more cleanup

2022-01-26 23:35:07 +01:00 · 2022-01-26 23:35:07 +01:00 · 4cb4fca66a
parent f806bc35f5
commit 4cb4fca66a
76 changed files with 295 additions and 12029 deletions
--- a/README.md
+++ b/README.md
@ -44,4 +44,6 @@ How to see which websites you're actively accessing:
 This started as a few personal notes, and will probably continue to look like that for some time.
 It's a bit of a mess.

-Systemd is taken as a default.  Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
+Systemd is taken as a default.
+Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
+
--- a/data/git.md
+++ b/data/git.md
@ -10,7 +10,7 @@ tags: [ "Documentation", "data" ]

 > git config --global user.name "Malin Freeborn" 

-## New Git
+# New Git

 Start a git:

--- a/data/groff.md
+++ b/data/groff.md
@ -1,6 +1,6 @@
 ---
 title: "groff"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
 # Basic Documents

--- a/data/khard.md
+++ b/data/khard.md
@ -1,6 +1,6 @@
 ---
 title: "khard"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
 Get the basic config:

--- a/data/taskwarrior/archtask.sh
+++ b/data/taskwarrior/archtask.sh
@ -1,57 +0,0 @@
-#!/bin/bash
-
-export TASKDDATA=/var/lib/taskd
-
-echo Change CN to hostname
-sleep 2
-
-sudo vim /usr/share/doc/taskd/pki/vars
-
-cd /usr/share/doc/taskd/pki/
-
-sudo ./generate
-
-mkdir -p $TASKDDATA
-
-cp *.pem $TASKDDATA
-
-chown -R root /var/lib/taskd
-
-sudo cp *pem $TASKDDATA
-
-chown -R taskd:taskd $TASKDDATA
-
-taskd config "$user".cert=/var/lib/taskd/client.cert.pem
-taskd config "$user".key=/var/lib/taskd/client.key.pem
-taskd config "$(hostname)".cert=/var/lib/taskd/server.cert.pem
-taskd config "$(hostname)".key=/var/lib/taskd/server.key.pem
-taskd config "$(hostname)".crl=/var/lib/taskd/server.crl.pem
-taskd config ca.cert=/var/lib/taskd/ca.cert.pem
-
-taskd config --force server $(hostname):53589
-
-systemctl start taskd
-
-
-echo name a group
-read group
-
-echo name user
-
-read user
-
-taskd add org $group
-
-taskd add user $group $user
-
-./generate.client $user
-
-echo "
-taskd.server=alfred:port
-taskd.credentials=$group/$user/key
-taskd.certificate=~/.task/'$user'.cert.pem
-taskd.key=~/.task/'$user'.key.pem
-taskd.ca=~/.task/ca.cert.pem" >> /var/lib/taskd/config
-
-tar cf $user.tar "$user"* ca.cert.pem
-
--- a/data/taskwarrior/task.md
+++ b/data/taskwarrior/task.md
@ -1,7 +1,58 @@
 ---
 title: "task"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Organization" ]
 ---
+
+Set up the configuration file:
+
+> task
+
+Add a task:
+
+> task add update linux
+
+See which task is next:
+
+> task next
+
+Note the id number.
+
+Mark a task as started:
+
+> task start 1
+
+Once finished:
+
+> task 1 done
+
+# Projects
+
+Add a project:
+
+> task add project:house buy potted plant
+> task add proj:house.repair buy screwdriver
+> task add proj:house.repair buy shelf brackets
+> task add pro:house.paint buy white paint
+> task add pro:house.paint buy red paint
+> task add pro:house.paint buy black paint
+> task add pro:house.paint buy brushes
+
+## Summary
+
+> task pro:house sum
+
+> task burndown.daily pro:house
+
+The summaries will show how fast a project is being completed, and when you can expect it to finish at the present rate.
+
+# Tags
+
+> task add +buy toothbrush
+
+You can then see only tasks which involve buying something with:
+
+> task +buy
+
 # Contexts

 Set three contexts by their tags:
@ -26,16 +77,6 @@ View list of tasks completed in the last week:

 > task end.after:today-1wk completed

-# Timewarrior
-
-> timew start ed 'learn timewarrior'
-
-> timew stop
-
-> timew summary
-
-> timew tags
-
 # User Defined Attributes

 Make a UDA 'size'.
@ -48,3 +89,11 @@ Make a UDA 'size'.

