53 changed files with 522 additions and 1390 deletions
--- a/README.md
+++ b/README.md
@ -26,8 +26,6 @@ The chronology should never branch.
 If `gitea` can use three different types of database, the documentation should simply pick one and continue instructions from there.
 Repetition works better than a reference - if a database requires three commands to set up, it's better to repeat those three commands for every program that requires a database than to just link to another file which discusses databases.
 ---
 ### Closing
 Introductory documents should show anything required to cleanly uninstall a program, without leaving bulky configuration files behind.
@ -54,8 +52,6 @@ Non-commands (e.g. output) should be shown as quoted text:
 > Mail         kn
 > Projects     music
 ---
 # Example
 ```
@ -65,9 +61,9 @@ How to see which websites you're actively accessing:
 ss -tr dst :$PORT
 ` ` `   
-> State  Recv-Q  Send-Q   Local Address:Port     Peer Address:Port   Process  
+> State  Recv-Q  Send-Q   Local Address:Port                                    Peer Address:Port   Process  
-> ESTAB  0       0         192.168.0.14:42476  149.154.167.91:https           
+> ESTAB  0       0         192.168.0.14:42476                                 149.154.167.91:https           
-> ESTAB  0       0         192.168.0.14:43644   104.17.90.199:https           
+> ESTAB  0       0         192.168.0.14:43644                                  104.17.90.199:https           
 ```
--- a/basics/cron.md
+++ b/basics/cron.md
@ -14,31 +14,20 @@ Once installed, search for the service name, and start it.
 ```bash
 sudo systemctl list-unit-files | grep cron
 sudo systemctl enable --now $NAME
 ```
 Make a file for your crontab, like this:
 ```bash
-echo '39 */3 * * * /usr/bin/updatedb' > "$USER".cron
+sudo systemctl enable --now cron
 ```
-Then apply that crontab:
+You can *e*dit your crontab with:
 ```bash
-crontab "$USER".cron
+crontab -e
 rm "$USER".cron
 ```
 The `cron` program will check your syntax before adding the tab.
 Your crontab file sits somewhere in `/var/spool/`.
 Probably in `/var/spool/cron`.
-Check how your tab currently looks:
+> 39 */3 * * * /usr/bin/updatedb
 ```bash
 crontab -l
 ```
 ## Syntax
@ -102,7 +91,7 @@ run-parts /etc/cron.hourly
 ### Variables
 Add your `$HOME` to crontab to use scripts.
-First add `HOME=/home/$USER`, then you can use syntax like this:
+First add `HOME=/home/user`, then you can use syntax like this:
 0 * * * * $HOME/.scripts/myScript.sh
@ -111,6 +100,7 @@ First add `HOME=/home/$USER`, then you can use syntax like this:
 ```bash
 $HOME/.scripts/myScript.sh
 ```
 You can also add your regular path to your crontab as a variable (see example below).
 If you're using vim as the editor, just run this at the top of your crontab:
@ -141,3 +131,5 @@ PATH=/usr/condabin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/u
 50 18 * * * /usr/bin/timeout 30m /usr/bin/syncthing
 ```
--- a/basics/eval.md
+++ b/basics/eval.md
@ -1,22 +0,0 @@
 ---
 title: "eval"
 tags: [ "basics" ]
 ---
 Compose a statement for execution.
 ```bash
 x='echo $y'
 echo $x
 y=dragon
 eval "$x"
 ```
 The results remain in the current shell, unlike sub-shells.
 ```bash
 b=basilisk
 sh -c 'echo $b'
 eval "g=goblin"
 echo $g
 ```
--- a/basics/games.md
+++ b/basics/games.md
@ -1,11 +0,0 @@
 ---
 title: "bash games"
 tags: [ "Documentation", "Games" ]
 ---
 Games are a great way to learn bash.
 - `mapscii.me` is an interactive terminal map.
    1. Install telnet.
    1. `telnet mapscii.me`
 - [Over the Wire](https://overthewire.org/wargames) teaches bash with small challenging you can do over `ssh`.
--- a/basics/hard_links.md
+++ b/basics/hard_links.md
@ -1,38 +0,0 @@
 ---
 title: "hard links"
 tags: [ "basics", "links" ]
 ---
 A hard link is one file which exists in multiple locations.
 Each file has an ID, which is kept on the hard disk's partition.
 Each hard link has the same ID, because they are the same file.
 This ID is called the 'inode'.
 Create a file, and a hard link:
 ```bash
 fortune > $file_1
 mkdir -p x/y/z/
 ln $file_1 x/y/z/$file_2
 ```
 Have a long look at the file with the `-l` flag, and check the inode with `-i`:
 ```bash
 ls -li $file_1 x/y/z/$file_2
 ```
 Since they are the same file, you can make a change to one, and it changes both:
 ```bash
 fortune | tee x/y/z/$file_2
 cat $file_1
 cat x/y/z/$file_2
 ```
 # Danger Zone
 - hard links will not work on directories, only standard files and fifos.
 - `git` will destroy and remake files, so it will not respect hard links.
 - Files cannot have a hard link on another disk partition, because the inode is stored on each partition.
--- a/basics/links.md
+++ b/basics/links.md
@ -1,9 +1,19 @@
 ---
 title: "links"
-tags: [ "basics", "links" ]
+tags: [ "Documentation", "Basics" ]
 ---
 Link from X to Y.
-There are two types:
+```bash
 ln -s X ../otherdir/Y
 ```
 If you want a hard link, this will make a single file exist in two locations.
 If it is deleted in one location, it continues to exist in the other.
 ```bash
 ln *X* *Y*
 ```
 Both files must be on the same hard drive, as they have the same inode (check this with `ls -i file`).
 - [Soft links](soft_links.md)
 - [Hard links](hard_links.md)
--- a/basics/ls.md
+++ b/basics/ls.md
@ -1,46 +0,0 @@
 ---
 title: "ls"
 tags: [ "basics" ]
 ---
 Firstly, your `ls` is probably aliased to something.
 Check it with:
 ```bash
 alias ls
 ```
 If the prompt shows some alias, then start by removing it:
 ```bash
 unalias ls
 ```
 Now we can begin.
 Check the most recently modified file:
 ```bash
 ls -t
 ```
 Reverse this with `tac` to see the file which has been unmodified the longest:
 ```bash
 ls -t | tac
 ```
 Group files by extension:
 ```bash
 ls -X
 ```
 Sort largest files first:
 ```bash
 ls -X
 ```
--- a/basics/soft_links.md
+++ b/basics/soft_links.md
@ -1,72 +0,0 @@
 ---
 title: "soft links"
 tags: [ "basics", "links" ]
 ---
 A soft link is a file which says how to go to another file.
 When a program encounters a soft link, it will make a  guess at whether it should ignore it, or try to get to that file.
 To make a soft link to a file in the current directory, linking is easy:
 ```bash
 fortune > $file_1
 ln -s $file_1 $link_1
 ```
 Now imagine your directory looks like this:
 ```
 dir_0/
 ├── dir_1
 │   └── file_1
 ├── dir_2
 │   └── file_1
 ├── file_1
 └── link_1
 ```
 Inside `dir_1`, making a soft link to `dir_0/file_1` would mean putting the directions to that file:
 ```bash
 cd dir_1
 ln -s ../file_1 link_1
 ```
 The real content of the file is just '`../file_1`, so making it from another directory would mean writing exactly the same address to that file:
 ```bash
 ln -s ../file_1 dir_2/link_2
 ```
 Both symlinks are identical, except for the name.
 ```
 dir_0/
 ├── dir_1
 │   ├── file_1
 │   └── link_1   <-- This one points to ../file_1
 ├── dir_2
 │   ├── file_1
 │   └── link_2   <-- This one points to ../file_1 as well.
 └── file_2
 ```
 Since it's just an address, you can delete the original file, then make another.
 ```bash
 rm file_1
 ls -l dir_1/
 fortune > file_1
 cat dir_2/link_2
 fortune | tee -a file_1
 cat dir_1/link_1
 ```
 Last, let's make a link from `dir_2/link_2` to `dir_1/file_1` (this will delete the old link):
 ```bash
 ln -s -f ../dir_1/file_1 dir_2/link_2
 cat dir_2/link_2
 ```
--- a/basics/time.md
+++ b/basics/time.md
@ -68,11 +68,3 @@ ntpq -p
 Usually this is run as a service, so just start that service.
 # Force Reset
 If your clock drifts too far from the right time, it will not reset happily.
 For it to reset like this:
 ```bash
 sudo ntpd -q -g -x -n
 ```
--- a/basics/tree.md
+++ b/basics/tree.md
@ -1,36 +0,0 @@
 ---
 title: "tree"
 tags: [ "basics", "tree", "markdown" ]
 ---
 The `tree` utility outputs a full listing of everything in your current directory, and those below.
 - Just directories: `tree -d`
 - Output colour to `less`: `tree -C --info | less -re`
 - Ignore files in the `.gitignore` file: `tree --gitignore`
 You can place information about the files in a directory to use with the `tree --info` option, like this:
 ```
 config
 	Config files.
 	This is a git submodule.
 README.md
 	Summary of the git.
 *.jpg
 	Little picture, does not display
 	words well.
 ```
 Each description-line starts with a tab.
 ## Markdown Conversion
 To represent a file structure as a nested series of markdown lists, you can try this horrifying `sed` one-liner:
 ```bash
 tree -tf --dirsfirst --gitignore --noreport --charset ascii  | \
    sed -e 's/| \+/  /g' \
    -e 's/[|`]-\+/ */g' \
    -e 's:\(* \)\(\(.*/\)\([^/]\+\)\):\1[\4](\2):g'
 ```
--- a/basics/yes.md
+++ b/basics/yes.md
@ -1,24 +0,0 @@
 ---
 title: "yes"
 tags: [ "basics" ]
 ---
 # The Best Linux Program: `yes`
 The program `yes` prints the word `yes` to your terminal until you cancel it, perhaps with 'Control + c'.
 Or technically it prints `yes\n`, meaning `yes` and then a new line (like pressing the Return key).
 This is extremely powerful.
 If you ever want to automatically install something which persistently nags you with `do you want to do the thing? [y/N]?`, then you can just pipe `yes` into that program, and it will answer 'yes' to all questions.
 ```bash
 yes | $INSTALL_SCRIPT_FILE.sh
 ```
 This works best for disposable systems, like VMs or containers.
 Try this on a live system, and you might find out that you should have read that message fully.
 ```bash
 yes | yay
 ```
--- a/chat/profanity-otr.md
+++ b/chat/profanity-otr.md
@ -1,57 +0,0 @@
 ---
 title: "profanity"
 tags: [ "Documentation", "Chat", "OTR" ]
 ---
 # otr
 'Off The Record' encryption seems mostly dead to me.
 But this is what I did, back in the day...
 Install libotr-dev or libotr5-dev or whatever..
 ```
 sudo apt -y install lib5otr-dev
 ```
 Make your otr keys.
 ```
 /otr gen
 ```
 Then you can start an otr converstation.
 ```
 /otr start bob@jobbies.org
 ```
 Or if you already have a conversation windows open, switch to our using:
 ```
 /otr
 ```
 Finally, verify!
 ```
 /otr question "Who are you?" bob
 ```
 Bob is verified upon the answer, 'bob'.
 ### OTR Finger Prints
 Get yours with 
 ```
 /otr myfp
 ```
 ```
 /otr theirfp
 ```
 ```
 /otr myfp
 ```
--- a/chat/profanity.md
+++ b/chat/profanity.md
@ -1,6 +1,6 @@
 ---
 title: "profanity"
-tags: [ "Documentation", "Chat", "omemo" ]
+tags: [ "Documentation", "Chat" ]
 ---
 # Setup (Commands)
@ -140,6 +140,54 @@ You can ensure omemo automatcally turns on:
 ```
 /omemo policy automatic
 ```
 ---
-'OTR' encryption is mostly dead, but you can find the old instructions [here](profanity-otr).
+## otr
 Install libotr-dev or libotr5-dev or whatever..
 ```
 sudo apt -y install lib5otr-dev
 ```
 Make your otr keys.
 ```
 /otr gen
 ```
 Then you can start an otr converstation.
 ```
 /otr start bob@jobbies.org
 ```
 Or if you already have a conversation windows open, switch to our using:
 ```
 /otr
 ```
 Finally, verify!
 ```
 /otr question "Who are you?" bob
 ```
 Bob is verified upon the answer, 'bob'.
 ### OTR Finger Prints
 Get yours with 
 ```
 /otr myfp
 ```
 ```
 /otr theirfp
 ```
 ```
 /otr myfp
 ```
--- a/data/calcurse.md
+++ b/data/calcurse.md
@ -1,9 +0,0 @@
 ---
 title: "calcurse"
 tags: [ "data", "calendar", "daylight savings" ]
 ---
 ## Setup
 The UK government keeps an ics file with clock, [here](https://www.gov.uk/when-do-the-clocks-change/united-kingdom.ics).
--- a/data/email.md
+++ b/data/email.md
@ -1,73 +0,0 @@
 ---
 title: "e-mail"
 tags: [ "data", "smtp" ]
 ---
 This is bare-bones, original, primitive e-mail.
 Install `opensmtpd` (or similar), then `ncat` or `nc` or `netcat` (this mysterious cat has many names).
 Start the `opensmtpd` service, then use netcat to speak with the mail-daemon:
 ```
 nc localhost 25
 ```
 The computer should respond with code `220`, which means 'I am listening'.
 > 220 hex ESMTP OpenSMTPD
 ```
 HELO gmail.com
 ```
 You say `HELO` and say where you are coming from.
