From 4cc642735f61fdd66fa49f2e0afec71c038f32e6 Mon Sep 17 00:00:00 2001 From: Eneko Date: Thu, 22 Apr 2021 21:02:06 +0200 Subject: [PATCH] Failed experiment for local development --- docker/README.md | 10 +++ docker/cert/ca.jks | Bin 0 -> 4063 bytes docker/cert/ca.pem | 18 +++++ docker/cert/create_dev_cert.sh | 65 ++++++++++++++++++ docker/cert/keycloak-keystore.jks | Bin 0 -> 2419 bytes docker/cert/keycloak.der | Bin 0 -> 713 bytes docker/cert/keycloak.key | 32 +++++++++ docker/cert/keycloak.p12 | Bin 0 -> 2419 bytes docker/cert/keycloak.pem | 38 ++++++++++ docker/cert/my-truststore.jks | Bin 0 -> 3722 bytes docker/cert/root.jks | Bin 0 -> 2411 bytes docker/cert/root.pem | 18 +++++ docker/cert/synapse-keystore.jks | Bin 0 -> 2409 bytes docker/cert/synapse.key | 32 +++++++++ docker/cert/synapse.p12 | Bin 0 -> 2409 bytes docker/cert/synapse.pem | 38 ++++++++++ docker/full/docker-compose.yml | 32 --------- docker/full/https/tls.crt | 21 ------ docker/full/https/tls.key | 27 -------- docker/full/https/trb.pem | 27 -------- .../full/synapse-data/matrixdev.signing.key | 1 - docker/keycloak/docker-compose.yml | 20 ++++++ docker/keycloak/https/tls.crt | 38 ++++++++++ docker/keycloak/https/tls.key | 32 +++++++++ docker/{full => keycloak}/okupamicoche.json | 0 docker/synapse/docker-compose.yml | 28 +++++--- .../synapse-data => synapse}/homeserver.yaml | 28 ++++---- docker/synapse/synapse-data/ca.pem | 18 +++++ docker/synapse/synapse-data/homeserver.db | Bin 0 -> 1667072 bytes .../homeserver.yaml | 49 ++++++------- .../okupamicoche-synapse.log.config} | 0 .../okupamicoche-synapse.signing.key | 1 + docker/synapse/synapse-data/synapse.key | 32 +++++++++ docker/synapse/synapse-data/synapse.pem | 38 ++++++++++ docker/synapse/synapse_data/.gitignore | 5 -- docker/synapse/synapse_data/keycloak.crt | 21 ------ docker/synapse/synapse_data/keycloak.key | 27 -------- .../synapse_data/okupamicoche-appservice.yaml | 11 --- .../synapse/synapse_data/synapse.log.config | 22 ------ .../synapse/synapse_data/synapse.signing.key | 1 - .../controller/PrivateTravelRestController.kt | 4 +- .../spring/services/MatrixService.kt | 2 +- .../usecases/travel/RemoveTraveler.kt | 4 +- 43 files changed, 490 insertions(+), 250 deletions(-) create mode 100644 docker/cert/ca.jks create mode 100644 docker/cert/ca.pem create mode 100644 docker/cert/create_dev_cert.sh create mode 100644 docker/cert/keycloak-keystore.jks create mode 100644 docker/cert/keycloak.der create mode 100644 docker/cert/keycloak.key create mode 100644 docker/cert/keycloak.p12 create mode 100644 docker/cert/keycloak.pem create mode 100644 docker/cert/my-truststore.jks create mode 100644 docker/cert/root.jks create mode 100644 docker/cert/root.pem create mode 100644 docker/cert/synapse-keystore.jks create mode 100644 docker/cert/synapse.key create mode 100644 docker/cert/synapse.p12 create mode 100644 docker/cert/synapse.pem delete mode 100644 docker/full/docker-compose.yml delete mode 100644 docker/full/https/tls.crt delete mode 100644 docker/full/https/tls.key delete mode 100644 docker/full/https/trb.pem delete mode 100644 docker/full/synapse-data/matrixdev.signing.key create mode 100644 docker/keycloak/docker-compose.yml create mode 100644 docker/keycloak/https/tls.crt create mode 100644 docker/keycloak/https/tls.key rename docker/{full => keycloak}/okupamicoche.json (100%) rename docker/{full/synapse-data => synapse}/homeserver.yaml (99%) create mode 100644 docker/synapse/synapse-data/ca.pem create mode 100644 docker/synapse/synapse-data/homeserver.db rename docker/synapse/{synapse_data => synapse-data}/homeserver.yaml (99%) rename docker/{full/synapse-data/matrixdev.log.config => synapse/synapse-data/okupamicoche-synapse.log.config} (100%) create mode 100644 docker/synapse/synapse-data/okupamicoche-synapse.signing.key create mode 100644 docker/synapse/synapse-data/synapse.key create mode 100644 docker/synapse/synapse-data/synapse.pem delete mode 100644 docker/synapse/synapse_data/.gitignore delete mode 100644 docker/synapse/synapse_data/keycloak.crt delete mode 100644 docker/synapse/synapse_data/keycloak.key delete mode 100644 docker/synapse/synapse_data/okupamicoche-appservice.yaml delete mode 100644 docker/synapse/synapse_data/synapse.log.config delete mode 100644 docker/synapse/synapse_data/synapse.signing.key diff --git a/docker/README.md b/docker/README.md index 5c7906c..e8e785e 100644 --- a/docker/README.md +++ b/docker/README.md @@ -20,3 +20,13 @@ Add synapse in /etc/hosts as localhost alias. ## Inspect containter `docker exec -t -i synapse /bin/bash` + +## Setup using Docker Compose +docker-compose run --rm synapse generate + +https://github.com/matrix-org/synapse/blob/master/docs/openid.md + +504 Error +https://okupamicoche-keycloak:8443/auth/realms/okupamicoche/.well-known/openid-configuration + +/usr/local/share/ca-certificates \ No newline at end of file diff --git a/docker/cert/ca.jks b/docker/cert/ca.jks new file mode 100644 index 0000000000000000000000000000000000000000..644bc97e36c61c4f57b09333476e5881a4ed79a9 GIT binary patch literal 4063 zcmY+FXE+-U*N2Tr#Au7CS+z$5u`2dz>^*9a*lN}ID^f)eHEWNeV((Ses$EfPD{WDG z7NKTaBkJktT2c@x4s$aWfVmm< z7l*?!6sZ4-C`#kfb5` z3lfpM;I=~&#H@ro=um=rw>+uKsSRO9CLA^HzdNK(w@EZ)Q}=xd_t8HZmAXSWdSpcB z`RMdfQh7Vkq}=l85xk?-*PZpln)EwAaLv;J>l&|aI^5t|jcVwff~yZ9i`-AsDO4c| z&B0-grHgh8IhQ-B3;Ds{>Cf68CdduHy8conm!t|dH&m4|E%%|50;;J)2GIL0(nG&B!*Kvm*3Fup&OPuj++p&E$~-tZnaB-kXl?4dCU z8lOs-sqx9) zDTnQg%nqH_DY*TOgzPxYK#TL-9~?IxYr%h$DIjAqlzv~>Yba=XEuvs?!=A2b4-QvhP((aoR@ z{RN4pEyn%o_FKa=o{Ys9DjW7rpnB>dH$8bU`lXbnq6?XKvIk|C zEjB{|ft(wZu^iHa=9ypT2uIsr78Kcp4;#Hv5XK6nQ4<|xxvp( z{YALmCnYl`tim|Y)I5F2h_h)lag_gS)<_Jv7q*zM5b|s- zC7QrV=fkpF$t$(_H8VCKO9IYN*DtrH-W$PMf5-CI59l^(R3U*7s=30R}xp3<5-|yYpBQ?a%#qkQhi(vO3)2yf;?vY8;VFN%FPWJMgcXs%X2v5l9nI3L3t50;uO=iSM2 z5)a$~t|_`vw+)`TmkbMVhjEE(MI?iE6V58b*k}{ya=2|b{k1KF$@3;0qaPj}`qp^J zJN_KFWqC7;VSYbxTfKxP?Fy)|i*RKOk!N@eYwK8-)iqVA5L9G^1T#j$equhd&Z7#i ze7^|sQlD~=z6{`BmCrwA;>_t0W{eu08jmjLW3{@Kfx0o9L5k~p>W-(ExMvy#7z;60 zml2xZ0hX)0MSjqlc;;P1k4K}ZP{taIAG%YOxgNuqm-eys$^1IN(yuJ{sJ+fQl>zz{ zF@9W&ztKzcFCanGDbvkZWkFSaFXTzgB&GzZH!uw|9w?qMp!O6=u47Hz=q!^%KC31H z&Vj5%2w0I3OhO}2QS|oyDOLI7`2ey#U8r>R+od(iu7d{M5u`ZfP4#mu6@ry{tYl6) z;*^U6tIlFM?>is(v3;znWYO33rL7 zYxc+|A<2s1TqquZ^(C*_xNVrCv`(4URPDgALGf3%;gEo z&iHl}Sr5-<0yrr?pWax~x@nL%DQjgDVa({j_I96t+UK*g$#Rd!Nd4QFkl*%WJ2tl(VUox4O+UWH5e+aD;B;O)I)tZb$O5_Ez^foo32G2=cih6E@|B=CEwu3*lVzgxuh!{G32&zyj&h$9%w3wOf^D**1m-(F}>t z`4>;MC;amS8wCyME4|m_4xMv1?=rb9=GicZ!x+BEl>MyI4Z(fmS)`e}s<+l+%=qze z@)t!kDjjAR@r`aM&Eb7lmg2KmI<;*JE0BRe-5tv{(uf>y>A>?doi9hSv=@HI6FZ-Zj*?5hw@tZbKl!c=C*R3uW|KTI7!*V}d!%a~8I!<0H z8LlHoiTrf^1^(eEXT$Wpi_Hwt#;w1D5;3r_W~ukh1`(imlk;Tud`lPiuq)lU2}fqOc2U*Aa>sb3zY3K>el(<#K3>+$)|*DyzB<~8R8mgo%#@G4VvGLEp1qsc^idSbG~tt%ZuUJL7QJz>5h*3FP< zPJvK+H4T{f8r&%&CiytxUAR%+d!ezGEp2l3y(clYuJ&LztFu1FP{~2Ashuv5`^e0U zcclBd1sWCsNc?LrWz+EuZ+0DhGFqQ%Mm3k3se^To(T7i|B?9LrfGfkhgq|OsBjqg< zL4m(=!{xu{y9>&GrOcR|{*ggy^y712fl92ksdftS=d_+p9>yv`JDccsWJ;%+RsQRg z)FPBH7$|4)r-mlhKZS0Q?=0gY2#vd*V954aHy4juS{}Gyn2VrU7%x8fXkp~pYBoaq zCUQ?To$iQp5*mL$!*XT)2Mg7QXN|;GcCbM5<)=HkEn5x88ns?s^!Gs}jL}lX31Whe z#A9MQ8Chu_XAWX5E(Vl_kgffz$#M2B)xJ9DSaqW<8d29qgZ_rzw|7HREB%JiHfsxS zmrk8^SX_)TU$&`qG)#y6eidd}M`yVqtyBhyUAw`&hnHnV%}plP4LpKUFIL;66=j*F zs^>?ss|X$K5nlC*GA3W8N_oCGCqk_GgQdKIF~8n`I>TE4=#rk9ZWT2Vi?+tK?Zn<6 z1gEjqCaSsP96VhzyDIN@IHE+O4b<^|_Re?%QSCrYzBXpdI}yW> zZ?~0N2!uNvg1!fjOgH823gn4NJ}St?75wOZ-M4lPO*EFDT9u)&y~2-%MQ+mdjOV0k zngd!h?RC)PiYSGwJfRF|HqVGOJ^#??z{{xNH>%rDGt}syPVVCMl{#pKsEHy460>&u z$zV&}z22M128O$DtNDmN?Ab^d-3Of*`Hsg!B1^j*jI*hr=^ z`$Ex2S=7ZhPj|r2zBldAK$U(~t$q{&h>C4wLU z-{gDK#9pR_Nto-b60R4BCOIpSsV!H*zoKC|R2vnUK>~pMw&7lWK-VNCd7=7_XK7EsgNY*n0LkwVA^RtH`!MM9?fIf7igM3q|LG+o IC&l9a1$q&p<^TWy literal 0 HcmV?d00001 diff --git a/docker/cert/ca.pem b/docker/cert/ca.pem new file mode 100644 index 0000000..c3957c0 --- /dev/null +++ b/docker/cert/ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC +Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj +2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v +wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5 +Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY +J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb +UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0 +HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV +HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa +MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4 +xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks +Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9 +ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6 +5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA +BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT +-----END CERTIFICATE----- diff --git a/docker/cert/create_dev_cert.sh b/docker/cert/create_dev_cert.sh new file mode 100644 index 0000000..294fa9a --- /dev/null +++ b/docker/cert/create_dev_cert.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +rm *.jks 2> /dev/null +rm *.pem 2> /dev/null + +echo "====================================================" +echo "Creating fake third-party chain root -> ca" +echo "====================================================" + +# generate private keys (for root and ca) + +keytool -genkeypair -alias root -dname cn=root -validity 10000 -keyalg RSA -keysize 2048 -ext bc:c -keystore root.jks -keypass password -storepass password +keytool -genkeypair -alias ca -dname cn=ca -validity 10000 -keyalg RSA -keysize 2048 -ext bc:c -keystore ca.jks -keypass password -storepass password + +# generate root certificate + +keytool -exportcert -rfc -keystore root.jks -alias root -storepass password > root.pem + +# generate a certificate for ca signed by root (root -> ca) + +keytool -keystore ca.jks -storepass password -certreq -alias ca \ +| keytool -keystore root.jks -storepass password -gencert -alias root -ext bc=0 -ext san=dns:ca -rfc > ca.pem + +# import ca cert chain into ca.jks + +keytool -keystore ca.jks -storepass password -importcert -trustcacerts -noprompt -alias root -file root.pem +keytool -keystore ca.jks -storepass password -importcert -alias ca -file ca.pem + +echo "====================================================================" +echo "Fake third-party chain generated. Now generating my-keystore.jks ..." +echo "====================================================================" + +# generate private keys (for server) + +keytool -genkeypair -alias keycloak -dname cn=keycloak -validity 10000 -keyalg RSA -keysize 2048 -keystore keycloak-keystore.jks -keypass password -storepass password +keytool -genkeypair -alias synapse -dname cn=synapse -validity 