 > uda.size.default=medium

+# Tricks
+
+This command shows tasks I'm most interested in:
+
+> task next +ACTIVE or +OVERDUE or due:today or scheduled:today or pri:H
+
+The command is long, so `alias` is your friend.
+
--- a/data/taskwarrior/taskd.md
+++ b/data/taskwarrior/taskd.md
@ -1,183 +0,0 @@
---
-title: "taskd"
-tags: [ "Documentation", "data" ]
---
-(instructions currently not working)
-
-Switch to root to make things easier.
-
-> yay -S
-
-> export TASKDDATA=/var/lib/taskd
-
-Edit `/usr/share/doc/taskd/pki/vars` so that ``CN'' = the hostname (IP is fine).
-
-> cd /usr/share/doc/taskd/pki
-
-Execute the `generate` file to generate a selfsigned certificate for the server.  These will be \*.pem-files.  Copy all \*.pem-files to /var/lib/taskd.
-
-Make sure a copy of ca.cert.pem remains to generate user-certificates later.
-
-# Taskd Configurations
-
-> taskd config --force client.cert $TASKDDATA/client.cert.pem
-
-> taskd config --force client.key $TASKDDATA/client.key.pem
-
-> taskd config --force server.cert $TASKDDATA/server.cert.pem
-
-> taskd config --force server.key $TASKDDATA/server.key.pem
-
-> taskd config --force server.crl $TASKDDATA/server.crl.pem
-
-> taskd config --force ca.cert $TASKDDATA/ca.cert.pem
-
-# Change Taskd Log Location
-The default is /tmp/log, which obviously you don't want.
-
-> touch /var/log/taskd.log
-
-> chown taskd:taskd /var/log/taskd.log
-
-> taskd config --force log /var/log/taskd.log
-
-Finally, set up the servername - the same one as in the certificates.  Mine is ``testarch''.
-
-> taskd config --force server testarch:9001
-
-# Adding users
-Let's add the group ``home'', then the user ``ghost'', will go in that group.
-
-> taskd add org home
-
-> taskd add user home ghost
-
-`3f9e6154-25cb-4e45-88bb-45e98feef904`
-
-> taskd add user home alfred
-
-`4fbb319c-c493-437a-ab7a-028f5b75e522`
-
-The user then gets a key.
-
-Finally, make sure that taskd can read its own data>
-
-> chown -R taskd:taskd /var/lib/taskd/orgs
-
-... or perhaps the entire directory of /var/lib/taskd/.
-
-Then it's back to /usr/share/doc/taskd/pki 
-
-Generate some userfiles:
-
-> ./generate.client ghost
-
-> ./generate.client alfred
-
-The bob and ghost \*pem files have to be added to the given users' home directories.
-
-# Setting up Users
-
-> sudo apt-get install taskwarrior taskd
-
-> task
-
-Then move the \*pem files into the .task directory of the user.
-
-Don't forget to add the ca.key.pem from `/usr/share/doc/taskd/pki`!
-
-# Attempt 2
-
-Well, none of that worked.
-
-New info from [taskwarrior](https://gitpitch.com/GothenburgBitFactory/taskserver-setup#/1/4)
-
-Default port = 53589
-
-starting with
-
-> taskd init
-
-> taskd config server localhost:53589
-
-View supported settings with `taskdrc`.
-
-!!! Start with taskdctl start
-
-Do a non-daemon version with 
-
-> taskd server --data $TASKDDATA --daemon
-
-# Systemd Unit file
-
-This needs to be edited for "$TASKDDATA", "$TASKDUSER", and "$TASKDGROUP".
-
-
-```
-
-Unit]
-Description=Secure server providing multi-user, multi-client access to Taskwarrior data
-Requires=network.target
-After=network.target
-Documentation=http://taskwarrior.org/docs/#taskd
- 
-[Service]
-ExecStart=/usr/local/bin/taskd server --data $TASKDDATA
-Type=simple
-User=$TASKDUSER
-Group=$TASKDGROUP
-WorkingDirectory=$TASKDDATA
-PrivateTmp=true
-InaccessibleDirectories=/home /root /boot /opt /mnt /media
-ReadOnlyDirectories=/etc /usr
- 
-[Install]
-WantedBy=multi-user.target
-
-```
-
-Enable all this by copying the file to `/etc/systemd/system`, reload daemon, then start it.
-
-Key for ghost:
-29bd8a06-2cc0-4163-905d-6216257a3031
-
-e29bffe0-72d8-45f2-b1f9-f29397cfab16
-
-# Different:
-
-$ task config taskd.certificate -- ~/.task/first_last.cert.pem
-$ task config taskd.key         -- ~/.task/first_last.key.pem
-$ task config taskd.ca          -- ~/.task/ca.cert.pem
-
-# Trust
-
-For troubleshooting we can set:
-
-> taskd.trust=ignore [hostname]
-
-> taskd.trust=allow all
-
-> taskd.trust=strict
-
-# User Defines Attributes - UDA
-
-Each UDA has two to four attributes: type (numeric or string) and label are necessary:
-
-> task config uda.THING.type {numeric,string}
-
-> task config uda.THING.label Thg
-
-Constrain these attributes to a comma-delineated set with:
-
-> task config uda.THING.values brown,orange,green
-
-You can also show how important the Attribute makes something:
-
-> urgency.uda.THING.coefficient=2.8
-
-# Aliases
-
-Alias `delete' to `rm' with:
-
-task config alias.rm delete
-
--- a/data/taskwarrior/taskd.sh
+++ b/data/taskwarrior/taskd.sh
@ -1,42 +0,0 @@
-#!/bin/bash
-# script currently not working
-
-export TASKDDATA=/var/lib/taskd
-
-sudo mkdir -p $TASKDDATA
-sudo chown taskd:$(whoami) $TASKDDATA
-sudo chmod 775 $TASKDDATA
-
-cp -r /usr/share/doc/taskd/pki/ $TASKDDATA
-
-cd $TASKDDATA/pki
-
-sed -i s/localhost/$(hostname -f)/ vars
-
-./generate
-
-cp client.cert.pem $TASKDDATA
-cp client.key.pem  $TASKDDATA
-cp server.cert.pem $TASKDDATA
-cp server.key.pem  $TASKDDATA
-cp server.crl.pem  $TASKDDATA
-cp ca.cert.pem     $TASKDDATA
-
-taskd config --force client.cert $TASKDDATA/client.cert.pem
-taskd config --force client.key  $TASKDDATA/client.key.pem
-taskd config --force server.cert $TASKDDATA/server.cert.pem
-taskd config --force server.key  $TASKDDATA/server.key.pem
-taskd config --force server.crl  $TASKDDATA/server.crl.pem
-taskd config --force ca.cert     $TASKDDATA/ca.cert.pem
-
-cd $TASKDDATA/..
-taskd config --force log $PWD/taskd.log
-taskd config --force pid.file $PWD/taskd.pid
-taskd config --force server $(hostname -f):53589
-
-taskd add org public
-
-# 1515de89-cc81-4af6-a6a4-41c1430620b0
-
-journalctl -u taskd
-
--- a/data/taskwarrior/timew.md
+++ b/data/taskwarrior/timew.md
@ -1,11 +1,7 @@
 ---
 title: "timew"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "Data" ]
 ---
-# Setup
-
-Below commands mostly deal with timew alone.  With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
-
 # Summaries

