Merge branch 'master' into vhs

2024-06-02 05:27:58 +02:00 · 2024-06-02 05:27:58 +02:00 · a6907d7a91
commit a6907d7a91
parent 3f98db3d3a 6d44a44d0d
29 changed files with 460 additions and 404 deletions
--- a/README.md
+++ b/README.md
@ -26,6 +26,8 @@ The chronology should never branch.
 If `gitea` can use three different types of database, the documentation should simply pick one and continue instructions from there.
 Repetition works better than a reference - if a database requires three commands to set up, it's better to repeat those three commands for every program that requires a database than to just link to another file which discusses databases.
 ---
 ### Closing
 Introductory documents should show anything required to cleanly uninstall a program, without leaving bulky configuration files behind.
@ -52,6 +54,8 @@ Non-commands (e.g. output) should be shown as quoted text:
 > Mail         kn
 > Projects     music
 ---
 # Example
 ```
@ -61,9 +65,9 @@ How to see which websites you're actively accessing:
 ss -tr dst :$PORT
 ` ` `   
-> State  Recv-Q  Send-Q   Local Address:Port                                    Peer Address:Port   Process  
+> State  Recv-Q  Send-Q   Local Address:Port     Peer Address:Port   Process  
-> ESTAB  0       0         192.168.0.14:42476                                 149.154.167.91:https           
+> ESTAB  0       0         192.168.0.14:42476  149.154.167.91:https           
-> ESTAB  0       0         192.168.0.14:43644                                  104.17.90.199:https           
+> ESTAB  0       0         192.168.0.14:43644   104.17.90.199:https           
 ```
--- a/basics/cron.md
+++ b/basics/cron.md
@ -14,20 +14,31 @@ Once installed, search for the service name, and start it.
 ```bash
 sudo systemctl list-unit-files | grep cron
 sudo systemctl enable --now $NAME
 ```
 Make a file for your crontab, like this:
 ```bash
-sudo systemctl enable --now cron
+echo '39 */3 * * * /usr/bin/updatedb' > "$USER".cron
 ```
-You can *e*dit your crontab with:
+Then apply that crontab:
 ```bash
-crontab -e
+crontab "$USER".cron
 rm "$USER".cron
 ```
 The `cron` program will check your syntax before adding the tab.
 Your crontab file sits somewhere in `/var/spool/`.
 Probably in `/var/spool/cron`.
-> 39 */3 * * * /usr/bin/updatedb
+Check how your tab currently looks:
 ```bash
 crontab -l
 ```
 ## Syntax
@ -91,7 +102,7 @@ run-parts /etc/cron.hourly
 ### Variables
 Add your `$HOME` to crontab to use scripts.
-First add `HOME=/home/user`, then you can use syntax like this:
+First add `HOME=/home/$USER`, then you can use syntax like this:
 0 * * * * $HOME/.scripts/myScript.sh
@ -100,7 +111,6 @@ First add `HOME=/home/user`, then you can use syntax like this:
 ```bash
 $HOME/.scripts/myScript.sh
 ```
 You can also add your regular path to your crontab as a variable (see example below).
 If you're using vim as the editor, just run this at the top of your crontab:
@ -131,5 +141,3 @@ PATH=/usr/condabin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/u
 50 18 * * * /usr/bin/timeout 30m /usr/bin/syncthing
 ```
--- a/basics/eval.md
+++ b/basics/eval.md
@ -0,0 +1,22 @@
 ---
 title: "eval"
 tags: [ "basics" ]
 ---
 Compose a statement for execution.
 ```bash
 x='echo $y'
 echo $x
 y=dragon
 eval "$x"
 ```
 The results remain in the current shell, unlike sub-shells.
 ```bash
 b=basilisk
 sh -c 'echo $b'
 eval "g=goblin"
 echo $g
 ```
--- a/basics/games.md
+++ b/basics/games.md
@ -0,0 +1,11 @@
 ---
 title: "bash games"
 tags: [ "Documentation", "Games" ]
 ---
 Games are a great way to learn bash.
 - `mapscii.me` is an interactive terminal map.
    1. Install telnet.
    1. `telnet mapscii.me`
 - [Over the Wire](https://overthewire.org/wargames) teaches bash with small challenging you can do over `ssh`.
--- a/basics/tree.md
+++ b/basics/tree.md
@ -1,6 +1,6 @@
 ---
 title: "tree"
-tags: [ "basics" ]
+tags: [ "basics", "tree", "markdown" ]
 ---
 The `tree` utility outputs a full listing of everything in your current directory, and those below.