 The `smtpd` will not check, so I am going to lie to it.
 Mail servers are easily impressed, so it will be pleased to meet you.
 > 250 hex Hello gmail.com [::1], pleased to meet you
 ```
 MAIL FROM: <admin@gmail.com>
 ```
 All the mail commands start with 4 bytes, because it's easier for admins to program.
 Tell the mail daemon who you are in this format.
 > 250 2.0.0 Ok
 Then tell it who you're sending to.
 ```
 RCPT TO: <www@dmz.rs>
 ```
 > 250 2.1.5 Destination address valid: Recipient ok
 Finally, tell it that you want to send `DATA`.
 ```
 DATA
 ```
 > 354 Enter mail, end with "." on a line by itself
 ```
 Subject: turn off server please
 very urgent
 .
 ```
 > 250 2.0.0 73864a49 Message accepted for delivery
 You will find the email under `/var/spool` or `/var/mail` or similar.
 If unsure, just take a part of your email, like `FRAGMENT="turn off server please"`, then `grep` for it:
 ```bash
 sudo grep -r $FRAGMENT /var/spool/*
 ```
--- a/data/git/git-lfs.md
+++ b/data/git/git-lfs.md
--- a/data/git/basics.md
+++ b/data/git/basics.md
@ -92,7 +92,7 @@ A branch is a full copy of the project to test additional ideas.
 You can make a new branch called 'featurez' like this:
 ```bash
-git branch $FEATURE_BRANCH
+git branch *featurez*
 ```
 Have a look at all your branches:
@ -104,20 +104,19 @@ git branch
 Switch to your new branch:
 ```bash
-git checkout $FEATURE_BRANCH
+git checkout *featurez*
 ```
 And if your changes are rubbish, checkout the "master" branch again, then delete "featurez":
 ```bash
-git branch -D $FEATURE_BRANCH
+git branch -D *featurez*
 ```
 Or if it's a good branch, push it to the remote:
 ```bash
-remote=origin
+git push *origin* *featurez*
 git push $remote $FEATURE_BRANCH
 ```
 ## Merging
@ -125,13 +124,13 @@ git push $remote $FEATURE_BRANCH
 Once you like the feature, merge it into the main branch.  Switch to master then merge it:
 ```bash
-git merge $FEATURE_BRANCH
+git merge *featurez*
 ```
-And delete the branch, as you've already merged it:
+and delete `featurez` as you've already merged it:
 ```bash
-git branch -d $FEATURE_BRANCH
+git branch -d featurez
 ```
 # Subtree
@ -142,6 +141,34 @@ git branch -d $FEATURE_BRANCH
 git subtree add -P config git@gitlab.com:bindrpg/config.git master
 ```
 ## Pulling a Subtree from an existing git
 The project has subdirectories sub-1,sub-2,sub-3.  The first should be its own repository, but should also retain its own history.
 First, we extract its history as an independent item, and make that into a seprate branch.
 ```bash
 git subtree split --prefix=sub-1 -b sub
 ```
 If you want something a few directories deep, you can use `--prefix=sub-1/dir-2/dir-3
 Then go and create a new git somewhere else:
 ```bash
 cd ..;mkdir sub-1;cd sub-1;git init --bare
 ```
 Then go back to your initial git repo, and do the following:
 git push ../subtest sub:master
 Finally, you can clone this repo from your original.
 ```bash
 git clone ../subtest
 ```
 # Tricks
 ## Delete All History
--- a/data/git/git_secret.md
+++ b/data/git/git_secret.md
@ -1,9 +0,0 @@
 ---
 title: "git secret"
 tags: [ "data", "git" ]
 ---
 This utility is largely useless, as it can only identify people by their email.
 So if someone has multiple GPG keys associated with one email, the tool will not work.
 Worse than not working, it may 'suddenly' stop working as you try to transfer a secret to someone, who then discovers that `git-secret` requires them to mess about with their GPG keyring in order to use the repository.
--- a/data/git/hooks.md
+++ b/data/git/hooks.md
@ -1,29 +0,0 @@
 ---
 title: "git hooks"
 tags: [ "Documentation", "data", "git" ]
 ---
 Check out the sample hooks:
 ```bash
 cd $GIT_REPO
 ls .git/hooks
 head .git/hooks/pre-commit.sample
 ```
 Add a hook to check the shell scripts in `$GIT_REPO` before making a commit:
 ```bash
 echo '#!/bin/sh
 shellcheck *.sh' > .git/hooks/commit-msg
 chmod u+x .git/hooks/commit-msg
 ```
 ## Committing
 Your `git hooks` will not enter the repository, but you can commit them to a repository, then request others add these git hooks to their own branch, by putting a note in the project's `README.md`.
 ```markdown
 The project comes with recommended git hooks.
 You can activate the hooks with `git config core.hooksPath hooks`.
 ```
--- a/data/git/subtree.md
+++ b/data/git/subtree.md
@ -1,34 +0,0 @@
 ---
 title: "git"
 tags: [ "Documentation", "data", "git", "subtree" ]
 ---
 ## Pulling a Subtree from an existing git
 The project has subdirectories `sub-1`, `sub-2`, `sub-3`.
 The first should be its own repository, but should also retain its own history.
 First, we extract its history as an independent item, and make that into a seprate branch.
 ```bash
 git subtree split --prefix=sub-1 -b sub
 ```
 If you want something a few directories deep, you can use `--prefix=sub-1/dir-2/dir-3
 Then go and create a new git somewhere else:
 ```bash
 cd ..;mkdir sub-1;cd sub-1;git init --bare
 ```
 Then go back to your initial git repo, and do the following:
 git push ../subtest sub:master
 Finally, you can clone this repo from your original.
 ```bash
 git clone ../subtest
 ```
--- a/data/gpg.md
+++ b/data/gpg.md
@ -1,7 +1,119 @@
 ---
 title: "gpg"
-tags: [ "Documentation", "data", "GPG" ]
+tags: [ "Documentation", "data" ]
 ---
 # Making keys
 Generate keys:
 ```bash
 gpg --gen-key
 ```
 Follow the guide.
 # Encrypting a file
 ```bash
 gpg -r malinfreeborn@posteo.net -e file
 ```
 `-r` specifies the recipient.
 Check you have an encrypted version of your file.
 # Changing Expiration Dates
 gpg --list-keys
 ... and then use the second part of 'pub', which is the ID.  But that's not appearing here so... on with gpg2?
 # Making encrypted files with a local password
 Make a password with a password (cypher encryption).
 ```bash
 gpg -c --output passwords.txt
 ```
 or 
 ```bash
 gpg -c > passwords.txt
 ```
 Put in a password.
 Write message then stop with Ctrl+d.
 Get the message back out the file with:
 ```bash
 gpg -d passwords.txt
 ```
 # Circles of Trust
 Search for a key at any key store:
 ```bash
 gpg --search-keys nestorv
 ```
 Once you've made a decision about someone:
 ```bash
 gpg --list-keys
 ```
 You get something like this:
 ```
 pub   rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
      CD30421FD825696BD95F1FF644C62C57B790D3CF
 uid           [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
 sub   rsa3072 2021-08-15 [E] [expires: 2023-08-15]
 ```
 Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
 This is a fingerprint.
 You can now decide the trust level (this stays on your computer).
 ```bash
 gpg --edit-key *CD30421FD825696BD95F1FF644C62C57B790D3CF*
 ```
 Once you're in the interface, type `trust`.
 ```bash
 gpg --sign-key alice@posteo.net
 ```
 Then send those trusted keys up to a server, so people can see you have verified them:
 ```bash
 gpg --send-keys *024C6B1C84449BD1CB4DF7A152295D2377F4D70F*
 ```
 # Refresh Keys
 ```bash
 gpg --refresh-keys
 ```
 # Export
 Your public key:
 ```bash
 gpg --output *me*.gpg --armor --export
 ```
 or
 ```bash
 gpg --export -a *person@email.tld* > *my_key*.pub
 ```
 - [Setup](gpg/basics.md)
 - [Extras](gpg/extras.md)
--- a/data/gpg/basics.md
+++ b/data/gpg/basics.md
@ -1,141 +0,0 @@
 ---
 title: "GPG Basics"
 tags: [ "Documentation", "data", "GPG" ]
 ---
 # Making keys
 Generate keys:
 ```bash
 gpg --gen-key
 ```
 Follow the guide.
 # Encrypting a file
 ```bash
 gpg -r malinfreeborn@posteo.net -e file
 ```
 `-r` specifies the recipient.
 Check you have an encrypted version of your file.
 # Changing Expiration Dates
 gpg --list-keys
 ... and then use the second part of 'pub', which is the ID.  But that's not appearing here so... on with gpg2?
 # Making encrypted files with a local password
 Make a password with a password (cypher encryption).
 ```bash
 gpg -c --output passwords.txt
 ```
 or 
 ```bash
 gpg -c > passwords.txt
 ```
 Put in a password.
 Write message then stop with Ctrl+d.
 Get the message back out the file with:
 ```bash
 gpg -d passwords.txt
 ```
 # Circles of Trust
 Search for a key at any key store:
 ```bash
 gpg --search-keys nestorv
 ```
 Once you've made a decision about someone:
 ```bash
 gpg --list-keys
 ```
 You get something like this:
 ```
 pub   rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
      CD30421FD825696BD95F1FF644C62C57B790D3CF
 uid           [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
 sub   rsa3072 2021-08-15 [E] [expires: 2023-08-15]
 ```
 Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
 This is a fingerprint.
 You can now decide the trust level (this stays on your computer).
 ```bash
 gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF
 ```
 Once you're in the interface, type `trust`.
 ```bash
 gpg --sign-key alice@posteo.net
 ```
 # Swapping Keys
 This system relies on a ring of people swapping key information.
 ## Sending
 Send those trusted keys up to a server, so people can see you have verified them:
 ```bash
 gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
 ```
 ## Upload Your Keys
 ## Add More Key Servers
 Key servers often swap keys, but it's best to just send to multiple places immediately.
 You can add key servers by adding this to `~/.gnupg/gpg.conf`.
 ```
 keyserver hkps://keys.openpgp.org
 keyserver hkps://mail-api.proton.me
 keyserver hkps://keys.mailvelope.com
 ```
 # Refresh Keys
 Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more).
 ```bash
 gpg --refresh-keys
 ```
 You can use the [crontab](../../basics/cron.md) to refresh keys.
 # Export
 Your public key:
 ```bash
 gpg --output me.gpg --armor --export
 ```
 Alternatively:
 ```bash
 gpg --export -a person@email.tld > my_key.pub
 ```
--- a/data/gpg/extras.md
+++ b/data/gpg/extras.md
@ -1,10 +0,0 @@
 ---
 title: "gpg"
 tags: [ "Documentation", "vim", "data", "GPG" ]
 ---
 The `vim-gnupg` plugin lets vim edit gpg-encrypted files as if they were unencrypted.
 It's probably in your package manager.
 If not, you'll need to endure the faff of following the [instructions](http://www.vim.org/scripts/script.php?script_id=3645).
--- a/data/pdf_erasure.md
+++ b/data/pdf_erasure.md
@ -1,25 +0,0 @@
 ---
 title: "PDF Metadata Erasure"
 tags: [ "Documentation", "Metadata", "Ghost Script" ]
 ---
 Make a text file called 'pdfmark.txt'.
 ```text
 [ /Title ()
 /Author ()
 /Subject ()
 /Creator ()
 /ModDate ()
 /Producer ()
 /Keywords ()
 /CreationDate ()
 /DOCINFO pdfmark
 ```
 Then run:
 ```bash
 gs -o output.pdf -sDEVICE=pdfwrite "$FILE".pdf pdfmark.txt
 ```
--- a/data/radicale.md
+++ b/data/radicale.md
@ -1,122 +0,0 @@
 ---
 title: "radicale and nginx"
 tags: [ "data", "calendar" ]
 ---
 Check before you start:
 - you have a normally running site on nginx already.
 - your server has the directory `/etc/nginx/sites-enabled/` enabled in the nginx config.
 ## Installation and Service
 Install `radicale` through your package manager (not `pip`).
 The standard `radicale` package should come with a nice `systemd` service file.
 If the service comes already-started, stop it immediately:
 ```bash
 sudo systemctl stop radicale
 ```
 ## Set up Passwords
 Edit `/etc/radicale/config`, changing the `[auth]` section from this:
 ```
 #type = none
 ```
 ...to this:
 ```
 type = htpasswd
 ```
 Make sure the service is off, as people may be able to sign in without a password at this point.
 Next, find the `htpasswd` program.
 You might get it in the `apache` package or similar.
 `htpasswd` allows you to generate passwords for users, and place them in `/etc/radicale/users`.
 ```bash
 PASS="$(xkcdpass)"
 htpasswd -nb $USER "$PASS" | sudo tee -a /etc/radicale/users
 echo "Your username is $USER"
 echo "Your password is $PASS"
 ```
 Right now, you can't sign into the server except through the localhost, which is pointless.
 So now we add a subdomain to `nginx`.
 ```nginx
 echo '
 server {
    if ($host = cal.DOMAIN) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
     listen 80;
     server_name cal.DOMAIN;
     location / {
         proxy_pass http://localhost:5232;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     }
     return 301 https://$server_name$request_uri;
 }
 server {
     listen 443 ssl;
     server_name cal.DOMAIN;
    ssl_certificate /etc/letsencrypt/live/cal.DOMAIN/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/cal.DOMAIN/privkey.pem; # managed by Certbot
     location / {
         proxy_pass http://localhost:5232;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     }
 }
 ' > /etc/nginx/sites-available/radicale
 sudo ln -s /etc/nginx/sites-available/radicale /etc/nginx/sites-enables/
 ```
 Finally, replace the example `DOMAIN` with your actual domain name.
 ```bash
 DOMAIN=whatever.com
 sudo sed -i "s/DOMAIN/$DOMAIN/g" /etc/nginx/sites-available/radicale 
 ```
 (optional: replace that `cal.` prefix with anything else)
 Check nginx is happy:
 ```bash
 sudo nginx -t
 ```
 You will almost certainly need a new SSL certificate for the site:
 ```bash
 sudo certbod -d cal.$DOMAIN
 ```
 Start or restart both services:
 ```bash
 sudo systemctl start radicale
 sudo systemctl restart nginx
 ```
 You should now be able to log into your calendar, and add it to a phone.
 **NB:** you don't need the port number.
--- a/data/sharing_secrets.md
+++ b/data/sharing_secrets.md
@ -1,23 +0,0 @@
 ---
 title: "Sharing Secrets"
 tags: [ "data", "death", "secrets", "ssss" ]
 ---
 You can share parts of a secret with multiple people, so only some of them need to agree to see the secret.
 Install `ssss`, then decide on the total number of secrets (`N`), and the threshold of people who must share their shard of the secret in order to reveal the secret.
 ```bash
 N=5
 T=3
 FILE=secret.txt
 fortune | ssss-split -t $T -n $N > $FILE
 ```
 Each shard is a line inside secret.txt.
 Check it's working:
 ```bash
 head -n $T $FILE | ssss-combine -t $T
 tail -n $T $FILE | ssss-combine -t $T
 ```
--- a/data/soft_https.md
+++ b/data/soft_https.md
@ -1,69 +0,0 @@
 ---
 title: "Soft Serve through https"
 tags: [ "data", "git" ]
 ---
 ## `http` Setup
 In this example, the port used is `23231`, but it can be anything.
 Open `/var/lib/soft-serve/data/config.yaml` and make sure the `http` section looks like this:
 ```
 # The HTTP server configuration.
 http:
  # The address on which the HTTP server will listen.
  listen_addr: ":23232"
  # The path to the TLS private key.
  tls_key_path: ""
  # The path to the TLS certificate.
  tls_cert_path: ""
  # The public URL of the HTTP server.
  # This is the address that will be used to clone repositories.
  # Make sure to use https:// if you are using TLS.
  public_url: "http://localhost:23232"
 ```
 Restart the `soft-serve` service, then check it's working by cloning from localhost:
 ```bash
 git clone http://localhost:23232/${some_repo}.git
 ```
 ## `https` Setup
 Put this file at `/etc/nginx/sites-enabled/$DOMAIN.tld`, then set up standard certificates with [nginx](../networking/website/nginx.md).
 (replace `${DOMAIN_NAME}` with your domain's name).
 ```
 server {
     listen 80;
     server_name ${DOMAIN_NAME};
     location / {
         proxy_pass http://localhost:23232;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     }
     return 301 https://$server_name$request_uri;
 }
 server {
     listen 443 ssl;
     server_name ${DOMAIN_NAME};
     location / {
         proxy_pass http://localhost:23232;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     }
 }
 ```
--- a/data/sqlite.md
+++ b/data/sqlite.md
@ -1,21 +0,0 @@
 ---
 title: "sqlite"
 tags: [ "Documentation", "data" ]
 ---
 Work with a database:
 ```bash
 sqlite3 "$FILE".sqlite3
 ```
 Compress the database:
 ```sqlite
 pragma vacuum;
 ```
 Optimize the database:
 ```sqlite
 pragma optimize;
 ```
--- a/distros/arch/scripts/archpi.sh
+++ b/distros/arch/scripts/archpi.sh
@ -0,0 +1,57 @@
 #!/bin/bash
 # https://www.unixmen.com/install-arch-linux-raspberry-pi/
 pacman-key --init || echo init fail >> log
 pacman-key --populate archlinuxarm || echo update fail >> log
 pacman -Syyuu || echo update fail  >> log
 sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
 echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
 locale-gen
 pacman -S base-devel htop ranger tmux lolcat fortune-mod git figlet rxvt-unicode task timew calcurse fail2ban
 # texlive-most 
 if [[ $2 == all || $1 == all ]]; then
 	pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
 fi
 # Audio
 echo 'dtparam=audio=on' >> /boot/config.txt
 if [[ $1 == audio ]]; then
 	pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins 
 fi
 echo 'device_tree_param=spi=on' >> /boot/config.txt
 # for a vnc viewer
 if [[ $1 == vnc ]]; then
 	tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode 
 fi
 # Swap
 cd /var/cache/swap
 dd if=/dev/zero of=swapfile bs=1K count=2M
 chmod 600 swapfile
 mkswap swapfile
 swapon swapfile
 echo "/var/cache/swap/swapfile none swap sw 0 0" > /etc/fstab
 # fail2ban
 [ -e sshd.local ] && \
 pacman -S fail2ban && \
 mv sshd.local /etc/fail2ban/jail.d && \
 systemctl start fail2ban
 # If it won't reboot, install `arch-install-scripts` then try again and firstly:
 # genfstab / > /etc/fstab
--- a/distros/arch/scripts/gitea_install.sh
+++ b/distros/arch/scripts/gitea_install.sh
@ -0,0 +1,9 @@
 #!/bin/sh
 pacman -S gitea postgresql
 sudo su postgres -c 'initdb -D /var/lib/postgres/data'
 sudo systemctl start postgresql
 sudo su postgres -c 'createuser -P gitea'
 sudo su postgres -c 'createdb -O gitea gitea'
 sudo sed -i 's/mysql/postgres/' /etc/gitea/app.ini
 sudo sed -i 's/root/gitea/' /etc/gitea/app.ini
 sudo systemctl start gitea
--- a/distros/arch/scripts/pihole.sh
+++ b/distros/arch/scripts/pihole.sh
@ -0,0 +1,79 @@
 #!/bin/bash
 set -e
 yay -S pi-hole-ftl pi-hole-server
 # Configuration in /etc/pihole/pihole-FTL.db
 # You can change DBINTERVAL to 60 or more to limit writes to disk
 sudo systemctl disable --now systemd-resolved
 sudo systemctl enable --now pihole-FTL
 pihole -g
 pihole -c
 if [ "$1" == "unbound" ]; then
 sudo pacman -S unbound
 sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
 echo "server:
    # If no logfile is specified, syslog is used
    # logfile: "/var/log/unbound/unbound.log"
    verbosity: 0
    interface: 127.0.0.1
    port: 5335
    do-ip4: yes
    do-udp: yes
    do-tcp: yes
    # May be set to yes if you have IPv6 connectivity
    do-ip6: no
    # You want to leave this to no unless you have *native* IPv6. With 6to4 and
    # Terredo tunnels your web browser should favor IPv4 for the same reasons
    prefer-ip6: no
    # Use this only when you downloaded the list of primary root servers!
    # If you use the default dns-root-data package, unbound will find it automatically
    #root-hints: "/var/lib/unbound/root.hints"
    # Trust glue only if it is within the server's authority
    harden-glue: yes
    # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
    harden-dnssec-stripped: yes
    # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
    # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
    use-caps-for-id: no
    # Reduce EDNS reassembly buffer size.
    # Suggested by the unbound man page to reduce fragmentation reassembly problems
    edns-buffer-size: 1472
    # Perform prefetching of close to expired message cache entries
    # This only applies to domains that have been frequently queried
    prefetch: yes
    # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
    num-threads: 1
    # Ensure kernel buffer is large enough to not lose messages in traffic spikes
    so-rcvbuf: 1m
    # Ensure privacy of local IP ranges
    private-address: 192.168.0.0/16
    private-address: 169.254.0.0/16
    private-address: 172.16.0.0/12
    private-address: 10.0.0.0/8
    private-address: fd00::/8
    private-address: fe80::/10
 " | sudo   tee /etc/unbound.conf
 	echo "Make this the  only pihole DNS: PIHOLE_DNS_1=127.0.0.1 in /etc/pihole/setupVars.conf"
 fi
--- a/distros/arch/scripts/steam.sh
+++ b/distros/arch/scripts/steam.sh
@ -0,0 +1,8 @@
 #!/bin/bash
 flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
 flatpak --user install flathub com.valvesoftware.Steam
 flatpak run com.valvesoftware.Steam
--- a/distros/arch/scripts/yay.sh
+++ b/distros/arch/scripts/yay.sh
@ -0,0 +1,10 @@
 git clone https://aur.archlinux.org/yay.git
 cd yay
 makepkg -si
 yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo torrench
 yay -S ttf-tengwar-annatar
--- a/distros/void/Brand_Name_Wallpaper.md
+++ b/distros/void/Brand_Name_Wallpaper.md
@ -1,33 +0,0 @@
 ---
 title: "Brand Name Wallpaper"
 tags: [ "void" ]
 ---
 To automatically stick the logo onto your background, do these commands in the directory.
 Get the void linux logo from wikipedia
 ```bash
 wget https://upload.wikimedia.org/wikipedia/commons/thumb/0/02/Void_Linux_logo.svg/256px-Void_Linux_logo.svg.png?20170131170632
 ```
 Rename it, and resize it (the standard size is too small for most wallpapers)
 ```bash
 convert -resize 200% '256px-Void_Linux_logo.svg.png?20170131170632' void-logo.png
 ```
 Download a pretty wallpaper
 ```bash
 wget http://wallpapercave.com/wp/Wlm9Gv0.jpg
 ```
 Put the void logo on all *jpg and *png images
 ```bash
 for x in *.jpg
 	do
 	composite -compose multiply -gravity Center void-logo.png "$x" "$x"
 done
 ```
--- a/distros/void/locale.md
+++ b/distros/void/locale.md
@ -1,54 +0,0 @@
 ---
 title: "Void locale"
 tags: [ "void", "locale" ]
 ---
 Check the current locales:
 ```bash
 locale -a
 ```
 Add the languages you want by editing `/etc/default/libc-locales`, and uncommenting your choice:
 ```bash
 #en_DK.UTF-8 UTF-8  
 #en_DK ISO-8859-1  
 en_GB.UTF-8 UTF-8  
 en_GB ISO-8859-1  
 #en_HK.UTF-8 UTF-8  
 #en_HK ISO-8859-1  
 ```
 Now you can generate what you need for those languages.
 However, instead of generating what you need, you're going to generate everything which needs updating:
 ```bash
 sudo xbps-reconfigure glibc-locales
 ```
 Finally, select your chosen locale by placing it in `/etc/locale.conf`.
 ```bash
 echo "LC_ALL=en_GB.UTF-8
 LANG=en_GB.UTF-8
 LANGUAGE=en_GB.UTF-8" > /etc/locale.conf
 #en_DK.UTF-8 UTF-8  
 #en_DK ISO-8859-1  
 en_GB.UTF-8 UTF-8  
 en_GB ISO-8859-1  
 #en_HK.UTF-8 UTF-8  
 #en_HK ISO-8859-1  
 ```
 Check your new locales are available:
 ```bash
 locale -a
 ```
--- a/networking/graph-easy.md
+++ b/networking/graph-easy.md
@ -1,6 +1,6 @@
 ---
-title: "Easy Network Graph"
+title: "graph-easy"
-tags: [ "Documentation", "Networking" ]
+tags: [ "Documentation" ]
 ---
 Set up a file like this, called `troubleshooting.txt`.
--- a/networking/pip.md
+++ b/networking/pip.md
@ -0,0 +1,27 @@
 ---
 title: "pip"
 tags: [ "Documentation", "Networking" ]
 ---
 ```
 Searching does not work.
 Install with:
 ```bash
 pip install [ package ]
 ```
 Upgrade all packages
 ```bash
 pip freeze --local | grep -v '^\-e' | cut -d = -f 1  | xargs -n1 pip install -U
 ```
 # Troubleshooting
 You may need a python3 package.
 In this case, try:
 ```bash
 pip3 install [ package ]
--- a/networking/ssh.md
+++ b/networking/ssh.md
@ -1,89 +0,0 @@
 ---
 title: "ssh"
 tags: [ "networking" ]
 ---
 # Basic `ssh`
 Try out basic ssh by accessing `git.charm.sh`, without needing authentication:
 ```bash
 ssh git.charm.sh
 ```
 Start an ssh server to try it out.
 The ssh server is sometimes in a package called `openssh`, and sometimes only in `openssh-server`.
 Once it's installed, check it's working:
 ```bash
 sudo systemctl status ssh
 ```
 If that doesn't work, the service may be called `sshd`.
 ```bash
 sudo systemctl status sshd
 ```
 Then start that service:
 ```bash
 sudo systemctl start sshd
 ```
 Test it works by using ssh into your own system, from inside:
 ```bash
 ssh $USER@localhost
 ```
 Access the computer from another computer on the same local network by finding your computer's IP address.
 ```bash
 ip address | grep inet
 ```
 Here is mine:
 > inet 127.0.0.1/8 scope host lo
 > 
 > inet6 ::1/128 scope host noprefixroute
 > 
 > inet 192.168.0.12/24 brd 192.168.0.255 scope global dynamic noprefixroute en
 The first one starts `127`, which means it returns back to that computer (like `localhost`).
 The second is an ipv6 address, which is too angelic for this world, and has yet to ascend.
 The third will work from a remote computer.
 ```bash
 ssh $USERNAME@IP_ADDRESS
 ```
 Once you have that, generate some ssh keys:
 ```bash
 ssh-keygen
 ```
 Look at your keys:
 ```bash
 ls ~/.ssh
 ```
 You can share the one ending in `.pub` freely.
 The other is secret.
 Now send those keys to a remote computer:
 ```bash
 ssh-copy-id $USERNAME@IP_ADDRESS
 ```
 Now you can log in without a password.
--- a/networking/transmission.md
+++ b/networking/transmission.md
@ -136,32 +136,3 @@ Without the `--anonymize` flag, the torrent file output will have a 'created by'
 - udp://explodie.org:6969/announce
 - https://tracker.gbitt.info:443/announce
 - http://tracker.gbitt.info:80/announce
 ## Verify
 Add your torrent and notes its number:
 ```bash
 transmission-remote -a "$file".torrent
 transmission-remote -l
 transmission-remote -t "$number" -i
 ```
 The information in the last command shows that it's not verified, so you can verify with `-v`.
 ```bash
 transmission-remote -t "$number" -v
 ```
 If transmission cannot find it, then tell it where to find the torrent:
 ```bash
 transmission-remote -t "$number" --find "$(pwd)"
 ```
 ...and of course, make sure the permissions allow transmission to see the target.
 ```bash
 ls -ld "$file"
 ```
--- a/new.sh
+++ b/new.sh
@ -14,7 +14,7 @@ filePath="$category/$(echo $name | sed 's/ /_/g').md"
 tagsList="$(echo \"$category | sed 's#\/#", "#g')\""
-[ -e "$filePath" ] && $EDITOR "$filePath" && exit 0
+[ -e "$filePath" ] && $EDITOR $filePath && exit 0
 echo "---
 title: \"$name\"
--- a/system/bash_tricks.md
+++ b/system/bash_tricks.md
@ -1,6 +1,6 @@
 ---
-title: "bash tips"
+title: "Terminal Tips"
-tags: [ "Documentation", "Shell", "POSIX" ]
+tags: [ "Documentation", "System" ]
 ---
 ## Track Live Changes
@ -12,11 +12,6 @@ See changes in a directory, as it changes:
 `watch -d ls *directory*`
 Or use the `-g` flag to exit once the output changes.
 This command will look at whether you're connected to the internet, and turn into a rainbow once the connection hits.
 > watch -g ip address && clear && ip address | lolcat
 ## Automatic Renaming
 There are a bunch of files:
@ -39,19 +34,17 @@ done
 IFS is the field separator.  This is required to denote the different files as marked by a new line, and not the spaces.
 (Alternatively, just install `renameutils` and do `rename Column Alice *`)
 ## Arguments and Input
 The `rm' program takes arguments, but not `stdin' from a keyboard, and therefore programs cannot pipe results into rm.
-To fix this, use `xargs` to turn the stdin into an argument.
+
-For example, if we have a list of files called `list.txt' then we could use cat as so:
+That said, we can sometimes pipe into rm with `xargs rm' to turn the stdin into an argument.  For example, if we have a list of files called `list.txt' then we could use cat as so:
 ```bash
 cat list.txt | xargs rm
 ```
-Of course if spaces are included in the file, you would have to account for that.
+... *However*, this wouldn't work if spaces were included, as rm would take everything literally.
 ## Numbers
@ -67,18 +60,6 @@ Add number to variables with:
 `((n--))` works identically.
 ### POSIX WARNING
 The number commands above work in `bash`, but not in bare-ass POSIX shells, such as `dash`.
 Instead, you might do:
 ```sh
 x=2
 x=$(( x +1 ))
 x=$(( x*x ))
 ```
 ## Finding Duplicate Files
 ```bash
@ -90,27 +71,3 @@ find . -type f -exec md5sum '{}' ';' | sort | uniq --all-repeated=separate -w 15
 ```bash
 cat /dev/urandom | tr -cd [:alnum:] | dd bs=1 count=200 status=none && echo
 ```
 ## Temporary Working Directory
 Try something out in a random directory in `/tmp` so the files will be deleted when you next shut down.
 ```bash
 mktemp -d
 ```
 That gives you a random directory to mess about in.
 ```bash
   dir=$(mktemp -d)
   for x in {A..Z}; do
      fortune > "$dir"/chimpan-$x
   done
   cd $dir
 ```
 ### POSIX WARNING
 These smart-brackets are a bash feature.
 If you try to use `{A..Z}` in dash, it will think of this as a single item.
--- a/system/cron.md
+++ b/system/cron.md
@ -1 +0,0 @@
 ../basics/cron.md
--- a/system/deduplicate.md
+++ b/system/deduplicate.md
@ -1,19 +0,0 @@
 ---
 title: "deduplicate"
 tags: [ "system", "deduplicate", "duplicates", "maintenance" ]
 ---
 `rdfind`: find duplicate files, then delete them, or turn them into links.
 Ask if a directory has duplicates (`rdfind` will not delete anything):
 ```bash
 rdfind $dir
 $EDITOR results.txt
 ```
 Replace the duplicated files with [hard links](../basics/hard_links.md).
 ```bash
 rdfind -makehardlinks true $dir
 ```
--- a/data/exiftool.md
+++ b/data/exiftool.md
@ -22,7 +22,6 @@ And overwrite all metadata:
 ```bash
 exiftool -all= -overwrite_original -ext jpg .
 ```
 (NB: This does not work on pdf data. See [here](pdf_erasure.md) for erasing all pdf data)
 Or just GPS data:
@ -37,4 +36,3 @@ identify -verbose
 ```
--- a/system/lf.md
+++ b/system/lf.md
@ -1,75 +0,0 @@
 ---
 title: "lf - The Light File Manager"
 tags: [ "Documentation", "File Browser" ]
 ---
 ## Config File
 If you don't have a `~/.config/lf/lfrc` file, you can probably find an example in `/usr/share/examples/lf`.
 ```bash
 cp -r /usr/share/examples/lf ~/.config/
 ```
 Go straight to root with two keys.
 ```bash
 map g/ cd /
 ```
 Have lf open a file with the default program when you press 'o', using the program `mimeo`.
 ```bash
 map o &mimeo $f
 ```
 Change that default text editor to look at the extension first.
 ```bash
 cmd open ${{
    case $(file --mime-type $f -b) in
        application/x-sc) sc-im $fx;;
        text/html) w3m $fx;;
        text/*) $EDITOR $fx;;
        video/*) nohup mpv $fx --really-quiet >/dev/null &;;
        *) nohup $OPENER $fx >/dev/null &;;
    esac
 }}
 ```
 The idea here is to use the default `$OPENER` for lf, but first check extensions.
 Note the extra `mpv` commands to leave the video to play, without blocking the terminal.
 ### Interesting Options
 You can set the screen ratio with
 `set ratios 1:2:3`
 That leaves it as a small initial pane, a medium pane, and a large pane for file previews.
 ### Rename
 The standard renaming is bad, because you have to re-type the file extension.
