diff --git a/etc/config.scm b/etc/config.scm new file mode 100644 index 0000000..5e592fb --- /dev/null +++ b/etc/config.scm @@ -0,0 +1,708 @@ +(use-modules + (gnu) + (guix store) + (guix packages) + (gnu packages jami) + (gnu packages suckless) + (gnu packages finance) + (gnu packages haskell) + (gnu packages pdf) + (gnu packages cran) + (gnu packages kde) + (gnu packages tex) + (gnu packages samba) + (gnu services docker) + (gnu services certbot) + (gnu services mcron) + (gnu services auditd) + (gnu packages unicode) + (gnu packages python-build) + (gnu packages glib) +(gnu packages mail) + (gnu packages gcc) +(gnu packages rust) +(gnu packages rust-apps) +(guix git-download) +(guix git) +(gnu packages +commencement) +(gnu packages golang) + (gnu packages haskell-xyz) + (gnu packages kde-pim) + (gnu packages guile-xyz) + (gnu packages python-xyz) + (gnu packages pulseaudio) + (gnu packages texinfo) + (gnu packages cmake) + (gnu packages mpd) + (gnu packages disk) + (gnu packages android) + (gnu packages freedesktop) + (gnu packages gnuzilla) + (gnu packages image) + (gnu packages image-viewers) + (gnu packages messaging) + (gnu packages vim) + (gnu packages gstreamer) + (gnu packages virtualization) + (gnu packages web-browsers) + (gnu services) + (gnu services vpn) + (gnu services dbus) + (gnu services shepherd) + (gnu system shadow) + (gnu services configuration) + (gnu packages build-tools) + (gnu packages admin) + (gnu packages qt) + (gnu packages lxde) + (gnu packages python) + (gnu packages bittorrent) + (gnu packages chromium) + (gnu packages compression) + (gnu packages tor) + (gnu packages ncurses) + (gnu packages web) + (gnu packages fonts) + (gnu packages vpn) + (gnu packages curl) + (gnu packages password-utils) + (gnu packages emacs) + (gnu packages node) + (gnu packages emacs-xyz) + (gnu packages engineering) + (gnu packages fontutils) + (gnu packages gimp) + (gnu packages gnome) + (gnu packages gnome-xyz) + (gnu packages gnupg) + (gnu packages haskell-apps) + (gnu packages imagemagick) + (gnu packages java) + (gnu packages libreoffice) + (gnu packages linux) + (gnu packages package-management) + (gnu packages rsync) + (gnu packages ssh) + (gnu packages telegram) + (gnu packages video) + (gnu packages wm) + (gnu packages benchmark) + (gnu packages xdisorg) + (gnu packages xorg) + (gnu home services gnupg) + (gnu home services xdg) + (gnu packages terminals) + (gnu packages music) + (gnu packages compton) + (gnu packages version-control) + (gnu packages lxqt) + (gnu packages file-systems) + (gnu packages lisp) + (gnu packages networking) + (gnu home services gnupg) + (gnu home services xdg) + (gnu packages security-token) + (gnu packages tls) + (gnu packages graphics) + (nongnu packages compression) + (nongnu packages clojure) + (nongnu packages linux) + (nongnu system linux-initrd)) + + +(use-service-modules web security base certbot shepherd nix cups desktop networking ssh docker xorg linux virtualization) +(use-package-modules package-management version-control gcc bash certs admin linux) +(define my-kernel linux) + +(operating-system + (kernel my-kernel) + (initrd microcode-initrd) + (firmware (list linux-firmware)) + + (locale "en_US.utf8") + (timezone "America/Sao_Paulo") + (keyboard-layout (keyboard-layout "br")) + + (host-name "lisp") + ;; The list of user accounts ('root' is implicit). + (users (cons* (user-account + (name "berkeley") + (comment "Berkeley") + (group "users") + (home-directory "/home/berkeley") + (supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev"))) + %base-user-accounts)) + + ;; Packages installed system-wide. Users can also install packages + ;; under their own account: use 'guix search