@ -23,3 +23,14 @@ README.md
 ```
 Each description-line starts with a tab.
 ## Markdown Conversion
 To represent a file structure as a nested series of markdown lists, you can try this horrifying `sed` one-liner:
 ```bash
 tree -tf --dirsfirst --gitignore --noreport --charset ascii  | \
    sed -e 's/| \+/  /g' \
    -e 's/[|`]-\+/ */g' \
    -e 's:\(* \)\(\(.*/\)\([^/]\+\)\):\1[\4](\2):g'
 ```
--- a/chat/profanity-otr.md
+++ b/chat/profanity-otr.md
@ -0,0 +1,57 @@
 ---
 title: "profanity"
 tags: [ "Documentation", "Chat", "OTR" ]
 ---
 # otr
 'Off The Record' encryption seems mostly dead to me.
 But this is what I did, back in the day...
 Install libotr-dev or libotr5-dev or whatever..
 ```
 sudo apt -y install lib5otr-dev
 ```
 Make your otr keys.
 ```
 /otr gen
 ```
 Then you can start an otr converstation.
 ```
 /otr start bob@jobbies.org
 ```
 Or if you already have a conversation windows open, switch to our using:
 ```
 /otr
 ```
 Finally, verify!
 ```
 /otr question "Who are you?" bob
 ```
 Bob is verified upon the answer, 'bob'.
 ### OTR Finger Prints
 Get yours with 
 ```
 /otr myfp
 ```
 ```
 /otr theirfp
 ```
 ```
 /otr myfp
 ```
--- a/chat/profanity.md
+++ b/chat/profanity.md
@ -1,6 +1,6 @@
 ---
 title: "profanity"
-tags: [ "Documentation", "Chat" ]
+tags: [ "Documentation", "Chat", "omemo" ]
 ---
 # Setup (Commands)
@ -140,54 +140,6 @@ You can ensure omemo automatcally turns on:
 ```
 /omemo policy automatic
 ```
 ---
-## otr
+'OTR' encryption is mostly dead, but you can find the old instructions [here](profanity-otr).
 Install libotr-dev or libotr5-dev or whatever..
 ```
 sudo apt -y install lib5otr-dev
 ```
 Make your otr keys.
 ```
 /otr gen
 ```
 Then you can start an otr converstation.
 ```
 /otr start bob@jobbies.org
 ```
 Or if you already have a conversation windows open, switch to our using:
 ```
 /otr
 ```
 Finally, verify!
 ```
 /otr question "Who are you?" bob
 ```
 Bob is verified upon the answer, 'bob'.
 ### OTR Finger Prints
 Get yours with 
 ```
 /otr myfp
 ```
 ```
 /otr theirfp
 ```
 ```
 /otr myfp
 ```
--- a/data/git/basics.md
+++ b/data/git/basics.md
--- a/data/git/git-lfs.md
+++ b/data/git/git-lfs.md
--- a/data/git/hooks.md
+++ b/data/git/hooks.md
@ -0,0 +1,29 @@
 ---
 title: "git hooks"
 tags: [ "Documentation", "data", "git" ]
 ---
 Check out the sample hooks:
 ```bash
 cd $GIT_REPO
 ls .git/hooks
 head .git/hooks/pre-commit.sample
 ```
 Add a hook to check the shell scripts in `$GIT_REPO` before making a commit:
 ```bash
 echo '#!/bin/sh
 shellcheck *.sh' > .git/hooks/commit-msg
 chmod u+x .git/hooks/commit-msg
 ```
 ## Committing
 Your `git hooks` will not enter the repository, but you can commit them to a repository, then request others add these git hooks to their own branch, by putting a note in the project's `README.md`.
 ```markdown
 The project comes with recommended git hooks.
 You can activate the hooks with `git config core.hooksPath hooks`.
 ```
--- a/data/gpg.md
+++ b/data/gpg.md
@ -1,142 +1,7 @@
 ---
 title: "gpg"
-tags: [ "Documentation", "data" ]
+tags: [ "Documentation", "data", "GPG" ]
 ---
 # Making keys
 Generate keys:
 ```bash
 gpg --gen-key
 ```
 Follow the guide.
 # Encrypting a file
 ```bash
 gpg -r malinfreeborn@posteo.net -e file
 ```
 `-r` specifies the recipient.
 Check you have an encrypted version of your file.
 # Changing Expiration Dates
 gpg --list-keys
 ... and then use the second part of 'pub', which is the ID.  But that's not appearing here so... on with gpg2?
 # Making encrypted files with a local password
 Make a password with a password (cypher encryption).
 ```bash
 gpg -c --output passwords.txt
 ```
 or 
 ```bash
 gpg -c > passwords.txt
 ```
 Put in a password.
 Write message then stop with Ctrl+d.
 Get the message back out the file with:
 ```bash
 gpg -d passwords.txt
 ```
 # Circles of Trust
 Search for a key at any key store:
 ```bash
 gpg --search-keys nestorv
 ```
 Once you've made a decision about someone:
 ```bash
 gpg --list-keys
 ```
 You get something like this:
 ```
 pub   rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
      CD30421FD825696BD95F1FF644C62C57B790D3CF
 uid           [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
 sub   rsa3072 2021-08-15 [E] [expires: 2023-08-15]
 ```
 Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
 This is a fingerprint.
 You can now decide the trust level (this stays on your computer).
 ```bash
 gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF
 ```
 Once you're in the interface, type `trust`.
 ```bash
 gpg --sign-key alice@posteo.net
 ```
 # Swapping Keys
 This system relies on a ring of people swapping key information.
 ## Sending
 Send those trusted keys up to a server, so people can see you have verified them:
 ```bash
 gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
 ```
 ## Upload Your Keys
 ## Add More Key Servers
 Key servers often swap keys, but it's best to just send to multiple places immediately.
 You can add key servers by adding this to `~/.gnupg/gpg.conf`.
 ```
 keyserver hkps://keys.openpgp.org
 keyserver hkps://mail-api.proton.me
 keyserver hkps://keys.mailvelope.com
 ```
 # Refresh Keys
 Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more).
 ```bash
 gpg --refresh-keys
 ```
 You can use the [crontab](../basics/cron.md) to refresh keys.
 # Export
 Your public key:
 ```bash
 gpg --output me.gpg --armor --export
 ```
 or
 ```bash
 gpg --export -a person@email.tld > my_key.pub
 ```
 - [Setup](gpg/basics.md)
 - [Extras](gpg/extras.md)
--- a/data/gpg/basics.md
+++ b/data/gpg/basics.md
@ -0,0 +1,141 @@
 ---
 title: "GPG Basics"
 tags: [ "Documentation", "data", "GPG" ]
 ---
 # Making keys
 Generate keys:
 ```bash
 gpg --gen-key
 ```
 Follow the guide.
 # Encrypting a file
 ```bash
 gpg -r malinfreeborn@posteo.net -e file
 ```
 `-r` specifies the recipient.
 Check you have an encrypted version of your file.
 # Changing Expiration Dates
 gpg --list-keys
 ... and then use the second part of 'pub', which is the ID.  But that's not appearing here so... on with gpg2?
 # Making encrypted files with a local password
 Make a password with a password (cypher encryption).
 ```bash
 gpg -c --output passwords.txt
 ```
 or 
 ```bash
 gpg -c > passwords.txt
 ```
 Put in a password.
 Write message then stop with Ctrl+d.
 Get the message back out the file with:
 ```bash
 gpg -d passwords.txt
 ```
 # Circles of Trust
 Search for a key at any key store:
 ```bash
 gpg --search-keys nestorv
 ```
 Once you've made a decision about someone:
 ```bash
 gpg --list-keys
 ```
 You get something like this:
 ```
 pub   rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
      CD30421FD825696BD95F1FF644C62C57B790D3CF
 uid           [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
 sub   rsa3072 2021-08-15 [E] [expires: 2023-08-15]
 ```
 Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
 This is a fingerprint.
 You can now decide the trust level (this stays on your computer).
 ```bash
 gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF
 ```
 Once you're in the interface, type `trust`.
 ```bash
 gpg --sign-key alice@posteo.net
 ```
 # Swapping Keys
 This system relies on a ring of people swapping key information.
 ## Sending
 Send those trusted keys up to a server, so people can see you have verified them:
 ```bash
 gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
 ```
 ## Upload Your Keys
 ## Add More Key Servers
 Key servers often swap keys, but it's best to just send to multiple places immediately.
 You can add key servers by adding this to `~/.gnupg/gpg.conf`.
 ```
 keyserver hkps://keys.openpgp.org
 keyserver hkps://mail-api.proton.me
 keyserver hkps://keys.mailvelope.com
 ```
 # Refresh Keys
 Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more).
 ```bash
 gpg --refresh-keys
 ```
 You can use the [crontab](../basics/cron.md) to refresh keys.
 # Export
 Your public key:
 ```bash
 gpg --output me.gpg --armor --export
 ```
 Alternatively:
 ```bash
 gpg --export -a person@email.tld > my_key.pub
 ```
--- a/data/gpg/extras.md
+++ b/data/gpg/extras.md
@ -0,0 +1,10 @@
 ---
 title: "gpg"
 tags: [ "Documentation", "vim", "data", "GPG" ]
 ---
 The `vim-gnupg` plugin lets vim edit gpg-encrypted files as if they were unencrypted.
 It's probably in your package manager.
 If not, you'll need to endure the faff of following the [instructions](http://www.vim.org/scripts/script.php?script_id=3645).
--- a/data/radicale.md
+++ b/data/radicale.md
@ -29,11 +29,10 @@ Edit `/etc/radicale/config`, changing the `[auth]` section from this:
 ...to this:
 ```
-#type = htpasswd
+type = htpasswd
 ```
-If the service is started, restart it to make sure nobody can sign in without a password.
+Make sure the service is off, as people may be able to sign in without a password at this point.
 Next, find the `htpasswd` program.
 You might get it in the `apache` package or similar.
@ -41,7 +40,7 @@ You might get it in the `apache` package or similar.
 `htpasswd` allows you to generate passwords for users, and place them in `/etc/radicale/users`.
 ```bash
-PASS="$(xkcdpass)
+PASS="$(xkcdpass)"
 htpasswd -nb $USER "$PASS" | sudo tee -a /etc/radicale/users
 echo "Your username is $USER"
 echo "Your password is $PASS"
@ -96,14 +95,12 @@ Finally, replace the example `DOMAIN` with your actual domain name.
 ```bash
 DOMAIN=whatever.com
 sudo sed -i "s/DOMAIN/$DOMAIN/g" /etc/nginx/sites-available/radicale 
 ```
 (optional: replace that `cal.` prefix with anything else)
 Check nginx is happy:
 ```bash
 sudo nginx -t
 ```
@ -115,7 +112,6 @@ sudo certbod -d cal.$DOMAIN
 Start or restart both services:
 ```bash
 sudo systemctl start radicale
 sudo systemctl restart nginx
@ -123,4 +119,4 @@ sudo systemctl restart nginx
 You should now be able to log into your calendar, and add it to a phone.
-NB: you don't need the port number.
+**NB:** you don't need the port number.
--- a/data/sharing_secrets.md
+++ b/data/sharing_secrets.md
@ -0,0 +1,23 @@
 ---
 title: "Sharing Secrets"
 tags: [ "data", "death", "secrets", "ssss" ]
 ---
 You can share parts of a secret with multiple people, so only some of them need to agree to see the secret.
 Install `ssss`, then decide on the total number of secrets (`N`), and the threshold of people who must share their shard of the secret in order to reveal the secret.
 ```bash
 N=5
 T=3
 FILE=secret.txt
 fortune | ssss-split -t $T -n $N > $FILE
 ```
 Each shard is a line inside secret.txt.
 Check it's working:
 ```bash
 head -n $T $FILE | ssss-combine -t $T
 tail -n $T $FILE | ssss-combine -t $T
 ```
--- a/data/sqlite.md
+++ b/data/sqlite.md
@ -0,0 +1,21 @@
 ---
 title: "sqlite"
 tags: [ "Documentation", "data" ]
 ---
 Work with a database:
 ```bash
 sqlite3 "$FILE".sqlite3
 ```
 Compress the database:
 ```sqlite
 pragma vacuum;
 ```
 Optimize the database:
 ```sqlite
 pragma optimize;
 ```
--- a/distros/arch/scripts/archpi.sh
+++ b/distros/arch/scripts/archpi.sh
@ -1,57 +0,0 @@
 #!/bin/bash
 # https://www.unixmen.com/install-arch-linux-raspberry-pi/
 pacman-key --init || echo init fail >> log
 pacman-key --populate archlinuxarm || echo update fail >> log
 pacman -Syyuu || echo update fail  >> log
 sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
 echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
 locale-gen
 pacman -S base-devel htop ranger tmux lolcat fortune-mod git figlet rxvt-unicode task timew calcurse fail2ban
 # texlive-most 
 if [[ $2 == all || $1 == all ]]; then
 	pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
 fi
 # Audio
 echo 'dtparam=audio=on' >> /boot/config.txt
 if [[ $1 == audio ]]; then
 	pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins 
 fi
 echo 'device_tree_param=spi=on' >> /boot/config.txt
 # for a vnc viewer
 if [[ $1 == vnc ]]; then
 	tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode 
 fi
 # Swap
 cd /var/cache/swap
 dd if=/dev/zero of=swapfile bs=1K count=2M
 chmod 600 swapfile