 Try:
@ -153,3 +149,8 @@ with:

 > python timew-dbcorrections.py

+# Setup
+
+With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
+This will track the time of any tasks used with [taskwarrior](task.md).
+
--- a/distros/arch/pi-hole-server.md
+++ b/distros/arch/pi-hole-server.md
@ -1,49 +0,0 @@
---
-title: "pi-hole-server"
-tags: [ "Documentation", "distros" ]
---
-
-> yay -S pi-hole-server
-
-> sudo systemctl enable --now pihole-FTL
-
-> sudo systemctl disable --now systemd-resolved
-
-Add yourself as a pihole user, then logout, and log back in.
-
-> sudo usermod -aG pihole $USER
-
-Remove that google dns server.
-
-> pihole -a setdns 9.9.9.9 1.0.0.1
-
-Disable pihole password by setting a blank password.
-
-> pihole -a -p
-
-Get a new list of blocked domains, then reload:
-
-> pihole -g -r
-
-Every so often, run `pihole -g` again (perhaps put it in crontab).
-
-# Configure cloudflare DNS
-
-This is optional.
-
-> yay -S cloudflared-bin
-
-echo "proxy-dns: true
-proxy-dns-upstream:
- - https://1.0.0.1/dns-query
- - https://1.1.1.1/dns-query
- - https://2606:4700:4700::1111/dns-query
- - https://2606:4700:4700::1001/dns-query
-proxy-dns-port: 5053
-proxy-dns-address: 0.0.0.0" > /etc/cloudflared/cloudflared.yml
-
-echo "
-PRIVACYLEVEL=0
-IGNORE_LOCALHOST=no
-AAAA_QUERY_ANALYSIS=yes
-
--- a/distros/arch/problems.md
+++ b/distros/arch/problems.md
@ -1,9 +0,0 @@
---
-title: "problems"
-tags: [ "Documentation", "distros" ]
---
-
-Broken Xorg
-
-> sudo X -configure
-
--- a/distros/redhat/Oracle/basics.md
+++ b/distros/redhat/Oracle/basics.md
@ -1,6 +1,6 @@
 ---
 title: "basics"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---

 > cd /etc/yum.repos.d/
--- a/distros/redhat/npm.md
+++ b/distros/redhat/npm.md
@ -1,6 +1,6 @@
 ---
 title: "npm"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 package.json is the basic configuration file.

--- a/distros/redhat/yum.md
+++ b/distros/redhat/yum.md
@ -1,6 +1,6 @@
 ---
 title: "yum"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---
 # Overview

@ -22,5 +22,3 @@ Major features: reliable, shit package selection.

 yum remove [package1] [package2]

-
-
--- a/distros/void/install.sh
+++ b/distros/void/install.sh
@ -1,13 +0,0 @@
-#!/bin/bash
-[ -z $1 ] && X=a || X=$1
-ls /dev/sd"$X"2 || exit 1
-mount /dev/sd"X"1 /mnt 
-mkdir /mnt/boot
-
-for dir in dev proc sys; do
-	mkdir /mnt/$dir
-	mount --rbind /$dir /mnt/$dir
-done
-
-xbps-install -Sy -r /mnt base-system grub vim
-
--- a/distros/void/virtualization/lxc.md
+++ b/distros/void/virtualization/lxc.md
@ -1,6 +1,6 @@
 ---
 title: "lxc"
-tags: [ "Documentation", "distros" ]
+tags: [ "Documentation", "Distros" ]
 ---

 LXC creates miniature virtual machines to play with.
--- a/networking/basics.md
+++ b/networking/basics.md
@ -1,6 +1,6 @@
 ---
 title: "basics"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # You

@ -53,12 +53,12 @@ The starting numbers tell you about the address. You just have to memorize the m
 |:---:|:---:|
 | 127.X | The computer's name for itself, for when you want to ssh into your own machine |
 | ::1/128 | Same thing, with ipv6 |
-| 192.168.X | A small network address, given by a DHCP server (possibly your router) |
+| 192.168.X | A small Network address, given by a DHCP server (possibly your router) |
 | 169.X | The interface to the internet wasn't given an ip address, so it's made up its own |

 # `arp-scan`

-Look around your local network with `arp-scan`.
+Look around your local Network with `arp-scan`.

