+        echo ""
+        echo "  -v \"\${PWD:-.}/example:${ref}\""
+        echo ""
+        echo "Replace the example path ./example with your desired shared folder, which then will become visible here."
+        echo ""
+    } | unix2dos > "$dir/readme.txt"
+
+  fi
+
+  {     echo ""
+        echo "[$name]"
+        echo "    path = $dir"
+        echo "    comment = $comment"
+        echo "    writable = yes"
+        echo "    guest ok = yes"
+        echo "    guest only = yes"
+  } >> "$cfg"
+
+  return 0
+}
+
+{       echo "[global]"
+        echo "    server string = Dockur"
+        echo "    netbios name = $hostname"
+        echo "    workgroup = WORKGROUP"
+        echo "    interfaces = $interfaces"
+        echo "    bind interfaces only = yes"
+        echo "    socket address = $socket"
+        echo "    security = user"
+        echo "    guest account = nobody"
+        echo "    map to guest = Bad User"
+        echo "    server min protocol = NT1"
+        echo "    follow symlinks = yes"
+        echo "    wide links = yes"
+        echo "    unix extensions = no"
+        echo "    inherit owner = yes"
+        echo "    create mask = 0666"
+        echo "    directory mask = 02777"
+        echo "    force user = root"
+        echo "    force group = root"
+        echo "    force create mode = 0666"
+        echo "    force directory mode = 02777"
+        echo ""
+        echo "    # Disable printing services"
+        echo "    load printers = no"
+        echo "    printing = bsd"
+        echo "    printcap name = /dev/null"
+        echo "    disable spoolss = yes"
+} > "$SAMBA_CONFIG"
+
+# Add shared folders
+share="/shared"
+[ ! -d "$share" ] && [ -d "$STORAGE/shared" ] && share="$STORAGE/shared"
+[ ! -d "$share" ] && [ -d "/data" ] && share="/data"
+[ ! -d "$share" ] && [ -d "$STORAGE/data" ] && share="$STORAGE/data"
+[ ! -d "$share" ] && share="$tmp"
+
+! addShare "$share" "/shared" "Data" "Shared" "$SAMBA_CONFIG" && return 0
+
+if [ -d "/shared2" ]; then
+  addShare "/shared2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
+else
+  if [ -d "/data2" ]; then
+    addShare "/data2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
+  fi
+fi
+
+if [ -d "/shared3" ]; then
+  addShare "/shared3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
+else
+  if [ -d "/data3" ]; then
+    addShare "/data3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
+  fi
+fi
+
+# Create directories if missing
+mkdir -p /var/lib/samba/sysvol
+mkdir -p /var/lib/samba/private
+mkdir -p /var/lib/samba/bind-dns
+
+# Try to repair Samba permissions
+[ -d /run/samba/msg.lock ] && chmod -R 0755 /run/samba/msg.lock 2>/dev/null || :
+[ -d /var/log/samba/cores ] && chmod -R 0700 /var/log/samba/cores 2>/dev/null || :
+[ -d /var/cache/samba/msg.lock ] && chmod -R 0755 /var/cache/samba/msg.lock 2>/dev/null || :
+
+rm -f /var/log/samba/log.smbd
+
+if ! smbd -l /var/log/samba; then
+  SAMBA_DEBUG="Y"
+  error "Failed to start Samba daemon!"
+fi
+
+if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+  tail -fn +0 /var/log/samba/log.smbd --pid=$$ &
+fi
+
+case "${NETWORK,,}" in
+  "passt" | "slirp" )
+    return 0 ;;
+esac
+
+if [[ "${BOOT_MODE:-}" == "windows_legacy" ]]; then
+
+  # Enable NetBIOS on Windows 7 and lower
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Starting NetBIOS daemon..."
+
+  rm -f /var/log/samba/log.nmbd
+
+  if ! nmbd -l /var/log/samba; then
+    SAMBA_DEBUG="Y"
+    error "Failed to start NetBIOS daemon!"
+  fi
+
+  if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+    tail -fn +0 /var/log/samba/log.nmbd --pid=$$ &
+  fi
+
+else
+
+  # Enable Web Service Discovery on Vista and up
+  [[ "$DEBUG" == [Yy1]* ]] && echo "Starting wsddn daemon..."
+
+  rm -f /var/log/wsddn.log
+
+  if ! wsddn -i "${interfaces%%,*}" -H "$hostname" --unixd --log-file=/var/log/wsddn.log --pid-file=/var/run/wsdd.pid; then
+    SAMBA_DEBUG="Y"
+    error "Failed to start wsddn daemon!"
+  fi
+
+  if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+    tail -fn +0 /var/log/wsddn.log --pid=$$ &
+  fi
+
+fi
+
+return 0