 mkswap swapfile
 swapon swapfile
 echo "/var/cache/swap/swapfile none swap sw 0 0" > /etc/fstab
 # fail2ban
 [ -e sshd.local ] && \
 pacman -S fail2ban && \
 mv sshd.local /etc/fail2ban/jail.d && \
 systemctl start fail2ban
 # If it won't reboot, install `arch-install-scripts` then try again and firstly:
 # genfstab / > /etc/fstab
--- a/distros/arch/scripts/gitea_install.sh
+++ b/distros/arch/scripts/gitea_install.sh
@ -1,9 +0,0 @@
 #!/bin/sh
 pacman -S gitea postgresql
 sudo su postgres -c 'initdb -D /var/lib/postgres/data'
 sudo systemctl start postgresql
 sudo su postgres -c 'createuser -P gitea'
 sudo su postgres -c 'createdb -O gitea gitea'
 sudo sed -i 's/mysql/postgres/' /etc/gitea/app.ini
 sudo sed -i 's/root/gitea/' /etc/gitea/app.ini
 sudo systemctl start gitea
--- a/distros/arch/scripts/pihole.sh
+++ b/distros/arch/scripts/pihole.sh
@ -1,79 +0,0 @@
 #!/bin/bash
 set -e
 yay -S pi-hole-ftl pi-hole-server
 # Configuration in /etc/pihole/pihole-FTL.db
 # You can change DBINTERVAL to 60 or more to limit writes to disk
 sudo systemctl disable --now systemd-resolved
 sudo systemctl enable --now pihole-FTL
 pihole -g
 pihole -c
 if [ "$1" == "unbound" ]; then
 sudo pacman -S unbound
 sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
 echo "server:
    # If no logfile is specified, syslog is used
    # logfile: "/var/log/unbound/unbound.log"
    verbosity: 0
    interface: 127.0.0.1
    port: 5335
    do-ip4: yes
    do-udp: yes
    do-tcp: yes
    # May be set to yes if you have IPv6 connectivity
    do-ip6: no
    # You want to leave this to no unless you have *native* IPv6. With 6to4 and
    # Terredo tunnels your web browser should favor IPv4 for the same reasons
    prefer-ip6: no
    # Use this only when you downloaded the list of primary root servers!
    # If you use the default dns-root-data package, unbound will find it automatically
    #root-hints: "/var/lib/unbound/root.hints"
    # Trust glue only if it is within the server's authority
    harden-glue: yes
    # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
    harden-dnssec-stripped: yes
    # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
    # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
    use-caps-for-id: no
    # Reduce EDNS reassembly buffer size.
    # Suggested by the unbound man page to reduce fragmentation reassembly problems
    edns-buffer-size: 1472
    # Perform prefetching of close to expired message cache entries
    # This only applies to domains that have been frequently queried
    prefetch: yes
    # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
    num-threads: 1
    # Ensure kernel buffer is large enough to not lose messages in traffic spikes
    so-rcvbuf: 1m
    # Ensure privacy of local IP ranges
    private-address: 192.168.0.0/16
    private-address: 169.254.0.0/16
    private-address: 172.16.0.0/12
    private-address: 10.0.0.0/8
    private-address: fd00::/8
    private-address: fe80::/10
 " | sudo   tee /etc/unbound.conf
 	echo "Make this the  only pihole DNS: PIHOLE_DNS_1=127.0.0.1 in /etc/pihole/setupVars.conf"
 fi
--- a/distros/arch/scripts/steam.sh
+++ b/distros/arch/scripts/steam.sh
@ -1,8 +0,0 @@
 #!/bin/bash
 flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
 flatpak --user install flathub com.valvesoftware.Steam
 flatpak run com.valvesoftware.Steam
--- a/distros/arch/scripts/yay.sh
+++ b/distros/arch/scripts/yay.sh
@ -1,10 +0,0 @@
 git clone https://aur.archlinux.org/yay.git
 cd yay
 makepkg -si
 yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo torrench
 yay -S ttf-tengwar-annatar
--- a/distros/void/locale.md
+++ b/distros/void/locale.md
@ -1,6 +1,6 @@
 ---
-title: "locales"
+title: "Void locale"
-tags: [ "void" ]
+tags: [ "void", "locale" ]
 ---
 Check the current locales:
--- a/networking/graph-easy.md
+++ b/networking/graph-easy.md
@ -1,6 +1,6 @@
 ---
-title: "graph-easy"
+title: "Easy Network Graph"
-tags: [ "Documentation" ]
+tags: [ "Documentation", "Networking" ]
 ---
 Set up a file like this, called `troubleshooting.txt`.