10000 -keyalg RSA -keysize 2048 -keystore synapse-keystore.jks -keypass password -storepass password + +# generate a certificate for server signed by ca (root -> ca -> server) + +keytool -keystore keycloak-keystore.jks -storepass password -certreq -alias keycloak \ +| keytool -keystore ca.jks -storepass password -gencert -alias ca -ext ku:c=dig,keyEnc -ext san=dns:okupamicoche-keycloak -ext eku=sa,ca -rfc > keycloak.pem + +keytool -keystore synapse-keystore.jks -storepass password -certreq -alias synapse \ +| keytool -keystore ca.jks -storepass password -gencert -alias ca -ext ku:c=dig,keyEnc -ext san=dns:okupamicoche-synapse -ext eku=sa,ca -rfc > synapse.pem + + +echo "=================================================" +echo "Keystore generated. Now generating truststore ..." +echo "=================================================" + +# import server cert chain into my-truststore.jks + +keytool -keystore my-truststore.jks -storepass password -importcert -trustcacerts -noprompt -alias root -file root.pem +keytool -keystore my-truststore.jks -storepass password -importcert -alias ca -file ca.pem +keytool -keystore my-truststore.jks -storepass password -importcert -alias keycloak -file keycloak.pem +keytool -keystore my-truststore.jks -storepass password -importcert -alias synapse -file synapse.pem + +# Create keycloak.crt and keycloak.key file +keytool -export -alias keycloak -file keycloak.der -keystore keycloak-keystore.jks -keypass password -storepass password +keytool -importkeystore -srckeystore keycloak-keystore.jks -destkeystore keycloak.p12 -deststoretype PKCS12 -srcstorepass password -deststorepass password +openssl pkcs12 -in keycloak.p12 -nodes -nocerts -out keycloak.key + +# Create synapse.key file +keytool -importkeystore -srckeystore synapse-keystore.jks -destkeystore synapse.p12 -deststoretype PKCS12 -srcstorepass password -deststorepass password +openssl pkcs12 -in synapse.p12 -nodes -nocerts -out synapse.key diff --git a/docker/cert/keycloak-keystore.jks b/docker/cert/keycloak-keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..21027a925ef696ea69357262eb183882cf8b7e8f GIT binary patch literal 2419 zcmY+EXEYlM8^NntS`c=Y8)z_rr6ZbAJE-^L+fl$&gSW7YI&y~3?fette~ujw|NpK8__%;2Wbk)58O(;C;Nkl}{`p)6 zEHUr@vW#-P(kXOThgi2=4-**e&IN)1-8Nt{xc_7DL{5#mD`v8DbozHov*ju6L=VTy zgiF!kg8YmMjC5(n)r9Cje`uKw*l`B*c2r` zV9FTNfsj7T7LiHv%#L?UH8ASt**v*NY|jq7**aZxL?(U}d85ck)_O8I4VP0nz3;IT zy#X(FnG)DHqb5xld(bE*1Zn&o7|Uc7^zRGD*B+r?RpUSHlA z{IoPqD5PO7k5UicHKuI!De3}-nVMVd-Yjn>klAGsf`pLG58a9hpK59rfT-s^PvX9h z4?K#KN;QiUIFC0}!@_2vSf#4E?rMc}h~V8`)XJ=5a>C<8WB-NN7)H*>d2@32Qnshw z{i(YTJ^=OR!!p0wLDPk;%B>0si+{`-Da?OMVLo%!>QaGmCK~i`d>qgWNe5Pc1dt_r zcDeG8T9n6%QuG#A-f8WcXFIrqtG0oLCqHToVh#Mh9Hzk$vwqfce` z+Mvp|{JjqG*i3(_YUcg^=!8>eN5FH|Ry9>ZL!3zN_jK)}8{6Bx0aS)7<)8bs}oGi*(>@I#6o!NWVZ92wA1J&EG1lA zND0864e!Ry;9LNBL3310N`LvCg8o}kx@j#(4u4&HuaI$OS7GDFLoh|lu}+B|LmGnOOF?ow$2uRCRuKAhUPzmL(*S$ znU&^x6@>{6W^XA4MYOcGv98=(wj1PE8a$8|(#h!+pVDYir01UQv&+5my*%7lF7R6i z$|xhaZRjY0lo*m)+shT{a69;zV&~`Cap#~(i$S#*#a-ndl+CJ&tjY23&a;CG`Qfo< zCv~3_gKJy&{LaxEb=A!h#|nAYYI^qfH`y;%FlRz#!{S#qTJ=zReJa;Er?kUgk1jh5 z&40$1weZa>1)sgx3W`a)b0~pUdU<^;-9w|YdWMmZP#ZAE*`E@^s##*Fl)MwW6R_^Cv#GpR7fMRJRP&MlUN+7d5GKrgT8101mQ$lrY}+8*z5RUa>{6%S?`=Z@?x+ z!)cY~^vICJX3(#KOL@6msHC2Nmm#O*?F^Cw+(NZnR|@H-!#k@c59fZHck{;iR?-0`O~)%ro99fj%y;Pt9kUAr3nnR|6Fu+uI=jk$_}p?j-~l=JoW z4o=Y03i>5C@p{1!6W9GJ!BUZXKtNDys(eKMuv4>^0H$i*jXT{Y_J^yM6tU|=p11l9 zIiF*KC^dZfvuO#rn+9zCC-QE}z!tu+5mT;Yf%UEK0Fk4hph& zO0d-WB)RopM$O)>Xsck8(o&=iwVtEvqNjvh6a(`kOa~^viV4gxbC%N>LutbJ#jSX` z_hId-jAWGqk-|-5OWp<5+PLUY_tVwubr_PBWK3R+j$DssJkkQVW<5#`!mA>_u5CAb z+yB-GTPm?grQ1^blnes3b&(@NDlfb;nrLeuZQ42>RkiOIjXdbcyD3_Dm+Go#GyO1R zLwzb)*w*tV>{nyy<;KG0?8`>}IL)&{`qnr|gd)P4!`u!y*NrG2mS=P4)5_d#%KLe% z1h$tzZ-=!;65AtYiUqo`D6p;UrCYZrvhU5kZKf>0+aOlFVgd z9=>XLdgTx{*@pdU;5XpJ{ce*2+mB^glj>t*9hq9yj=>IV+FhMsP(qgoj&02n3Yo27o0pUrMQ)#*@d(b*{FJx-qG&AFv>>1eV#* aOoff7UK<8gOg-W>*#QS$13_HLC4T|d#AN85K^Mn-N{1_NP3K?8m^=1>-9VUFz7 z%H*8<#B2jOab6=s0}~@7Lo*{&Bl9S6UK0xgO9OK#7rUk=MkQp!8Ce;an;7{SfcA4S zH8C=u0Ki`oqH?5C@i=}Z?FdNKP{+)tJxm!=l=G4NO_r28)L4CZj1 z*l|c{@wc`w*KFN5<1cMlXm;OjoCwjj%BC<@#`$(6cs+jQZzGi6X;c3u zKsITsfYNuhOpdE(PTtw5Y_jT8MAMDD-$n~^-Dhr^qd1A{tke2+Tuon-L5|iQ5I7p;2P5{Zur1dampA z{HT$!joJ04<0=28xlGKA42+8v4de}Ef#EI7$0Eiea<+5P+PxS2e7Wpi+`qIo#C*yJ z`~Ap)2#g_MATl!W{ClP%Xrk8s*++ls_Z{I{4o;`|q(q=KZ9d`eK`!)c2pwy8YtDzsmpOS>K&@=j%x? zFwl#>wc^}@(%eM%-dW#U6*Z3RYL;Yjtj^!HX3N?G?`rbQMZS1lV(H!Qr?KmI&p3JGR7+BtXSsEOjA~zw?8DAHCp{3!_^Zf Ztyfpijd+s!y6%?X7SC9@MQ;}F2LOuH9oql^ literal 0 HcmV?d00001 diff --git a/docker/cert/keycloak.key b/docker/cert/keycloak.key new file mode 100644 index 0000000..83497c7 --- /dev/null +++ b/docker/cert/keycloak.key @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: keycloak + localKeyID: 54 69 6D 65 20 31 36 31 39 31 31 30 39 34 33 35 33 33 +Key Attributes: +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCO+Jc0fg4GM0ZT +0vQmmDdr5aqmLJcXEuibyl75BMTSlXKOAAw5IGdNoElTCEWRiMIio/aG9NY9Rglf +0rShNt8+nhCF5WI1i8NnWzP+dpQBeV5NiGBK4+pPPBJniTx/7FAdYrUQIvcmaQjV +zMncsSM0qvJYgthu+zKgbUeZspwhkgrNQq+uCoL1IgSprTCVm0L4BKLXomq/WQIO +0ZNzaBw2Z651ABJ8OptiI8upd5zUZZdJWJ7OHAE7SauzU0Ro3zzXSHc9FENaSEJ1 +mKMKO8sLoCq1lGN0d/ubcKK3qTMnnSrbsI4Y23AJVVoW604kKIyM1yyM+HwcPVy6 +7IjlD9KdAgMBAAECggEAeci1fAhYR93LbUHHqUyGAQm8iBp5hTUdIP+MUNBIHB0j +XGQcBVldxZjgfLMSF3sH61wBdkn+aGlNOOuR47WLCpq39mZDdtsb0uG0c3BseKj6 +tE6Tv5dPErlX8AvNliYkxDM9ioZOQtC7rurnlG7rT0TCdLTYSgj9wfv0Pq8PIeQv +LwtnOjZsG1p6LYEMPCWyNHolbV0saRf5ZEowvE7EPoGrFucOcxWYgnIC8Qa83ODD +02vBSI/MMXEn/HdcwwyRDALTd8pGvIsheIHnaKtZxG0KBRuXrJ2OzLaDfYFk9QEg +fH+iB3lcX1+tftD0Q68m4+Uti+GpJTwpj9xE4/yH4QKBgQDOAS6B+aKlLY15tJAE +UFVrMj/n5qRjoYXMK8MUi0qOi4Ytzs63u8MR/owuZ7KstUpEGmgkSTJUCWy6C5gn +iOW80wFheWMG9ZqUYFEx79a1Yna46SIEpowM+gunEqW0NIUHeuiOsgkZn3slnaxA +lNT5s81nZvWHZRmnc9xy7pT0xQKBgQCxqzXCQMJS09qIZhHAQblIfDA4iwCUGZAn +wcsfI9e4CxJ4m5SnJTTpe8G9680xXpR2tVhl2FrarNxWMMZUGWxqBn0Ug6dDmSwX +SpBZ5q/bpbphRoRQvlVjkhX0prX+lB9yFcyH0qnDchoW/CPgnKaYndE+eBPMnjSO +n8ZuM2iz+QKBgAC96Fj3eSp3G4dQqyQY1fXo3GoNXpItRroRfkZYqhARWI5ZrEzl +FDLAY+jW3sHYdUgBgFaBHPlIf2e8GvQpfgpMCDk9oqmnwMLABgrT/kXw8NSBomm5 +3888J0aWvpoDhmccfjHlWjsJY/wisTgaURoFF7xDlqbCKnF77VNMoKSxAoGBAIef +JONKocuuMlQKbiRvRytguUKAQQnMVbEzioUTzDiOIyRzxs6sZS6RrLv4QuMbyoKv +PXJI7FmeuHcGtm4+Ffb9Sv+c29KLGxAQeA5YPQeTA6n7tUcZc38VZbMiiyxxD2v7 +3ewUUEiEUgwXnp93lOhNGAvyh1KbtYzlxAgdMCCpAoGABEqs4vSc2vmaUKf6uek6 +M1r3Qv6/NW3IBTY/eSaihszTxG3uVaZUK8iiORd3ELFiMWZKDk3kCW8PcmFIu96k +VNoaawwZY7+AQzTg7pN2uF8CqQaMNjAi9MxcJK6cdXj9T4uP8yxahlt6TveoMGRd +Y3uBGHr9qoVnbFnvr71DF0s= +-----END PRIVATE KEY----- diff --git a/docker/cert/keycloak.p12 b/docker/cert/keycloak.p12 new file mode 100644 index 0000000000000000000000000000000000000000..5a1673ddf674c0ad30b62ea458e1c7d072232c7c GIT binary patch literal 2419 zcmY+EX*d*$8pmg|49YU5Y@t*lF~f|V5ZRZ>nk`{$L-w-NVFqJ6V>{L&+aycbCHp=J zp+YX>sO)12HN)7t-TT~o&T~Gz&-*;T|NnhI{tyJHKL`j$5TI9Bq0&SH;@&AB8?cA~ z6@(C=@L!l0L16LwN5tX`A+Xs0!ZyF=7AxofuDCdWpdtd~5J77l!ad z3GmDq^62ruBDT!-oI*sf6_x5BFrd!@LVyh7*7V;RMsx63xxC8Gh%^}-*O~?|awn%K z+V6zF^>g#!taS>d$$EBa-^2`maR&)zfvAql_QF(cHyhu^`^-cPi+@x7o7%wzJKf0V zxg+Yv%}l#d7d&R=C`)O{VGM(MZaOD4BWHv2m`W}O0WU1tKSW?3?vT?EaPrm zh#rvVv)r}B7AB*8eK>fnk>uD^*Q0`OMdRE7=IPb3^pqRTRZ$!Af=^4$_Ca?FC6>LAYI2uPE#YA+COZ( zK5*}mQ{ssd$h1UHjuTyWEpOcmEr&CtuQ)_&OREj1X`RRdRuiHhr7tF;m4#}x|KP1Y zrT)l)KqEzfmqWQSQ);oQ``@3j^d$7_w%tg<>)oy@xPNwdrA;U5w6*}TE3Ycx6(yEN zyfd8LB=oqi?hLTl>Yh<|Aiv^*0gJy!j$(>D1Rys3H=7*uuQUcKS*W$DJu8Ut zW^B}iWj!u_!Yzr`X$#8cP0|S-=)zAuavYG?M^->tYXW%?6bh;S4oew2C`IwbC92l^ zzEOzC{Z{SNgpL=m3g*L>4=lD@2Xniq6vsbs?!rN9nLj^VBTHufW^~!BfoJ?erH;h0 zfvzhGm3X=^3)Efu`e2F5l%ynY`6~eGzN#Pdx-m^B^_PQGyH6(l*|^#~m*QZ~vzoJ* z5FM@VC0l9Ohle5r55MAMiYpiNAeanL{?nRnYz%_-kJKZ zh0{!`aplPt;$07R*;l1;%R9&PiMZ{N#YHZnMzj{+!Ze0>;!G*{SgiCeF5&3+Nx{)8 zn>|l}BJiQn?%LMdmDgl~x8=wO60i1n1-`ZCoII_o_-@AC(wY8SQZkH*My2BU|zM<98xO+<>%4DJD(Y3GN zmsC6zhP&#$x}5GCQUp}?Xc`y0tzQ@;^@iE+mq>;iH4TSPo+l)>1Dk%QxNgdVPfsZ#kx?r-fj8v!cRM6{*Jd?gIc`4R|OoizHU*$1tvCG4SkKqfg8Ow4S z9@R4^VgqG1AFUNTz4?$vGXX@DY-R)P!Jx*dlML!==X2^&S{~?9L65;r5U+%kdG83T zHDjHdTfZ)FvT<6R>!Zu+q#PcP%f<1QC}Ms(2vIMd<_iqD%aKB48vRgFGReAZ@UzZ* zuB}r1gLy{y#jN=V5c^A&P<|wzC=UP!zyiVnZUA3^Kj1C^hdBRt0gmK{@L75LVa1V(NEIX!p@LFC zD<~ic;QYTzY^+5DFzFXc1OWlR7UAy%_z%mn{>QRQ9X((=t40LEQrT{gF(GUBL!9|v z%SIEx2BGjYva`Le$NhO2Nxa{GGWE?6hedQNcaXQ&@t>qarn5=ZvM+Y^ob`nXT&>$C$@%-as?Q3rBK;ZVuG(=$#D!CB49!;&#q7X4jVancBv4WCuv`>(HMpU5tvSJlglMV{&KWB6O`RQw-E_yJzropUu8COQ`dr)W zbGb)5Y`Z#MjwUiVo z`Ng3EAcyl$UZxcakc3WG zo*VtSqa@dHsPj_VHqa~1hmYgYQ8)bUVVsY8J@u9>HQ_pR1A)I(=TS*(UzdUNh=f*r z;XS+NO!6HpnaVF5VP{!lxM#QbTXFdCeRO|*h&Y20Qj;v(EZny{qVXTaCGC(p*OQPyF1nfPbKAL*&0) zmC|OT^ha#1p)cxek8#jB{$0jkQiCN|%p39huMZ(j% zWJrd;<5FZ#+)D^G!f?!P*#?!r@2`Yw2hW8Bt2LUiC1_~;MNQUY&+l|lxx&p)kt$IXnd?;d)%CyuCMA-b z!w|6qU#ZqmAB6WBHLYM>joa4Hi_X8h9Hoq%4z9;nGM>_7Zq|`HN_3Eh*gP;?l&98;~1@(@!C;bxM{mSW-QP2B(Jiicn)W>hIwqkCClb zYUMdF+XTTrW*TEauW4-q+=Vq#%|1ZdXGT%P_~9tiyq2J=>4ttXzEX3D$aA}I^{@0> zaqJ@=d_ns;n1H3)rbxp*8*W%AU>pHtBvn(dN~)S5BnhF^HKNX?b4!)H;OCuINP4k4 z&>0Mz9mSY&AFHodG}R$Z)8@=Xvact9g1*i9&Y@-8W+>&)j0?bnl5UE~^&VA3_G>`r z$lcd?7w%G)ywk9XL+FO!Te}kgK54}tmQN_%-p(NBOWs?tA{tOc`7iD|JYmDLe=eeW ziqE$m#jS`t$+hH~w%HFoOLv-%5cKjGnPk_HU^gvQb_iP~wxOTv9{AO40Bzf}cOgIP z#Rj6FEnt>3roI`4Kni;xjov$!bA+vvTUxP_lTri9IP}m1m;gfqJ$a6-WmZ6^cW8Qz zn;1>1yCux1dbf=e8p?Jqt4=r625}baAc^d_v?}y5uES_6i}e3kUwf?U@_3=Hb3h-4 zZU$B|RSWD76&Vd!G#fhSM^<@GQ|ZY8s6i5*lNygQv{adkGrL^~LB)YXgvvP-e&v6? znb-72b?Dzxp92YMhJpIB`v?FbOw+7_gFh{IL`^%2!&KVU_2fvG?ZN^;Y> z(sz}TFI(a_aQ>43T*#(+gL58-cu2z~Gn3%y$`>T)42|u|{~QL%LMCsvHH9 zfNO8*JgJFp1(QnNI})bW4+h+n@D5EBmjEoS(F5SZEhFD4!dWiiRwt zqSN*(bZPK?M>>cROV5>tMJFB&j)k=+a07h=2}GHr2a10P`eo(Vj|4MIn336(%%T?0 z4YlS0b^GTde8NFP7?4s}$qzxosV~%TsIA=d%|Yzz_fsOUTNC~@y?VUl*i{SegMB~$ ziEaxxhEwaGqo_rSE_W4H-4DXcnsF;lTQ6byi!X!=atSsjCK}iBEuTa3VtBL6hCJbr znUsXU?O22k!M=IUTqTZi!g|+61PW!crwmwWePyh{GJ)X)&0XP9q!Ov+Cs-Y2qNikf z*~KUrfaych!V#~ZrIb0ts&nrkS158Kvdl0&=`VmO&}c`=0{0hm>#1Ni=^KxpOeN8ldM&xbANV3Sl#whRQ7!7vAh&EG#bDplFq!EMED4hx{b{q zArq7lGTfSVx!$2GvLwa-?^paQ+i`YLDpo=#(-VRvlM_f=nuV0qPwLzjn84#|C9?-; zc4VyLnM0O1e)}z7JX=iDb|!*HMC015AcFs|*ZSJ1m4`>h0E0(?D;G)rWTl|uM6)5@ z_SLk%HAQ#v3JX~U>FTF!8`;a>q5?40Uy+e*!qgWni6tO(>aT*O^TI-+*^h|!fHOMW z{pn}l(M>>_{2AJv=M^djb+~r@O~wR zyKk&T*kNdRIm|@#J_E)Y@aF>XPgX$?Wp(NUL`-d4P|?~Vtu`y^9;%vEb20Nb6o<6N zrV7s?&n5y5>NR^ltI`J4NLry_ZjxF*-E1mZ8q5`^SYHYxz7#l;T1g>qDsW(qz8kNZD zt~)v+<~29n%Ch2asWCRO^I40v=WsEPFll|o{ryqN>@p6Qtn{0^qRK(`9+nHa)(hD4 z)eMd;?Mq_Yf^|2r|K`m)u{UsQ2~~WAU-X|f>}33>$b+Qg=w-5yr0wf{OAHZ^5Lj6U zt291kfo<2u8DOv$l$W*xijOzft1S>=kOBcWG|XxZyz^)0$o(|!Nnn@_O4Z{=YT6%B>e-Zb7(=$KW-%HtQ|;-RhP!IO}rWH-UfHqrocT# z%J6lck$=k_{7z<`de6#cu^Fq>OtSCG4cyV+-AGH(lsOF#T?NM8(_a|II6#OHn*Bu| z^fX|=^iyR<_(p{2B@Gt+PeMgPaCx(BhDlxz1SXz$jS9q;fHgej( zN=CR`0$oMZF3!p!