 Use this instead:
 ```bash
 # rename current file without overwrite
 cmd rename %echo 'name: ' ; read name ; extension="${f##*.}" && newname="$name.$extension"; [ "$f" = "$extension" ] && newname="$name"; [ ! -e "$newname" ] && mv "$f" "$newname" || echo file exists
 map r push :rename<enter>
 ```
 If you try to rename `image_1.png` with this command, you can type in `cats`, and the result will be `cats.png`.
 ## Image Previews
 First, install `ueberzug` (to show images).
 Then clone the lfrun repo.
 ```bash
 git clone https://github.com/cirala/lfimg.git
 cd lfimg
 sudo make install
 ```
--- a/system/monitoring.md
+++ b/system/monitoring.md
@ -1,24 +0,0 @@
 ---
 title: "Monitoring"
 tags: [ "Documentation", "System", "CPU", "Memory" ]
 ---
 Print the average CPU load over 1 minute, 5 minutes, and 15 minutes:
 ```bash
 watch -d cat /proc/loadavg
 stress="$(cat /proc/loadavg | awk '{print "Usage:" $2"%"}')"
 ```
 Show memory usage in Gibitytes.
 ```bash
 free -g
 ```
 Show low and high gigibtye usage on a *l*ine, and repeat the measurement every 5 seconds:
 ```bash
 REP=5
 free --lohi -g -s $REP | lolcat
 ```
--- a/system/systemd/journal.md
+++ b/system/systemd/journal.md
@ -2,18 +2,6 @@
 title: "journal"
 tags: [ "Documentation", "systemd" ]
 ---
 See a running log of all system messages:
 ```bash
 journalctl -f
 ```
 Or just one unit (`sshd`):
 ```bash
 journalctl -f -u sshd
 ```
 Find errors since November
@ -26,13 +14,3 @@ Limit size to 2G.
 ```bash
 journalctl --vacuum-size=2G
 ```
 Log the fact that you've installed your own `dnsmasq` on your system to `journalctl`, so that you can notice why your system's broken:
 ```bash
 logger "Installed new dnsmasq"
 sudo journalctl -f
 ```
--- a/system/vncserver
+++ b/system/vncserver
@ -0,0 +1,77 @@
 # Ubuntu
 https://linuxconfig.org/vnc-server-on-ubuntu-18-04-bionic-beaver-linux
 # On server
 Enable remote desktop access.
 ```bash
 sudo apt install vnc4server xfce4 xfce4-goodies
 ```
 Disable the vncserver desktop:
 ```bash
 vncserver -kill :1
 ```
 Replace the config in ~/.vnc/xstartup with:
 `#!/bin/bash`
 `startxfce4 &`
 # Arch
 Install tigervnc, then run it to set a password:
 ```bash
 vncserver
 ```
 You'll get a session number.
 Shut it down with the 'kill' command and the session's number:
 ```bash
 vncserver -kill :1
 ```
 This will forward over port 5900+x where x is the session number.  For the first server, that's port 5901.
 # Create a systemd service
 ```bash
 sudo vim /etc/systemd/system/vncserver@:1.service
 ```
 Then enter:
 > [Unit]
 > Description=Remote desktop service (VNC)
 > After=syslog.target network.target
 > 
 > [Service]
 > Type=simple
 > User=foo
 > PAMName=login
 > PIDFile=/home/%u/.vnc/%H%i.pid
 > ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
 > ExecStart=/usr/bin/vncserver %i -geometry 1440x900 -alwaysshared -fg
 > ExecStop=/usr/bin/vncserver -kill %i
 > 
 > [Install]
 > WantedBy=multi-user.target
 Then enable that service:
 ```bash
 sudo systemctl start vncserver@:1.service
 ```
--- a/vim/vim_in_bash.md
+++ b/vim/vim_in_bash.md
@ -1,19 +0,0 @@
 ---
 title: "vim in bash"
 tags: [ "vim", "bash", "inputrc" ]
 ---
 Put bash in vim mode!
 Place the following in your `~/.inputrc`:
 ```bash
 set editing-mode vi
 set show-mode-in-prompt on
 set vi-ins-mode-string \1\e[33;32m\2[>]=\1\e[0m\2
 set vi-cmd-mode-string \1\e[33;1m\2[?]=\1\e[0m\2
 set keymap vi-insert
 RETURN: "\e\n"
 ```
--- a/vision/QR_Codes.md
+++ b/vision/QR_Codes.md
@ -1,28 +0,0 @@
 ---
 title: "QR Codes"
 tags: [ "Documentation", "qrencode", "zbar" ]
 ---
 Make a QR Code image:
 ```bash
 qrencode 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android' -o "$FILE".png
 ```
 Make a QR Coded message in the terminal:
 ```bash
 qrencode -t ansi "Hello World"
 ```
 Read a QR Code image:
 ```bash
 zbarimg $FILE
 ```
 Show wifi QR code (only with Network Manager):
 ```bash
 nmcli device wifi show-password
 ```
--- a/vision/imagemagick.md
+++ b/vision/imagemagick.md
@ -2,6 +2,7 @@
 title: "imagemagick"
 tags: [ "Documentation", "Vision" ]
 ---
 [Source](http://lxlinux.com/imagemagick.html)
 Convert jpg to png.
@ -40,13 +41,13 @@ convert image.jpg -resize 25% output.jpg
 # Trim images to border
-This is generally used for transparent images.
+This is generally used for transparrent images.
 ```bash
 convert -trim image.png output.png
 ```
-Make the white of an image transparent.
+Make the white of an image transparrent.
 ```bash
 convert -transparent white -fuzz 10% input.png output.png
@ -100,7 +101,7 @@ See your installed fonts:
 convert -list font
 ```
-Make an image showing day of the week:
+Make na image showing day of the week:
 ```bash
 convert -fill blue -font Sauce-Code-Pro-Semibold-Nerd-Font-Complete-Mono -gravity center -pointsize 79 label:$(date +%A) day.png
--- a/vision/lowdown.md
+++ b/vision/lowdown.md
@ -1,21 +0,0 @@
 ---
 title: "Markdown to PDF"
 tags: [ "Documentation", "Markdown", "PDF", "Vision" ]
 ---
 Turn a markdown file into a pdf:
 ```bash
 lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
 ```
 To give the document a title, put that title in the metadata:
 ```bash
 sed -i "1 i---" "$FILE".md
 sed -i "1 ititle: $TITLE" "$FILE".md
 sed -i "1 i---" "$FILE".md
 lowdown -L "$FILE".md
 lowdown -X title "$FILE".md
 lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
 ```
--- a/vision/qrencode.md
+++ b/vision/qrencode.md
@ -0,0 +1,17 @@
 ---
 title: "qrencode"
 tags: [ "Documentation", "vision" ]
 ---
 Make a QR Code image:
 ```bash
 qrencode 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android' -o qr_briar.png
 ```
 Make a QR Coded message in the terminal:
 ```bash
 qrencode -t ansi "Hello World"
 ```