 > sudo arp-scan -l

@ -85,7 +85,7 @@ Mac addresses are easy to fake, so don't trust this output to keep you safe.

 # `nmap`

-Look around your entire network from 192.168.0.1 to 192.168.0.255:
+Look around your entire Network from 192.168.0.1 to 192.168.0.255:

 > sudo nmap -F 192.168.0.1/24

--- a/networking/dns.md
+++ b/networking/dns.md
@ -1,27 +0,0 @@
---
-title: "dns"
-tags: [ "Documentation", "networking" ]
---
-# Designate DNS
-
-On Debian, a file might gain DNS services by adding the following to /etc/network/interfaces:
-
-```
-
-auto eth0
-iface eth0 inet static 
-   address 10.0.0.23
-   netmast 255.255.255.0
-   gateway 10.0.0.1
-   dns-nameservers 208.67.222.222 208.67.220.220
-   dns-search example.com
-
-```
-
-# URL Aliases
-
-To change where hosts go, edit /etc/hostnames.  You can enter, e.g.:
-
-`54.239.25.200 www.amazon.com a`
-
-... which then means simply the letter 'a' will lead you to amazon.com.
--- a/networking/fail2ban.md
+++ b/networking/fail2ban.md
@ -1,6 +1,6 @@
 ---
 title: "fail2ban"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # SSH Daemon Jail

--- a/networking/graph-easy/troubleshooting.map
+++ b/networking/graph-easy/troubleshooting.map
@ -1,5 +1,28 @@
+
+Set up a file like this, called `troubleshooting.txt`.
+
+```
+[ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
+
+[ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
+
+[ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
+
+[ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
+
+[ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
+
+[ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
+
+```
+Then translate it with:
+
+> graph-easy troubleshooting.txt --as boxart
+
+```
+
 ┌────────────┐     ┌─────────────────────────┐  yes   ┌────────────────────────────────────┐  yes   ┌─────────────────────────────┐  yes   ┌────────────┐
-│ no network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
+│ no Network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
 └────────────┘     └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘        └────────────┘
                     │                                  │                                             │
                     │ no                               │ no                                          │ no
@ -7,3 +30,18 @@
                   ┌─────────────────────────┐        ┌────────────────────────────────────┐        ┌─────────────────────────────┐
                   │ Check NIC driver, dmesg │        │ Check cables, router, and switches │        │   Trying pinging 8.8.8.8    │
                   └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘
+```
+Many options allow different displays.
+Try placing this in a file:
+
+```
+[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
+[ One ] => { arrow-style: closed; } [ Three ]
+[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
+[ One ] .. Test\n label ..> [ Four ]
+[ Three ] { border-style: dashed; }
+.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
+[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
+[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
+[ no Network ] --> [ Is there an IP address? ]
+```
--- a/networking/graph-easy/example.txt
+++ b/networking/graph-easy/example.txt
@ -1,12 +0,0 @@
-[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
-[ One ] => { arrow-style: closed; } [ Three ]
-[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
-[ One ] .. Test\n label ..> [ Four ]
-[ Three ] { border-style: dashed; }
-.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
-[ Seven ] -- [ Eight ]
-[ Five ] --> [ Eight ]
-[ Five ] --> [ Seven ]
-[ Two ] -> [ Four ]
-[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
-[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
--- a/networking/graph-easy/troubleshooting-map
+++ b/networking/graph-easy/troubleshooting-map
@ -1,15 +0,0 @@
-[ no network ] --> [ Is there an IP address? ]
-
-[ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
-
-[ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
-
-[ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
-
-[ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
-
-[ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
-
-[ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
-
-
--- a/networking/iptables.md
+++ b/networking/iptables.md
@ -1,6 +1,6 @@
 ---
 title: "iptables"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Intro

@ -24,7 +24,7 @@ Let's 'A'dd, or 'A'ppend a rule with -A.  Let's drop all input from a nearby IP

 > iptables -A INPUT -s 192.168.0.23 -j DROP

-Or we can block all input from a particular port on the full network.
+Or we can block all input from a particular port on the full Network.

 > iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP

@ -55,3 +55,26 @@ Flush all existing rules with:

 > iptables -F

+
+# Examples
+
+```
+# Allow all loopback (lo0) traffic and drop all traffic to 127/8
+# that doesn't use lo0
+iptables -A INPUT -i lo -j ACCEPT
+iptables -A OUTPUT -o lo -j ACCEPT
+iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
+
+# Allow established sessions to receive traffic
+iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+# Allow ICMP pings
+iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
+
+# Allow SSH remote
+iptables -I INPUT -p tcp --dport 22 -j ACCEPT
+
+# Reject all other inbound connections
+iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
+iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
+```
--- a/networking/iptables/examples.sh
+++ b/networking/iptables/examples.sh
@ -1,19 +0,0 @@
-#!/bin/sh
-# Allow all loopback (lo0) traffic and drop all traffic to 127/8
-# that doesn't use lo0
-iptables -A INPUT -i lo -j ACCEPT
-iptables -A OUTPUT -o lo -j ACCEPT
-iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-
-# Allow established sessions to receive traffic
-iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-
-# Allow ICMP pings
-iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-
-# Allow SSH remote
-iptables -I INPUT -p tcp --dport 22 -j ACCEPT
-
-# Reject all other inbound connections
-iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
-iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
--- a/networking/iptables/iptables.md
+++ b/networking/iptables/iptables.md
@ -1,56 +0,0 @@
---
-title: "iptables"
-tags: [ "Documentation", "networking" ]
---
-# Intro
-
-This is a basic Linux firewall program.
-
-Look at your firewalls:
-
-> iptables -L
-
-We see the output of input, output and forwarding rules.
-
-# Forward
-
-I don't need any forwarding, so I'm going to drop all forwarding:
-
-> iptables -P FORWARD DROP
-
-# Input
-
-Let's 'A'dd, or 'A'ppend a rule with -A.  Let's drop all input from a nearby IP 
-
-> iptables -A INPUT -s 192.168.0.23 -j DROP
-
-Or we can block all input from a particular port on the full network.
-
-> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
-
-> iptables -A INPUT --dport 80 -j ACCEPT
-
-
-This allows http traffic to an Apache web server over port 80.
-
-However, rules are accepted in order - so a packet cannot be rejected and then accepted.
-
-To delete rule 2 from the INPUT chain:
-
-> iptables -D INPUT 3
-
-Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
-
-> iptables -I INPUT -s 192.168.0.13 DROP
-
-# Catchalls
-
-Catchall rules state that anything which is not permitted is forbidden.  They must be allowed last.
-
-# -Jurice-Diction
-
-The -j flag accepts ACCEPT/REJECT/DROP.  The last two are identical except that "REJECT" acknowledges the rejection.
-
-Flush all existing rules with:
-
-> iptables -F
--- a/networking/ldap/guide.html
+++ b/networking/ldap/guide.html
--- a/networking/nmap.md
+++ b/networking/nmap.md
@ -1,6 +1,6 @@
 ---
 title: "nmap"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 Example:
--- a/networking/pi-hole-server.md
+++ b/networking/pi-hole-server.md
@ -0,0 +1,56 @@
+---
+title: "pi-hole-server"
+tags: [ "Documentation", "Distros" ]
+---
+# Installation
+
+## Arch
+
+> yay -S pi-hole-server
+
+> sudo systemctl enable --now pihole-FTL
+
+> sudo systemctl disable --now systemd-resolved
+
+> sudo rm -f /dev/shm/FTL-\*
+
+## Debian
+
+Debian has a long, boring setup.
+
+> sudo apt-get install wget curl net-tools gamin lighttpd lighttpd-mod-deflate
+
+> curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash
+
+# Setup
+
+> sudo usermod -aG pihole $USER
+
+Remove that google dns server.
+
+> pihole -a setdns 9.9.9.9 1.0.0.1
+
+Disable pihole password by setting a blank password.
+
+> pihole -a -p
+
+Get a new list of blocked domains, then reload:
+
+> pihole -g -r
+
+Every so often, run `pihole -g` again (perhaps put it in crontab).
+
+## Check the Pihole
+
+Observe the pihole's output while you ask it a question:
+
+> pihole -t
+
+Then ask the question from another computer:
+
+> dig @[ pihole ip ] archlinux.org
+
+## System-Wide Setup
+
+To make the pihole work for the entire Network, enter your router and set the DNS server as nothing but your pihole.
+
--- a/networking/pihole/pihole.md
+++ b/networking/pihole/pihole.md
@ -1,30 +0,0 @@
---
-title: "pihole"
-tags: [ "Documentation", "networking" ]
---
-View DNS traffic
-
-> pihole -t
-
-Change password 
-
-> pihole -a -p
-
-Get new list of cancer
-
-> pihole -g
-
-Change upstream DNS
-
-> sudo vim /etc/dnsmasq/01-pihole.conf
-
-## Troubleshooting
-
-> sudo usermod -aG pihole $USER
-
-> sudo systemctl stop systemd-resolved
-
-> sudo rm -f /dev/shm/FTL-*
-
-> pihole -g -r
-
--- a/networking/pip.md
+++ b/networking/pip.md
@ -1,8 +1,14 @@
 ---
 title: "pip"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

+Searching does not work.
+
+Install with:
+
+> pip install [ package ]
+
 Upgrade all packages

 > pip freeze --local | grep -v '^\-e' | cut -d = -f 1  | xargs -n1 pip install -U
--- a/networking/protocols.md
+++ b/networking/protocols.md
@ -1,6 +1,6 @@
 ---
 title: "protocols"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Protocols

@ -16,7 +16,7 @@ tags: [ "Documentation", "networking" ]

 ## IPv4

-Three address ranges pertain only to private networks, so no computer looks beyond the local router to resolve them:
+Three address ranges pertain only to private Networks, so no computer looks beyond the local router to resolve them:

 10.0.0.0	to	10.255.255.255

@ -24,7 +24,7 @@ Three address ranges pertain only to private networks, so no computer looks beyo

 192.168.0.0	to	192.168.255.255

-In theory, networks should fall within one of 3 ranges, depending upon their first octet:
+In theory, Networks should fall within one of 3 ranges, depending upon their first octet:

 Class A	1-127

@ -63,13 +63,13 @@ Add an interface to a device as so:

 > sudo ip a add 192.168.0.15/255.255.255.0 dev eth1

-See network interfaces available on Fedora with:
+See Network interfaces available on Fedora with:

-> less /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
+> less /etc/sysconfig/Network-scripts/ifcfg-enp2s0f0

 or on Debian with:

-> less /etc/network/interfaces
+> less /etc/Network/interfaces

 Mostly, interfaces will receive automatic addresses from a DHCP server.  If this hasn't happened for you, you can request a dhcp address with:

--- a/networking/rclone.md
+++ b/networking/rclone.md
@ -1,6 +1,6 @@
 ---
 title: "rclone"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 The manpage's 'Synopsis' provides a fast reference.

--- a/networking/screen.md
+++ b/networking/screen.md
@ -1,6 +1,6 @@
 ---
 title: "screen"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 start session: screen
@ -46,7 +46,9 @@ Screens have a list of commands to send

 ------Example----------
 Start a new session with 'screen -S base' (which calls that session 'base').  Make a horizontal split with ^|, move into it with ^tab then create a new screen with ^c in that second split.  The new screen can be named with ^A as 'music' before entering cmus.  Next up, visualizations with vis in another screen.  ^S makes a horizontal split and you can switch into that with ^tab to name is 'visualizations' and start vis.  Switch back to the first screen and make another horizontal split and a screen in there with the name 'reading'.  Inside reading you type ^? to get a list of useless screen commands.  Reading can then be detatched with ^d and the horizontal split destroyed with ^X.
+
 Those visualizations should be larger, so we enlarge them with Ctrl+: to send the command resize 50 and :resize -h 100.
+
 Once done with reading, you can destroy it wil ^k then destroy the lot once done with ^\.  Outside the screens entirely you can ensure complete death with 'killall screen'.

