Created notes (markdown)

* Created `alcohol` directory to contain "Homebrew" stuff and other possible future alcohol-related articles
* Moved "House Tools" and "Mixed Drinks" to `showandtell/presentations`

Co-authored-by: ICBM <noreply@implicitnone.xyz>
Reviewed-on: #1
Co-authored-by: ICBM <icbm@noreply.localhost>
Co-committed-by: ICBM <icbm@noreply.localhost>

.redirects.gollum

@@ -1,2 +0,0 @@
-Homebrew: Homebrew/Home.md
-Homebrew.md: Homebrew/Home.md

Mumble.md

@@ -0,0 +1,8 @@
+# Sway mute and deafen binds
+
+In order to use hotkeys to control Mumble under Sway, you will need to use the dbus endpoints Mumble exposes. Here is some example Sway config to bind `$mod+F11` to toggle mute and `$mod+F12` to toggle deafen.
+
+```
+bindsym $mod+F11 exec dbus-send --session --dest=net.sourceforge.mumble.mumble --type=method_call '/' 'net.sourceforge.mumble.Mumble.toggleSelfMuted'
+bindsym $mod+F12 exec dbus-send --session --dest=net.sourceforge.mumble.mumble --type=method_call '/' 'net.sourceforge.mumble.Mumble.toggleSelfDeaf'
+```

alcohol/Homebrew/Home.md

@@ -1,8 +1,8 @@
 Homebewing is the process of making alcohol from sugars and yeast in your own home by means of fermentation.
 
-Common homebrewed beverages include beer, [wine](https://wiki.ohea.xyz/Homebrew.md#wine), mead, [cider](https://wiki.ohea.xyz/Homebrew.md#cider), prison hooch, and others.
+Common homebrewed beverages include beer, [wine](#wine), mead, [cider](#cider), prison hooch, and others.
 
-Ensure you follow good [sanitation protocols](https://wiki.ohea.xyz/Homebrew/Sanitation.md)
+Ensure you follow good [sanitation protocols](Sanitation.md)
 when you brew to prevent infecting your brews.
 
 # Cider
@@ -21,7 +21,7 @@ To make cider:
 
 6. add an airlock to your container, with sanitizer solution filled to the fill lines
 7. store your container in a cool, dark place until fermentation is complete, usually 2 to 4 weeks.
-8. after fermentation is complete, you can bottle the cider for longer term storage or you can opt to bulk age as described in [Wine](https://wiki.ohea.xyz/Homebrew.md#wine)
+8. after fermentation is complete, you can bottle the cider for longer term storage or you can opt to bulk age as described in [Wine](#wine)
 
 Cider is not typically aged, and sometimes carbonated. To carbonate, simply add
 a measured, consistent amount of sugar to each bottle. For example 3 grams of
@@ -29,7 +29,7 @@ table sugar for a 12oz beer bottle.
 
 # Wine
 Wine is not an emulator, but rather an alcoholic beverage made from fruit juice, typically grapes, berries, or tree fruit.
-For apples, pears, and similar, see [Cider](https://wiki.ohea.xyz/Homebrew.md#cider). 
+For apples, pears, and similar, see [Cider](#cider). 
 
 Wine is made with the following steps:
 1. pick your fruit or combination of fruits

gaming/Multiplayer Warcraft III.md

@@ -1,15 +1,23 @@
 [*Warcraft III: The Frozen Throne*](http://en.wikipedia.org/wiki/Warcraft_III:_The_Frozen_Throne) is an expansion pack for the tower defense game *Warcraft III* by Blizzard Entertainment. It was released for Microsoft Windows and Mac OS X in 2003. This article will explain how to get multiplayer gameplay working on Linux.
 
+The game provides two options for multiplayer: "LAN" and "battle.net". The LAN option will work out of the box if all players are on the same subnet (broadcast traffic is routed properly). The "battle.net" option, which allows multiplayer over the open internet, is slightly more complicated because Blizzard has shut down the original *Warcraft III* multiplayer servers. Therefore, for this option to work:
+1. [One player must set up a PvPGN server at a publicly reachable, static IPv4 address.](#host-instructions)
+2. [All players must patch Warcraft III to use that server instead of the default.](#client-instructions)
+3. Then, either:
+    1. [The game host must enable port forwarding.](#port-forwarding)
+    2. Or: [all players must connect to the same VPN.](#creating-a-vpn-with-wireguard)
+
+These instructions focus on how to accomplish this on Linux, but the basic concept is the same regardless of operating system. Although the game did receive a Mac OS X release, that version will not work because the PvPGN patch is only available for Windows. Therefore, Mac users should also follow the WINE instructions.
+
 ### Dependencies
-You will need:
+All players will need:
 
 * *Warcraft III: The Frozen Throne* for Windows
 * 32-bit WINE
-* Wireguard (not required if playing on the same physical network)
 
 ## Running *Warcraft III* with WINE
 
-To run the game on Linux, you must install [WINE](http://winehq.org), a compatibility layer created to allow running Windows applications on UNIX operating systems. There should be a package for it available from your Linux distro.
+To run the game on Linux, you must install [WINE](http://winehq.org), a compatibility layer created to allow running Windows applications on UNIX-like operating systems. There should be a package for it available from your Linux distro.
 
 Once WINE is installed, check that it works by using it to run *Warcraft III*, as shown below. The game may not play nice with all desktop environments because it changes the screen resolution and runs in full screen. It seems to work acceptably in [i3](http://i3wm.org), although unfocusing the game window may cause issues.
 
@@ -17,19 +25,80 @@ Once WINE is installed, check that it works by using it to run *Warcraft III*, a
 $ cd /path/to/Warcraft_III
 $ wine Frozen\ Throne.exe
 ```
+*NOTE: If you only want LAN multiplayer, this completes setup.*
 
 ## Patching *Warcraft III* for Online Play
 
-Once you've confirmed that the game works with WINE, it's time to patch it to use different multiplayer servers.
+Once you've confirmed that the game works with WINE, it's time to patch it to use a chosen PvPGN multiplayer server, instead of (now defunct) battle.net server hosted by Blizzard.
 
-**(TODO)**
+### Host Instructions
 
+To run your own PvPGN server, first you must build it from source. ohea.xyz provides a convenient Dockerfile and build script for doing this. The machine hosting the server should have a static, publicly reachable IPv4 address.
 
-## Creating a VPN
+#### Using Docker
 
-Unfortunately, the patched game seems not to work unless all players are on the same network (the in-game "battle.net" player option). The in-game "LAN" option does seem to require all players to be on the same physical subnet.
+Clone the pvpgn Docker repo:
 
-If the players are in different physical locations, Wireguard can be used to create a Virtual Private Network (VPN). This effectively tricks the players' computers into thinking they are all on the same network. One player must host the VPN, and the other players must then connect to it. (Note that this is independent of who hosts in-game.)
+```
+$ git clone https://git.ohea.xyz/containers/pvpgn
+$ cp docker-compose.override.yml.example docker-compose.override.yml 
+```
+
+Now you need to configure `docker-compose.override.yml`. The default configuration should be sufficent for most users. If you want to customize the PvPGN configuration files, the provided terms of service, or the provided new account creation info, you can uncomment the corresponding mappings.
+
+Run the docker container:
+
+```
+$ docker compose up -d
+```
+
+Your PvPGN server should now be running. It can be stopped by runnning:
+
+```
+$ docker compose down
+```
+
+#### Without Docker
+
+To build and install:
+
+```
+$ git clone https://git.ohea.xyz/containers/pvpgn
+$ cd pvpgn
+$ sudo ./build.sh
+```
+
+To run the server:
+
+```
+$ sudo /usr/local/pvpgn/sbin/bnetd -D
+```
+Use `Ctrl+C` to quit.
+
+### Client Instructions
+
+1. Download the [Warcraft 3 Loader for PvPGN](http://pvpgn.pro/w3l.html) and extract the ZIP into the directory containing `Frozen Throne.exe`.
+
+2. Create the necessary Windows registry entries to trick Warcraft 3 into connecting to your PvPGN server. This is most easily done by importing a `.reg` file with the correct value.
+   * An online tool to generate this is available [here](http://ohea.xyz/wc3reggen/).
+   * Alternatively, the pvpgn Docker repo contains a bash script with the same functionality. The first argument to the script is the name of the server, and the second is the URL or IP address. For example, to add a server called `ohea` with the URL `ohea.xyz`, you would run the following commands:
+    ```
+    $ git clone https://git.ohea.xyz/containers/pvpgn
+    $ cd pvpgn
+    $ ./wc3reggen.sh ohea ohea.xyz > wc3.reg
+    ```
+    * After using either method to generate the `.reg` file, add the server information to the Windows registry like so:
+    ```
+    $ wine regedit wc3.reg
+    ```
+
+## Port Forwarding
+
+The player hosting in-game needs to log into his router and enable port forwarding for **TCP and UDP on ports 6113-6119**. How to do this depends on the router.
+
+## Creating a VPN with Wireguard
+
+Alternatively, if port forwarding isn't practical for your setup, [Wireguard](http://www.wireguard.com) can be used to create a Virtual Private Network (VPN) instead. This effectively tricks the players' computers into thinking they are all on the same network. One player must host the VPN, and the other players must then connect to it. (Note that this is independent of who hosts in-game.)
 
 ### Host Instructions
 
@@ -37,16 +106,15 @@ If the players are in different physical locations, Wireguard can be used to cre
 
 ### Client Instructions
 
-To connect to someone else's VPN.
+To connect to someone else's Wireguard VPN:
 
-1. First, install [Wireguard](http://www.wireguard.com). It should be available as a package for your Linux distro.
+1. First, install Wireguard. It should be available as a package for your Linux distro.
 
 2. Then, generate a public/private key pair, like so:
 ```
+$ umask 077
 $ wg genkey | sudo tee /etc/wireguard/privatekey | wg pubkey | sudo tee /etc/wireguard/publickey
-5TdcJwAMCqkYJhj2jWjMNbC8Lx1+oabvW8sd380z6EY=
 ```
-The second line above is your public key. You must send this to the VPN host so he can add it to his setup.
 
 3. Then create a config file, `/etc/wireguard/wg0.conf` as root:
 ```
@@ -61,11 +129,11 @@ PresharedKey = ****
 AllowedIPs = 10.0.0.0/16
 Endpoint = *.*.*.*:****
 ```
-* `PrivateKey` should be the private key generated in Step 2. It is the contents of `/etc/wireguard/privatekey`.
+* `PrivateKey` should be the private key generated in Step 2. It is the contents of `/etc/wireguard/privatekey`. *Do not share this value with anyone.*
 * In the value of `Address`, replace the `*` with an 8-bit positive integer (i.e. less than 256) of your choice.
-* `PublicKey` should be the public key generated in Step 2. It is the contents of  `/etc/wireguard/publickey`.
+* `PublicKey` should be the public key generated in Step 2. It is the contents of  `/etc/wireguard/publickey`. You must communicate this value to the VPN host.
 * The VPN host must provide you with the value for `PresharedKey`.
-* `Endpoint` should be the host VPN's IPv4 address, with the port to use Wireguard on after the `:`.
+* `Endpoint` should be the host VPN's IPv4 address, with the port to use Wireguard on after the `:` (default: 51820).
 4. To start Wireguard, run the following command:
 ```
 $ sudo wg-quick up wg0

networking/Aruba S2500.md

@@ -0,0 +1,328 @@
+## Resetting the Switch to Factory Defaults
+The switch can be reset through the on screen display's menu. This can be 
+controlled using the two available buttons, ``menu`` and ``enter``.
+
+To factory reset the switch, do the following:
+
+1. Press the ``menu`` button to bring up the on screen menu. You may have to press
+   the button twice, once to activate the screen and once to open the menu.
+2. Press the ``menu`` button until you see that ``Maintenance`` is selected.
+3. Press the ``enter`` button.
+4. Press the ``menu`` button until ``Factory Default`` is selected.
+5. Press the ``enter`` button once to select, and a second time to confirm.
+
+## Connecting to the Switch
+
+### Console
+The Aruba S2500 has a micro USB port on the back which exposes a serial
+interface that can be used to manage the switch.
+
+To connec to the serial interface you will need a computer, a micro USB cable,
+and a serial application (here we are using `screen`).
+
+1. Connect the USB serial port on the back of the switch to your computer
+2. Connect to the serial port with screen
+    - `sudo screen /dev/ttyUSB0 9600` (replace `ttyUSB0` with the device node 
+       your system assigns to the switch)
+3. Login with the default username and password
+    - username: `password`
+    - password: `forgetme!`
+
+You should now be dropped to a shell that looks like the below
+
+```
+(ArubaS2500-48P-US) >
+```
+
+## Setting the Switch's Account Passwords
+Relevant forum thread [here](https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=9356).
+
+First, login with the default credentials
+```
+User: password
+Password: forgetme!
+```
+Next, go into `enable` mode.
+```
+(aruba) >enable
+Password: enable
+```
+
+Set the admin user's password.
+```
+(aruba) #configure terminal
+Enter Configuration commands, one per line. End with CNTL/Z
+(aruba) (config) #mgmt-user admin root
+Password: yourpassword
+Retype password: yourpassword
+```
+Logout and log back in. Then go into `enable` mode.
+```
+(aruba) (config) #exit
+(aruba) #exit
+(aruba) >exit
+User: admin
+Password: yourpassword
+(aruba) >enable
+Password: enable
+```
+
+Configure the `enable` mode password.
+```
+(aruba) #configure terminal
+Enter Configuration commands, one per line. End with CNTL/Z
+(aruba) (config) #enable secret
+Password: yourenablepassword
+Re-Type password: yourenablepassword
+(aruba) (config) #write memory
+```
+
+## Update the Switch's Firmware
+Based on the guide available [here](https://community.arubanetworks.com/community-home/librarydocuments/viewdocument?DocumentKey=92ce82d5-13a7-47cf-8613-73416fa579d3&CommunityKey=2fd943a6-8898-4dbe-915f-4f09e4d3c317&tab=librarydocuments).
+
+To update the switch's firmware, you will need to copy the upgrade file to a USB
+drive and connect it to the USB port on the rear of the switch.
+
+### Download the Firmware
+Firmware upgrades are available for download from Aruba without a licence key.
+An account is required. Aruba does not allow users to make accounts with public
+email providers (gmail, hotmail, etc.), so you will either have to use a different
+email provider for your account or try to find the file elsewhere on the
+internet. For posterity, the `sha256sum` of the latest firmware upgrade avilable
+as of Jan 24, 2023 is as follows.
+
+`ArubaOS_MAS_7.4.1.9_62608`: `613abae502736c7c7ac2a0548edf506280d2afb8d2762db784ffa68f5cd6c52c`
+
+### Copy the Firmware to a USB Drive
+You will need to format a USB drive as FAT32. You can put the firmware binary
+anywhere on the filesystem. I would suggest putting it at the root as this is
+easiest to type into the switch's console.
+
+### Install the Firmware
+From the switch's console, login and escalate your privileges.
+```
+(ArubaS2500-48P-US) 
+User: admin
+Password: ******
+(ArubaS2500-48P-US) >enable
+Password:******
+```
+
+Then, install the firmware using the `copy` command.
+```
+(ArubaS2500-48P-US) #copy usb ArubaOS_MAS_7.4.1.9_62608 system: partition 0
+................................................File ArubaOS_MAS_7.4.1.9_62608 copied to partition 0 successfully.
+```
+
+Reboot the switch
+```
+(ArubaS2500-48P-US) #reload
+Do you really want to restart the system(y/n): y
+System will now restart!
+```
+
+
+
+## Running through Quick Setup
+
+### Console
+After logging into the switch's console, you need to launch the switch's
+`Quick-setup` program. 
+
+This can be done by running the `enable` command and providing the password
+`enable` as seen below. You will then need to press `y` berfore the `Quick-setup`
+prompt times out.
+```
+ArubaS2500-48P-US) >enable
+Password:enable
+Quick-setup helps in setting the basic configuration of the system
+
+Autoconfiguration of system will be stopped, if Quick-setup is launched by user
+
+Invoke Quick-setup (y|n)??? [y]:y
+```
+
+## Tips for Navigating the Console
+### Hotkeys
+In the switch's console interface, there are some hotkeys that you should be
+aware of.
+
+`?`: Pressing the question mark key at any time displays all the possible
+options you could complete your command with. This takes into account the
+characters you already have types. You can use it both to list commands
+and their subcommands or parameters. You can also use the question mark to
+list the set of valid configuration parameters you can set in the current
+configuration context.
+
+`TAB`: Pressing the tab key will auto complete the current command if it is not
+ambiguous. If it is, nothing will happen.
+
+`!`: You can enter an exclamation mark character to back out of the current
+configuration block. This is quicker than typing `exit`.
+
+### Shell Prompt
+The shell prompt can provide you some helpful information on what context you
+are currently working in.
+
+In the following command line, each field is as follows.
+```
+(hostname) (config_context) (#/>)
+```
+- `hostname` is your device's hostname.
+- `config` context is the current configuration context you are in (this will
+  be absent if you are not in the configuration utility.)
+- `#/>` denotes whether you are in `enable` mode or not. A `#` signafies
+  `enable` mode
+
+### Saving Your Changes
+Remember to save your changes when you are done. This can be done by running
+the `write memory` command.
+## Configuring VLANs
+To configure a VLAN, two steps must be done.
+
+### 1. Creating the VLAN
+To create a VLAN, use the `vlan` command. It is helpful to give your VLAN's a
+description you can reference later.
+
+```
+ArubaS2500-48P) (config) #vlan 60
+(ArubaS2500-48P) (VLAN "60") #?
+aaa-profile             VLAN AAA profile
+clone                   Copy data from another VLAN
+description             VLAN description
+dhcp-snooping-database  Add Static Snoop mac entry
+dhcp-snooping-profile   dhcp snooping profile name
+igmp-snooping-profile   igmp snooping profile name
+mac-address-table       Configure the MAC address table
+mac-aging-time          Mac Aging Time in Minutes
+mld-snooping-profile    mld snooping profile name
+no                      Delete Command
+pvst-profile            per vlan rapid spanning tree profile name
+
+(ArubaS2500-48P) (VLAN "60") #description "office"
+(ArubaS2500-48P) (VLAN "60") #!
+```
+
+### 2. Creating a Port Profile
+Next, you will have to create a port profile that makes uses of your configured
+VLAN. This configuration differs if you want the port to have tagged traffic.
+
+#### 2a. Port With Untagged Traffic
+In this example, we will create a port profile configured to route traffic for
+VLAN 60 untagged.
+```
+interface-profile switching-profile "general"
+   access-vlan 60
+   native-vlan 60
+   trunk allowed vlan 60
+!
+```
+
+#### 2b. Port with Tagged and Untagged Traffic
+In this example, we will create a port with VLANs 10 and 20 configured for
+tagged traffic and VLAN 60 configured for untagged traffic.
+```
+interface-profile switching-profile "uplink"
+   switchport-mode trunk
+   access-vlan 60
+   native-vlan 60
+   trunk allowed vlan 10,20,60
+!
+```
+Remember to set the `switchport-mode trunk` param on any profile that needs to
+route untagged traffic.
+
+### 3. Apply Port Profile to Port
+Finally, we need to apply this profile to a port. In this example, I will be
+applying the profile `office` to the Gigabit Ethernet port `0/0/0` which is
+the lowest numbered Gigabit port on the switch (port 0).
+
+```
+(ArubaS2500-48P) (config) #interface gigabitethernet 0/0/0
+(ArubaS2500-48P) (gigabitethernet "0/0/0") #switching-profile "office"
+(ArubaS2500-48P) (gigabitethernet "0/0/0") #!
+```
+
+## Exposing the Configuration Interfaces to Your Network
+
+## Configuring the Managment Interface
+The switch's managmement functions needs to be configured to listen on a
+specific interface. In this example, we will be configuring it to listen on
+VLAN 60. 
+
+### Configure the Connection on the Desired Interface
+
+```
+(ArubaS2500-48P) (ip-profile) #interface vlan 60
+(ArubaS2500-48P) (VLAN "10") #description "office"
+(ArubaS2500-48P) (VLAN "10") #!
+```
+
+For a static IP:
+```
+(ArubaS2500-48P) (vlan "60") #ip address 10.0.0.10 255.255.255.0
+```
+
+For DHCP:
+```
+(ArubaS2500-48P) (vlan "60") #ip address dhcp-client
+```
+
+### Configure the Controller to Listen on This Interface
+First, open the `ip-profile` settings.
+```
+(ArubaS2500-48P) (config) #ip-profile 
+(ArubaS2500-48P) (ip-profile) #?
+controller-ip           Configure controller IP
+default-gateway         Specify default gateway
+no                      Delete Command
+prefix-list             Configure prefix list
+route                   Configure static route A.B.C.D
+```
+Next, configure the `controller-ip`.
+```
+(ArubaS2500-48P) (ip-profile) #controller-ip vlan 60 
+Since controller IP address will change, connectivity to this controller might be affected. Do you want to proceed with this action [y/n]: y
+```
+Finally, configure the `default-gateway`. This value will be different if you
+are using a static IP or DHCP on your desired interface.
+
+For a static IP:
+```
+(ArubaS2500-48P) (ip-profile) #default-gateway 10.0.0.1
+```
+For DHCP:
+```
+(ArubaS2500-48P) (ip-profile) #default-gateway import dhcp
+```
+
+### Enable the WebUI
+To enable the WebUI, we need to enable the `mgmt-ui-ports` option on the
+`web-server` configuration param.
+```
+(ArubaS2500-48P) (config) #web-server 
+(ArubaS2500-48P) (Web Server Configuration) #?
+captive-portal-cert     Certificate name configured under certificate 
+                        manager
+captive-portal-ports    Enable or Disable Captive Portal Ports 8080/8081
+ciphers                 Configure cipher suite strength. Default is high
+mgmt-auth               Configure management user's WebUI access method, 
+                        either username/password authentication or 
+                        certificate authentication or both. Default is 
+                        username/password authentication
+mgmt-ui-ports           Enable or Disable Webserver
+no                      Delete Command
+session-timeout         Configure user's WebUI session timeout <30-3600> 
+                        (seconds)
+ssl-protocol            SSL/TLS Protocol Config
+switch-cert             Certificate name configured under certificate 
+                        manager
+web-max-clients         Configure web servers' maximum supported concurrent 
+                        clients <25-400>
+
+(ArubaS2500-48P) (Web Server Configuration) #mgmt-ui-ports 
+(ArubaS2500-48P) (Web Server Configuration) #!
+```
+
+
+

projects/alamesh/bird_example_conf/template/bird.conf

@@ -90,7 +90,7 @@ protocol static {
 # magic happens. We use a template since every peer will essentially
 # have the same BGP configuration. The template name is `alapeers`.
 #
-# Each peer gets its own template nad file under `peers6/*``.
+# Each peer gets its own template and file under `peers/*``.
 #
 # We're using BGP in "exterior" or `eBGP` mode. This means we're using
 # the protocol to define routes between Autonomous Systems, not really

projects/alamesh/setting_up_bird.md

@@ -180,7 +180,7 @@ protocol static {
 # magic happens. We use a template since every peer will essentially
 # have the same BGP configuration. The template name is `alapeers`.
 #
-# Each peer gets its own template nad file under `peers6/*``.
+# Each peer gets its own template and file under `peers/*``.
 #
 # We're using BGP in "exterior" or `eBGP` mode. This means we're using
 # the protocol to define routes between Autonomous Systems, not really
@@ -242,14 +242,16 @@ Done! Adding a new peer just means adding a new file in the peers directory.
 
 # ROA Tables
 
-ROA == Route Origin Authorization. This is basically a central list of who owns what routes and is allowed to send changes. 
+ROA is *Route Origin Authorization*. This is basically a central list of who owns what routes and is allowed to send changes. 
 There's some crypto stuff you can do too, but that's only really important if we start letting arbitrary people join.
 
 There is a concern that one of us messes up the config and starts sending out bad routes, but we'll cross that bridge 
-when we get there (large outage lol). ROA tables might help prevent that.
+when we get there (which would be a large outage lol). ROA tables help prevent that.
 
 # What's Next
 
+> Look below!
+
 Now I need to actually test this with another router. I'll most likely setup another VPS or ask someone else to spin 
 something up.
 
@@ -257,7 +259,6 @@ I need to determine a fake AS number, subnets, etc, and then I'll report back if
 configuration, I plan to connect lykos to a different router running on a different subnet, and then ssh into hyperion 
 from lykos. The routes should "just work" (right lol).
 
-
 # (edit) Testing Bird with Two Routers
 
 I have two DO droplets that will run bird. Here's how I'm setting up the network.

restitux/Debian Upgrade.md

@@ -0,0 +1,18 @@
+# NOTE
+Please refer to the official debian documentation for upgrading to the release in question. This page only provides quick notes on the process.
+
+# Update Apt Sources
+First, update your apt sources list to point to the new debian version.
+1. Open `/etc/apt/sources.list` and any files in `/etc/apt/sources.list.d`
+2. `s/CURRENT_VERISON/NEW_VERSION/`
+3. Run `apt update`
+
+# Verify free disk space
+Required disk space for the update can be printed by running `apt -o APT::Get::Trivial-Only=true full-upgrade`.
+
+# Run the update
+1. Install updates for currently installed packages: `apt upgrade --without-new-pkgs`
+2. Install all updates: `apt full-upgrade`
+3. Reboot: `reboot`
+4. Remove obsolete packages: `apt purge '?obsolete'`
+5. Remove unnecessary packages: `apt autoremove`

restitux/archlinux/notes.md

@@ -0,0 +1,2 @@
+## Ingesting TLS root CA
+`trust anchor --store <CERT_NAME>`

showandtell/presentations/Zotero.md

@@ -0,0 +1,23 @@
+If you spend a lot of time trying to remember papers, presentations, textbooks, blog posts, stack overflow answers, or twitter threads from 3 years go, then you may want **Zotero**.
+
+It's a normal desktop application, there's a cloud tool I dont use, and a really useful Firefox extension. 
+
+## It's basically bookmarking with some extra features:
+
+* Automatically extract info like authors, title, metadata, and links.
+* You can attach the snapshot or PDF automatically or manually. This prevents link rot, which is great.
+
+There's some others too:
+* You can add notes and then search through them later. It's occasionally useful.
+* Tagging and "collections" make some sense.
+* Importing from bibtex
+* Duplicate detection
+
+There's also a lot of features that make sense only for academics like automatic bibtex export or even other citation styles.
+
+## Things it doesn't do right
+
+* Can't add your own citation type (like web applet or something). So limited to just "websites" for some things.
+* Doesn't store youtube videos
+* Does not provide text search inside of PDFs
+* It doesn't let you keep a stack/queue of interesting papers or such (i.e. it's not Pocket)

showandtell/previouslyon/3.rst

@@ -0,0 +1,10 @@
+showandtell3
+============
+
+presentations
+-------------
+1. ``jhgarner``
+    * `frostop <https://github.com/jhgarner/Frostop>`_
+
+2. ``sam``
+    * `Hornpipe <../../presentations/Hornpipe.pdf>`_