+gJlAa9G8R$2Y*v^j}2A{N}RdYKDgO{&m{N{2jj0^3@m$@63Wk zuFt?DTn=lR1@4L>_$T;fu}aXzs>LVat;Hh@CyDzCEDU-KA8(6D%vCkUSH>s{hr`hE z93{l=zQTE zdU@b3Z3iikQWS8+{fJa!kBN zk`DA%^KZDWPnKruGp^&Oy6?Ew)vI<*Dy>=Md#05GEp1zHXlKys26JEsc*13ahR992 zBO0Be91*JzC1DYD+q2N}ZQ!&htp5q5>Enpz#1z+TOZ{2>CaZNFkrMv$0RZRW%}6!i z(dvYDcX7AbjJ&O*&AMIf9qm*n&svhCAx?+H`b^=EAJ5_Au1l0f^q7(&#gLBES-2x& z# zIBA$h;TQT&WL(9IVHQLw7Fh*?jZC~dNbx(dwJs8cS+%uIgd2s(Dx=`7d;tA3IK04W zscuVyxL{H2kutz%7l>WwLGGgyU2r?spop&vGnH|l-Ys|8aPfxYjYW5Hp{)Ig33*L+ zrRYK|3PFaLE&AF{N66UuY6ri_9|R6=aHB8C8N5I=ds%R-gG!BH(sgY^a8Sx4tU@0s{etpc1wD)Bpeg literal 0 HcmV?d00001 diff --git a/docker/cert/root.jks b/docker/cert/root.jks new file mode 100644 index 0000000000000000000000000000000000000000..3392f4efc8f9153545df86985e5da07ca39d3ec4 GIT binary patch literal 2411 zcmY+Ec{CJ`7RP7IV8*@`vePJ&%#2<9j31MI9Vz=RrYu>rH^yWMNrpj|iG*knQ)4Fz ziAWJ4^pYiG&61(#z4PAhcYf!dd+s@(@4ffW50U`&WdVYa1gJC{6rN<9w95@-2T}-7 zelP*beT<<<0;|tIBG$`b0xR|yTOPM58|VM7xHy0;6ax4FNdWI671%ibkB^^=frVb1 z(ED5sb01R|>u#V@4G=q;2QU^8pxYWu0QXtc!0q9p!yA~P7+F7GyNis<>J(V3M5TW$ zS}ADtq8986S!M>`dp6N!RIzqnye^>j7BMt!+7}B~-Ek1d`PO|b#rCKL-nYP?x{H|( zqX>4py8+*&Kh#b)8C~0vCd+gzs>K<kjyhX-4S+|21G3(oZ$@q?T@J(j3q^^%Qdu6F~5L; z1i_cfb$Rd;;E25J$tum)`;GW#WP&kMIy%km?g^0=%SCUFGan@PaXlG|<>Cx6<&upG zC3o=8THFEj*NA0)#hqM~sz#azqhsj(o_vFW#MuzK@2mrdD`r;Zb24@Ergf$?*J+S$ zVje;-DDonD>-p$6cCJEfPsPJ9Lw3(QM$Ub^Cm{aFlkW5im*!8|;Dfby0#`NLW4;J- zi?pkZGRbC+`Y!!)%&y7yhyYEQlj1a8Ta*VeLhVVHZ#eh{hF>h-96G%+aW<{BN-w5W zf;qJ4WYYZ(gu%TDe8IWhO@U>lKdycfq&F-tpw1i<=*h}eyP*Bflb3^+x2u{_pjXIM zGTh)mTK|>_LSM5N13aS7RalV2P#yjjE3Usmwa$Ty@#VV#c%%=;64#s z`|X?E%s42W;+<{?xoV|V(*9FRfeDI^U@VxI%8Aw@9vJ z>RHa?@_~EAxbQ2ng`TnvG9dx#sj|GYgS0~=;1ca{u0UgR{ty#WN7LKF`-D7b z7Uv@GG2AhFZxYZ4h2@!3HnP3rs*sl-Pd^W-)@9WIqeD(0NkJs|z6S+zZ;7~pAmpci zGx`jg`a^~iW(YciO_$IcjFnz0?mA(?`R0+-v}faworFiRF*s{jSOOwzlyN0g=EVg` zt{c{oH%Er#H|h^CtG%SMD}fcNwY3P!{DOQBrA=*Bes2yrbw|G)hw~1~?NMvWb_?o;uIaC8i zMD3Dk{Q%$RmSkef{m8@!AYB-d^33pQ!J$Gaz5;^q_EHfxsAL31Gn(CYLVmR3;C+42 zHCPhmIzMg5&5DoT*3cw8Vksz5lnzq( zFI7T?P#lsFKnNh{xWbS!e+MT}LSTVQxBwq%lsZZah1AqQX(+3!APJztzn0k9CcZ{^oz}iYI`Kq0`gf+N!4u z50dOVoNH3x&z2s6eD1YHUVo6-7N>Ox*A~FZ1-*azfaDyzJtIJu+l~|a6Qliy@G74U z@Rt!JszlkI2l?25n1z@;bVN<;&OOcSone&t>2s^>7Rn+DvzLdOkrP%{O)51?5!gBj zzgV5zy!6IguNkEmzSuag*4VubM2cJw?e41W3uCr*j@vPEz@_xB0aD{aYbecR@x`m!=n4Z&}YvD#L zHf-VgCUFEyBMEXRJJs^G>rtLa>gc#w<2K1$)>I`Jy!LigPi;5V29z^jct=_E`DH%j zTgYD8?Pe)_jI(lK4(WP5$0>cf$j$}#Vd_30cWO(pz2^7F%gfH{({n7l)nUFyX?^}}quZvX zSZU>!zpB)nhFIc-{K&xj+?QsmHghyrJcAR&n4}4qYs+G#-TL=F3W@xs!=I#6pcHrA zoAz}ULX|@+0VxjAh!6D#!g64%8-ZNjaQ6E&=vVufiVE$?Z%UzvHAs;a1gD&om1P*i z`9Xmm5#rm+bse_wq%9jR7~Tppj;K5pvRahg^$BXwS+!IWs+#Kez%9yVV$tYV38pdb z&AMskdpqKf78Tg%-zkCoV2)yAgZXFX@|2Om^MR5>wCLM{As%Vt0}o6g43Wi#`Eikg zj7p|boOpm2ZALevphz~))8m@U;i$P=OIvwsPTe2i7Ah;{OdvIEeDgvTR~U7S$fZ6wFg06)Xpxr#M(3Fvt({$g>h2i8tD}H_s O`uQm6RTdC1iSln90$-5; literal 0 HcmV?d00001 diff --git a/docker/cert/root.pem b/docker/cert/root.pem new file mode 100644 index 0000000..26697fc --- /dev/null +++ b/docker/cert/root.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIICzjCCAbagAwIBAgIEe23PhzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUxN1oXDTQ4MDkwNzE2MjUxN1owDzENMAsGA1UEAxME +cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJQVKfh+JUYHcrfn ++LJb04FBxnAVaHzbJmEgRtZhSPyF45JtjEsepj7R6IDnd2hymyISh8JPO2W35kwE +7wRTMOiqim/BoInS7iRbc7GZaSXFyF/tCWdaYE4mQVDkttMZIlZxVoqGI9/JupSW +Shk8rX3h3Eg4RHK0Jxjygo5UtzdWM3LpQkdioXZ+ixBS9f1RP+wZEyuWGJvM6kUq +599ntFOUN0RZ4ZCq1MxfFGzGhtyPMBCPAA7IVdlhQXz+2dkkttcuGDXDCEh3KvT/ +FjkwCahTJmCBEO0gVFI+3TkBrbmQbD0mpEYP2ba2wBn8avajF1L/HjS5mHvfbQIr +jyiM8JECAwEAAaMyMDAwHQYDVR0OBBYEFORJiEeDfjQaMvoMZkmv3bWw8/8NMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFyfKpi1PteOgPYM5nmx +PtmSE7EUuPD3COPRlZKX3Tr1dNj1oXgSSFxeDRtNc603Mbhyb/vT5mGmll6SI9Wn +OHZtzeU94MkDZwa0+4PdBe5sSwBF8kIJBn05H8Iy75AY/9uD0pFII+wMXuNgGPQU +lm+WXdPAoqc34W/IkCl0L9vrW/ZKE46PmEmHDrwcQ3FI+N8aAx34YyUzmarJGHYS +G9XrHtaO8eJf7dfmY/fkBFxdw8aYS3uoOEu/AD0gsryQ0rEk3t1uSiBZMJ7LCap+ +vwAQH2Y8S2IF1skz4NQSHtMY4i7Y/SILFEIg5dj00+0qU4r+Ea0S51IrVu92wOjL +GaA= +-----END CERTIFICATE----- diff --git a/docker/cert/synapse-keystore.jks b/docker/cert/synapse-keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..5be0a35d166e7153651ca1559798507af2a43702 GIT binary patch literal 2409 zcmY+Ec{~%0AIG7kTZawJ3yb3A^(*YEc{ujh~N>-&AZKi}{7&o_z$a|HppP$ZZP1a>0EG=|L& zgaUI(Fa($c<2}Go6p7pOUlBI}OyYJpz;*{^4dMOY6(1Z3$|Zq0C=!^BLPFsG#|O_P z!6FM2h}v;knwzEURMN>`gTW0C!g4@dfHrF|3CuEFDpS5E=+*-^w2zk?FAbT9TBU{iB-$6v652NVW3|cXW-c ztRYLaw!{drK7oaXJ@+IyjmQCVy>$06O~?oeUlx16-S_(YP4hp!C^b`qii~_quFa&Q zVI!*R)xOueI=8?2zA;pjrMWMNy}{t)G(e}I@x!0^iA@ESWcAwqb?;E+D1m~~Jy}_O zk;T{sNR{YOW5E;dlfU(?;wXzyVMi6hm}hI`DQ0mYNM=lb?pt`&3We+$A#t2}Z>S%M z^C&cYodexAsJX;%F;Kb@bEK*@mfiCl3)9gPutsx5bM7mm-Ic*%pL;w&#B`gk{LG>x z%2uUTYE#=Pr4V_ueC|tmHw^GJ z=8W;qvXxUxYJSuC^5ebcT4x%ggytIqtd;|V7U#TISL8DEWQJ!vu2^rrM3$&Xq+&yT zjUDQ8hQ9{o+b|AE@9CZrV0`E^(yUcBO{a}72w;sz#TWNGs=7f&fr_H27IRUlu<4cz z5zCw37F(GNK}oUh8}W&_ZO2ami~=INNAKByp(wd@)T^i;AQfEzc0`i&J~KI7y_y@A z&g(|-(CERnxE9UHqf;bPibG=J<~Wn_OZA-iT;G~-5K6w@?8(}cZ1*OhIYa<+B>C|5 zWdEaDYa_{5Gt2K2Z*Nz}A=KXR1V1#(*37TZRs1rW&k_L!k0W}-6NJV=(tDP2{>B&Fi1RZY&Ea6q+|acIhJVX@ z$>}-|(w~5_Zy77iLAz_W-2-?uE?7)eNhrV!^=cDqaO86FW~E#D5DftZQ)s1 zRn2$$Iss9h8O!4t>};>5lC6Si8i?`(wnlVK7pQ%S%VrBa$ja=l!DU_w_e3GQLT#`>ZS-yg%fIz&;6d$ zMJ7FEshiRRzNhit?+R&k*ml_sIaD+IMr?eEeG3(!_f)O+86MKde>qHVu2E!T%k5KQ zd~+Y#044pmDq$jM0hvPpKR^(`2XGxgJeXWja{t7lXc4fG-ED7IS+o}V3>t;eK7~20 zi9wOL(*9n8LUKu5jL)kUkHJOqpOfaKX(Y zEY5+m=o*3B^pRmZzCt+g^PP6uw}L!oG%7t-C&5^6kdJgV9JdFzedqr67`FB&nXrF+ zhCdLES;eM#=~I#PH}rjA`BAOt@E&~In!LF_f>35nVI#=oIBC^!_+F;{Q?m-ws6aTl zS|Tbot+%m;h8>ag%DVCpi8Sf;MNK&2$R7tL;LqKbs|RgpH_NC)VE~i2845f&S2??L z=Dxe3Al`xw)|D$IfuZzKgYpVq7Gv`RHrZleMNYztK}*lR7)z!;)?7Je-}Y#f-o>77 ze^;0va-GV`t@%i)y%M>g2$N9%l06eCfBPfQ@9IeQ;#rU9k^A=VrlN_2Ko4Tc=$E(Q zZ6lv!lyfh}_;x0D%O#bRWQ6@*=_hts=uyi_(gXKAWbg}_bks`JL z*$HQl6o(Ud#?XB8Vugg+d5pNpOE>h9{cp;XPR^|@{)M6J1Xxf<`41dE+LKbbC9JS% z<`T}jN!jdM6WNGF4nw!=S3`95aP`a9t5Q1m+dg;kpWU;ncZKpMG^$(Mw`obwP=B@F z)H|GgnNh^be%e2?K=5aWI24<6!zGJX-ev&02Lei8?Ny&1Kda$L{m9E&>Bjaa!m6n} zJ4GW)qHx81efXk^5gryvKsaiJA0-Rz&Gz#UHHbi1=&^fT$wf`Z!82GFmVEEmyvSZ->qOD zrHhh7!64ix4{?DcxB*}hsSihf5V-j_@4f2NA_&gL8_RO +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCc1B6qv7o9TRyZ +jvarx1vbeFi1pwfEMjW1ecOaBkFkQDgDgN+tQDtGz1qUq77heHKCw1F7aYZFA4T+ +p1W1SOe2jAhWVIHH80sMKLzoFwhfoQu33wKcxkaIsP2lfg/zW5qkMNsOBDa4daX0 +sPOCT1vnP5jyN+BBGU5OFCVK57Mcgezp0f9vOApHml7MAW2fVawpWsc/2vHV/72t +8VG63UWxScAeEdxp388bIEfXCY2ssB0ZCMAJUzGar34FohyPq5Pvf714CE5BmO7L +8Pm8CYP2BanM6gM7jiSGr0yk/Z8fJvPbRpOSMMW2s/H6FgdnjMbrqesnZx6+KiK6 +bONSkKdPAgMBAAECggEAJYseQFAfvJceNqCj6qGSGusniW0QDebbNrOMoO3Ib8Bz +6FrMsUQELMJs89RdoMpd13H8qqerbhAWoYPbn8dxOSEyyb/3Ra+3kpSaDJGe/o2m +KYFotbE9p3F/d0PDe8W9MntDpYpaszPu47IMyXBIFwcBjVLVC6CMP2LRPqpTFYqg +7HURQol4Q9K7GQQqTLHJECnrY60FHVqg+3A9VWOulwF7qXRrG9mrUiujfmwgX/st +CiCUIXvhWqi52mx6z+X4yclSVqAAqkxvgZSB4haZ2yIe+4B9++ayXmiN5jtY7bgq +/hiZjTuec9XQK0LXnOEdf3zQF1jH38WuaHlA4x29WQKBgQDRw10CDjvhOQoHmz2z +s0MtHT6uPRBlID0nNpylg/LVL7PjMxyXIjYJZxH070fzDC2+IFP01bRPa+Ffxxnv +UZrLfXu0IpkOQDFyUAXE3K8ODEl9j+HYzZPqY0xsM6J9uH6MwJie9LvdwQJw7sJw +bgOyuGlrUeC7vgQQqlhFykbrewKBgQC/ZbwvqJKj+CTksnL3qylDPufGnaaXDIn6 +YAKJK9o8o5bUwp7pNs+obtbVq4kqjxcA8nJYlr9KxF3yEj3hffNmoL8P0ADomxgO +t94pW/F+QWQn+C6Z3pIzZcQGK+wjdLSQUStPStLhvEkGc8GV97Zeg9qKTp3hPMph +p8lnVkgxPQKBgFAyQPzoNDyHci42TADIKIa3B5/V+M6w5LB5UKp3KAAZnMzgXa3q +hn5Ryau7T+a8YUCvW2nfynAS7rePh3rX2Da0YvcbwyiPolfyAEKjnMniKLa4q8AX +2NVj4XP8ycMHJlrpx2/+YVUG1cgXgH87kG5j0uoVA7bDjwpQFi+YhkTBAoGAG7BT +Fi3z8OawJ6mtOik30fOiwjgCZq24tFD5bPC8JLOh2WvCY4i7Z+mJCOZE9LQ4prls +U2aTi/R2htOewiVfdgRhP59e0kfFpjNxX1heyl4ZaDLeQwJQ8kCRqDbodYSnro0f +j9wKP//mLJnIcrKgXnICxqly66fIu3HzkBCKZx0CgYEAi/LBqSsBCenij7tN/GhY +rBiQo3mxmlAgA38jvh7d21JpIH/8PPgO/kI1bIfVWajTvv1mDxIB4Ieq/w56/ZKC +2ziOPF2olA59DKD0yzMk064iwIYo1+7NYziU2uUhR2BTCzM7iOOngR69HJrG9lrN +ZHrnOmSv8EnT+uI+mCykAKk= +-----END PRIVATE KEY----- diff --git a/docker/cert/synapse.p12 b/docker/cert/synapse.p12 new file mode 100644 index 0000000000000000000000000000000000000000..d7cad4e754609d1bd80574c54734e2d5801a7878 GIT binary patch literal 2409 zcmY+Edpr{g8^?FY=9(dfbaI?!&9-KTA-UgrWA3-+l9ULQLNc-%MvE0Dx0YKWm3x`o zZ(XR!F;Cmu$M9?D;I@D_$yKNT*hWOu=G#m)x(jl98Iz)`$3xoe3Z$C#t zkOlM&kAso|xEp#k3O7Aw>1_TClQ6O|ke+qt4j#?SBQ0BDjdl%uyI=COJ+&;E< z>2*bY&Ygx&I?J&>dl}x`Zz)ph1N=dm14gu&aL-_G#Yj8U;Jh!y1CFI&GrDUd@rPQp zZtWH9y9(4Pzqn9idD=9p#dfjpV$Ca=z7WtS-ruc1)?>rr@o7)riT-pW04qR zh80_7cjx%lG69R&&5ESQ;#@Ce**;&D=5jZd17}FfWo<@BbDh}%*X?6lj~X##Ha0%J zn}@nfNZ~^63^kFSUHA9PSF7F$oP&p+qQz){ave^Fkp$Yh;px2f1xmyl$3^R4R(pH`NDjfP|eXJy4j2wi1s*XuD6&`HGKJwk*K1; z4$ydUXW7xZo+z;iGl}3Ou93+)faX8^aBKk8^JMe-{+HkZSr3ttb#@hmFvXutyMbn1 z?fejBwsmGf^hQr**f|JbiuZ#j~d$ z*B^B0dziAa?Dz1*_t=e|@*NNCo+Ye`HxrD*)ToDVRa)2^xmE%A{ffVZ3gf6~;!_G7 zF{~gzxRr{C`~V-&ycH z50>8B0%52$b+ibtw5iIY9%_%P^g4IonESp=2O($5{T>N*J%)ICVl_*j-0tB!X8!%P zjvG((kK`y0r}hwK6;5WZm?H!)vlyKs;fMvG%nWxm&?U6`t=4-T!-?C~H#SjHiRM z{#ufNap_>jHcA2k0oyI^?*#Y{$HM;OSd};)Vd^o!vKad%(5cQBi~yXt{$IylqJzy) zS^=CMH?T0y z#qQv_XzG&avdCy(#Bxu3J2 zJCBg<&e~>or%7Z?i`Y4r5x@Jap}?tFg29d)GHuwZ{jHID=9yiwCT(fc7@rQL0>l07 z{hJ$wG+|w1xoeusLpbh`Iq7h5N#e%{G{b0ckDP7;jInVK?Gd!r6U||2^EI0;=eEx_ zJ=$pSjCw9Q?`k(jnnlWPY9r>C+EX?q0;0Xc@udfR5neW=wXnZ(Oc>EUBUxC(`Aj zT8RTcsJv`Yu2y(_{9RX1Eb_MfFr|F+SO#FVI-a@WK7YRYr{Av|#!ev-25>RU-SHT2 z>HE~#)P%I)8aFVc=H~D*&6ZiUHcdw3P4T<& zQZOh+77S8@0w74FLDCiT6Sb+m*)yakB{o)Z5AK^lkn=UpxA-dLvN}^uj%3X)>pj$8 KtwCU5GWXx2I$+ZP literal 0 HcmV?d00001 diff --git a/docker/cert/synapse.pem b/docker/cert/synapse.pem new file mode 100644 index 0000000..f68d92a --- /dev/null +++ b/docker/cert/synapse.pem @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIDMTCCAhmgAwIBAgIEepUKBTANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJj +YTAeFw0yMTA0MjIxNjI1MzFaFw0yMTA3MjExNjI1MzFaMBIxEDAOBgNVBAMTB3N5 +bmFwc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc1B6qv7o9TRyZ +jvarx1vbeFi1pwfEMjW1ecOaBkFkQDgDgN+tQDtGz1qUq77heHKCw1F7aYZFA4T+ +p1W1SOe2jAhWVIHH80sMKLzoFwhfoQu33wKcxkaIsP2lfg/zW5qkMNsOBDa4daX0 +sPOCT1vnP5jyN+BBGU5OFCVK57Mcgezp0f9vOApHml7MAW2fVawpWsc/2vHV/72t +8VG63UWxScAeEdxp388bIEfXCY2ssB0ZCMAJUzGar34FohyPq5Pvf714CE5BmO7L +8Pm8CYP2BanM6gM7jiSGr0yk/Z8fJvPbRpOSMMW2s/H6FgdnjMbrqesnZx6+KiK6 +bONSkKdPAgMBAAGjgZMwgZAwHQYDVR0OBBYEFFtgp2h3pbJNqKA21hfFHk1+2nno +MA4GA1UdDwEB/wQEAwIFoDAfBgNVHREEGDAWghRva3VwYW1pY29jaGUtc3luYXBz +ZTAfBgNVHSMEGDAWgBQD7PILP4eCg6TDhEkwZwLiNAb9gzAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAFaxdcpju5n52d4R +ePIrwJYwU/HqukDw+4KNcKH629LjzuIaHnkGmlUDZ+1uvHQgJ0776oqF84S0Oa85 +gH3wcgluO7dF2bR8TKn4WEDij5I8MDZGuVctrfxLmP129d7aqei3bXp+LzokfbVi +I3PE8U3blYQF3gevcopulz2DK5WvRDsG9PrMHs/GRl6X1RdhKXV18Q5UIkJUJrJR +BdcdKvggK4+gdN5mWuHJ3w3zqpeQbCrRz5D7/CTjS7NFpHSZydfpkdTsrnymSNW/ +M9cPtWrGbtfeCO5usKc/4Iy3QA0HmRBxLWsDweXaub1lZwgoF5duS91O/yEwskcW +gDlPzcI= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC +Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj +2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v +wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5 +Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY +J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb +UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0 +HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV +HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa +MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4 +xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks +Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9 +ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6 +5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA +BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT +-----END CERTIFICATE----- diff --git a/docker/full/docker-compose.yml b/docker/full/docker-compose.yml deleted file mode 100644 index 9eea315..0000000 --- a/docker/full/docker-compose.yml +++ /dev/null @@ -1,32 +0,0 @@ -version: '3' - -services: - keycloak: - image: quay.io/keycloak/keycloak:12.0.4 - container_name: keycloak - environment: - KEYCLOAK_USER: admin - KEYCLOAK_PASSWORD: admin - ports: - - "8080:8080" - networks: - - okupamicoche - synapse: - image: matrixdotorg/synapse:latest - container_name: synapse - ports: - - "8008:8008" - volumes: - - ./synapse-data:/data - networks: - - okupamicoche - depends_on: - - keycloak - -volumes: - synapse-data: - driver: local - -networks: - okupamicoche: - external: true diff --git a/docker/full/https/tls.crt b/docker/full/https/tls.crt deleted file mode 100644 index f88529f..0000000 --- a/docker/full/https/tls.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIURQQZKTG7wENaPp3bnAVLUMhkBJEwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMTAzMTQxNzE0MTZaFw0yMjAz -MTQxNzE0MTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQD4RoutMqZ9zzuowIZ02N5DneNdTUPp8KTP3ewCTp5B -pQB2ht06pEgb7AY0xjlxfwt+lEXc4aeN/B741frLDe6buts8IsedfL0Ub2KHfoqo -o3qAimn9+fgoHwZYsls3OJK+fKbPNefp+m65SkZHz4ufQhg2TSLsW0BWATnxnbd8 -OQIXrCxtV/UKE2iaXfrlmaVSCqFeL4z7Rr+PJ8LiwOFMDLleLMsPiIo8CtR7u/lg -65zWI34rhdjwMq9tYXmZtq5sSpS83L/3InQDOvyhNt8vdNS8qL+v7tNhpHldBYqt -WJaC/QPeRGXQfa89qYZssZ+k32/i7del2raF8RxkcyVtAgMBAAGjUzBRMB0GA1Ud -DgQWBBREbPhToZrilLuC26iiFNj8t+K0hDAfBgNVHSMEGDAWgBREbPhToZrilLuC -26iiFNj8t+K0hDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAF -NtdTjLsVLhfS0q5tVKQFZ6Ek1CcuyUVeAvTxWDinZVfXzuNFdF1DeDlMwP3gKufz -RIAI//k3ISFMwXN0TzgETC86ck4edxpB08E5RKpBZhOrm7PZtoQ5h4hPpOgSG1pp -gPvzIzCEtC8Uaf0zpr+2AAm/2+DLgTDzdnO/cxN3UloydW9BslFM1PTeZ7TphT8X -3PgDzDBa/IACdTwIhh6RH03l7BhzvKbp5uXnwRSWrf/q1R3mErrsjq9Awx6GECWu -Y6YLsHjm05ELHs8r7STQC5Wq+vtfut/iDUNgnNFHmpiaedC1Md3qdnIIMeYrjBjo -ru7ot2RLcptsr9w7qd7C ------END CERTIFICATE----- diff --git a/docker/full/https/tls.key b/docker/full/https/tls.key deleted file mode 100644 index 9e8ae6a..0000000 --- a/docker/full/https/tls.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA+EaLrTKmfc87qMCGdNjeQ53jXU1D6fCkz93sAk6eQaUAdobd -OqRIG+wGNMY5cX8LfpRF3OGnjfwe+NX6yw3um7rbPCLHnXy9FG9ih36KqKN6gIpp -/fn4KB8GWLJbNziSvnymzzXn6fpuuUpGR8+Ln0IYNk0i7FtAVgE58Z23fDkCF6ws -bVf1ChNoml365ZmlUgqhXi+M+0a/jyfC4sDhTAy5XizLD4iKPArUe7v5YOuc1iN+ -K4XY8DKvbWF5mbaubEqUvNy/9yJ0Azr8oTbfL3TUvKi/r+7TYaR5XQWKrViWgv0D -3kRl0H2vPamGbLGfpN9v4u3Xpdq2hfEcZHMlbQIDAQABAoIBACTQoSmflxyUvC37 -znRJLDwuj2ZobKel7Wp9Z9+3tLPbOcRZnzhw39h0GT9+HUp9IkE0z18/fs8JEbao -VDYD7Nvey1+RcLQjqQ38rkmVNA5pn2KsI6drh6a7Yv+IAwqfMvNYHIwhXDBP2FdV -cjJ3ziZhcKGssn8F0PZv3B2921Vp++brFuVtDxvFdhRSSLtcwKI7L5SaOKsA8j2f -8Yspq1eigkgCTYTFn1+wdjn3FxyndCV7IFs2BvgdHDBTcB/o6DipXVvK+Px1B3Cp -g+ioAHiqn4EkxFkz/ceiscjpUZuITPS+e6aF5Qar7xO5VmeThhNlmsoCFW1nwaea -wjwH6CkCgYEA/DxBU1N0o0ZObOnt1eb/LvrSRmxiNH8RKIbb8QL9gQ9Hx1GbP+5N -JN5rayBNEg8UAtr0tvbil+ofoxpwlpSGFsFBG5NRcH1LIIHD1Sf0gkGc78ojdCT8 -O4PcWnCWjLtLIgZCVBxTupa1vsWmUMBzqTxdxn92ECLcPFvo21SRIYsCgYEA+/sp -J2Do1lpUjkRDwWAIauHJ01ZHcA5epu2vXXZOnGw+OvPX8a493kwwJDjjrfOgDLTC -1FDDBMzbCQUHUa1w3ZfsSOyheHr/8xlVUJ3gz98q+aizaJLJ8lZraL8lvsC9uogf -x7P9iTp+SpIHQ1jXp+9WdFgeEgXVkK2GY1bzw+cCgYBiVOcuodFNuaHnSccDZZtD -6FpDRAuA5ax9vR1PNtg3EQrthD3ezXrbja4YxC3nhWNKvas7DMJHcOlGf4821M31 -Xv+PzX2pOd8o3A3JMlta0FNrE8WAiM6gMQadZ1j5oiZnLEN9YNGvYwOVTJ5KyswM -RNFWCeiv37c1/Kqpnq05gwKBgGys2QXzxNfV44vsIzC+Y0L9mFb+ahcJC4eBEVYE -1UifYoN4cVT5qhM61rR4mLGIVinEuBZrsoBafck5EvwGCpx3jl+xNr7IhaTp8yKu -xKvCez1rpdzfGhvba72kWvoXFHzjgplVpm5N/PPaYSmJopD6J1ZMPsPVIlOgk0o6 -0S1XAoGBALm8/9Gyer2jtfL/WZDILEeOV/rG13ELspTIx0pcbHkvZKFXrddu27E0 -e89SqTCIXhn3nFLvk4pdWjJbE2QA4uS99vV5HXIpvvEBgwzid5hyqxE3b7xuQwl6 -bAJld+V2lh5e1tQuaX/bF7B87k4ODlZFatCzhrOXBKMdRm4SkzSk ------END RSA PRIVATE KEY----- diff --git a/docker/full/https/trb.pem b/docker/full/https/trb.pem deleted file mode 100644 index 9e8ae6a..0000000 --- a/docker/full/https/trb.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA+EaLrTKmfc87qMCGdNjeQ53jXU1D6fCkz93sAk6eQaUAdobd -OqRIG+wGNMY5cX8LfpRF3OGnjfwe+NX6yw3um7rbPCLHnXy9FG9ih36KqKN6gIpp -/fn4KB8GWLJbNziSvnymzzXn6fpuuUpGR8+Ln0IYNk0i7FtAVgE58Z23fDkCF6ws -bVf1ChNoml365ZmlUgqhXi+M+0a/jyfC4sDhTAy5XizLD4iKPArUe7v5YOuc1iN+ -K4XY8DKvbWF5mbaubEqUvNy/9yJ0Azr8oTbfL3TUvKi/r+7TYaR5XQWKrViWgv0D -3kRl0H2vPamGbLGfpN9v4u3Xpdq2hfEcZHMlbQIDAQABAoIBACTQoSmflxyUvC37 -znRJLDwuj2ZobKel7Wp9Z9+3tLPbOcRZnzhw39h0GT9+HUp9IkE0z18/fs8JEbao -VDYD7Nvey1+RcLQjqQ38rkmVNA5pn2KsI6drh6a7Yv+IAwqfMvNYHIwhXDBP2FdV -cjJ3ziZhcKGssn8F0PZv3B2921Vp++brFuVtDxvFdhRSSLtcwKI7L5SaOKsA8j2f -8Yspq1eigkgCTYTFn1+wdjn3FxyndCV7IFs2BvgdHDBTcB/o6DipXVvK+Px1B3Cp -g+ioAHiqn4EkxFkz/ceiscjpUZuITPS+e6aF5Qar7xO5VmeThhNlmsoCFW1nwaea -wjwH6CkCgYEA/DxBU1N0o0ZObOnt1eb/LvrSRmxiNH8RKIbb8QL9gQ9Hx1GbP+5N -JN5rayBNEg8UAtr0tvbil+ofoxpwlpSGFsFBG5NRcH1LIIHD1Sf0gkGc78ojdCT8 -O4PcWnCWjLtLIgZCVBxTupa1vsWmUMBzqTxdxn92ECLcPFvo21SRIYsCgYEA+/sp -J2Do1lpUjkRDwWAIauHJ01ZHcA5epu2vXXZOnGw+OvPX8a493kwwJDjjrfOgDLTC -1FDDBMzbCQUHUa1w3ZfsSOyheHr/8xlVUJ3gz98q+aizaJLJ8lZraL8lvsC9uogf -x7P9iTp+SpIHQ1jXp+9WdFgeEgXVkK2GY1bzw+cCgYBiVOcuodFNuaHnSccDZZtD -6FpDRAuA5ax9vR1PNtg3EQrthD3ezXrbja4YxC3nhWNKvas7DMJHcOlGf4821M31 -Xv+PzX2pOd8o3A3JMlta0FNrE8WAiM6gMQadZ1j5oiZnLEN9YNGvYwOVTJ5KyswM -RNFWCeiv37c1/Kqpnq05gwKBgGys2QXzxNfV44vsIzC+Y0L9mFb+ahcJC4eBEVYE -1UifYoN4cVT5qhM61rR4mLGIVinEuBZrsoBafck5EvwGCpx3jl+xNr7IhaTp8yKu -xKvCez1rpdzfGhvba72kWvoXFHzjgplVpm5N/PPaYSmJopD6J1ZMPsPVIlOgk0o6 -0S1XAoGBALm8/9Gyer2jtfL/WZDILEeOV/rG13ELspTIx0pcbHkvZKFXrddu27E0 -e89SqTCIXhn3nFLvk4pdWjJbE2QA4uS99vV5HXIpvvEBgwzid5hyqxE3b7xuQwl6 -bAJld+V2lh5e1tQuaX/bF7B87k4ODlZFatCzhrOXBKMdRm4SkzSk ------END RSA PRIVATE KEY----- diff --git a/docker/full/synapse-data/matrixdev.signing.key b/docker/full/synapse-data/matrixdev.signing.key deleted file mode 100644 index 090ec91..0000000 --- a/docker/full/synapse-data/matrixdev.signing.key +++ /dev/null @@ -1 +0,0 @@ -ed25519 a_IyNs PQ0dHIEEsxnfN6pnfBoXEkwNciqCvWAJJf4B2y88tvc diff --git a/docker/keycloak/docker-compose.yml b/docker/keycloak/docker-compose.yml new file mode 100644 index 0000000..a6d8d32 --- /dev/null +++ b/docker/keycloak/docker-compose.yml @@ -0,0 +1,20 @@ +version: '3' + +services: + keycloak: + image: quay.io/keycloak/keycloak:12.0.4 + container_name: okupamicoche-keycloak + environment: + KEYCLOAK_USER: admin + KEYCLOAK_PASSWORD: admin + ports: + - "8080:8080" + - "8443:8443" + volumes: + - ./https:/etc/x509/https + networks: + - okupamicoche + +networks: + okupamicoche: + external: true diff --git a/docker/keycloak/https/tls.crt b/docker/keycloak/https/tls.crt new file mode 100644 index 0000000..968c6a6 --- /dev/null +++ b/docker/keycloak/https/tls.crt @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIDMzCCAhugAwIBAgIEJ7Mx8DANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJj +YTAeFw0yMTA0MjIxNjI1MjlaFw0yMTA3MjExNjI1MjlaMBMxETAPBgNVBAMTCGtl +eWNsb2FrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjviXNH4OBjNG +U9L0Jpg3a+WqpiyXFxLom8pe+QTE0pVyjgAMOSBnTaBJUwhFkYjCIqP2hvTWPUYJ +X9K0oTbfPp4QheViNYvDZ1sz/naUAXleTYhgSuPqTzwSZ4k8f+xQHWK1ECL3JmkI +1czJ3LEjNKryWILYbvsyoG1HmbKcIZIKzUKvrgqC9SIEqa0wlZtC+ASi16Jqv1kC +DtGTc2gcNmeudQASfDqbYiPLqXec1GWXSViezhwBO0mrs1NEaN8810h3PRRDWkhC +dZijCjvLC6AqtZRjdHf7m3Cit6kzJ50q27COGNtwCVVaFutOJCiMjNcsjPh8HD1c +uuyI5Q/SnQIDAQABo4GUMIGRMB0GA1UdDgQWBBTNiaKtvdBOTQo+6N/SrVQ3lPA/ +vzAOBgNVHQ8BAf8EBAMCBaAwIAYDVR0RBBkwF4IVb2t1cGFtaWNvY2hlLWtleWNs +b2FrMB8GA1UdIwQYMBaAFAPs8gs/h4KDpMOESTBnAuI0Bv2DMB0GA1UdJQQWMBQG +CCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAMBi43gTMU/Sp +No++b4CQt5HlMXw3tKScKEUvMB6iFm7L25tkDHB/Kq+UG57GMAsOloTqq41a+u7x +RGXGkOZxM12X7RTntU+6bheDkftuLD44eaAsfBhV+ZL7tU1gyx+qQ6xqgRWwilji ++hR/ycrjDSoozkJknIpNBM2puUc4ahAKo68rPufGrrnWSCs/EDre2peAnhi3qqVI +6wqVJp3gdY5F4q96pDVdY5DBkOqdOFdE/Sp12Ybkt9EID0CyZFBF7eefVbS7IVpu +aSfHe8z9GjJz1Yh/iHX8ERsSDt+YnaXk4J/Si0G5xVzd/ApPc7XpEwKXU9CcQdkg +WxsaAmyUfg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC +Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj +2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v +wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5 +Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY +J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb +UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0 +HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV +HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa +MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4 +xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks +Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9 +ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6 +5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA +BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT +-----END CERTIFICATE----- diff --git a/docker/keycloak/https/tls.key b/docker/keycloak/https/tls.key new file mode 100644 index 0000000..83497c7 --- /dev/null +++ b/docker/keycloak/https/tls.key @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: keycloak + localKeyID: 54 69 6D 65 20 31 36 31 39 31 31 30 39 34 33 35 33 33 +Key Attributes: +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCO+Jc0fg4GM0ZT +0vQmmDdr5aqmLJcXEuibyl75BMTSlXKOAAw5IGdNoElTCEWRiMIio/aG9NY9Rglf +0rShNt8+nhCF5WI1i8NnWzP+dpQBeV5NiGBK4+pPPBJniTx/7FAdYrUQIvcmaQjV +zMncsSM0qvJYgthu+zKgbUeZspwhkgrNQq+uCoL1IgSprTCVm0L4BKLXomq/WQIO +0ZNzaBw2Z651ABJ8OptiI8upd5zUZZdJWJ7OHAE7SauzU0Ro3zzXSHc9FENaSEJ1 +mKMKO8sLoCq1lGN0d/ubcKK3qTMnnSrbsI4Y23AJVVoW604kKIyM1yyM+HwcPVy6 +7IjlD9KdAgMBAAECggEAeci1fAhYR93LbUHHqUyGAQm8iBp5hTUdIP+MUNBIHB0j +XGQcBVldxZjgfLMSF3sH61wBdkn+aGlNOOuR47WLCpq39mZDdtsb0uG0c3BseKj6 +tE6Tv5dPErlX8AvNliYkxDM9ioZOQtC7rurnlG7rT0TCdLTYSgj9wfv0Pq8PIeQv +LwtnOjZsG1p6LYEMPCWyNHolbV0saRf5ZEowvE7EPoGrFucOcxWYgnIC8Qa83ODD +02vBSI/MMXEn/HdcwwyRDALTd8pGvIsheIHnaKtZxG0KBRuXrJ2OzLaDfYFk9QEg +fH+iB3lcX1+tftD0Q68m4+Uti+GpJTwpj9xE4/yH4QKBgQDOAS6B+aKlLY15tJAE +UFVrMj/n5qRjoYXMK8MUi0qOi4Ytzs63u8MR/owuZ7KstUpEGmgkSTJUCWy6C5gn +iOW80wFheWMG9ZqUYFEx79a1Yna46SIEpowM+gunEqW0NIUHeuiOsgkZn3slnaxA +lNT5s81nZvWHZRmnc9xy7pT0xQKBgQCxqzXCQMJS09qIZhHAQblIfDA4iwCUGZAn +wcsfI9e4CxJ4m5SnJTTpe8G9680xXpR2tVhl2FrarNxWMMZUGWxqBn0Ug6dDmSwX +SpBZ5q/bpbphRoRQvlVjkhX0prX+lB9yFcyH0qnDchoW/CPgnKaYndE+eBPMnjSO +n8ZuM2iz+QKBgAC96Fj3eSp3G4dQqyQY1fXo3GoNXpItRroRfkZYqhARWI5ZrEzl +FDLAY+jW3sHYdUgBgFaBHPlIf2e8GvQpfgpMCDk9oqmnwMLABgrT/kXw8NSBomm5 +3888J0aWvpoDhmccfjHlWjsJY/wisTgaURoFF7xDlqbCKnF77VNMoKSxAoGBAIef +JONKocuuMlQKbiRvRytguUKAQQnMVbEzioUTzDiOIyRzxs6sZS6RrLv4QuMbyoKv +PXJI7FmeuHcGtm4+Ffb9Sv+c29KLGxAQeA5YPQeTA6n7tUcZc38VZbMiiyxxD2v7 +3ewUUEiEUgwXnp93lOhNGAvyh1KbtYzlxAgdMCCpAoGABEqs4vSc2vmaUKf6uek6 +M1r3Qv6/NW3IBTY/eSaihszTxG3uVaZUK8iiORd3ELFiMWZKDk3kCW8PcmFIu96k +VNoaawwZY7+AQzTg7pN2uF8CqQaMNjAi9MxcJK6cdXj9T4uP8yxahlt6TveoMGRd +Y3uBGHr9qoVnbFnvr71DF0s= +-----END PRIVATE KEY----- diff --git a/docker/full/okupamicoche.json b/docker/keycloak/okupamicoche.json similarity index 100% rename from docker/full/okupamicoche.json rename to docker/keycloak/okupamicoche.json diff --git a/docker/synapse/docker-compose.yml b/docker/synapse/docker-compose.yml index 1c72a5b..78eb995 100644 --- a/docker/synapse/docker-compose.yml +++ b/docker/synapse/docker-compose.yml @@ -1,13 +1,21 @@ -version: '3.3' +version: '3' + services: - matrix-synapse: + synapse: image: matrixdotorg/synapse:latest - container_name: synapse - volumes: - - ./synapse_data:/data - environment: - - SYNAPSE_REPORT_STATS=false - - UID=1000 - - GID=1000 + container_name: okupamicoche-synapse ports: - - 8008:8008 \ No newline at end of file + - "8008:8008" + - "8448:8448" + volumes: + - ./synapse-data:/data + - ./https:/https + networks: + - okupamicoche + environment: + SYNAPSE_SERVER_NAME: "okupamicoche-synapse" + SYNAPSE_REPORT_STATS: "no" + +networks: + okupamicoche: + external: true diff --git a/docker/full/synapse-data/homeserver.yaml b/docker/synapse/homeserver.yaml similarity index 99% rename from docker/full/synapse-data/homeserver.yaml rename to docker/synapse/homeserver.yaml index 6059a74..ce47b7a 100644 --- a/docker/full/synapse-data/homeserver.yaml +++ b/docker/synapse/homeserver.yaml @@ -26,7 +26,7 @@ # lowercase and may contain an explicit port. # Examples: matrix.org, localhost:8080 # -server_name: "synapse" +server_name: "okupamicoche-synapse" # When running as a daemon, the file to store the pid in # @@ -49,7 +49,7 @@ pid_file: /data/homeserver.pid # Otherwise, it should be the URL to reach Synapse's client HTTP listener (see # 'listeners' below). # -#public_baseurl: https://example.com/ +public_baseurl: https://okupamicoche-synapse:8448/ # Set the soft limit on the number of file descriptors synapse can use # Zero is used to indicate synapse should set the soft limit to the @@ -232,11 +232,11 @@ listeners: # will also need to give Synapse a TLS key and certificate: see the TLS section # below.) # - #- port: 8448 - # type: http - # tls: true - # resources: - # - names: [client, federation] + - port: 8448 + type: http + tls: true + resources: + - names: [client, federation] # Unsecure HTTP listener: for when matrix traffic passes through a reverse proxy # that unwraps TLS. @@ -498,11 +498,11 @@ retention: # instance, if using certbot, use `fullchain.pem` as your certificate, # not `cert.pem`). # -#tls_certificate_path: "/data/matrixdev.tls.crt" +tls_certificate_path: "/data/synapse.pem" # PEM-encoded private key for TLS # -#tls_private_key_path: "/data/matrixdev.tls.key" +tls_private_key_path: "/data/synapse.key" # Whether to verify TLS server certificates for outbound federation requests. # @@ -542,8 +542,8 @@ retention: # Note that this list will replace those that are provided by your # operating environment. Certificates must be in PEM format. # -#federation_custom_ca_list: -# - myCA1.pem +federation_custom_ca_list: + - ca.pem # - myCA2.pem # - myCA3.pem @@ -768,7 +768,7 @@ database: # A yaml python logging config file as described by # https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema # -log_config: "/data/matrixdev.log.config" +log_config: "/data/okupamicoche-synapse.log.config" ## Ratelimiting ## @@ -1450,7 +1450,7 @@ form_secret: "FM,2TSq++sZ@Tl0atcQP#m:XP-wI=+z6Gxc.P:SXLV3CkueDDq" # Path to the signing key to sign messages with # -signing_key_path: "/data/matrixdev.signing.key" +signing_key_path: "/data/okupamicoche-synapse.signing.key" # The keys that the server used to sign messages with but won't use # to sign new messages. @@ -1852,7 +1852,7 @@ oidc_providers: # - idp_id: keycloak idp_name: Keycloak - issuer: "https://172.18.0.2:8443/auth/realms/okupamicoche" + issuer: "https://okupamicoche-keycloak:8443/auth/realms/okupamicoche" client_id: "synapse" client_secret: "5b3992a1-d662-487b-b342-db642f966340" scopes: ["openid", "profile"] diff --git a/docker/synapse/synapse-data/ca.pem b/docker/synapse/synapse-data/ca.pem new file mode 100644 index 0000000..c3957c0 --- /dev/null +++ b/docker/synapse/synapse-data/ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC +Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj +2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v +wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5 +Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY +J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb +UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0 +HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV +HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa +MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4 +xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks +Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9 +ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6 +5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA +BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT +-----END CERTIFICATE----- diff --git a/docker/synapse/synapse-data/homeserver.db b/docker/synapse/synapse-data/homeserver.db new file mode 100644 index 0000000000000000000000000000000000000000..b24eb3deaa382f5a88eb9a3e521551a121d1f757 GIT binary patch literal 1667072 zcmeF)4SXEuec1V#1+YsH1R-0N#?FURn`xI4G z-lyw|qKqqw`t{ecZ_|jES6Lo=?EZz00IagfB*srAb6o3Az_fhfZ zk9#xX&wuJYFaG>m?@{sR$31`TUaX2grambCICw(*p+7t-{#3{QQW3xTg#ZEwAb)0OH~QD3zdrh7qu(^z z7`-_9+~|XQ{&LU1-SbcP{GC1ZJ+JJ^?b$W*`y-zl`HqoKk6apgdSrO_Z|(j!yT5*S zW%t?Lj|~6y@aKoWefZ0U7l+?7JhJQayS{hV-{1A=T~~L_?|O3AK;~C6Ka%;XjGg&F z=6GgL`uEd6o&Ie4Z>O#Fd(!V5`u(9F9s0JR*M}B{-aVuZ{`uf94Sw(7*A2QNP<|nR zz*ZGFxG6*qB`}#A^wesUH52#bJ(DVI;`~r{7 z52%wtf#Qm3SB+wA)oK`awPXbqTx?Zvyl56zERnNnmTj>QyH=GIyws}Txl*H6k3=CO zm}^z=oMEk6B0jU}t{8G>j$dH^?0|YsM(}J9qGMG{hFddA)~a2!{37qXFrXfnMJDX! zYOP_FjHY8Xo~f@Lni){%-hKRCN1lCG!+O;!x*|*N#W5MKDp8D!aX zT)&EvXl}V#kqz<7iSK7U^nn5Oq%3-(Tq~Mozri9|hMJuoP#0z1^8(v)91-SKt7^#V zLKds!SM=2T2h_{5|jBR3R&=3f5(ooVy;?7(2|N(vL(m9vjggh zpisS8uUl@=4nOcGrv}uEGHXIg1)X42%P{R;+M{xaLwhAiw|gfO^=kXyT-M zU4R5Te{Z<+iFbuT)oY?=F(PH zzFw<0%cg6I7MQMM)EhO~yNz0{;eJ_M)6UUoXA>of5ak%+4jlVl=&BXEc4ojBf z+Esa&7_uI};Qo_htjk?K7mm_M>-{26y(=6!6UQ1>MI4MG8cQ4!0>~_vYp;nhu_X2@ z9kdez>M>c}v;HoE=>1Bx=UW*Ql3xrq$GRqtmj{jys7K@$6IVoaOJ?z^U;drXi32Q1 zE?FyUrAGVk&K(PnoQb1XtdbRE7=l~G(baE$CAnwYMT3J(9zMZg>32=n@HjFtpcdu+ zjvDo*v(jja?l!Ed-|Zzan#z{wi`tS?^M8;HIvO_U=t(h2lmx?)DUaGCN5YzpzDpeO zVtgBpdBrlWGz7=Brr9v7q8DTpel`C0FP|Au3;wQ;o~VoC!}ccvJD8K~x*R^wKRuvc z3rd)!l0T2E)Z~QZt~4u4RWXu9&x^)4#B?dUKdkwY{D68&ZufktTq}#?ylP)-iWyTJ z=JmBl4!3fT_3YQ*{K==n!|v#_VXv3Opsh7s+1JARYH&D==faV8^r+u=%ME`h7|ptv z=mc0pbdZ=3{0g&KF;$&Be&R?lhQ*xjh&~9XJL8yNBn&${zER0%yGlO(q?pQ+>h#MU zIwTG}Ss)m>V%WMdjX3axnDG2!!L(FtHX44xid9(>VXoM9!Ie8G29sYVoPf%HNBK0O zoxzDnjJ~q$*ryJNBPJ*sjGMAJG{ZXm<2jsEWZyoqe?YzPuH(-i2_{EzzNSBf99TR;kF`?YHv4<05>S8}zR{!mik5F~f%wc75%k$HZC0FB42Cj#U>!QJkFo z?H_+sFt+k6!|%ho+<$BL`9}uSkH`Yu6MVH+4F{Az@0)H@ObdQ>+QZ_|=q>GM?0ZN| zSbm0_8yezB630S#(%vVg=XO>Hz7@ec-znyUcD^{j7~*6q$JK;3pf1atpo`sFWyx`C zRdLt`BTXK8CA%Tc#kIzoAIBpPhMMBMZ5I6yjG|R_YK`Y)?gI(Aa^yYyjsf+BV0Y1N z{Y@XgKZNY+LqiUf@XVTfyBI|N*45@!F$yYmcTF4tm5Ok5Z86~lu`c;_J@K}1V651s zk~pOY!>&E~`$fd$vG2Z+G+N5feQYcw6<1zCZw9C3)`e7VZx~B(dM}$xmY5>?4r0G5 zZ8YrB?xHedPb9;-Ubh3{gCpXs?>AIVyv?c@lHqlb(K(eqvOAP+wM|~OIF=N-&E{g#cP6lw_Nm!BqQ9 zdO$V(!g0rI*MwkHuFB!?)Q~vTZ=$@9^~7Mm_4_E1VpYknCqf)5zxe%6BJ*J8g;1`Qr8+JO$zyH55 z@ZbIQ|M!o5%~*Nt^w{3LpWpjKdq1=HwY?Yjp4j{7=%0-K?C8H3{kx;)=;_h@qp3Z= zz3034eC-}bto~2!*(+B6KOJg|J~rX5B{w|Yw+yg0TC#_5J2FL2pk$z&#Q6;yTM|8 zVgH~y6_iR?t-q`fs*_=f*yZ|sr;3F2`o&Ha@eB5sI#ndB*yj!os^@|z5|`|=4-Klv zgEGBq_6y^K>YVCdC~v%IpE*3Jz7m$(Y}J1LkwNujP_}>B{(+|k)x{ulvvvD)eo(y} z6y1E`{{ANh)#;#c^2+^OZcu$WD74Aa{Y5!Qq{{|t_rk-2>WQGfXL}d#XS0Lq#UO9v z)%(=rgX-z9VBGTkj2t8~l=$`gWT#b|Ea2bwz@U0q?y7qQf4Ut&{1X1X?J=_P8vfLg zLDdLqzo|w1d)j*atN0h%ZQ5)Z|898z_&gJd>-dxHk#rLa`FHIbRF4JC=vm31=;ZV) z<)7CE)g!?+k+uABdF099CVCe0&$W-J%~$isy2@_0oPTy=P%Q?b+~j(GqTQ_C1^v-> zT{pX;KXPDDEy%qmF6p0n*PwbWEOJY0`llZoR8IvP#x3geo$R<({o(fUxXH5qsrJy@ zY+av|bD3OY%l|pG(ZYV?qTMU|aXIHF)#_hOKPeALSz^Pr{UJFg`sFrQ+&>}5mS1S| z)%`(v90g@JUEUvfa!|dX`U`{&*Z2Enx3!A(E%0^O2AQ3_!hc+zar{CtOZ>;AXDc&q zjsNH~gX%|Qq>=xNo3zM(L>@1)!mj@(;CIZ!az^uW`j`0+$!WZu*T2r+C+CWGf$oL= zJC6;j%QC?5e@NZLN?&Wc#xC_AOw5*J@qtGN)fd7&_AmC|(I!n=?cXm)mEV}nm-}yT z50vOizV$zQeOa;Ie_IbB&Ii2<79(lds zw|Ape|417>cGCYSzcIS=@) z-DCqFZK&P78!r9_WxF<6{SU~QZ}a7UN?g)R4sWpj_wWCUzx0n^2q1s}0tg_000Iag zfB*srAh3f4{QLi`|95Z)(=-GSKmY**5I_I{1Q0*~0R)5q_x~9N2q1s}0tg_000Iag zfB*sr?0f<4|L^=hriBO~fB*srAb;IkK z$FvXu1Q0*~0R#|0009ILKmY;O|BL|y5I_I{1Q0*~0R#|0009JczCi2y|9gJ@=Kk6F zBD4?z1Q0*~0R#|0009KHtH8j4?HW08BXIWxTKE4)|H0^YkN(u?PwgEI{u%qN_;E@HnSCID00IagfB*srAb5kLR|1Q0*~0R#|0009ILcrygJ|NmwvvkwFiKmY**5I_I{1Q0*~ z0R-M!0q+05wf^iK0R#|0009ILKmY**5I_KdH$#B?|8Ise`#=Bz1Q0*~0R#|0009IL zK;W$v;Qs$x>(Aa1KmY**5I_I{1Q0*~0R#|uGX%K*|7Iw&4+IcE009ILKmY**5I_I{ z1m0Q!*8gv@m8{(ooc*Oam8u|0e3y^oDLqfhSn#y!Q6uN_J4{_^3!9xm;&cIla^^dF|59QuW! z_YQvN;OhgsQopAD##76X49?7&qmX+ z8jdj`|MT#AeP2e?H1$hQyXI2al8N$ z$9b*RC>blJvl6Bi8L$h8NZCSO8mSLA#G1RJ#RdtP3(MSu=;23=8-TG~Bg%(7bk-L4YO8EV}lp=~|_Y19Dc(QtdTk$*fjI(KB;%Glj|7 zyuLU)eQ~jn_4RUk?#P2_ZR*ja-l;b%5tayUqV<#JjXjXj9(`2xuE{=XrMLe3V5Fy7 zsae@)Etf8B#})0+KR7u*_5R8E?6XI6dEHNHI!47=4mB#SEjqf@g+cgwRvOtQ(FE`9 z@5pF{)2jEh98#hm%62j6`mjSB!@XX0#O@RG9tgvpo;_Q*q$d{hTQE19oUdnf)8CJt zyLf+EvrZ?uChuS(G3y;(;q4ji^l5c{pOjB5n3!>Yq;C?7wc6kxT3uZw2>q6cT@R*? z*v83{$vJP^oJZCW@p)-}`oiS=W&M2Naxio|qxrZP%w^MY{lV8}%j;rVDj5x{XxVkw za9r`R61s|ctaZFa(sNT|Y3-GXB(Wv4cy+l^YgS7}vtAO%lbBEY)9&*=zBi*yOsF>w z%Hh*rqCaIUBGR8PhI_C_L(avnb=~di{(7UfEZXB3uR3Dt>&Yxxb*ox(j4&s!i`m<1 z*wtlUs$EHY>N}d(r{-o~UYMWsv-=}4npOK+)2fQyg%g~ZAtZ(j&7UQ-(Tp}Vp?c?n z6Oljh7(QFw5xwAl@F!f+6W4=J-C27hvqOJ=dsBaM=+D-(U1{P#5c>(oigDFi%XyhS zV(1=Gy~Dkc8CGdo^rjdUt381QIipE&^=#M^R*&)(SXjCMrq`hpysU0K0i`VvMWL$fbijLfdI@Z`}RR`Nhw4ZB@-bZ-eU zUS@{n;j%u}8&No3y6O*8b|=LY=5H2MqgInsLGQ%dz7XhKr35<{qo;SyZB53}bUk-s zS6VxNC}|3bv}L0E)3BGxWVAzvRPSP+LwC7diES6H7N?Ei^sPsx%Y^nOHQ{_Ztr;hi znjq(Ot7KGarDj=NO%+$Hia7HG=ZwDejF%nCXeUpq-c{MG_^snp(~+jem&xj39PNwL zuEBT3E{9ikoemApm0erqb-$dLxuyrx+DA@o*6yIeM#(C>-OY|94|)24IKoe;o)Kwv zq)@9tk;K8+Hb;tN_10Bx|0Ti(Ee4M>L=SWSf9EZGX%PYlAbj%^CW1|RuJ&c9hA>}tq0G1mBh2}c2z!6?R5YAWaJT=?wqXN^(lB1 zE&Ak_bc z2G5)2Zaj4;qwU+Le%TTEz>|Em%nAO?MxqbX#8ZRvf!uaIt!J4c;k&hZtz26cPnnmE zcFFJwx6UJ7@z1dZ&woZA&l3*?$3Oa4tO<wdtdEuOV+Hp-o^9Eb$h^uI>Xej2XzH3U7|QWB3rT|bu5PCc!9_shpm zB}v7qEQ#+shNNX=Yo%Fa{?;eeb-jwIoA3U1To_<=r5j@h@o8SBSSY*`q=4SO)ck~X> z5WhFMtMj`Cn5vmpmr z@CBgOw?bOsi_vuMNLu^w@g&(|v(fOswh%nSDmQbCXX8?zJ@?ElS2Ph<(S-N<(;4mf zarH*<1&+8facM^*T^3g&x!V$YqVwIN&U6(>#5_{m(`_+_ZYL?+U;jhy;tAyZ=1(Ap z{SZEZ9DF+Bz3*^vHtK#7JIL$qy=Nj!-8pxcr}GrO9Mv5Q8KQV@UyQ{)Ipw2w^Td8E zm)6ehPa5k%ApW;7jETJ$aV+pB$HmtN_Nm^KJax!G#dk~muap@6kPH%@3R@GL zDf$Ze6LpX%9$D`Ufv-5TPQa1 ziO8spEt1vU&aV8gUj?U;;KC>T&~=R?zQ$DdzshM8YbC37j`F|C6(-BkyR_z7W?mOx zK{b{vt17#5|hReedDiY z*8HdHg`T+llRq8!+&R6JBTi7 zT?4mHf_hFI0IRou5Zr1FJpX^IVw6V!0R#|0009ILKmY**5I|u23Gn>?_UkhuMgRc> z5I_I{1Q0*~0R#|0;8q2=|9`7ult%yo1Q0*~0R#|0009ILKw$d`aQ}b%^%)T(fB*sr zAbAzM|G)kEjEE6H009IL zKmY**5I_I{1Q57Y0oMPwDn@w(5I_I{1Q0*~0R#|0009KHp8(JQZ@)exVgwLC009IL zKmY**5I_I{1a4J;`~SBpMtKAfKmY**5I_I{1Q0*~0R*<60Qdj5U!M^%0tg_000Iag zfB*srAbdff00IagfB*srAbdff00IagfB*srAb|KEOnM#KmpfB*srAb z|63KKJOT(HfB*srAb zxxVMV-DigXX84DPPwZOXbtLosnX~DyOrIF~!J+pJE)O0Z_|??=)t_kp^VRCRl&@A5 zWnNL#Mdf_xFz~521fm{)Lz~^p8-4PF8EyZ5)th$BrLxti)hb5Gs=F(lpFT7-Uzl7d z=nIo)W(s;IJsbRNm-L0gr3HOppf*UGkQ8D`V1$z1Hyas-5E{O)b)LB zbVu&|R3Ej|qx{nR^o7a!%li4kZS(%Qj;YM|4Gj&#PQ_|6c6p{F0(U2y#6v^IS( zsSCQg&Y0->@QU}r`HUaTx+AT+vbui!V8pE}BO8v1{y`cUAH5?u9G$(%f>}i2S`w;@ zzcr|X9owb69;rR-06)D|gBbVMFJ`pdr0U(@8uv?vb=_@PmG-D#GK*JVGaIEa-F9uu zS?qQ1+Nwhzw`H~!UGDXl#1SX<{6OEH{dNb%;%Zn(+_%5oCVLM_b1%=OwdKi;he6!V zTcaW_?`7}!Y(|?DO=@-xlDLw|jhl}dLUA=DkEnz}(?2*`6nd_4A)_5St$L%ap6D3? zS89#k0dTRm6WW_}Iv{4VPVYBo#JCgt9P8PqA638;v-wL2d-XTkc)zX2UOb=HtkWC! zd(4ho-5!%Q=RNy@jCNWyrF&|KDVW%**_b|$+5V1pxtE&GXj4a2?{Vp0Z#pYRqgfVb zJge%TfsLkPHH@lRvHG$uL^`1_yR)S(run{XJ=?B1H~Idwws<6|Gx|0)p6yGTnLKxE zRZR3%ao#Jun9+_LQP)q(qqeU=U&03>{neMPXLT{ppP4=MBml6ezx%9}>fb95)C^V4KRvy;BT1Z zHt}?%;ju-sdYJ5=8f3Hbx`?GUdFAyh4Y70!%7odjxWq4&tddc2!dWq|i^kYj*8EoJ zOKYxW=5gXq{@(_jM2H9=fB*srAbQYIKsHAJ z0R#|0009ILKmY**5I|rX2=M*?ZO}=ChyVfzAbhAe$qA00Iag zfB*srAb|KBDcnr<||RJIyc$t=2dt?G1svZv+?lM4lXVe-sOLGPsNS>0N-s;*&| z^o7Eu1$}l-{JS_alMf3yy~!))s$~?ds#6oS=x65UX4>26XA3V*F3v3ISIn|w`85UG?^2ggfa? zE;cOFtuzM7A?o=KF}TWie+4Bh@-hvi<~YBle7IZ#?j7U(rTSJ zNY)R0G^0&Ss5ffi#8#<^!z3smLugpNDOQBAKfldaYuL+nH6oTQdQ*1s>{slv<*Yfb zRq41UkaeKCxLXruP~;?qC6=Tpl0-W|Nb&&OWb@NDE?CX}qYyAqzH<AyHW|~Mn67% zY0b6F&Kw=oWtX~2i<#(4u4c4T6RP)c&y}1ZPAaQb!wIhII#)BT^m_D4rG4$y$`7`S zUg5R!g6lka!I<+>ugcSfcckZ1uT{8z*R=>yfBr@ne?hCHQs;!08~t7Np*J|#cKBw~ zA4+Qz7E)imwY0p0mowUl6RKy)u@~E#*u;-S zMqq4_MXO; z)r@xfr0VULbqDR}o8;_Le1;R*V|}BsS^PN5I_I{1Q0*~0R#|00D-L~!2SQN)gMHI00IagfB*srAbYUA69EJeKmY**5I_I{1Q0*~fvqLL^Z#3`KZpha1Q0*~0R#|0009ILKmdWe zA;A6ryP-;*2q1s}0tg_000IagfB*srY%KxS|68j+hz0=!5I_I{1Q0*~0R#|00D-$9 z!1MoiLzOxaKmY**5I_I{1Q0*~0R#}(S_0hv-&*}aGzcJo00IagfB*srAbO=qm1Q0*~0R#|0009ILKwxVL@cjSQ>JOqp009ILKmY**5I_I{1Q0;rZU}Jy z|8A&KCjtl{fB*srAb=90tg_000IagfB*srAb`Nu5*Xd}-<1cIpH}w%%e||kmC+|ges1K`yH|IgRDOEb z_wIT=^9|{5N*hCeFm!G3M+ToC_~?L^`nuF(>g($JlrL4@ySJt&>gTsmd)8-P%V@`r zsh^&5&84!{u!@#lcO9c_S1q$)f6OYyBzP{R)YHT`qbR)%M0_9et0phFq&2STGOgpj-xNmPG4Ls=-DuK(TJ{S^LiLx zPS3gCU`9J~B;`FIL4yb#VOd-;L;!AIg7Os+&GEhh<5|&g5n|z7VP1b}e)_`X{AK-o z;c{MIHOoy)KQl9TCih8iAfp{Wp7I{=-)*T@bVN@^Dh|_>FW+G2VVUu)_#r6-zv3W* z7rj(kyL>FA*wvDC-MLn_UCS_=ZcTnRB71kN<&xbnCSnqmzvaz)sy`-E>(l*h3AT*e z?#ni4NwC#;wk$R*w=DB^>3aKT(KQX%SSr_wSKDc2%Urb_!>X2gGWt`*uy7?qzN>?R z-Q{($pIpux@|28r;zY_Dk8M>&jAW;`T{2Pm(v4dt3yo)G>`C1eG)#^Z@5m>Ek@Cs@ zIEuBZE8>WR5vD1h-XMyw%!VUnym&OI*Dj6c_3`3Fcqqva&pN`?YRI3DUA5Na56{W* zJ)Zm6mt?d)6WGKatT+=2G6U9L4f5cUKygRkury5gzr?ROLn($@J{m!lhtl=-Wh}o9)TT zwx*Exd_1kq<&qAg=)R1J=x1f!``GIlEtgB(cv@mbv!kCBFVdq2qPYizkxc2Ibt_iM zZdQ8dSF+G0AkN`@(pkls^)*eD^VYibVmXS8$uydI{Dx!2qG zv5a>9Sjsysdn;~AmxC@iH^pQtpNjNdObMf_0>2Yuiey_SI5DEyC&An&*2F+Mrg{%2 zhGxf|YCpMYK%#$=;^^9a;krLLs|k~HOe>6un8Ys;S1+fw(ACTK3gv}W|H$6750)Ed zeWiWz!?z;1Vr%#D8fSmd~l=CucB?{OLydm~q0eaC#<Ze}_PB5{h;OA|YHWi50tg_0 z00IagfB*srAb`O365#v)+pE8b76AkhKmY**5I_I{1Q0*~fj1(+{r@+j#x@8bfB*sr zAbc|j8hdH)&yW6>(Qg?Y+4Gq_B60WE?A|l{Rl|?$`oUdu znP1JUjWp7)4E^%ZCx+fO=ned7>WsRm{D3m@O{w1$O&<8pH@)5JSG?)FOxU5fw*Ejy zo19FozwVk#Wy@N%s;*IQIxB`*bnRNzF&x)iwyVp@IjTN2Uzl7d=nIo)W(s<8K|LF0 z+9iFVaA`rGofH2q&dlWXreigX{^T%*-qO{YYhTe{zA!m6GdnR&`g(YqI65mf^?b7_MEhe1l3oE?Yeswtaf` zY~hj~SEQ>3eQq|kNY>wp+(*tES|815r$tQrWlRmLQgbb%-l$!%%a&0ziz}9_F)l;Z zBGJSZk=y!l#ARm7rsEo755=oFZ)|-}Mk|OwjwA;Xc3WIs>Vsh{i?h=g7Ylj-6jxG0 z`<(a%hu>mK}i&R#!|(T*HSdBd{9tcK}WrEnDcwRI<`Psd?& zmyjF!2HlC-R@*PF?@w!o4yDAP^=FN)U3LGg<|8fb⪻bp8NQ^p3zPnNqL%VhTLPx zw8e3`YCEfvx_!AR@N54ZE1)R)(N0A|)77YCr&e=sTZl{K140X(%y z0O5x55y<`6rM%wm;oQhG%GW2%+izvEvHoaUJ903!Ci`c(QES$XMy*zH41Ws0-j$$c zBO+ZnK~Z0#D>3WWBC5z;TYp518jL_TlDTJDByFq_PMhD za7H^ep7PYLecIJk+qE2{+1YEDq&^wbv`F#JF2m&Z!DFmH)CcHye`G&0K|K_+m#(6n zeaOW29jwjDgR@kBCU*A~5d>HzwM{7ze2e`f%AFb1$|uPwlX$@^_N_HuMuBfwYp<$K!@$!lpiYG^>5&HP-JB_B|4}?{Ko|-S?xB{*Klxr&i%`J!Yq^ zxy!qM{p}eoCt7TDbxf;i(fZU!B3*JIntLF*N5Y+j{ZX==df8kvs%FIslT2}hnGK`a zD9Z#rH@E(_w6=d=>RM+)kf&~W{5tBxapFNw;s_gAuE`0dH`#W?qG_pY7xgo9 zb2IIQjaYQNTC=N0y(Y5OqWjm+7G9iOoLSJvgL!Q{_xk#nxbisMy7DPmWy=*;aQ)1}t@66x(5qGtQ^ML%&vF0%cIR`pM*sl?5I_I{1Q0*~0R#|0VCxI; z{r|1sM?{DK0tg_000IagfB*srAb`N_3UL4bb_LlU0R#|0009ILKmY**5I_KdtuMg+ z|E=FgM2G+a2q1s}0tg_000IagfWYkvu>QYYLAFN#0R#|0009ILKmY**5I|t-3$Xs* z`h7%%2q1s}0tg_000IagfB*sr+^)cA>RrnH>id+vzqR+fc0V)v@jcf@p3003|KRZZ zcKx$mv#H7S$A^An$QgQg@aqSDO?_YYKg#Eni!pm2`vK*TVv=`ilIMDl%J)6ocvQYi zqu#I_t18~P61=ye=cDqEBkz0Y$?bpHL-e%`;(Z#f>9$@JBHuD6U&$k0W#@!%hsf(P z`HEE%uL<*CxM4KwC9zFk3HibjXRTW7&he{nI!47=4&T#JY&II=g)r^6`N{Wk6eef& zT>8h9VcDlQ-sy?A^-N5pzVxyL=zon)e~R*r5r+N(+13lCqA&Z%-|CwWTQB?*FJII@ zI5|J{{>l05v1fDQ)fvHS8GEaDYvLUvwPm|#mW^6N7>XAkwPnLMarC7}-=mn<`(K~f z_tM0?J~cP{^1}S2|L(cg+l5;1)M>w_P(*DstM;{~Rka*P58utzdcRi(qdiK*%Rj<5 z9EweIdd_>^6R!X(Or+L>*Kzej8;y$L)~;Grr$0~mmdG1X`U`Y6*2SA$`t#eb-)p}g zOuT_8M%W+M@}(?o+MK6&;zeSoj5*NRQ- zOL_NqUT-Dd`sTm2EpU*Mj`9y8RR@XP#oFjjXGruw=DdBLc%RtCiIn$3XJ^qjlZJ03 zYK^}BZdAUxKadTpXa^Q4)d^D0J>qRzXFV;gy)uzfWN6N{vUp3JVK!ayt{>rR^haV$ z^rtD`H2gQp%$+*DtiRyBO}?D#(+A~jCUMMSvDOqXbQKe+*_WVveW(+>@T@PtGoX52 z)*8C^PC?x}Gu*X$Fx_{(-zV&1@lLOvcUR{1qImUc>-}9_Ti8`GvHRzwu2(g6%|Cr1 z$4xq6pLHF{eSwMz=cAr@5ANf=L)#4|7f1Q~{R7E=5oP=BYfiS-u*GX~4e>I(Rq;MN z*Xf%Y#Oq5v@m{hi@%pszjjH}}6N#k_)YmZO8zKSp<#)a1DLif?HMd?*)(%RH;nzIz zrm~abb)msa7UKiyPF4QrNDSRs(cO3F#O?Wv_x7~5cqHlQ>2KUbUy|}ajabT&TR3*S z>)wcXJ>jv`jR!i1hd9@W=}Ww6&hg)LEO!!3QogGH5Q&z!x%Z`Y4e53t_a6i|Gup-8 zI}zW^a2I3yUEY0Z?fju6@9yq0Cb~ZYiIr-qA(ZGoE-qn|SH%jX61lx}~~* zR=zGWXu7i!r_}C3Z_eBq*<;MLT6@}z6!fQcF`{1d_N2AT$C5@=%#maS$8hxEQU0D- zbN$~tdeDT8d)C{X)(Ver4%T5({zva+Z&;j^9#5?YuUT%hwtrCmhsaQCrzegxSt5L? zX4j-7x<&VY^_=Jv&dR-KV1G{9Xat2j6_?QR+Fp>Hy90gB-~V?95UBzI1Q0*~0R#|0 z009ILKmdU)F2M8uTfBn^4*>)aKmY**5I_I{1Q0*~fjc0;{r@|FNEHYmfB*srAby@|8I+T5aA(!00IagfB*srAbWSUopuX1nNBK|6^5Ap*Aq+mJF7&4=>V46~ z!7o<+I+}7XeG=;5wQbtF;2lqE%abX^u9mFp&b6}bT87zlYx1*U*6WVdShb6m;kXUU ztQhs0W4m^(YD^^ODL?Fbk7u+O4yU|PSx>!TIaak(NmEp6*rlFi<+D@sg~^42K0SN3 za7pjUHNuVbx!K;VY?zg6dXHta39;LKvAgZx6{Y>VCtYVJ!={+CEA`tq~7wQ5z})@bSpOn+&9`oiS=W&M2N za=T&qa1+rR3x!Lfv0;P#)|q0oE;nk;df2jdrk>aBs>t^TUDd2ua?{+qy@|ATVLWNH z2cb2rdadC)#zf?!^8MbDcQm7okEd>^0fuZySUOtvUq%tS3ublEj-VSl!FDw}uQ#ls zWv^N#!*zNKip*NAB95G1iD38r>8)d?2TmNxPOT~{$?L^h)fHV5RGE9PcOmS&FVqIO*@oLM~p3h zfVJ`RdOO%k3p5`YXxU&VZCr6QczeC4Gunk*%A1fgNv&>G1-s$au3A+`RBo)AW%0RL zb?vfIaiaOkzX%%@Ok~l_{*C=fCR!%jw}ae!ynI@l%O&+obbDhW`dRts-ZAfRM$6?= z>yOJ`iRMQ?Dc=+6lW3-%)g?l71a^B0@LnE$$zHa_5bGSe2?H~jxAd&sh2IYcy{9tT z#fg+RC;K57=YD?~X3;+lIlVJUe+lKEMS7#ZKyMYgI5hf8WqT*n_VlmkM&F?x?VCJF zNEGl+dCzCGLx)o9FUZkYvg9R(U0teO@BUf&-y$QiJ4=kigfY}A)i+7DPu%^}NyTy; zbJ;RpZB2{qp&EZ85r@;0Vq6wd-iPJ56jO|4)y0Ic+_c0DWEP8}!q#lDX$j@K!e)lU zKbST)uhXA6HY$~^SS7nz$?ImRB(A`moOjYYl+g+zY;kH7*C`uqyiuO=osoXosAyIX zf(TDGVI<+FeyuR$iro;5c6C);jy8g+CU?erBCRbRNtyxsE;Ymny!UcN`3^B8e>ibi zZt)E70q=k~DIH09C*_cm(_o`nw%U`RJR;h|yf0t*_Q*`wmmgeWx3~A_!M-xBYwh;6 zrCrLo-u{esT*Nh&5SO^{_NVObSe1XWNi5=G#=p|<-7eb>FSq`Pr^~C;8&>;DBeIXa zjg@bUjN88a_8i}Tjn=vf4R_yr;kxOW&2M|mgaHjAJBw{00IagfB*srAbzk{}%5c!b1Q71Q0*~0R#|0009ILK;RAt zu>QXTh*W_90tg_000IagfB*srAb`LY7vS&z-{KuacnBbX00IagfB*srAbRDl2j2q1s}0tg_000IagfWQ_P;Qs#>?;yfM009ILKmY**5I_I{1Q0;r4hV4n z{|+Eh1p){lfB*srAbzW|F?Jt5gq~vAb}_>2Go2q1s} z0tg_000IagfWXcZ;Qs&4>r+~U00IagfB*srAbLP1}cJTp_!lZxqCk>$8{ zRo1C56fQ03vvcC##hIDB?zj!htQdAlKQn!9dbT_3TGMJ;CBt?4vnrP3n9G)9yz11d z(JJ-4ZdV=Gtcs>o&59*+bKYTZCZnA{pYqOkx3z3Lu46Q;O3k$l>$-@gV!5{Egl$R6 zR(>(AOlK+~}rej5`TAIZ>j-cj#-Mmv2v*Ca~bWph_faK zLR?L8Y0A$;IzO&RPXN&&*d0!9PAjE;&ZUD%s77 zVU|h_G2uirm46@U-e_jemb#dvq6PG9PBw$-%K07FDVq&`v`aZ}z&o4K_U})5bFxc1Wja48KNaCW(8)QF4J+-R z3uKi2$w}N#ds7+hf|%AW%T|VCyVekA9J{(~xHW$gwi*>f{1)RdF<<$~h(cnyupZw( zu}ro#a@!}PRy<-TKjxhg<3j{IxkGFt!8+c?yoR)`2sdXvGK;*+vxdkS<& z6El?mBhv4Q<;0nyC$Im!9NX{tgwZ2{f82XtMw@;id|}@wRMNJWF}>owH>17q zLTY_V_IbiK3CYU;9_jCdQk~uwd+fV3OX%lS+p(AIvhA+vXXfT+3X`*)Q>>WjI_Il! z#^{@|bKXJkJsE9IaG#Uh{U=wuDlSP4#}a2{|B@=9fbwGz^n_BKYT{49a$nh6!(O(l zc|E-76g$m%XT2AK9(YvtKtlZq$;yvLdLW^c=z(C*z2~w{9KAUWt7zG)vDeJ87eG1h zxcBai_F-|E^N|GZUAgqRi%rMwrq;ex>_Pxax{ z)gGZTOZiukU57m%w^bKPFbZX*{&iMsBk^Njpv=;#c5I_I{1Q0*~0R#|0 z;9eA9{eLg^I&DS(0R#|0009ILKmY**5V+R_`2PRB*5kAn0R#|0009ILKmY**5J2Ew z6kz>-FZMcZMgRc>5I_I{1Q0*~0R#}Z*93U}|6c2H+KT`J2q1s}0tg_000Iaga4!mQ z|Nma>b=r&o0tg_000IagfB*srAaJhQZ-dYtwmfB*srAb5I_I{1Q0*~0R#}Z*95r#f3Nj8?L`0q1Q0*~0R#|0009ILxEBRj|KE$f zPMZ-x009ILKmY**5I_I{1nxBfp8vnsdYtwmfB*srAbY7e#UsVIm50tg_000IagfB*srAb`NO74X;pZy&g< zjD2YD&yD``(e$2IM!sbCpX}Z<{MpQJXTB%nrT=64-9z6$aCzvVL1WuClE4vovjx^u z-WO%G$;s4>QP*55Tg7IhVO3qjaZT4UN>QnEZoX<|=+RfL`7G9iOoLSJvFOBPqv(pzB3;8~*yx6QTbzaZ< zRh$wfb9&Bu$ooh}o1RR0$L(s#x}K~rST@L2elKjm^z7Nfr42gKuSTDn-JnFa-O0I6 zdLPbcCnr+g<1)C07*u7uV!K9d)oL{ClI7RdpQ`*$7)&6c2Ql@RYsJ!^la)PSmvY|2 z-iI>Ugb2ZqUE5!@KSlZNNN4sJ5WN`I-#Y*+mgAVqmSfb#2y(1qt=bytd3~wba9pEU zYgXOX=+Ajic$YKU#i^8cS_+k{Ra*?rvhBEzQER$OqI5}&ysM(hfOUfs%5O#baD$Rz zU4B1qP^zmVpYblGwaJH5ij2~^R<_0TU^d;F{A|>l&WhD=jAz3il;3>Dd*x;}m}qVA z`5W)`KA6!SemM1I7iC9<8Lj-^h;+$;F!_M!iOyW|(){#=$@$Cr`NHLV&_V4(ynUeM zb+cF$on*MewA$*2*3lQtMD<4Pie0wEfLZSC->ag%y=i8>E(T&;YRPu$Wpk}F({zOq zx^Gm(Z)D6Q=Q^#hJCkSGtOl{>^^)nDGMKzxHpPGokH%V~WHoG2O3b>2bA|a zVKEWO8K_a|&r$xb$TZMjzz8?>5C8t$*3{WPBj>zDZ(h!!>n|sW_t&EQ$|j=8b7;ba zK(*%DSEAErXZ-gL@}8>;aoTTI#Z^oxvVG1w>|M-g7sTv)Q7UgR7fQ1Y@|FJ>LEoUH ztZB2Ew`4i4T{T_1Rt*m_|6G>yUJ~c}n+n%1Z4iR;%QqdYnAkQsNkl^Joch-v^5!zy z)Ku!mNjYdX2xo&V<^PNfqYX-m@zfPb?