 ----------------------
--- a/networking/servers/agate.md
+++ b/networking/servers/agate.md
@ -1,6 +1,6 @@
 ---
 title: "agate"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Make sure your dns is in order.
 My domain name is `belgradecats.tk`, so put your own in there.
@ -31,7 +31,7 @@ Make a service file.
 ```
 [Unit]
 Description=agate
-After=network.target
+After=Network.target

 [Service]
 User=gemini
--- a/networking/ssh/sshfs.md
+++ b/networking/ssh/sshfs.md
@ -1,6 +1,6 @@
 ---
 title: "sshfs"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Mount 

--- a/networking/ssh/tricks.md
+++ b/networking/ssh/tricks.md
@ -1,6 +1,6 @@
 ---
 title: "tricks"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 Mount a remote filesystem locally with fuse-sshfs:
--- a/networking/tor.md
+++ b/networking/tor.md
@ -1,6 +1,6 @@
 ---
 title: "tor"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 # Get a hostname
--- a/networking/transmission.md
+++ b/networking/transmission.md
@ -1,6 +1,6 @@
 ---
 title: "transmission"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Torrench

--- a/networking/troubleshooting.md
+++ b/networking/troubleshooting.md
@ -1,11 +1,11 @@
 ---
 title: "troubleshooting"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 # Do you have an IP?

-If not, try checking out what your local networking interfaces are, then check if they have been picked up:
+If not, try checking out what your local Networking interfaces are, then check if they have been picked up:

 > dmesg | grep eth0

@ -17,4 +17,3 @@ If not, try checking out what your local networking interfaces are, then check i

 > netstat -l | grep http

-
--- a/networking/troubleshooting.txt
+++ b/networking/troubleshooting.txt
@ -1,9 +0,0 @@
-┌────────────┐     ┌─────────────────────────┐  yes   ┌────────────────────────────────────┐  yes   ┌─────────────────────────────┐  yes   ┌────────────┐
-│ no network │ ──> │ Is there an IP address? │ ─────> │      Can you ping the router?      │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
-└────────────┘     └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘        └────────────┘
-                     │                                  │                                             │
-                     │ no                               │ no                                          │ no
-                     ∨                                  ∨                                             ∨
-                   ┌─────────────────────────┐        ┌────────────────────────────────────┐        ┌─────────────────────────────┐
-                   │ Check NIC driver, dmesg │        │ Check cables, router, and switches │        │   Trying pinging 8.8.8.8    │
-                   └─────────────────────────┘        └────────────────────────────────────┘        └─────────────────────────────┘
--- a/networking/website/nginx.md
+++ b/networking/website/nginx.md
@ -1,6 +1,6 @@
 ---
 title: "nginx"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Install nginx:

--- a/networking/wifi.md
+++ b/networking/wifi.md
@ -1,6 +1,6 @@
 ---
 title: "wifi"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---
 # Netstat Stuff

@ -50,7 +50,9 @@ This tells you that your ESSID is 'Gandalf WajFaj', and the access point name is

 > nmcli radio

-	You get an overview of your radio devices.  You're told that eth0 deals with your ethernet and wlan0 deals with wifi.  wlan0 is a file which represents your wifi device.
+You get an overview of your radio devices.
+You're told that eth0 deals with your ethernet and `wlan0` deals with wifi.
+`wlan0` is a file which represents your wifi device.

 > nmcli wlan0 wifi rescan

--- a/networking/wireless.md
+++ b/networking/wireless.md
@ -1,6 +1,6 @@
 ---
 title: "wireless"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 # Check wifi's working
--- a/networking/wpa_supplicant.md
+++ b/networking/wpa_supplicant.md
@ -1,6 +1,6 @@
 ---
 title: "wpa_supplicant"
-tags: [ "Documentation", "networking" ]
+tags: [ "Documentation", "Networking" ]
 ---

 wpa_supplicant configurations are stored in /etc/wpa_supplicant/wpa_supplicant-wlan0 (or equivalent).
@ -33,19 +33,19 @@ This has a number of commands to input.  In order:

 > scan_results

-> add_network
+> add_Network

-This outputs a network number, e.g. '3'.  This is the new network you'll work with.
+This outputs a Network number, e.g. '3'.  This is the new Network you'll work with.

-> set_network 3 ssid "Kosachok Cafe"
+> set_Network 3 ssid "Kosachok Cafe"

-> set_network 3 psk "Kosachok2019"
+> set_Network 3 psk "Kosachok2019"

 OR

-> set_network 3 key_mgmt NONE
+> set_Network 3 key_mgmt NONE

-> enable_network 3
+> enable_Network 3

 > save_config

@ -57,4 +57,3 @@ or maybe:

 > dhcpd wlp3s0 

-
--- a/sound/basics.md
+++ b/sound/basics.md
@ -1,8 +1,9 @@
 ---
 title: "basics"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Pulse
+
 If you have pulse, use pulse.
 Check with `which pulseaudio`. No output means you need to use alsa (below).

@ -19,11 +20,11 @@ Find working outputs:
 Surround.5 seems best.


-# Find what sound settings exist
+# Find what Sound settings exist

 amixer scontrols

-# Change a sound setting
+# Change a Sound setting

 > amixer set Master 5%-

@ -49,8 +50,8 @@ Start with:

 > alsamixer

-Then press `F6` to see available sound cards.
-If you find a sound card called 'PinePhone', then you can select an audio source there, and adjust with:
+Then press `F6` to see available Sound cards.
+If you find a Sound card called 'PinePhone', then you can select an audio source there, and adjust with:

 > amixer -c PinePhone set 'Headphone' 50%

--- a/sound/festival.md
+++ b/sound/festival.md
@ -1,6 +1,6 @@
 ---
 title: "festival"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Basics

--- a/sound/ffmpeg.md
+++ b/sound/ffmpeg.md
@ -1,6 +1,6 @@
 ---
 title: "ffmpeg"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Basics 

--- a/sound/mpd.md
+++ b/sound/mpd.md
@ -1,6 +1,6 @@
 ---
 title: "mpd"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 # Setup

--- a/sound/ncmpcpp.md
+++ b/sound/ncmpcpp.md
@ -1,6 +1,6 @@
 ---
 title: "ncmpcpp"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---

 # Music Player Daemon
--- a/sound/youtube-dl.md
+++ b/sound/youtube-dl.md
@ -1,6 +1,6 @@
 ---
 title: "youtube-dl"
-tags: [ "Documentation", "sound" ]
+tags: [ "Documentation", "Sound" ]
 ---
 > youtube-dl --write-auto-sub <URL>

--- a/system/X.md
+++ b/system/X.md
@ -1,6 +1,6 @@
 ---
 title: "X"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 X is a server which listens to requests for display.

--- a/system/android.md
+++ b/system/android.md
@ -1,6 +1,6 @@
 ---
 title: "android"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # mtpfs

--- a/system/awk.md
+++ b/system/awk.md
@ -1,6 +1,6 @@
 ---
 title: "awk"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Basics

--- a/system/bash_tricks.md
+++ b/system/bash_tricks.md
@ -1,6 +1,6 @@
 ---
 title: "bash_tricks"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Automatic mp3 Tagging

--- a/system/character-encoding.md
+++ b/system/character-encoding.md
@ -1,6 +1,6 @@
 ---
 title: "character-encoding"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Convert a text file from one encoding type to another with:

--- a/system/compression.md
+++ b/system/compression.md
@ -1,6 +1,6 @@
 ---
 title: "compression"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Tar

--- a/system/cronie.md
+++ b/system/cronie.md
@ -1,6 +1,6 @@
 ---
 title: "cronie"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---

 Various services from cron exist, e.g.
@ -9,7 +9,7 @@ Various services from cron exist, e.g.

 start the cronie with

-> sudo systemctl start cronie
+> sudo Systemctl start cronie

 start a cron with 

--- a/system/e-mail.md
+++ b/system/e-mail.md
@ -1,6 +1,6 @@
 ---
 title: "e-mail"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Terminology

--- a/system/editors.md
+++ b/system/editors.md
@ -1,8 +1,8 @@
 ---
 title: "editors"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
-The system's default text editor can be defined within /etc/profile.  It's given the variable `EDITOR`.
+The System's default text editor can be defined within /etc/profile.  It's given the variable `EDITOR`.

 Add these lines to /etc/profile:

--- a/system/elvish.md
+++ b/system/elvish.md
@ -1,6 +1,6 @@
 ---
 title: "elvish"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Setup
 To run a shell as non-root, the shell must be listed in /etc/shells.
--- a/system/kernel.md
+++ b/system/kernel.md
@ -1,6 +1,6 @@
 ---
 title: "kernel"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Check which kernet modules are loaded into memory

--- a/system/logs.md
+++ b/system/logs.md
@ -1,6 +1,6 @@
 ---
 title: "logs"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---

 # Basic
--- a/system/mdadm.md
+++ b/system/mdadm.md
--- a/system/partitions.md
+++ b/system/partitions.md
@ -1,6 +1,6 @@
 ---
 title: "partitions"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # FDisk Basics

@ -27,7 +27,7 @@ Note the asterisk marking the boot partition.

 fdisk will not help with a GPT formatted drive.  For this, use gdisk, which is mostly the same.

-Now that we have a partition, we can make it into a filesystem.  Most will use:
+Now that we have a partition, we can make it into a fileSystem.  Most will use:

 > sudo mkfs -t ext4 /dev/sdc1

@ -35,7 +35,7 @@ or if you're making a swap partition, you can use:

 > sudo mkswap /dev/sdb2

-or for the reiser filesystem, we can use:
+or for the reiser fileSystem, we can use:

 > sudo mkreiserfs /dev/sdc2

@ -65,7 +65,7 @@ or  divide things by inode - the thing which records where files are?

 > df -i

-Examine a filesystem with:
+Examine a fileSystem with:

 > sudo dumpe2fs /dev/sda1 | less

@ -78,12 +78,12 @@ This will check sda1 every 30 boots.  It can also be checked every month.

 > sudo tune2fs -i 1m /dev/sda1

-This thing can also make a new label for the system:
+This thing can also make a new label for the System:

 > sudo tune2fs -L new_name /dev/sdb3

 # Repair
-Start by unmounting the filesystem.
+Start by unmounting the fileSystem.

 > sudo umount /dev/sdc1

@ -112,15 +112,15 @@ or if you don't know the type, just try the lot:
 # File Systems
 xfs and zfs can only be expanded.

-# Shrink Filesystem
+# Shrink FileSystem

 NB: When I followed these instructions, the process destroyed my data. Seemed fine on the YouTube video.

-Check the filesystem's health:
+Check the fileSystem's health:

 > sudo e2fsck -f /dev/sdb1

-Resize the file system to something smaller than what you want, so here I want 500G and so I resize to 450 G.
+Resize the file System to something smaller than what you want, so here I want 500G and so I resize to 450 G.

 > resize2fs /dev/sdb1 450G

@ -130,7 +130,7 @@ Then delete the partition with either gdisk or fdisk, depending upon the layout.

 > d

-Then make a new filesystem of the desired type with:
+Then make a new fileSystem of the desired type with:

 > n

--- a/system/snaps.md
+++ b/system/snaps.md
@ -1,6 +1,6 @@
 ---
 title: "snaps"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 > sudo apt-get purge -y snapd

--- a/system/systemd/journal.md
+++ b/system/systemd/journal.md
@ -1,6 +1,6 @@
 ---
 title: "journal"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---

 Find errors since November
--- a/system/systemd/making-services.md
+++ b/system/systemd/making-services.md
@ -1,6 +1,6 @@
 ---
 title: "Making Services"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---
 # Basics

--- a/system/systemd/users.md
+++ b/system/systemd/users.md
@ -1,6 +1,6 @@
 ---
 title: "users"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "systemd" ]
 ---
 # Automatic Login

--- a/system/tmux.md
+++ b/system/tmux.md
@ -1,6 +1,6 @@
 ---
 title: "tmux"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Start with:

--- a/system/upx.md
+++ b/system/upx.md
@ -1,6 +1,6 @@
 ---
 title: "upx"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 upx compresses binaries, so they take up less disk space, but take longer to start.

--- a/system/urxvt.md
+++ b/system/urxvt.md
@ -1,5 +1,5 @@
 ---
 title: "urxvt"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 Perl scripts typically kept in /usr/lib/urxvt/perl
--- a/system/wine.md
+++ b/system/wine.md
@ -1,5 +1,5 @@
 ---
 title: "wine"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 maybe run \n> sudo dpkg --add-architecture i386
--- a/system/xdg.md
+++ b/system/xdg.md
@ -1,6 +1,6 @@
 ---
 title: "xdg"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---

 What filetype is this file?
--- a/system/xkbmap.md
+++ b/system/xkbmap.md
@ -1,6 +1,6 @@
 ---
 title: "xkbmap"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Language Layouts

--- a/virtualization/virtualbox.md
+++ b/virtualization/virtualbox.md
@ -1,6 +1,6 @@
 ---
 title: "virtualbox"
-tags: [ "Documentation", "system" ]
+tags: [ "Documentation", "System" ]
 ---
 # Setup

--- a/vision/imagemagick.md
+++ b/vision/imagemagick.md
@ -1,6 +1,6 @@
 ---
 title: "imagemagick"
-tags: [ "Documentation", "vision" ]
+tags: [ "Documentation", "Vision" ]
 ---
 [Source](http://lxlinux.com/imagemagick.html)

@ -28,6 +28,7 @@ Resizing only changes jpegs.  Change a png with:


 # Trim images to border
+
 This is generally used for transparrent images.

 > convert -trim image.png output.png