more cleanup

2022-01-26 23:35:07 +01:00 · 2022-01-26 23:35:07 +01:00 · 4cb4fca66a
parent f806bc35f5
commit 4cb4fca66a
76 changed files with 295 additions and 12029 deletions
--- a/README.md
+++ b/README.md
@ -44,4 +44,6 @@ How to see which websites you're actively accessing:
 This started as a few personal notes, and will probably continue to look like that for some time.
 It's a bit of a mess.
-Systemd is taken as a default.  Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
+Systemd is taken as a default.
 Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
--- a/data/git.md
+++ b/data/git.md
@ -10,7 +10,7 @@ tags: [ "Documentation", "data" ]
 > git config --global user.name "Malin Freeborn" 
-## New Git
+# New Git
 Start a git:
--- a/data/groff.md
+++ b/data/groff.md
@ -1,6 +1,6 @@
 ---
 title: "groff"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
 # Basic Documents
--- a/data/khard.md
+++ b/data/khard.md
@ -1,6 +1,6 @@
 ---
 title: "khard"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
 Get the basic config:
--- a/data/taskwarrior/archtask.sh
+++ b/data/taskwarrior/archtask.sh
@ -1,57 +0,0 @@
 #!/bin/bash
 export TASKDDATA=/var/lib/taskd
 echo Change CN to hostname
 sleep 2
 sudo vim /usr/share/doc/taskd/pki/vars
 cd /usr/share/doc/taskd/pki/
 sudo ./generate
 mkdir -p $TASKDDATA
 cp *.pem $TASKDDATA
 chown -R root /var/lib/taskd
 sudo cp *pem $TASKDDATA
 chown -R taskd:taskd $TASKDDATA
 taskd config "$user".cert=/var/lib/taskd/client.cert.pem
 taskd config "$user".key=/var/lib/taskd/client.key.pem
 taskd config "$(hostname)".cert=/var/lib/taskd/server.cert.pem
 taskd config "$(hostname)".key=/var/lib/taskd/server.key.pem
 taskd config "$(hostname)".crl=/var/lib/taskd/server.crl.pem
 taskd config ca.cert=/var/lib/taskd/ca.cert.pem
 taskd config --force server $(hostname):53589
 systemctl start taskd
 echo name a group
 read group
 echo name user
 read user
 taskd add org $group
 taskd add user $group $user
 ./generate.client $user
 echo "
 taskd.server=alfred:port
 taskd.credentials=$group/$user/key
 taskd.certificate=~/.task/'$user'.cert.pem
 taskd.key=~/.task/'$user'.key.pem
 taskd.ca=~/.task/ca.cert.pem" >> /var/lib/taskd/config
 tar cf $user.tar "$user"* ca.cert.pem
--- a/data/taskwarrior/task.md
+++ b/data/taskwarrior/task.md
@ -1,7 +1,58 @@
 ---
 title: "task"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Organization" ]
 ---
 Set up the configuration file:
 > task
 Add a task:
 > task add update linux
 See which task is next:
 > task next
 Note the id number.
 Mark a task as started:
 > task start 1
 Once finished:
 > task 1 done
 # Projects
 Add a project:
 > task add project:house buy potted plant
 > task add proj:house.repair buy screwdriver
 > task add proj:house.repair buy shelf brackets
 > task add pro:house.paint buy white paint
 > task add pro:house.paint buy red paint
 > task add pro:house.paint buy black paint
 > task add pro:house.paint buy brushes
 ## Summary
 > task pro:house sum
 > task burndown.daily pro:house
 The summaries will show how fast a project is being completed, and when you can expect it to finish at the present rate.
 # Tags
 > task add +buy toothbrush
 You can then see only tasks which involve buying something with:
 > task +buy
 # Contexts
 Set three contexts by their tags:
@ -26,16 +77,6 @@ View list of tasks completed in the last week:
 > task end.after:today-1wk completed
 # Timewarrior
 > timew start ed 'learn timewarrior'
 > timew stop
 > timew summary
 > timew tags
 # User Defined Attributes
 Make a UDA 'size'.
@ -48,3 +89,11 @@ Make a UDA 'size'.
 > uda.size.default=medium
 # Tricks
 This command shows tasks I'm most interested in:
 > task next +ACTIVE or +OVERDUE or due:today or scheduled:today or pri:H
 The command is long, so `alias` is your friend.
--- a/data/taskwarrior/taskd.md
+++ b/data/taskwarrior/taskd.md
@ -1,183 +0,0 @@
 ---
 title: "taskd"
 tags: [ "Documentation", "data" ]
 ---
 (instructions currently not working)
 Switch to root to make things easier.
 > yay -S
 > export TASKDDATA=/var/lib/taskd
 Edit `/usr/share/doc/taskd/pki/vars` so that ``CN'' = the hostname (IP is fine).
 > cd /usr/share/doc/taskd/pki
 Execute the `generate` file to generate a selfsigned certificate for the server.  These will be \*.pem-files.  Copy all \*.pem-files to /var/lib/taskd.
 Make sure a copy of ca.cert.pem remains to generate user-certificates later.
 # Taskd Configurations
 > taskd config --force client.cert $TASKDDATA/client.cert.pem
 > taskd config --force client.key $TASKDDATA/client.key.pem
 > taskd config --force server.cert $TASKDDATA/server.cert.pem
 > taskd config --force server.key $TASKDDATA/server.key.pem
 > taskd config --force server.crl $TASKDDATA/server.crl.pem
 > taskd config --force ca.cert $TASKDDATA/ca.cert.pem
 # Change Taskd Log Location
 The default is /tmp/log, which obviously you don't want.
 > touch /var/log/taskd.log
 > chown taskd:taskd /var/log/taskd.log
 > taskd config --force log /var/log/taskd.log
 Finally, set up the servername - the same one as in the certificates.  Mine is ``testarch''.
 > taskd config --force server testarch:9001
 # Adding users
 Let's add the group ``home'', then the user ``ghost'', will go in that group.
 > taskd add org home
 > taskd add user home ghost
 `3f9e6154-25cb-4e45-88bb-45e98feef904`
 > taskd add user home alfred
 `4fbb319c-c493-437a-ab7a-028f5b75e522`
 The user then gets a key.
 Finally, make sure that taskd can read its own data>
 > chown -R taskd:taskd /var/lib/taskd/orgs
 ... or perhaps the entire directory of /var/lib/taskd/.
 Then it's back to /usr/share/doc/taskd/pki 
 Generate some userfiles:
 > ./generate.client ghost
 > ./generate.client alfred
 The bob and ghost \*pem files have to be added to the given users' home directories.
 # Setting up Users
 > sudo apt-get install taskwarrior taskd
 > task
 Then move the \*pem files into the .task directory of the user.
 Don't forget to add the ca.key.pem from `/usr/share/doc/taskd/pki`!
 # Attempt 2
 Well, none of that worked.
 New info from [taskwarrior](https://gitpitch.com/GothenburgBitFactory/taskserver-setup#/1/4)
 Default port = 53589
 starting with
 > taskd init
 > taskd config server localhost:53589
 View supported settings with `taskdrc`.
 !!! Start with taskdctl start
 Do a non-daemon version with 
 > taskd server --data $TASKDDATA --daemon
 # Systemd Unit file
 This needs to be edited for "$TASKDDATA", "$TASKDUSER", and "$TASKDGROUP".
 ```
 Unit]
 Description=Secure server providing multi-user, multi-client access to Taskwarrior data
 Requires=network.target
 After=network.target
 Documentation=http://taskwarrior.org/docs/#taskd
 [Service]
 ExecStart=/usr/local/bin/taskd server --data $TASKDDATA
 Type=simple
 User=$TASKDUSER
 Group=$TASKDGROUP
 WorkingDirectory=$TASKDDATA
 PrivateTmp=true
 InaccessibleDirectories=/home /root /boot /opt /mnt /media
 ReadOnlyDirectories=/etc /usr
 [Install]
 WantedBy=multi-user.target
 ```
 Enable all this by copying the file to `/etc/systemd/system`, reload daemon, then start it.
 Key for ghost:
 29bd8a06-2cc0-4163-905d-6216257a3031
 e29bffe0-72d8-45f2-b1f9-f29397cfab16
 # Different:
 $ task config taskd.certificate -- ~/.task/first_last.cert.pem
 $ task config taskd.key         -- ~/.task/first_last.key.pem
 $ task config taskd.ca          -- ~/.task/ca.cert.pem
 # Trust
 For troubleshooting we can set:
 > taskd.trust=ignore [hostname]
 > taskd.trust=allow all
 > taskd.trust=strict
 # User Defines Attributes - UDA
 Each UDA has two to four attributes: type (numeric or string) and label are necessary:
 > task config uda.THING.type {numeric,string}
 > task config uda.THING.label Thg
 Constrain these attributes to a comma-delineated set with:
 > task config uda.THING.values brown,orange,green
 You can also show how important the Attribute makes something:
 > urgency.uda.THING.coefficient=2.8
 # Aliases
 Alias `delete' to `rm' with:
 task config alias.rm delete
--- a/data/taskwarrior/taskd.sh
+++ b/data/taskwarrior/taskd.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 # script currently not working
 export TASKDDATA=/var/lib/taskd
 sudo mkdir -p $TASKDDATA
 sudo chown taskd:$(whoami) $TASKDDATA
 sudo chmod 775 $TASKDDATA
 cp -r /usr/share/doc/taskd/pki/ $TASKDDATA
 cd $TASKDDATA/pki
 sed -i s/localhost/$(hostname -f)/ vars
 ./generate
 cp client.cert.pem $TASKDDATA
 cp client.key.pem  $TASKDDATA
 cp server.cert.pem $TASKDDATA
 cp server.key.pem  $TASKDDATA
 cp server.crl.pem  $TASKDDATA
 cp ca.cert.pem     $TASKDDATA
 taskd config --force client.cert $TASKDDATA/client.cert.pem
 taskd config --force client.key  $TASKDDATA/client.key.pem
 taskd config --force server.cert $TASKDDATA/server.cert.pem
 taskd config --force server.key  $TASKDDATA/server.key.pem
 taskd config --force server.crl  $TASKDDATA/server.crl.pem
 taskd config --force ca.cert     $TASKDDATA/ca.cert.pem
 cd $TASKDDATA/..
 taskd config --force log $PWD/taskd.log
 taskd config --force pid.file $PWD/taskd.pid
 taskd config --force server $(hostname -f):53589
 taskd add org public
 # 1515de89-cc81-4af6-a6a4-41c1430620b0
 journalctl -u taskd
--- a/data/taskwarrior/timew.md
+++ b/data/taskwarrior/timew.md
@ -1,11 +1,7 @@
 ---
 title: "timew"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
 # Setup
 Below commands mostly deal with timew alone.  With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
 # Summaries
 Try:
@ -153,3 +149,8 @@ with:
 > python timew-dbcorrections.py
 # Setup
 With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
 This will track the time of any tasks used with [taskwarrior](task.md).
--- a/distros/arch/pi-hole-server.md
+++ b/distros/arch/pi-hole-server.md
@ -1,49 +0,0 @@
 ---
 title: "pi-hole-server"
 tags: [ "Documentation", "distros" ]
 ---
 > yay -S pi-hole-server
 > sudo systemctl enable --now pihole-FTL
 > sudo systemctl disable --now systemd-resolved
 Add yourself as a pihole user, then logout, and log back in.
 > sudo usermod -aG pihole $USER
 Remove that google dns server.
 > pihole -a setdns 9.9.9.9 1.0.0.1
 Disable pihole password by setting a blank password.
 > pihole -a -p
 Get a new list of blocked domains, then reload:
 > pihole -g -r
 Every so often, run `pihole -g` again (perhaps put it in crontab).
 # Configure cloudflare DNS
 This is optional.
 > yay -S cloudflared-bin
 echo "proxy-dns: true
 proxy-dns-upstream:
 - https://1.0.0.1/dns-query
 - https://1.1.1.1/dns-query
 - https://2606:4700:4700::1111/dns-query
 - https://2606:4700:4700::1001/dns-query
 proxy-dns-port: 5053
 proxy-dns-address: 0.0.0.0" > /etc/cloudflared/cloudflared.yml
 echo "
 PRIVACYLEVEL=0
 IGNORE_LOCALHOST=no
 AAAA_QUERY_ANALYSIS=yes
--- a/distros/arch/problems.md
+++ b/distros/arch/problems.md
@ -1,9 +0,0 @@
 ---
 title: "problems"
 tags: [ "Documentation", "distros" ]
 ---
 Broken Xorg
 > sudo X -configure
--- a/distros/redhat/Oracle/basics.md
+++ b/distros/redhat/Oracle/basics.md
@ -1,6 +1,6 @@
 ---
 title: "basics"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 > cd /etc/yum.repos.d/
--- a/distros/redhat/npm.md
+++ b/distros/redhat/npm.md
@ -1,6 +1,6 @@
 ---
 title: "npm"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 package.json is the basic configuration file.
--- a/distros/redhat/yum.md
+++ b/distros/redhat/yum.md
@ -1,6 +1,6 @@
 ---
 title: "yum"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 # Overview
@ -22,5 +22,3 @@ Major features: reliable, shit package selection.
 yum remove [package1] [package2]
--- a/distros/void/install.sh
+++ b/distros/void/install.sh
@ -1,13 +0,0 @@
 #!/bin/bash
 [ -z $1 ] && X=a || X=$1
 ls /dev/sd"$X"2 || exit 1
 mount /dev/sd"X"1 /mnt 
 mkdir /mnt/boot
 for dir in dev proc sys; do
 	mkdir /mnt/$dir
 	mount --rbind /$dir /mnt/$dir
 done
 xbps-install -Sy -r /mnt base-system grub vim
--- a/distros/void/virtualization/lxc.md
+++ b/distros/void/virtualization/lxc.md
@ -1,6 +1,6 @@
 ---
 title: "lxc"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 LXC creates miniature virtual machines to play with.
--- a/networking/basics.md
+++ b/networking/basics.md
@ -1,6 +1,6 @@
 ---
 title: "basics"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # You
@ -53,12 +53,12 @@ The starting numbers tell you about the address. You just have to memorize the m
 |:---:|:---:|
 | 127.X | The computer's name for itself, for when you want to ssh into your own machine |
 | ::1/128 | Same thing, with ipv6 |
-| 192.168.X | A small network address, given by a DHCP server (possibly your router) |
+| 192.168.X | A small Network address, given by a DHCP server (possibly your router) |
 | 169.X | The interface to the internet wasn't given an ip address, so it's made up its own |
 # `arp-scan`
-Look around your local network with `arp-scan`.
+Look around your local Network with `arp-scan`.
 > sudo arp-scan -l
@ -85,7 +85,7 @@ Mac addresses are easy to fake, so don't trust this output to keep you safe.
 # `nmap`
-Look around your entire network from 192.168.0.1 to 192.168.0.255:
+Look around your entire Network from 192.168.0.1 to 192.168.0.255:
 > sudo nmap -F 192.168.0.1/24
--- a/networking/dns.md
+++ b/networking/dns.md
@ -1,27 +0,0 @@
 ---
 title: "dns"
 tags: [ "Documentation", "networking" ]
 ---
 # Designate DNS
 On Debian, a file might gain DNS services by adding the following to /etc/network/interfaces:
 ```
 auto eth0
 iface eth0 inet static 
   address 10.0.0.23
   netmast 255.255.255.0
   gateway 10.0.0.1
   dns-nameservers 208.67.222.222 208.67.220.220
   dns-search example.com
 ```
 # URL Aliases
 To change where hosts go, edit /etc/hostnames.  You can enter, e.g.:
 `54.239.25.200 www.amazon.com a`
 ... which then means simply the letter 'a' will lead you to amazon.com.
--- a/networking/fail2ban.md
+++ b/networking/fail2ban.md
@ -1,6 +1,6 @@
 ---
 title: "fail2ban"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # SSH Daemon Jail
--- a/networking/graph-easy/troubleshooting.map
+++ b/networking/graph-easy/troubleshooting.map
@ -1,5 +1,28 @@
 Set up a file like this, called `troubleshooting.txt`.
 ```
 [ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
 [ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
 [ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
 [ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
 [ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
 [ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
 ```
 Then translate it with:
 > graph-easy troubleshooting.txt --as boxart
 ```
 ┌────────────┐     ┌─────────────────────────┐  yes   ┌────────────────────────────────────┐  yes   ┌─────────────────────────────┐  yes   ┌────────────┐
-│ no network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
+│ no Network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
 └────────────┘     └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘        └────────────┘
                     │                                  │                                             │
                     │ no                               │ no                                          │ no
@ -7,3 +30,18 @@
                   ┌─────────────────────────┐        ┌────────────────────────────────────┐        ┌─────────────────────────────┐
                   │ Check NIC driver, dmesg │        │ Check cables, router, and switches │        │   Trying pinging 8.8.8.8    │
                   └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘
 ```
 Many options allow different displays.
 Try placing this in a file:
 ```
 [ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
 [ One ] => { arrow-style: closed; } [ Three ]
 [ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
 [ One ] .. Test\n label ..> [ Four ]
 [ Three ] { border-style: dashed; }
 .. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
 [ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
 [ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
 [ no Network ] --> [ Is there an IP address? ]
 ```
--- a/networking/graph-easy/example.txt
+++ b/networking/graph-easy/example.txt
@ -1,12 +0,0 @@
 [ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
 [ One ] => { arrow-style: closed; } [ Three ]
 [ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
 [ One ] .. Test\n label ..> [ Four ]
 [ Three ] { border-style: dashed; }
 .. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
 [ Seven ] -- [ Eight ]
 [ Five ] --> [ Eight ]
 [ Five ] --> [ Seven ]
 [ Two ] -> [ Four ]
 [ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
 [ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
--- a/networking/graph-easy/troubleshooting-map
+++ b/networking/graph-easy/troubleshooting-map
@ -1,15 +0,0 @@
 [ no network ] --> [ Is there an IP address? ]
 [ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
 [ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
 [ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
 [ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
 [ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
 [ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
--- a/networking/iptables.md
+++ b/networking/iptables.md
@ -1,6 +1,6 @@
 ---
 title: "iptables"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Intro
@ -24,7 +24,7 @@ Let's 'A'dd, or 'A'ppend a rule with -A.  Let's drop all input from a nearby IP
 > iptables -A INPUT -s 192.168.0.23 -j DROP
-Or we can block all input from a particular port on the full network.
+Or we can block all input from a particular port on the full Network.
 > iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
@ -55,3 +55,26 @@ Flush all existing rules with:
 > iptables -F
 # Examples
 ```
 # Allow all loopback (lo0) traffic and drop all traffic to 127/8
 # that doesn't use lo0
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A OUTPUT -o lo -j ACCEPT
 iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
 # Allow established sessions to receive traffic
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # Allow ICMP pings
 iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
 # Allow SSH remote
 iptables -I INPUT -p tcp --dport 22 -j ACCEPT
 # Reject all other inbound connections
 iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
 iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
 ```
--- a/networking/iptables/examples.sh
+++ b/networking/iptables/examples.sh
@ -1,19 +0,0 @@
 #!/bin/sh
 # Allow all loopback (lo0) traffic and drop all traffic to 127/8
 # that doesn't use lo0
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A OUTPUT -o lo -j ACCEPT
 iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
 # Allow established sessions to receive traffic
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # Allow ICMP pings
 iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
 # Allow SSH remote
 iptables -I INPUT -p tcp --dport 22 -j ACCEPT
 # Reject all other inbound connections
 iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
 iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
--- a/networking/iptables/iptables.md
+++ b/networking/iptables/iptables.md
@ -1,56 +0,0 @@
 ---
 title: "iptables"
 tags: [ "Documentation", "networking" ]
 ---
 # Intro
 This is a basic Linux firewall program.
 Look at your firewalls:
 > iptables -L
 We see the output of input, output and forwarding rules.
 # Forward
 I don't need any forwarding, so I'm going to drop all forwarding:
 > iptables -P FORWARD DROP
 # Input
 Let's 'A'dd, or 'A'ppend a rule with -A.  Let's drop all input from a nearby IP 
 > iptables -A INPUT -s 192.168.0.23 -j DROP
 Or we can block all input from a particular port on the full network.
 > iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
 > iptables -A INPUT --dport 80 -j ACCEPT
 This allows http traffic to an Apache web server over port 80.
 However, rules are accepted in order - so a packet cannot be rejected and then accepted.
 To delete rule 2 from the INPUT chain:
 > iptables -D INPUT 3
 Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
 > iptables -I INPUT -s 192.168.0.13 DROP
 # Catchalls
 Catchall rules state that anything which is not permitted is forbidden.  They must be allowed last.
 # -Jurice-Diction
 The -j flag accepts ACCEPT/REJECT/DROP.  The last two are identical except that "REJECT" acknowledges the rejection.
 Flush all existing rules with:
 > iptables -F
--- a/networking/ldap/guide.html
+++ b/networking/ldap/guide.html
--- a/networking/nmap.md
+++ b/networking/nmap.md
@ -1,6 +1,6 @@
 ---
 title: "nmap"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Example:
--- a/networking/pi-hole-server.md
+++ b/networking/pi-hole-server.md
@ -0,0 +1,56 @@
 ---
 title: "pi-hole-server"
 tags: [ "Documentation", "Distros" ]
 ---
 # Installation
 ## Arch
 > yay -S pi-hole-server
 > sudo systemctl enable --now pihole-FTL
 > sudo systemctl disable --now systemd-resolved
 > sudo rm -f /dev/shm/FTL-\*
 ## Debian
 Debian has a long, boring setup.
 > sudo apt-get install wget curl net-tools gamin lighttpd lighttpd-mod-deflate
 > curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash
 # Setup
 > sudo usermod -aG pihole $USER
 Remove that google dns server.
 > pihole -a setdns 9.9.9.9 1.0.0.1
 Disable pihole password by setting a blank password.
 > pihole -a -p
 Get a new list of blocked domains, then reload:
 > pihole -g -r
 Every so often, run `pihole -g` again (perhaps put it in crontab).
 ## Check the Pihole
 Observe the pihole's output while you ask it a question:
 > pihole -t
 Then ask the question from another computer:
 > dig @[ pihole ip ] archlinux.org
 ## System-Wide Setup
 To make the pihole work for the entire Network, enter your router and set the DNS server as nothing but your pihole.
--- a/networking/pihole/pihole.md
+++ b/networking/pihole/pihole.md
@ -1,30 +0,0 @@
 ---
 title: "pihole"
 tags: [ "Documentation", "networking" ]
 ---
 View DNS traffic
 > pihole -t
 Change password 
 > pihole -a -p
 Get new list of cancer
 > pihole -g
 Change upstream DNS
 > sudo vim /etc/dnsmasq/01-pihole.conf
 ## Troubleshooting
 > sudo usermod -aG pihole $USER
 > sudo systemctl stop systemd-resolved
 > sudo rm -f /dev/shm/FTL-*
 > pihole -g -r
--- a/networking/pip.md
+++ b/networking/pip.md
@ -1,8 +1,14 @@
 ---
 title: "pip"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Searching does not work.
 Install with:
 > pip install [ package ]
 Upgrade all packages
 > pip freeze --local | grep -v '^\-e' | cut -d = -f 1  | xargs -n1 pip install -U
--- a/networking/protocols.md
+++ b/networking/protocols.md
@ -1,6 +1,6 @@
 ---
 title: "protocols"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Protocols
@ -16,7 +16,7 @@ tags: [ "Documentation", "networking" ]
 ## IPv4
-Three address ranges pertain only to private networks, so no computer looks beyond the local router to resolve them:
+Three address ranges pertain only to private Networks, so no computer looks beyond the local router to resolve them:
 10.0.0.0	to	10.255.255.255
@ -24,7 +24,7 @@ Three address ranges pertain only to private networks, so no computer looks beyo
 192.168.0.0	to	192.168.255.255
-In theory, networks should fall within one of 3 ranges, depending upon their first octet:
+In theory, Networks should fall within one of 3 ranges, depending upon their first octet:
 Class A	1-127
@ -63,13 +63,13 @@ Add an interface to a device as so:
 > sudo ip a add 192.168.0.15/255.255.255.0 dev eth1
-See network interfaces available on Fedora with:
+See Network interfaces available on Fedora with:
-> less /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
+> less /etc/sysconfig/Network-scripts/ifcfg-enp2s0f0
 or on Debian with:
-> less /etc/network/interfaces
+> less /etc/Network/interfaces
 Mostly, interfaces will receive automatic addresses from a DHCP server.  If this hasn't happened for you, you can request a dhcp address with:
--- a/networking/rclone.md
+++ b/networking/rclone.md
@ -1,6 +1,6 @@
 ---
 title: "rclone"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 The manpage's 'Synopsis' provides a fast reference.