`+(TtN-9jIFpCF>Yvyhafzv)nVXv_OwM-A z=l!#?7<9F|DBLiM{){TF1zhX8Da{VK(9c-kzL8|gg$z9jpuCL32 zoX+{YYfK&RE@ZT0A`rX3n}W^aqWBNV-4bjhx}y_L&(YZ4dv7l#nCm&7|9`U=hU^ak z1Q0*~0R#|0009ILKmdU^U%ym%}Umg2`B7XA=0R#|0009ILKmY**5I_I{1a_Xl;K11MCI0@uo!7Cn2mu5TKmY** z5I_I{1Q0*~fnEW=|KBUZX9N&H009ILKmY**5I_I{1a_VP>;IkCr?dzG1Q0*~0R#|0 z009ILKmdVW0oMP$B78;w0R#|0009ILKmY**5I|t(3Gn^@o!6(d2mu5TKmY**5I_I{ z1Q0*~fnEXb|M!aU8365I_I{1Q0*~0R#|0VCM;pj(kRWAoa8|HoW)C zM}KWp-~HL$9~l15;eEUQ@vh^UbLmeFeRlA7245KX@qy<@{(R)S#=bc9wEDBke^$P6 zhlgkk`y;=gy^WWL$HpY%Mox&AQ<< zD;2Y`W;ANGicvIOYq{32EoZ|_<*%pa3zG{4ePQy)QZGktD)wtK6^+3Aam1w9+=)h*Tywy{j4R!iCg&K^_a6ac`Ed{Flg4b6~Ub2eP`LmD6Kh z7d-V^)v=6Xtz_w9?kk)t%;$B>HJ8H@oyf!4F|XHJd96_w7VYY+)=Zka>b;uLj))0o zME2Q|i0-OYk|zM!F_8r2&%&mJ({6C6M2h&G>5E4av*Apbb38kk-VRFINTJ9F=w<>7 z3y){T4@u$qy9%PalS)6_hv+364XCpoy$66Mq#>7Us${%_a&&p_p zLTdfP8#FwqYr~rU;AWZ~)H9wfTdP*N)hT&@h_((T(d!M@kmIYJR<_JlF)dluQcp&I ziWrElG|PAObg(;dA}d|bmoyz%%d+%%Rt~VF11}hTa$XQ4Wnau_Q50|7 zD+UwB`3-_E)~c=uK0fv^Q~7^yCiJlIh7-nk@u=LBT^i5pxtNs`r^yev*+|HuJfE2r(qDS2{t$HnQ6^BopfyV*621Y zvto#A$Nssiou&Lg-eaDd(M}&rd5dxuj5%bCW&i9KlcD^7Vbdb#&6t8g4gUEvCbMgi z(;oO;$6Sv4|FK67i3lKo00IagfB*srAb;G655)nWE0R#|0009ILKmY**5ZF-ytp9gZchVRH5I_I{1Q0*~0R#|0009JI z1^E7dEDMPUAbz^+5I_I{1Q0*~0R#|0AXb3q|6^H5 zL;wK<5I_I{1Q0*~0R#|0U`GjX|9?kyCyhY>0R#|0009ILKmY**5I`VSfcyWkEF>a; z00IagfB*srAbvEAbW$hJyKEUnv$ztQramw=Uzl7d z=nIo)W(s=TW_ng{I#$E5OZr0L(t+6|}cJgHE#+Zz`Tq~MoW4Tdl){Tl)S+W|=id~OS zRo@ngJHC*JJgBWd^n@1Kj$xK6c2z$!H#bw5ob76CC!$^ku~EIbRJMz@W0hjIEY_;7 zRdu7AiRM4Pp3Z3JPp7=ocC}<(4?;Cv*K%CbwQE(!2)kod*e7SJ_k|SGvu6vJ!WJi1 zqtDGI7s;-gWxHfFtFB!(Do)OO=lW0(;>0E)Ha8A&>?T8$)odJM*mF7W!1`biTVa#f zmN$-V?@h)gtJyfV)@aMOj+mTxX?-B0oj#pfKPAU_VkakNsH2gQo>=bI2Ya-$dyh|X zFn5Nc@v2j+_6^|i^;AZin@V}-l6#Kn-Vx*CLf za??JnMmu;gwSKzm&}`JomJ>uQe^k>k5z3qmBJ%TN z&X?iYIC>oA_4fHA=G?J3JAHAnpl3TB5Z0a3bI*HUlGdgVrW83`oNHxUobk=3Ta%x| z6R8ZTm*#4zAvlB}LVySY7Adc`-IzH9TAT~m-2(!)wW{v1y&G?C z>s-CbRwb$AB}sXcO64JOs#1AKRVtO;O;sL}RH~faR4Va9DwW41u3S!EW~RHR8xUC_ zI0FAJOG5WKea_dv@ANsR-JqX>1$ePcuxBj?G@?#WM|^+eeCVtayKW{_s?&yYjrv;xhr$TYR58#JxoyI zw4%J{ZcM7Jne7`J+9j^;H=0vC@&DX8?`W95aB+(7qPpu18J(SRO8IOeeHk@m`fSG% zM$3N&Qro`D{cg#et@Uts8QY8H?Wm4>M~Z6gLcu*9JOc61hTAtinDMg9l&7M53-?ml zmBI%66)3xW@UWKM&v}Q#fWl=byS^SQ6WL|TXFg6qgLNjmky5n84DHLV;(kl+OU@PC z=VFUZf28>J?eI2}&u>tm97x2JQDZ2SQ5fS{cDKUuw~#S?1bt;(uM`sFFQdjb(?=wc zo`QpCKIbhVXI9CdwY9RGE&ld>%ovZbs#|yO71i_S3tl~zg4FC35~ofo6B%hp)!8Ny z(cHK7u$IYK`*I5B_x~T^7^7+cK>z^+5I_I{ z1Q0*~0R#|0;1LS&{{IN^=^6n95I_I{1Q0*~0R#|00D(Oc;QfD(py>ty1Q0*~0R#|0 z009ILKmdV9D8Qfpe}wpSjQ|1&Ab`D=5I_I{1Q0*~ z0R#|00D(s+!2ACr#HVWn5I_I{1Q0*~0R#|0009K{NPzeMJ%Xki1Q0*~0R#|0009IL zKmY**9-#n#{{Io;(=`GJAbf~Fe;5I_I{1Q0*~0R#|0 z009IZp#bmyj}V`(5kLR|1Q0*~0R#|0009IL*dqac|9_95=>`D=5I_I{1Q0*~0R#|0 z0D(s+!2ACr#HVWn5I_I{1Q0*~0R#|0009K{NPyq}-y>+cK>z^+5I_I{1Q0*~0R#|0 z;1LS&{{IN^=^6n95I_I{1Q0*~0R#|00D(Oc;P?Oc2%2sXKmY**5I_I{1Q0*~0R#|u zgaUm3e}wpSjQ|1&Ab`D=5I_I{1Q0*~0R#|00D(s+ z!1w=0h)>rDAbThnsuY8cdUl6%=T(UvmHwqt-*=1 z`+4t5QJtMCxV4-Z_3rRSMgvr??{o*T%XbWZB)TWO>7x4jvjz9vv z-=$XSKV8~V?dFm;zaalwo|~&^!R>38XJ=;Tho?3F;reP(z4%hWy%ih2mS`H`1QGls z?C_}?oK`L;#!jkKk1iUF;_!q&;gq5xnT=ou=(nglTkE2t8LO+7SPiZ5U0n zVLDs-RQil^$-U^kT2#-RDR`%YJ5Se0A1l9-xc79iy!mkcXoMlYvpD;9b@7&Vt#+%T ziOqG>3NtOA(w3bbnzBaAFq?9EX*=5Gg@w6Vbv`znEzuVDtL*x-DkY1qB?!P z;8ufs_B;32HM!)iG|js1KV5Q0_Mh9#BIWh0(UVyE<1 zI-trZQZD9UWmNXb`&b#pgK<*PTB2cgTXH67G%R7;6>SiU4Ehc4WjR+}EO<{33^Q8G zxfkVYBaRst=Szl>B_RiKrcV!}PQ$1THW8_?GW)V-ABYh zb2~>Ijq9%QCUK<(sxeetH|3sMS;hrAYKgzw!gO9i38`EIub%0NucFCG%`X{UZEl;E+$6T-g~qDfCj0M8@|9<)qTTLT_YC=R z($IqiG(2hAx@^h3ZHh*JaT@m8FdQQ(BYs%C%i5pzIO$KulVl-Dfmg%gu zl9Y1F?K*4vsBuMWh^BC4LTC5I_I{1Q0*~0R#|0009JcRed1cd+s2q1s}0tg_000IagfWWQ_@cn;RIcW?5 z1Q0*~0R#|0009ILKmdWU6yW`TEYm_z2q1s}0tg_000IagfB*sr?5Y6o|GUabV+bIC z00IagfB*srAbLObbCFfB*srAbXZNB$(iH7cl^o| z|L%zokNuZpXOEgke*f@K4zCn{r&yc(tCJ@W{p`^C!GC!0+XsGn;C$g?;i$amZ%*9K z38r{m799Jj^7^3se++(l41RE5@${m4?P9?dX1gIa*SjlCv#wj6PD^i^wxipQC5)Ed z7S6qnbtk8I;vY>f)~ZW2ZFc@j?WUGftKW#WFrQaND;ewSwy-wLy3ox=MT`0kehz{% z8|9b1Uz=2`&lM(ui0!*g(-FGSbvnVZ-VpxPwmud8pnS#M^xiM3&plV@)f{7`DWZbt z9}|Bv3Vx}2d9J3Nj831_N?KQjBD>a>YB!g(`33pc^4wfS3u|N*nD%g?%)YXm&vRS{)$)1oy-D@jDJ5sXCAyr7A6<0Md$)?}sZ)wK6^y)iVf^Q>C5B+UM2^Dn zFdBybh>|GLh>5}vj$#8e>n@`47pwKo;_Tbi#ar67+O1N*kEnS$aJt^jqFOzrxSx(C zL{1Q*$W1mXr_KDQ~%`E?+9R)d0&`vxHceBX+}RnhnG82f5R^BieE% z=nwhaI?74{F}Gfs&TF0)`O0t z)!yF?$)!lNI&!xmhm`zDIHufZ^n+|{?odNIH z%28skhBuX2s=OCP8|_zujn%QlCSlP<0 zM8Cngc%}aMv$ay}(z5AYE24!CJJA2R{_GZG(@0oZ^W_zWx*?$3(n~7vtL8-Eo6;IBEv52jWMf&aw8E|R+U5>eq>pd z`VXOeS1I%T|1tQVBe+Eb5I_I{1Q0*~0R#|00D;F|fcO8$eh2`700IagfB*srAb|Hpm^0Du4j2q1s}0tg_000Iag@E8d2 z{r@pYGPj5T0tg_000IagfB*srAn@1=@csX>9|8a%fB*srAb0tg_000IagfB*srAb`NW z6F8_GIC12r|NUP%@$(7!U;cvt0tg_000IagfB*srAbv$Mga85v zAb^}j1|9}7GlsiHI0R#|0 z009ILKmY**5I`U;!25q%gkuB{KmY**5I_I{1Q0*~0R;A+0Kfmg|8mM5A%Fk^2q1s} z0tg_000IagkQU(ke_DiN1Q0*~0R#|0009ILKmY**_MZUn|NAee+z|o@AbmvjIpvNJKmY**5I_I{1Q0*~ z0R#|83;6&3zo!Z>PZXMkmrrz`{QFNHJ^raDzIp5qj}?zzI`Xr_KR7%+*_{01q2E6E z`v<>&;0wwhD>o+IDo!5#qR{J>d&OHTstdJ(`;pmhOiU>MIo&$P`%B=WXH2RKWo1I< zTWs2Qo2Dalqw92nW8La>TDm11(RR#ETc1iE|FZkC_sybOE*HF~9b=^_lEulRiGMu3 zSgS78w596hxtf+NEQQBrLtCodT&iedL-wc-4qIkhZ<@D-W445Ld3I)YUe;+Do1-V+ zS)6^lx_C>wR=ZUSx-c8V*2-GhYj{>sJ%7INT@ggwwS}eIj^Wt)nrS;7%d8vC%#+HU zMEsd`w2~H_j{?``7nZd7<+(W-Lc5_mb`*Q;{7SceM>x7|eye|DvBD2z7DOXRLdKEE z>bp~goN*P?t9LESPxjR4IpqWQ4R5`uPE8fOaynhnbs1N^nU|>OlDsTwv3sg$+vC?e zt@WmSE*g46G#x_@At~MRM{GDe2U*n0?oqE(RBPu8?u)@g6%5Ptkki8fl3Av_72VM6 z{FU0x@JY$JUR#*YF4sz72j#cC_N4m$`Mktr1`s{>={}X&-VLu6JWb!99zOr+YMD(c zGl?W+){%J%&hOIG)E{Vmd?I(~M`>?~){3w)#(ntIHT2vHO>x`FFI_R({v(}#bw|!W zx<9CGT~2!b{ijD%MT2}5XChgc&T_Iek>X@gD!<9XW=3+8 zHSS|tS@J%ZR9CBc4|13bvn^MEmYiPYpjz+PX1I#ymnm1|7SJrJ)oQ`}bda?Cy7?u_ zbRvoQ6=gE#I`uo+^qbYi(o}hn9qmf(YIS*TNjrV>w6;7ydwsc9(S}p(=o2yhW^MYK zR`MHrU0x#>pyXCoY>HR?4Q|Jl>!rEcHruPgKMkjA3Hwz!Z*N;cF%vWJj&1qV@OG7k z3#MaOt8)DhRxy985*;_hhFKRftg?IDTP>=W4v<#r}f8`Jzl-2Ubs;3p3O;+-$Zt|N@Itl_?K>*4nLYCTt$-?H4Mi{pUxealDg=v6xD0x zf_rMX#~Z#k#a~r??_k{<6f5=UCSv=$L7|?$R_nCGZPB1gDPE<__y7I%hR)p}fB*sr zAbmqJg8%{uAb;;0tg_000IagfB*srAb>!=0Dt~J z--Z$d5I_I{1Q0*~0R#|0009K{ivZvM_e&cu z2fY&?Jo(?A{L=A1I==M8KX~HAu{%fq`jP*0L_hrI;X{-EY4SG?{GGzTl$GC%x7Usi zCVwY>))T$MMRj4J@ZIx{vCL zi?!-fOb9(vy+dBNsGd1f z=v@q;txl(<+m7Mb!QVytSZOC1)5S8x;8aAW%`Yrz^UHH{6|HTw`nO*<+MTxPC)8+~ zh8>}N&@tP()oqIYi8a#>lDuKs=8D-govo;*XxFW+b;s>9}fYkjH>61z)D;eop!KFTWx}X%Ckfd_P z`f+^L8txmF4* zl;85~N%j5ng^3^*`>uSxg>G~mISa_APtUwqpUOO~G;j6}O{#Zlxs92A%WJwVrv&*- z*m~WP(?Q!YjixQz+@@6d(EDQVpj4|BdY6L7X1m(kl_}pzJSy8&Eoo7p{($#ap22Xh zXfj``LLaOpu@Xzz-KLYS-(NX~Eymj@SG21Oi?!LAdF@*5mR1_pDr<|itF^`2{B-Sx zmJT*qvHV8wz@&QP%*WOr5m&zLJ=H6O%h0=-%IOG{Z*8l&ouJHpFf;0oDOaS_d?Im# zwIQsASs$USH%&QavP!y^nRbsY?6DllnXhh{!=)=$G@2;6I=i3mDRLY1dci#xJQm@m zrQWqH8HwBuwN`{>ubJz?ROK&3c@>nc#G{*6ZP1SY{N_~}On50zg**+`6r{EAUa zK6!p6tz2J=yV5l4!82;>{+@0# zvq-TM+0CpIUfy4&M_L~|;#Kcklj`zWWxG{cY&ybf%iX-$@K;lRyBR+<>t6A;it5?3 ziWk1ijno)9@n%AIq*$T`%lW$1*)Zj{KKZ0nv{>)yqM)tOr>;NwCYnt&Bq!rD9nl$HYR1u?q|GvMfH^I zUW6;8?;Q0Nzgk&O;H6v68;*mH(&KRu!w0r}-@1Hjsa74VT3VU!|Kq*qCprWWKmY** z5I_I{1Q0*~0R(nKfIt7g8;Z1n00IagfB*srAbqC)@y1Q0*~0R#|0 z009ILKwvin`2N2einM_M0tg_000IagfB*srAb`Ml3-JAayz@hJ2q1s}0tg_000Iag zfB*sr?1li}|93-?HV{An0R#|0009ILKmY**5EyR(zWhm5Ha7pG+M3!$VIz*?ID*<42zOr%y~CyLs%>NB+r?)?wrD^Tpqt{GXE_ z9Q=g?|M9@zIPfLqCkK94IXm%}kK7*VT^4*Wa`M4X6c0W4wU5P>p6I<$R8O5!zIWU) zR+>U=h_<6Un{C}}#D9K%da+hrs%cBr%X2mDWW4C4R?@;_v!N~3ZZ2u_3-Yh!xw(pF zbviBCQu=h)7FNb-r*lX69c!0oXJ+T)?SuiPn=#w69Y-{D#~!`p>cV1ec4l6?R=cH@ z`tg;u#oE={Vr_o9b|Vbhju$S>YgcM>HF=-Y)f>~*E47N2Xr>=vq8X!J7q+bjWwJH1 zQPxJ<(aPWMX+`zoX~liPY&XPa;v!vAn{^@YJaPILBJ-j{0kmN>&4%7> zJ7!aF^~X>}Tko!~3&+;uO;@z0VLN(og(1gWG~g=Q^8D=ejwOti9BPU%|yl|EGZd?`B7Hd>;h$r;Bn+VWBL56kWgJ+-Kwk4BQeC&#d3_tI!lk$MAzxU=(^z}(w~C0@`t_871c{;3$7Z7HDr`#+i;|o?$6G4 z@OOFlBL&L$6XR{9ynmsuHd3gSqN%@J?L9rIE}vC$rk;^2^{J6l&w7V@pDn6q&nmr3 z0rW_XkrU4(q(_P+b?jVHGrmN`D#@umc2v$;+u|1oyhDgeKf4{PAuO}KI=W`XCbmRx zgU;jxGuL}+Qq?cyJ)PoJq2D%|%@w15N53PsZ2bdUrg|#-yz)Kodhatu^}>b1cQ1w; zfXwT2uKsR9IlGdij?bg9%|UXCjujZq)sAI4YprBrDw@0>Ia0IE`Zt+AFT0h~^uoei ztvWwwT`urftIKms+STgZ4Y|HgFU;RqTCDopjqLd4@?hTWind(iqq#n7g{^3VpkZWaH2`gbb5a-%deui(QPCq?fm+K zCjHqczgo%JS|6FlXL?Ugs^54mZ-(lc{!VF4x8(>3*O+ygudK6c-em8%T%KN2dS`=# zWmU>Lx0=XVRt>o{gxzP1e{(&VifB({tjeu?x+LN(4O^3o+Isv7IkP49yu+G_U2i%_ zE!L!b0&ex5m{eOcd8U?Vb>t2-+;Y^7`kILEh^DqJZuE}#juq9J8RdJ=2Flyk-nMWh z;eK-4y8ae4j91Q0t7bUcRH9SSq$IbQ{e7K&&ulnra#mO>4<7V8Z(J z!DpXUf)A>8c%s0c|NmsAm1q$_009ILKmY**5I_I{1Q2)-0sj2|gQ#&00tg_000Iag zfB*srAb2&K1=QGRAX3j9pt; zw!UU;2))^<8%@0>8m1BZQMbf;$2OggwWa)pD6lZ1>`VPHvM<+4{uT1RD_UI&IHI9D zcKL4a)uQ_Pse*efh{twhfxc>Wy6d)XbvnM2PZd9}{P{#2@uK)8ekAcStrWFac0b>n zDyqw83hwJcr@{G_Xst+#HB)vR1R9*Z-LY0Xjw9OXIum~`5k$H;s|i1#biEi#P-HgB z_j<1s)#(=s?$cp#qG8k>v(t{!R2OZ#V+DBf?@`gj50lXh3c}RJt_gw|6iX9P7v@Ho z3%AreTU2k%6x?diwb&4CM>o38nqFTs%(m`ybU8-q-KL);%g@cWRg|RBwsphi{OGo= zHq7Bt?@UphnJIXu9Al*^w!LcGLglw3yQS*ox!U&KYo(~%Y-mfhn@id|i?eT67jJ3T zYPTw3a{DFo3rpJk^4wfSbGFt+SbKOb9GG%GNET@2_j)f+s;!yAMEE$|ZJLr=rl1oX z>)YOmKDBMJ@0z{9D)`(AJ2a$~-7oaMEC=-2f_ptPH@05aWg~iaq4KAr`%W$zsRuaG zMplk&tu)L_D&(?zx>qWyXJv%n&diIQPKiD7&$rEn>}|WpsUOLxX)3aG1+9F!SDsXt z&wkve$R2%iY~@cK`_9CXVDsP}>YbLUIbCp12l{d~4`$$S1&klbu^&IQmETG{Fo`lf zek3pS^ASHKb>fGzM%jI;_lt71l!3gR5lFXf`h!*2{&r&+pz?#Pp^>Pf4=>G)!U~r( z|ACEP8-!KpohquQWmwf +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCc1B6qv7o9TRyZ +jvarx1vbeFi1pwfEMjW1ecOaBkFkQDgDgN+tQDtGz1qUq77heHKCw1F7aYZFA4T+ +p1W1SOe2jAhWVIHH80sMKLzoFwhfoQu33wKcxkaIsP2lfg/zW5qkMNsOBDa4daX0 +sPOCT1vnP5jyN+BBGU5OFCVK57Mcgezp0f9vOApHml7MAW2fVawpWsc/2vHV/72t +8VG63UWxScAeEdxp388bIEfXCY2ssB0ZCMAJUzGar34FohyPq5Pvf714CE5BmO7L +8Pm8CYP2BanM6gM7jiSGr0yk/Z8fJvPbRpOSMMW2s/H6FgdnjMbrqesnZx6+KiK6 +bONSkKdPAgMBAAECggEAJYseQFAfvJceNqCj6qGSGusniW0QDebbNrOMoO3Ib8Bz +6FrMsUQELMJs89RdoMpd13H8qqerbhAWoYPbn8dxOSEyyb/3Ra+3kpSaDJGe/o2m +KYFotbE9p3F/d0PDe8W9MntDpYpaszPu47IMyXBIFwcBjVLVC6CMP2LRPqpTFYqg +7HURQol4Q9K7GQQqTLHJECnrY60FHVqg+3A9VWOulwF7qXRrG9mrUiujfmwgX/st +CiCUIXvhWqi52mx6z+X4yclSVqAAqkxvgZSB4haZ2yIe+4B9++ayXmiN5jtY7bgq +/hiZjTuec9XQK0LXnOEdf3zQF1jH38WuaHlA4x29WQKBgQDRw10CDjvhOQoHmz2z +s0MtHT6uPRBlID0nNpylg/LVL7PjMxyXIjYJZxH070fzDC2+IFP01bRPa+Ffxxnv +UZrLfXu0IpkOQDFyUAXE3K8ODEl9j+HYzZPqY0xsM6J9uH6MwJie9LvdwQJw7sJw +bgOyuGlrUeC7vgQQqlhFykbrewKBgQC/ZbwvqJKj+CTksnL3qylDPufGnaaXDIn6 +YAKJK9o8o5bUwp7pNs+obtbVq4kqjxcA8nJYlr9KxF3yEj3hffNmoL8P0ADomxgO +t94pW/F+QWQn+C6Z3pIzZcQGK+wjdLSQUStPStLhvEkGc8GV97Zeg9qKTp3hPMph +p8lnVkgxPQKBgFAyQPzoNDyHci42TADIKIa3B5/V+M6w5LB5UKp3KAAZnMzgXa3q +hn5Ryau7T+a8YUCvW2nfynAS7rePh3rX2Da0YvcbwyiPolfyAEKjnMniKLa4q8AX +2NVj4XP8ycMHJlrpx2/+YVUG1cgXgH87kG5j0uoVA7bDjwpQFi+YhkTBAoGAG7BT +Fi3z8OawJ6mtOik30fOiwjgCZq24tFD5bPC8JLOh2WvCY4i7Z+mJCOZE9LQ4prls +U2aTi/R2htOewiVfdgRhP59e0kfFpjNxX1heyl4ZaDLeQwJQ8kCRqDbodYSnro0f +j9wKP//mLJnIcrKgXnICxqly66fIu3HzkBCKZx0CgYEAi/LBqSsBCenij7tN/GhY +rBiQo3mxmlAgA38jvh7d21JpIH/8PPgO/kI1bIfVWajTvv1mDxIB4Ieq/w56/ZKC +2ziOPF2olA59DKD0yzMk064iwIYo1+7NYziU2uUhR2BTCzM7iOOngR69HJrG9lrN +ZHrnOmSv8EnT+uI+mCykAKk= +-----END PRIVATE KEY----- diff --git a/docker/synapse/synapse-data/synapse.pem b/docker/synapse/synapse-data/synapse.pem new file mode 100644 index 0000000..f68d92a --- /dev/null +++ b/docker/synapse/synapse-data/synapse.pem @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIDMTCCAhmgAwIBAgIEepUKBTANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJj +YTAeFw0yMTA0MjIxNjI1MzFaFw0yMTA3MjExNjI1MzFaMBIxEDAOBgNVBAMTB3N5 +bmFwc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc1B6qv7o9TRyZ +jvarx1vbeFi1pwfEMjW1ecOaBkFkQDgDgN+tQDtGz1qUq77heHKCw1F7aYZFA4T+ +p1W1SOe2jAhWVIHH80sMKLzoFwhfoQu33wKcxkaIsP2lfg/zW5qkMNsOBDa4daX0 +sPOCT1vnP5jyN+BBGU5OFCVK57Mcgezp0f9vOApHml7MAW2fVawpWsc/2vHV/72t +8VG63UWxScAeEdxp388bIEfXCY2ssB0ZCMAJUzGar34FohyPq5Pvf714CE5BmO7L +8Pm8CYP2BanM6gM7jiSGr0yk/Z8fJvPbRpOSMMW2s/H6FgdnjMbrqesnZx6+KiK6 +bONSkKdPAgMBAAGjgZMwgZAwHQYDVR0OBBYEFFtgp2h3pbJNqKA21hfFHk1+2nno +MA4GA1UdDwEB/wQEAwIFoDAfBgNVHREEGDAWghRva3VwYW1pY29jaGUtc3luYXBz +ZTAfBgNVHSMEGDAWgBQD7PILP4eCg6TDhEkwZwLiNAb9gzAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAFaxdcpju5n52d4R +ePIrwJYwU/HqukDw+4KNcKH629LjzuIaHnkGmlUDZ+1uvHQgJ0776oqF84S0Oa85 +gH3wcgluO7dF2bR8TKn4WEDij5I8MDZGuVctrfxLmP129d7aqei3bXp+LzokfbVi +I3PE8U3blYQF3gevcopulz2DK5WvRDsG9PrMHs/GRl6X1RdhKXV18Q5UIkJUJrJR +BdcdKvggK4+gdN5mWuHJ3w3zqpeQbCrRz5D7/CTjS7NFpHSZydfpkdTsrnymSNW/ +M9cPtWrGbtfeCO5usKc/4Iy3QA0HmRBxLWsDweXaub1lZwgoF5duS91O/yEwskcW +gDlPzcI= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy +b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC +Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj +2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v +wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5 +Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY +J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb +UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0 +HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV +HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa +MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4 +xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks +Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9 +ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6 +5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA +BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT +-----END CERTIFICATE----- diff --git a/docker/synapse/synapse_data/.gitignore b/docker/synapse/synapse_data/.gitignore deleted file mode 100644 index d2214dd..0000000 --- a/docker/synapse/synapse_data/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -homeserver.db -media_store - -!.gitignore -!homeserver.yaml \ No newline at end of file diff --git a/docker/synapse/synapse_data/keycloak.crt b/docker/synapse/synapse_data/keycloak.crt deleted file mode 100644 index f88529f..0000000 --- a/docker/synapse/synapse_data/keycloak.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIURQQZKTG7wENaPp3bnAVLUMhkBJEwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMTAzMTQxNzE0MTZaFw0yMjAz -MTQxNzE0MTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQD4RoutMqZ9zzuowIZ02N5DneNdTUPp8KTP3ewCTp5B -pQB2ht06pEgb7AY0xjlxfwt+lEXc4aeN/B741frLDe6buts8IsedfL0Ub2KHfoqo -o3qAimn9+fgoHwZYsls3OJK+fKbPNefp+m65SkZHz4ufQhg2TSLsW0BWATnxnbd8 -OQIXrCxtV/UKE2iaXfrlmaVSCqFeL4z7Rr+PJ8LiwOFMDLleLMsPiIo8CtR7u/lg -65zWI34rhdjwMq9tYXmZtq5sSpS83L/3InQDOvyhNt8vdNS8qL+v7tNhpHldBYqt -WJaC/QPeRGXQfa89qYZssZ+k32/i7del2raF8RxkcyVtAgMBAAGjUzBRMB0GA1Ud -DgQWBBREbPhToZrilLuC26iiFNj8t+K0hDAfBgNVHSMEGDAWgBREbPhToZrilLuC -26iiFNj8t+K0hDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAF -NtdTjLsVLhfS0q5tVKQFZ6Ek1CcuyUVeAvTxWDinZVfXzuNFdF1DeDlMwP3gKufz -RIAI//k3ISFMwXN0TzgETC86ck4edxpB08E5RKpBZhOrm7PZtoQ5h4hPpOgSG1pp -gPvzIzCEtC8Uaf0zpr+2AAm/2+DLgTDzdnO/cxN3UloydW9BslFM1PTeZ7TphT8X -3PgDzDBa/IACdTwIhh6RH03l7BhzvKbp5uXnwRSWrf/q1R3mErrsjq9Awx6GECWu -Y6YLsHjm05ELHs8r7STQC5Wq+vtfut/iDUNgnNFHmpiaedC1Md3qdnIIMeYrjBjo -ru7ot2RLcptsr9w7qd7C ------END CERTIFICATE----- diff --git a/docker/synapse/synapse_data/keycloak.key b/docker/synapse/synapse_data/keycloak.key deleted file mode 100644 index 9e8ae6a..0000000 --- a/docker/synapse/synapse_data/keycloak.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA+EaLrTKmfc87qMCGdNjeQ53jXU1D6fCkz93sAk6eQaUAdobd -OqRIG+wGNMY5cX8LfpRF3OGnjfwe+NX6yw3um7rbPCLHnXy9FG9ih36KqKN6gIpp -/fn4KB8GWLJbNziSvnymzzXn6fpuuUpGR8+Ln0IYNk0i7FtAVgE58Z23fDkCF6ws -bVf1ChNoml365ZmlUgqhXi+M+0a/jyfC4sDhTAy5XizLD4iKPArUe7v5YOuc1iN+ -K4XY8DKvbWF5mbaubEqUvNy/9yJ0Azr8oTbfL3TUvKi/r+7TYaR5XQWKrViWgv0D -3kRl0H2vPamGbLGfpN9v4u3Xpdq2hfEcZHMlbQIDAQABAoIBACTQoSmflxyUvC37 -znRJLDwuj2ZobKel7Wp9Z9+3tLPbOcRZnzhw39h0GT9+HUp9IkE0z18/fs8JEbao -VDYD7Nvey1+RcLQjqQ38rkmVNA5pn2KsI6drh6a7Yv+IAwqfMvNYHIwhXDBP2FdV -cjJ3ziZhcKGssn8F0PZv3B2921Vp++brFuVtDxvFdhRSSLtcwKI7L5SaOKsA8j2f -8Yspq1eigkgCTYTFn1+wdjn3FxyndCV7IFs2BvgdHDBTcB/o6DipXVvK+Px1B3Cp -g+ioAHiqn4EkxFkz/ceiscjpUZuITPS+e6aF5Qar7xO5VmeThhNlmsoCFW1nwaea -wjwH6CkCgYEA/DxBU1N0o0ZObOnt1eb/LvrSRmxiNH8RKIbb8QL9gQ9Hx1GbP+5N -JN5rayBNEg8UAtr0tvbil+ofoxpwlpSGFsFBG5NRcH1LIIHD1Sf0gkGc78ojdCT8 -O4PcWnCWjLtLIgZCVBxTupa1vsWmUMBzqTxdxn92ECLcPFvo21SRIYsCgYEA+/sp -J2Do1lpUjkRDwWAIauHJ01ZHcA5epu2vXXZOnGw+OvPX8a493kwwJDjjrfOgDLTC -1FDDBMzbCQUHUa1w3ZfsSOyheHr/8xlVUJ3gz98q+aizaJLJ8lZraL8lvsC9uogf -x7P9iTp+SpIHQ1jXp+9WdFgeEgXVkK2GY1bzw+cCgYBiVOcuodFNuaHnSccDZZtD -6FpDRAuA5ax9vR1PNtg3EQrthD3ezXrbja4YxC3nhWNKvas7DMJHcOlGf4821M31 -Xv+PzX2pOd8o3A3JMlta0FNrE8WAiM6gMQadZ1j5oiZnLEN9YNGvYwOVTJ5KyswM -RNFWCeiv37c1/Kqpnq05gwKBgGys2QXzxNfV44vsIzC+Y0L9mFb+ahcJC4eBEVYE -1UifYoN4cVT5qhM61rR4mLGIVinEuBZrsoBafck5EvwGCpx3jl+xNr7IhaTp8yKu -xKvCez1rpdzfGhvba72kWvoXFHzjgplVpm5N/PPaYSmJopD6J1ZMPsPVIlOgk0o6 -0S1XAoGBALm8/9Gyer2jtfL/WZDILEeOV/rG13ELspTIx0pcbHkvZKFXrddu27E0 -e89SqTCIXhn3nFLvk4pdWjJbE2QA4uS99vV5HXIpvvEBgwzid5hyqxE3b7xuQwl6 -bAJld+V2lh5e1tQuaX/bF7B87k4ODlZFatCzhrOXBKMdRm4SkzSk ------END RSA PRIVATE KEY----- diff --git a/docker/synapse/synapse_data/okupamicoche-appservice.yaml b/docker/synapse/synapse_data/okupamicoche-appservice.yaml deleted file mode 100644 index 7f9b7a9..0000000 --- a/docker/synapse/synapse_data/okupamicoche-appservice.yaml +++ /dev/null @@ -1,11 +0,0 @@ -id: "Okupa mi coche" -url: "http://172.17.0.1:8081" -as_token: "30c05ae90a248a4188e620216fa72e349803310ec83e2a77b34fe90be6081f46" -hs_token: "312df522183efd404ec1cd22d2ffa4bbc76a8c1ccf541dd692eef281356bb74e" -sender_localpart: "okupamicoche" -namespaces: - users: [ ] - aliases: - - regex: "#viaje_.*" - exclusive: true - rooms: [ ] \ No newline at end of file diff --git a/docker/synapse/synapse_data/synapse.log.config b/docker/synapse/synapse_data/synapse.log.config deleted file mode 100644 index 03a08cb..0000000 --- a/docker/synapse/synapse_data/synapse.log.config +++ /dev/null @@ -1,22 +0,0 @@ -version: 1 - -formatters: - precise: - format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' - -handlers: - console: - class: logging.StreamHandler - formatter: precise - -loggers: - synapse.storage.SQL: - # beware: increasing this to DEBUG will make synapse log sensitive - # information such as access tokens. - level: INFO - -root: - level: INFO - handlers: [console] - -disable_existing_loggers: false \ No newline at end of file diff --git a/docker/synapse/synapse_data/synapse.signing.key b/docker/synapse/synapse_data/synapse.signing.key deleted file mode 100644 index f321412..0000000 --- a/docker/synapse/synapse_data/synapse.signing.key +++ /dev/null @@ -1 +0,0 @@ -ed25519 a_cGhG bkRaBjufoVnCJ8Vk3S0h7cF4/7zDmQwM6Q+vnDj3baw diff --git a/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt b/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt index c476d3e..ca986f9 100644 --- a/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt +++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt @@ -85,7 +85,7 @@ class PrivateTravelRestController( } @RequestMapping("/listallusertravels") - suspend fun listUserTravels(principal: Principal): ApiResponse> { + suspend fun listAllUserTravels(principal: Principal): ApiResponse> { return response { val userId = authService.currentUser(principal).id val useCase = ListUserTravels(travelRepository) @@ -118,6 +118,7 @@ class PrivateTravelRestController( @RequestParam @Validated userId: UserId, principal: Principal ): ApiResponse { + throwErrorIfCannotEditTravel(travelId, principal) return response { throwErrorIfCannotEditTravel(travelId, principal) val useCase = useCaseService.getAddTraveler() @@ -131,6 +132,7 @@ class PrivateTravelRestController( @RequestParam @Validated userId: UserId, principal: Principal ): ApiResponse { + throwErrorIfCannotEditTravel(travelId, principal) return response { val useCase = useCaseService.getRemoveTraveler() useCase.removeTraveler(travelId, userId) diff --git a/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt b/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt index f64663c..d1984dc 100644 --- a/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt +++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt @@ -35,6 +35,6 @@ class MatrixService(private val matrixClient: MatrixClient) : MatrixApi { override suspend fun kickUser(roomId: String, user: User) { val matrixUserId = MatrixId.UserId(user.matrixId) logger.debug { "Kick user $matrixUserId from room $roomId" } - matrixClient.roomsApi.leaveRoom(MatrixId.RoomId(roomId), matrixUserId) + matrixClient.roomsApi.leaveRoom(MatrixId.RoomId(roomId), matrixUserId) // TODO should be kickUser } } \ No newline at end of file diff --git a/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/RemoveTraveler.kt b/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/RemoveTraveler.kt index e320f1b..18a6d92 100644 --- a/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/RemoveTraveler.kt +++ b/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/RemoveTraveler.kt @@ -12,7 +12,7 @@ class RemoveTraveler( private val travelRepository: TravelRepository, private val matrixApi: MatrixApi ) { - suspend fun removeTraveler(travelId: TravelId, userId: UserId) { + suspend fun removeTraveler(travelId: TravelId, userId: UserId, kickFromChat: Boolean = false) { val user = userRepository.findByIdOrNull(userId) val travel = travelRepository.findByIdOrNull(travelId) @@ -20,7 +20,7 @@ class RemoveTraveler( val traveler = travel?.travelers?.find { it.id == userId } if ((traveler != null) && (user != null)) { - matrixApi.kickUser(travel.matrixRoomId, user) + if (kickFromChat) matrixApi.kickUser(travel.matrixRoomId, user) travel.travelers.remove(traveler) travelRepository.save(travel) }