--- a/networking/pip.md
+++ b/networking/pip.md
@ -1,27 +0,0 @@
 ---
 title: "pip"
 tags: [ "Documentation", "Networking" ]
 ---
 ```
 Searching does not work.
 Install with:
 ```bash
 pip install [ package ]
 ```
 Upgrade all packages
 ```bash
 pip freeze --local | grep -v '^\-e' | cut -d = -f 1  | xargs -n1 pip install -U
 ```
 # Troubleshooting
 You may need a python3 package.
 In this case, try:
 ```bash
 pip3 install [ package ]
--- a/networking/transmission.md
+++ b/networking/transmission.md
@ -136,3 +136,32 @@ Without the `--anonymize` flag, the torrent file output will have a 'created by'
 - udp://explodie.org:6969/announce
 - https://tracker.gbitt.info:443/announce
 - http://tracker.gbitt.info:80/announce
 ## Verify
 Add your torrent and notes its number:
 ```bash
 transmission-remote -a "$file".torrent
 transmission-remote -l
 transmission-remote -t "$number" -i
 ```
 The information in the last command shows that it's not verified, so you can verify with `-v`.
 ```bash
 transmission-remote -t "$number" -v
 ```
 If transmission cannot find it, then tell it where to find the torrent:
 ```bash
 transmission-remote -t "$number" --find "$(pwd)"
 ```
 ...and of course, make sure the permissions allow transmission to see the target.
 ```bash
 ls -ld "$file"
 ```
--- a/new.sh
+++ b/new.sh
@ -14,7 +14,7 @@ filePath="$category/$(echo $name | sed 's/ /_/g').md"
 tagsList="$(echo \"$category | sed 's#\/#", "#g')\""
-[ -e "$filePath" ] && $EDITOR $filePath && exit 0
+[ -e "$filePath" ] && $EDITOR "$filePath" && exit 0
 echo "---
 title: \"$name\"
--- a/system/monitoring.md
+++ b/system/monitoring.md
@ -0,0 +1,24 @@
 ---
 title: "Monitoring"
 tags: [ "Documentation", "System", "CPU", "Memory" ]
 ---
 Print the average CPU load over 1 minute, 5 minutes, and 15 minutes:
 ```bash
 watch -d cat /proc/loadavg
 stress="$(cat /proc/loadavg | awk '{print "Usage:" $2"%"}')"
 ```
 Show memory usage in Gibitytes.
 ```bash
 free -g
 ```
 Show low and high gigibtye usage on a *l*ine, and repeat the measurement every 5 seconds:
 ```bash
 REP=5
 free --lohi -g -s $REP | lolcat
 ```
--- a/system/systemd/journal.md
+++ b/system/systemd/journal.md
@ -2,6 +2,18 @@
 title: "journal"
 tags: [ "Documentation", "systemd" ]
 ---
 See a running log of all system messages:
 ```bash
 journalctl -f
 ```
 Or just one unit (`sshd`):
 ```bash
 journalctl -f -u sshd
 ```
 Find errors since November
@ -14,3 +26,13 @@ Limit size to 2G.
 ```bash
 journalctl --vacuum-size=2G
 ```
 Log the fact that you've installed your own `dnsmasq` on your system to `journalctl`, so that you can notice why your system's broken:
 ```bash
 logger "Installed new dnsmasq"
 sudo journalctl -f
 ```
--- a/vision/lowdown.md
+++ b/vision/lowdown.md
@ -0,0 +1,21 @@
 ---
 title: "Markdown to PDF"
 tags: [ "Documentation", "Markdown", "PDF", "Vision" ]
 ---
 Turn a markdown file into a pdf:
 ```bash
 lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
 ```
 To give the document a title, put that title in the metadata:
 ```bash
 sed -i "1 i---" "$FILE".md
 sed -i "1 ititle: $TITLE" "$FILE".md
 sed -i "1 i---" "$FILE".md
 lowdown -L "$FILE".md
 lowdown -X title "$FILE".md
 lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
 ```