KEYWORD' to search + ;; for packages and 'guix install PACKAGE' to install a package. + (packages (append (list + ;emacs-org-roam + ;emacs-org-roam-ui + polybar + gstreamer + gst-plugins-bad + gst-plugins-good + nyxt + cmus + v4l-utils + xdg-utils + curl + gthumb + mangohud + qtsolutions + glances + zstd + mpv + kitty + maim + procps + scrot + mupdf + zathura + matterbridge + sbcl + go + clisp + fdm + jami + ;navidrome-bin + ;mullvad-vpn + smartmontools + udevil + samba + cifs-utils + mergerfs + parted + net-tools + ntfs-3g + texlive-scheme-basic + texlive-cm-super + texlive-listings + texmaker + texlive-pgf + texlive-beamer + texlive-hyperref + alacritty + ;;protonup-ng + wipe + imagemagick + unzip + compton + p7zip + gedit + htop + netdiscover + fping + gparted + texstudio + texlive-bibtex + bcachefs-tools + whois + python-pip + setxkbmap + xfe + ;;clamav + libbluray + libaacs + libbdplus + vim + neovim + ;emacs-telega + cmake + neofetch + kleopatra + flatpak + pfetch + icecat + ;;mullvadbrowser + git-lfs + ghc-git-lfs + hashcat + haunt + openssl + flameshot + openshot + obs + go + ffmpeg + lm-sensors + vlc + virt-manager + guix + nsxiv + git + inxi + tor + monero-gui + ; emacs-org-roam + torsocks + tor-client + privoxy + terminator + openvpn + kiwix-tools + pavucontrol + pavucontrol-qt + emacs + keepassxc + wireshark + tcpdump + nmap + firejail + foliate + xf86-video-amdgpu + asciinema + alsa-lib + alsa-utils + binutils + dbus + xset + lxrandr + dosfstools + elogind + qtox + exfat-utils + exfatprogs + fuse-exfat + gnupg + libinput + texinfo + xf86-input-keyboard + xf86-input-libinput + xf86-input-mouse + xf86-input-synaptics + ;;emacs-org-timeblock + xrandr + ungoogled-chromium + qbittorrent + macchanger + ;guile + ;emacs-geiser + ;emacs-geiser-guile + fontconfig + picom + mpd + brightnessctl + feh + gimp + fzf + xmodmap + rofi + coreutils + qemu + xwininfo + xprop + xpra + libfido2 + grep + iptables + node + jq + python + sed + nomacs + meson + ncurses + ueberzug++ + ;; lots of fonts from package fonts.scm + font-adobe-source-code-pro font-adobe-source-han-sans + font-adobe-source-sans-pro font-adobe-source-serif-pro + font-anonymous-pro font-anonymous-pro-minus font-awesome + font-cns11643 font-cns11643-swjz font-comic-neue font-culmus + font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code + font-fira-mono font-fira-sans font-fontna-yasashisa-antique + font-google-material-design-icons font-google-noto font-google-roboto + font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka + font-iosevka-aile font-iosevka-etoile font-iosevka-slab + font-iosevka-term font-iosevka-term-slab + font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation + font-linuxlibertine font-lohit font-meera-inimai font-mononoki + font-mplus-testflight + font-public-sans font-rachana font-sarasa-gothic font-sil-andika + font-sil-charis font-sil-gentium font-tamzen font-terminus + font-tex-gyre font-un font-vazir font-wqy-microhei + font-wqy-zenhei + python-emoji + ghc-emojis + ghc + guile-semver + ranger + xmessage + xrdb + xmonad + sysbench + xmobar + ghc + ghc-xmonad-contrib + gcc + gcc-toolchain + linux-libre-headers + yt-dlp + rofi + texlive-emoji + emacs-emojify + texlive-twemoji-colr + texlive-noto-emoji + texlive-hwemoji + texlive-byo-twemojis + unicode-emoji + texlive-twemojis + texlive-emojicite + ;;rust-unic-emoji-char + r-emojifont + font-google-noto-emoji + ;; font-apple-color-emoji + emacs-company-emoji + font-openmoji + vim-characterize +texlive-lua-uni-algos +texlive-pwebmac +texlive-olsak-misc +texlive-pdfoverlay +texlive-texosquery +texlive-pdfx +texlive-pdfprivacy +texlive-pdfcomment +texlive-iftex +texlive-tex +texlive-montex +texlive-pdfescape +texlive-texdef +texlive-pdfpages +extractpdfmark +texlive-csplain +poppler-qt5 +poppler +texlive-pdf14 +texlive-thumbpdf +texlive-pax +texlive-etex +texlive-axodraw2 +texlive-repltext +texlive-luatex +texlive-hyperref +texlive-xetex +texlive-pdftexcmds +texlive-epstopdf +texlive-epsf-dvipdfmx +texlive-dvipdfmx +texlive-texsurgery +texlive-ptex2pdf +texlive-jadetex +texlive-texlogfilter +texlive-svg-inkscape +texlive-purifyeps +texlive-navigator +texlive-latex-uni8 +texlive-biblatex +texlive-latex-make +texlive-pgf +texlive-pdftricks +texlive-pdflatexpicscale +texlive-pdfmanagement-testphase +texlive-pdflatexpicscale +texlive-pdfextra +texlive-tagpdf +texlive-pdfreview +texlive-pdfmsym +texlive-mptopdf +texlive-inter +texlive-pdftex-quiet +texlive-pdftex +texlive-knuth-pdf +texlive-xmltexconfig +texlive-pdfjam +texlive-luatex85 +texlive-grayhints +texlive-fig4latex +texlive-tpic2pdftex +texlive-pst2pdf +texlive-pdfslide +texlive-minim-pdf +texlive-hvextern +texlive-flippdf +texlive-combinedgraphics +texlive-autopdf +texlive-xetex-pstricks +texlive-texonly +texlive-scikgtex +texlive-pdfsync +texlive-mathastext +texlive-luainputenc +texlive-pdfcomment +texlive-pdfprivacy +texlive-pdfoverlay +texlive-pdfpages +texlive-latexmk +texlive-hyperxmp +texlive-datetime2-en-fulltext +texlive-commonunicode +texlive-pict2e +texlive-intopdf +texlive-filemod +texlive-textcsc +texlive-texpower +texlive-texdoc +texlive-pst-pdf +texlive-pdfpc-movie +texlive-pdfmarginpar +texlive-pdfbook2 +texlive-pdf-trans +texlive-lobster2 +texlive-hitex +texlive-epstopdf-pkg +texlive-epspdfconversion +texlive-collection-luatex +texlive-bxpdfver +texlive-asmeconf +texlive-synctex +texlive-pdfcolmk +texlive-pdfcolfoot +texlive-lapdf +texlive-fixpdfmag +python-pdfminer-six +texlive-zhmetrics-uptex +texlive-xpdfopen +texlive-xcpdftips +texlive-quattrocento +texlive-pdfxup +texlive-pdfpc +texlive-pdfarticle +texlive-oswald +texlive-nunito +texlive-magra +texlive-librebaskerville +texlive-l3experimental +texlive-knuth-hint +texlive-forum +texlive-epspdf +texlive-dickimaw +texlive-convbkmk +texlive-changebar +texlive-cascadia-code +texlive-cabin +texlive-bitter +texlive-auto-pst-pdf-lua +texlive-arvo +texlive-archivo +texlive-sanitize-umlaut +texlive-protex +texlive-pdftricks2 +texlive-pdflscape +texlive-ocg-p +texlive-minim-xmp +texlive-gregoriotex +texlive-docshots +emacs-latex-preview-pane + rust + ;;goldendict-ng + ;;suckless-dictpopup + ;;rust-version-check + ;;rust-deunicode + nheko + lf + ;; lots of fonts from package xorg.scm + font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc + font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic + font-misc-misc font-mutt-misc font-schumacher-misc + font-screen-cyrillic font-sony-misc font-sun-misc font-util + font-winitzki-cyrillic font-xfree86-type1 + youtube-dl + noisetorch + linux-firmware + nix + (specification->package "i3-wm") + (specification->package "i3status") + (specification->package "dmenu") + (specification->package "st") + (specification->package "emacs") + ;(specification->package "mullvad-vpn") + (specification->package "navidrome-bin")) + %base-packages)) + + ;; Below is the list of system services. To search for available + ;; services, run 'guix system search KEYWORD' in a terminal. +;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here + ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here + + ;; Below is the list of system services. To search for available + ;; services, run 'guix system search KEYWORD' in a terminal. + (services + (append (list + (service gnome-desktop-service-type) + (set-xorg-configuration + (xorg-configuration + (extra-config '("Option \"DPMS\" \"false\"")) + (udev-rules-service 'fido2 libfido2 #:groups '("plugdev")) + (service iptables-service-type + (iptables-configuration + (ipv4-rules (plain-file "iptables.rules" "*filter +:INPUT DROP +:FORWARD ACCEPT +:OUTPUT ACCEPT +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +-A INPUT -j REJECT --reject-with icmp-port-unreachable +-A INPUT -p tcp -s 127.0.0.1 -j ACCEPT +-A FORWARD -p tcp -s 127.0.0.1 -j ACCEPT +-A FORWARD -m state --state INVALID -j DROP +-A OUTPUT -p tcp -s 127.0.0.1 -j ACCEPT +-A OUTPUT -m state --state INVALID -j DROP +-A OUTPUT -o lo -j ACCEPT +-A OUTPUT -o tun+ -j ACCEPT +-A OUTPUT -m owner --gid-owner openvpn -j ACCEPT +-t nat -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp -j REDIRECT --to-ports 9040 +-t nat -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j REDIRECT --to-ports 53 +-t filter -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp --dport 9040 -j ACCEPT +-t filter -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j ACCEPT +-t filter -A OUTPUT -m owner --uid-owner berkeley -j DROP +COMMIT +")) + (ipv6-rules (plain-file "ip6tables.rules" "*filter +:INPUT DROP +:FORWARD DROP +:OUTPUT DROP +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +-A INPUT -j REJECT --reject-with icmp6-port-unreachable +COMMIT +")))) + (service docker-service-type) + (service nix-service-type) + (service tor-service-type + (tor-configuration + (config-file (plain-file "tor-config" + "HttpTunnelPort 9050\n\ + VirtualAddrNetwork 10.192.0.0/10\n\ + AutomapHostsOnResolve 1\n\ + TransPort 9040\n\ + DNSPort 53\n\ + SOCKSPort 0\n\ + ORPort 443\n\ + BridgeRelay 1\n\ + ExitRelay 0")))) + + (service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt") + (tls-port "16555"))) + + (service zram-device-service-type + (zram-device-configuration + (size (* 2 (expt 2 30))) + (compression-algorithm 'zstd) + (priority 100))) + + (set-xorg-configuration + (xorg-configuration + (keyboard-layout keyboard-layout)))) + %desktop-services)) + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets (list "/dev/nvme0n1")) + (theme (grub-theme + (resolution '(1920 . 1080)) + (image (local-file "/home/berkeley/wallpapers/back.jpg")))))) + (swap-devices (list (swap-space + (priority 50) + (target (uuid + "85b7b3d8-657a-443c-b010-52d224bc4483"))))) + ;; The list of file systems that get "mounted". The unique + ;; file system identifiers there ("UUIDs") can be obtained + ;; by running 'blkid' in a terminal. + (file-systems (cons* (file-system + (mount-point "/boot/efi") + (device (uuid "02E2-0AB2" + 'fat32)) + (type "vfat")) + (file-system + (mount-point "/") + (device (uuid + "38467002-a282-4387-8319-cff6d93cd23b" + 'ext4)) + (type "ext4")) + (file-system + (mount-point "/files") + (device (uuid + "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" + 'ext4)) + (type "ext4")) + (file-system + (mount-point "/virt") + (device (uuid + "9d009d01-d635-4d56-987a-ffc2699da9fb" + 'ext4)) + (type "ext4")) + + %base-file-systems))) + +;; Harden security settings +; (security security-settings) + ; (security-settings + ; (harden + ; (commit-harden-settings)) ; Commit any existing hardening settings + ; (disable-services '(telnet ftp rsh)) ; Disable insecure services + ; (setuid-programs '("/usr/bin/sudo")) ; List of Setuid programs + ; (setgid-programs '("/usr/bin/su")) ; List of Setgid programs + ; (enable-auditd #t) ; Enable the auditd service + ; (enable-firewall #t) ; Enable the firewall service + ; (enable-tor #t) ; Enable the Tor service + ; ;(restrict-sudo-users (cons "admin" %base-account-usernames)) ; Restrict sudo users + ; ;(restrict-ssh-users (cons "user" %base-account-usernames)) ; Restrict SSH users + ; (security-programs '("tcpdump" "wireshark")) ; List of security tools + ; (enable-apparmor #t) ; Enable AppArmor + ; (apparmor-profiles '("firefox" "chrome")) ; List of AppArmor profiles + ; (enable-selinux #t) ; Enable SELinux + ; (selinux-policy "strict") ; Set SELinux policy + ; (selinux-mode "enforcing") ; Set SELinux mode + ; (disable-setuid-binaries #t)) ; Disable Setuid binaries for system-wide protection + + + + ;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWNNXK00OOOOOOOOOOO00KXNNWWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWN0kdlc;,'..... .....',;:ldx0NWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMXxc'. .':xXWMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMW0: cXMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMNKxc,. lNMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMKocoddol:;,... .xWMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMNo. ..',;;;;,'... ,0MMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMO' lNMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMXc .xWMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMWx. ;KMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMM0, lNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNl .xWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWx. ,KMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMO' cXMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMWNXKKXXXO, c0K00KKKXNWMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMNOocll:::::;'. ...........,cxKWMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMKc.';'. .l0kdc;'.. ..,cok0x. ,OWMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMNo..:' .xWMMMWNKOxdolc:;;,,;;:cloxk0XWWMMMX: cNMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMNl .:. 'OMMMMMMMMMMMMMWWWWWWWWMMMMMMMMMMMMNl :XMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMWk..;, 'OWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMX: .dWMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMNo..;, 'lkKNWMMMMMMMMMMMMMMMMMMMMMMMMWX0d;. .cXMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMNd..,;. .';cloxkkO0000000000OOkxdlc;'. .oXMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMW0c..,,'. ........... .:OWMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMW0o,.',,'. .'lONMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMWNOo:,''...... .;lkXWMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMWWXkoc;,,......... .....dKNMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWX0kxoc:;,,'''....... .,:codolddl;oXMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMWNNWMMMMMMMMMMMWWNNXXXXXXXXKl,xNWNKOkkk0Xo,kWNNWMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMWXXWMMMMMMMMMMMMMMMMMMMMMMMMWd;xWXO0OO0NMNo,OMWXXWMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMKOXMMMMMMMMMMMMMMMMMMMMMMMMMMKc;kXNWNWMWXd;oNMMN0KMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMM0kNMMMMMMMMMMMMMMMMMMMMMMMMMMMXd:ldkOOkoc:xNMMMWOOWMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMOdKMMMMMMMMMMMMMMMMMMMMMMMMMMMMWXOdooodx0NMMMMMNxkWMMMMMMMMMMMMMMMMMMMMMMMM +;MMMMMMMMMMMMMMMMMMMMMMMMMXoxNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWkoKMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMW0ldXMMMMMMMMMMMMMMWWNXXWWNXNWWMMMMMMMMMMMMMMNxlOWMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMWKocd0NWMMMMMWNKkoc;'.;dx:.';cok0NWMMMMMWNKxcl0WMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMNOocccllool:,. .;oo:.. .':looollcclONMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWNKkxocc::::cloxOKXNNNKOxdlc:::::codk0NWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWMMMMMMMMMMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +;;MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +