RecentChanges

diff --git a/blog/2025-08-20-luks-ukify-conversion.md b/blog/2025-08-20-luks-ukify-conversion.md
index 51899d10..fed96793 100644
--- a/blog/2025-08-20-luks-ukify-conversion.md
+++ b/blog/2025-08-20-luks-ukify-conversion.md
@@ -200,21 +200,26 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
 
     Wait until the ETA has passed.
 
- 7. Mount the encrypted filesystem:
+ 7. Open and mount the encrypted filesystem and mount the EFI system
+    partition (ESP):
 
         cryptsetup open /dev/nvme0n1p2 crypt
         mount /dev/mapper/crypt /mnt
         mount /dev/nvme0n1p1 /mnt/boot/efi
-        for fs in proc sys dev ; do
-          mount --bind /$fs /mnt/$fs
-        done
 
     If this fails, now is the time to consider restoring from backups.
 
- 8. Enter the filesystem:
+ 8. Enter the `chroot`
 
+        for fs in proc sys dev ; do
+          mount --bind /$fs /mnt/$fs
+        done
         chroot /mnt
 
+    Pro tip: this can be done in one step in GRML with:
+
+        grml-chroot /mnt bash
+
  9. Generate a `crypttab`:
 
         echo crypt_dev_nvme0n1p2 UUID=$(blkid -o value -s UUID /dev/nvme0n1p2) none luks,discard >> /etc/crypttab

diff --git a/blog/mobile-massive-gallery.md b/blog/mobile-massive-gallery.md
index b48bf5d3..d118f103 100644
--- a/blog/mobile-massive-gallery.md
+++ b/blog/mobile-massive-gallery.md
@@ -90,7 +90,7 @@ calendar issues (missing parts of 2022): https://github.com/photoprism/photopris
 
 
 no support for XMP tags: https://github.com/photoprism/photoprism/issues/1143
-or 5-stars https://github.com/photoprism/photoprism/issues/713
+or 5-stars https://github.com/photoprism/photoprism/issues/713 (major blocker)
 does not write metadata back to disk https://github.com/photoprism/photoprism/issues/402
 