--- a/networking/screen.md
+++ b/networking/screen.md
@ -1,6 +1,6 @@
 ---
 title: "screen"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 start session: screen
@ -46,8 +46,10 @@ Screens have a list of commands to send
 ------Example----------
 Start a new session with 'screen -S base' (which calls that session 'base').  Make a horizontal split with ^|, move into it with ^tab then create a new screen with ^c in that second split.  The new screen can be named with ^A as 'music' before entering cmus.  Next up, visualizations with vis in another screen.  ^S makes a horizontal split and you can switch into that with ^tab to name is 'visualizations' and start vis.  Switch back to the first screen and make another horizontal split and a screen in there with the name 'reading'.  Inside reading you type ^? to get a list of useless screen commands.  Reading can then be detatched with ^d and the horizontal split destroyed with ^X.
-	Those visualizations should be larger, so we enlarge them with Ctrl+: to send the command resize 50 and :resize -h 100.
+
-	Once done with reading, you can destroy it wil ^k then destroy the lot once done with ^\.  Outside the screens entirely you can ensure complete death with 'killall screen'.
+Those visualizations should be larger, so we enlarge them with Ctrl+: to send the command resize 50 and :resize -h 100.
 Once done with reading, you can destroy it wil ^k then destroy the lot once done with ^\.  Outside the screens entirely you can ensure complete death with 'killall screen'.
 ----------------------
--- a/networking/servers/agate.md
+++ b/networking/servers/agate.md
@ -1,6 +1,6 @@
 ---
 title: "agate"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Make sure your dns is in order.
 My domain name is `belgradecats.tk`, so put your own in there.
@ -31,7 +31,7 @@ Make a service file.
 ```
 [Unit]
 Description=agate
-After=network.target
+After=Network.target
 [Service]
 User=gemini
--- a/networking/ssh/sshfs.md
+++ b/networking/ssh/sshfs.md
@ -1,6 +1,6 @@
 ---
 title: "sshfs"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Mount 
--- a/networking/ssh/tricks.md
+++ b/networking/ssh/tricks.md
@ -1,6 +1,6 @@
 ---
 title: "tricks"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Mount a remote filesystem locally with fuse-sshfs:
--- a/networking/tor.md
+++ b/networking/tor.md
@ -1,6 +1,6 @@
 ---
 title: "tor"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Get a hostname
--- a/networking/transmission.md
+++ b/networking/transmission.md
@ -1,6 +1,6 @@
 ---
 title: "transmission"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Torrench
--- a/networking/troubleshooting.md
+++ b/networking/troubleshooting.md
@ -1,11 +1,11 @@
 ---
 title: "troubleshooting"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Do you have an IP?
-If not, try checking out what your local networking interfaces are, then check if they have been picked up:
+If not, try checking out what your local Networking interfaces are, then check if they have been picked up:
 > dmesg | grep eth0
@ -13,8 +13,7 @@ If not, try checking out what your local networking interfaces are, then check i
 > netstat -l
-... or maybe narrow it down to http:
+...or maybe narrow it down to http:
 > netstat -l | grep http
--- a/networking/troubleshooting.txt
+++ b/networking/troubleshooting.txt
@ -1,9 +0,0 @@
 ┌────────────┐     ┌─────────────────────────┐  yes   ┌────────────────────────────────────┐  yes   ┌─────────────────────────────┐  yes   ┌────────────┐
 │ no network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
 └────────────┘     └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘        └────────────┘
                     │                                  │                                             │
                     │ no                               │ no                                          │ no
                     ∨                                  ∨                                             ∨
                   ┌─────────────────────────┐        ┌────────────────────────────────────┐        ┌─────────────────────────────┐
                   │ Check NIC driver, dmesg │        │ Check cables, router, and switches │        │   Trying pinging 8.8.8.8    │
                   └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘
--- a/networking/website/nginx.md
+++ b/networking/website/nginx.md
@ -1,6 +1,6 @@
 ---
 title: "nginx"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Install nginx:
--- a/networking/wifi.md
+++ b/networking/wifi.md
@ -1,6 +1,6 @@
 ---
 title: "wifi"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Netstat Stuff
@ -50,19 +50,21 @@ This tells you that your ESSID is 'Gandalf WajFaj', and the access point name is
 > nmcli radio
-	You get an overview of your radio devices.  You're told that eth0 deals with your ethernet and wlan0 deals with wifi.  wlan0 is a file which represents your wifi device.
+You get an overview of your radio devices.
 You're told that eth0 deals with your ethernet and `wlan0` deals with wifi.
 `wlan0` is a file which represents your wifi device.
 > nmcli wlan0 wifi rescan
 > nmcli device wifi list
-	Now to connect.
+Now to connect.
 > nmcli device wifi connect [SSID] [your password] [wifi password]
-	Alternatively, you can use
+Alternatively, you can use
 > nmcli -ask device wifi connect [SSID]
-	And it'll ask for your password, so you're not typing it in in full view.
+And it'll ask for your password, so you're not typing it in in full view.
--- a/networking/wireless.md
+++ b/networking/wireless.md
@ -1,6 +1,6 @@
 ---
 title: "wireless"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Check wifi's working
--- a/networking/wpa_supplicant.md
+++ b/networking/wpa_supplicant.md
@ -1,6 +1,6 @@
 ---
 title: "wpa_supplicant"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 wpa_supplicant configurations are stored in /etc/wpa_supplicant/wpa_supplicant-wlan0 (or equivalent).
@ -33,23 +33,23 @@ This has a number of commands to input.  In order:
 > scan_results
-> add_network
+> add_Network
-This outputs a network number, e.g. '3'.  This is the new network you'll work with.
+This outputs a Network number, e.g. '3'.  This is the new Network you'll work with.
-> set_network 3 ssid "Kosachok Cafe"
+> set_Network 3 ssid "Kosachok Cafe"
-> set_network 3 psk "Kosachok2019"
+> set_Network 3 psk "Kosachok2019"
 OR
-> set_network 3 key_mgmt NONE
+> set_Network 3 key_mgmt NONE
-> enable_network 3
+> enable_Network 3
 > save_config
-... and possibly:
+...and possibly:
 > sudo sv restart dhcpcd 
@ -57,4 +57,3 @@ or maybe:
 > dhcpd wlp3s0 
--- a/sound/basics.md
+++ b/sound/basics.md
@ -1,8 +1,9 @@
 ---
 title: "basics"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Pulse
 If you have pulse, use pulse.
 Check with `which pulseaudio`. No output means you need to use alsa (below).
@ -19,11 +20,11 @@ Find working outputs:
 Surround.5 seems best.
-# Find what sound settings exist
+# Find what Sound settings exist
 amixer scontrols
-# Change a sound setting
+# Change a Sound setting
 > amixer set Master 5%-
@ -49,8 +50,8 @@ Start with:
 > alsamixer
-Then press `F6` to see available sound cards.
+Then press `F6` to see available Sound cards.
-If you find a sound card called 'PinePhone', then you can select an audio source there, and adjust with:
+If you find a Sound card called 'PinePhone', then you can select an audio source there, and adjust with:
 > amixer -c PinePhone set 'Headphone' 50%
--- a/sound/festival.md
+++ b/sound/festival.md
@ -1,6 +1,6 @@
 ---
 title: "festival"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Basics
--- a/sound/ffmpeg.md
+++ b/sound/ffmpeg.md
@ -1,6 +1,6 @@
 ---
 title: "ffmpeg"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Basics 
--- a/sound/mpd.md
+++ b/sound/mpd.md
@ -1,6 +1,6 @@
 ---
 title: "mpd"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Setup
--- a/sound/ncmpcpp.md
+++ b/sound/ncmpcpp.md
@ -1,6 +1,6 @@
 ---
 title: "ncmpcpp"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Music Player Daemon
--- a/sound/youtube-dl.md
+++ b/sound/youtube-dl.md
@ -1,6 +1,6 @@
 ---
 title: "youtube-dl"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 > youtube-dl --write-auto-sub <URL>
--- a/system/X.md
+++ b/system/X.md
@ -1,6 +1,6 @@
 ---
 title: "X"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 X is a server which listens to requests for display.
--- a/system/android.md
+++ b/system/android.md
@ -1,6 +1,6 @@
 ---
 title: "android"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # mtpfs
--- a/system/awk.md
+++ b/system/awk.md
@ -1,6 +1,6 @@
 ---
 title: "awk"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Basics
--- a/system/bash_tricks.md
+++ b/system/bash_tricks.md
@ -1,6 +1,6 @@
 ---
 title: "bash_tricks"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Automatic mp3 Tagging
--- a/system/character-encoding.md
+++ b/system/character-encoding.md
@ -1,6 +1,6 @@
 ---
 title: "character-encoding"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Convert a text file from one encoding type to another with:
--- a/system/compression.md
+++ b/system/compression.md
@ -1,6 +1,6 @@
 ---
 title: "compression"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Tar
--- a/system/cronie.md
+++ b/system/cronie.md
@ -1,6 +1,6 @@
 ---
 title: "cronie"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Various services from cron exist, e.g.
@ -9,7 +9,7 @@ Various services from cron exist, e.g.
 start the cronie with
-> sudo systemctl start cronie
+> sudo Systemctl start cronie
 start a cron with 
--- a/system/e-mail.md
+++ b/system/e-mail.md
@ -1,6 +1,6 @@
 ---
 title: "e-mail"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Terminology
--- a/system/editors.md
+++ b/system/editors.md
@ -1,8 +1,8 @@
 ---
 title: "editors"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
-The system's default text editor can be defined within /etc/profile.  It's given the variable `EDITOR`.
+The System's default text editor can be defined within /etc/profile.  It's given the variable `EDITOR`.
 Add these lines to /etc/profile:
--- a/system/elvish.md
+++ b/system/elvish.md
@ -1,6 +1,6 @@
 ---
 title: "elvish"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Setup
 To run a shell as non-root, the shell must be listed in /etc/shells.
--- a/system/kernel.md
+++ b/system/kernel.md
@ -1,6 +1,6 @@
 ---
 title: "kernel"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Check which kernet modules are loaded into memory
--- a/system/logs.md
+++ b/system/logs.md
@ -1,6 +1,6 @@
 ---
 title: "logs"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Basic
--- a/system/mdadm.md
+++ b/system/mdadm.md
--- a/system/partitions.md
+++ b/system/partitions.md
@ -1,6 +1,6 @@
 ---
 title: "partitions"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # FDisk Basics
@ -27,7 +27,7 @@ Note the asterisk marking the boot partition.
 fdisk will not help with a GPT formatted drive.  For this, use gdisk, which is mostly the same.
-Now that we have a partition, we can make it into a filesystem.  Most will use:
+Now that we have a partition, we can make it into a fileSystem.  Most will use:
 > sudo mkfs -t ext4 /dev/sdc1
@ -35,7 +35,7 @@ or if you're making a swap partition, you can use:
 > sudo mkswap /dev/sdb2
-or for the reiser filesystem, we can use:
+or for the reiser fileSystem, we can use:
 > sudo mkreiserfs /dev/sdc2
@ -65,7 +65,7 @@ or  divide things by inode - the thing which records where files are?
 > df -i
-Examine a filesystem with:
+Examine a fileSystem with:
 > sudo dumpe2fs /dev/sda1 | less
@ -78,12 +78,12 @@ This will check sda1 every 30 boots.  It can also be checked every month.
 > sudo tune2fs -i 1m /dev/sda1
-This thing can also make a new label for the system:
+This thing can also make a new label for the System:
 > sudo tune2fs -L new_name /dev/sdb3
 # Repair
-Start by unmounting the filesystem.
+Start by unmounting the fileSystem.
 > sudo umount /dev/sdc1
@ -112,15 +112,15 @@ or if you don't know the type, just try the lot:
 # File Systems
 xfs and zfs can only be expanded.
-# Shrink Filesystem
+# Shrink FileSystem
 NB: When I followed these instructions, the process destroyed my data. Seemed fine on the YouTube video.
-Check the filesystem's health:
+Check the fileSystem's health:
 > sudo e2fsck -f /dev/sdb1
-Resize the file system to something smaller than what you want, so here I want 500G and so I resize to 450 G.
+Resize the file System to something smaller than what you want, so here I want 500G and so I resize to 450 G.
 > resize2fs /dev/sdb1 450G
@ -130,7 +130,7 @@ Then delete the partition with either gdisk or fdisk, depending upon the layout.
 > d
-Then make a new filesystem of the desired type with:
+Then make a new fileSystem of the desired type with:
 > n
--- a/system/snaps.md
+++ b/system/snaps.md
@ -1,6 +1,6 @@
 ---
 title: "snaps"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 > sudo apt-get purge -y snapd
--- a/system/systemd/journal.md
+++ b/system/systemd/journal.md
@ -1,6 +1,6 @@
 ---
 title: "journal"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---
 Find errors since November
--- a/system/systemd/making-services.md
+++ b/system/systemd/making-services.md
@ -1,6 +1,6 @@
 ---
 title: "Making Services"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---
 # Basics
--- a/system/systemd/users.md
+++ b/system/systemd/users.md
@ -1,6 +1,6 @@
 ---
 title: "users"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---
 # Automatic Login
--- a/system/tmux.md
+++ b/system/tmux.md
@ -1,6 +1,6 @@
 ---
 title: "tmux"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Start with:
--- a/system/upx.md
+++ b/system/upx.md
@ -1,6 +1,6 @@
 ---
 title: "upx"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 upx compresses binaries, so they take up less disk space, but take longer to start.
--- a/system/urxvt.md
+++ b/system/urxvt.md
@ -1,5 +1,5 @@
 ---
 title: "urxvt"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Perl scripts typically kept in /usr/lib/urxvt/perl
--- a/system/wine.md
+++ b/system/wine.md
@ -1,5 +1,5 @@
 ---
 title: "wine"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 maybe run \n> sudo dpkg --add-architecture i386
--- a/system/xdg.md
+++ b/system/xdg.md
@ -1,6 +1,6 @@
 ---
 title: "xdg"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 What filetype is this file?
--- a/system/xkbmap.md
+++ b/system/xkbmap.md
@ -1,6 +1,6 @@
 ---
 title: "xkbmap"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Language Layouts
--- a/virtualization/virtualbox.md
+++ b/virtualization/virtualbox.md
@ -1,6 +1,6 @@
 ---
 title: "virtualbox"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Setup
--- a/vision/imagemagick.md
+++ b/vision/imagemagick.md
@ -1,6 +1,6 @@
 ---
 title: "imagemagick"
-tags: [ "Documentation", "vision" ]
+tags: [ "Documentation", "Vision" ]
 ---
 [Source](http://lxlinux.com/imagemagick.html)
@ -28,6 +28,7 @@ Resizing only changes jpegs.  Change a png with:
 # Trim images to border
 This is generally used for transparrent images.
 > convert -trim image.png output.png