 
@@ -120,8 +120,12 @@ added videos, amazingly, it was super fast:
 INFO[2024-08-17T20:15:07Z] indexed 101,914 files in 20m37.481057559s
 ```
 
+another full indexing run:
+
+```
 INFO[2024-08-17T22:14:28Z] purge: removed 82 files and 12 photos [2m26.029346119s] 
 INFO[2024-08-17T22:14:28Z] indexed 102,615 files in 1h48m21.693727003s  
+```
 
 
 ## others
@@ -251,4 +255,4 @@ https://bpatrik.github.io/pigallery2/
 
 
 <!-- posted to the federation on 2025-06-11T16:30:55.303235 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/114666625772226557"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114666625772226557"]]

diff --git a/pleinair/liste.mdwn b/pleinair/liste.mdwn
index afd5f9ab..34b463dd 100644
--- a/pleinair/liste.mdwn
+++ b/pleinair/liste.mdwn
@@ -27,14 +27,19 @@ toujours retourner sur l'ordinateur.
  * Sac de couchage
  * Tapis de sol
  * Tente
+ * Empreinte ("footprint") de tente
+ * Tapis d'entrée
+ * Tapis de picnic
  * Bâche
  * Cordes (4 x 5m aux coins de la bâche)
  * Oreiller
  * Sac a viande
- * Hamac et chaînes
+ * Hamac
+ * Chaise
  * Sac à dos, grand et/ou petit, ou valise
  * Lampe de poche
  * Lampe frontale
+ * Parasol
 
 # Kit de survie
 
@@ -146,9 +151,13 @@ toujours retourner sur l'ordinateur.
  * Ouvre-Boîte
  * Tampon à récurer avec éponge
  * Linge à vaisselle
+ * Débarbouillette / guenille
  * Glacière
  * Sacs poubelle / compost
  * Tupperwares pour les restes
+ * Tapette à mouche
+ * Élastiques
+ * Bouteille de 20L d'eau et pompe
 
 # Trousse de dépannage
 
@@ -189,7 +198,7 @@ toujours retourner sur l'ordinateur.
 
 # Vêtements
 
- * Chapeau
+ * Chapeau (de plage, plus large)
  * Lunettes de ski
  * Lunettes
  * Lunettes de soleil

diff --git a/hardware/audio.mdwn b/hardware/audio.mdwn
index fc1f8480..0407c247 100644
--- a/hardware/audio.mdwn
+++ b/hardware/audio.mdwn
@@ -111,6 +111,8 @@ consider:
    recommended by B&H staff as a Mee Audio replacement
  * [Blue audio Yeticaster](https://www.bluemic.com/en-us/products/yeticaster/) ([200$USD B&H](https://www.bhphotovideo.com/c/product/1385877-REG/blue_yeticaster_prodessional_broadcast_bundle.html?fromDisList=y)), includes boom, cable
    management, and excellent audio, [recommended by jvoisin](https://dustri.org/b/my-writing-code-from-home-setup.html)
+ * [Repeat audio](https://repeat.audio/) has "free repairs" and features a similar "extra
+   mic" approach which you can also [buy separately](https://repeat.audio/en/product/office-mic)
 
 ## Other reviews
 

diff --git a/blog/2025-08-20-luks-ukify-conversion.md b/blog/2025-08-20-luks-ukify-conversion.md
index cfa0c8bb..51899d10 100644
--- a/blog/2025-08-20-luks-ukify-conversion.md
+++ b/blog/2025-08-20-luks-ukify-conversion.md
@@ -190,6 +190,10 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
 
         cryptsetup reencrypt --encrypt /dev/nvme0n1p2 --redice-device-size=32M
 
+    This is it! This is the most important step! Make sure your laptop
+    is plugged in and try not to interrupt it. This can, apparently,
+    be resumed without problem, but I'd hate to show you how.
+
     This will show progress information like:
 
         Progress:   2.4% ETA 23m45s,      53GiB written, speed   1.3 GiB/s
@@ -215,6 +219,14 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
 
         echo crypt_dev_nvme0n1p2 UUID=$(blkid -o value -s UUID /dev/nvme0n1p2) none luks,discard >> /etc/crypttab
 
+ 1. Adjust root filesystem in `/etc/fstab`, make sure you have a line
+    like this:
+    
+        /dev/mapper/crypt_dev-nvme0n1p2 /               ext4    errors=remount-ro 0       1
+
+    If you were already using a UUID entry for this, there's nothing
+    to change!
+
  1. Configure the root filesystem in the `initrd`:
  
         echo root=/dev/mapper/crypt_dev_nvme0n1p2 > /etc/kernel/cmdline
@@ -223,10 +235,12 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
 
         dpkg-reconfigure linux-image-$(uname -r)
 
-    be careful here: systemd-boot inherits the commandline from the
+    Be careful here! `systemd-boot` inherits the command line from the
     system where it is generated, so this will possibly feature some
-    unsupported commandline items from your boot environment, in my
-    case grml. 
+    unsupported commands from your boot environment. In my
+    case GRML had a couple of those, which broke the boot. It's still
+    possible to workaround this issue by tweaking the arguments at
+    boot time, that said.
 
  3. Exit chroot and reboot
  
@@ -246,8 +260,7 @@ physical volume/volume groups), but if you have LVM, you need to tweak
 this to also resize the LVM bits. The RHEL guide has some information
 about this.
 
-[[!tag draft]]
-
+[[!tag debian-planet debian systemd crypto sysadmin]]
 
 <!-- posted to the federation on 2025-08-20T15:45:21.679946 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/115062808342134677"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/115062808342134677"]]

diff --git a/blog/2025-08-20-luks-ukify-conversion.md b/blog/2025-08-20-luks-ukify-conversion.md
index 3ad25571..cfa0c8bb 100644
--- a/blog/2025-08-20-luks-ukify-conversion.md
+++ b/blog/2025-08-20-luks-ukify-conversion.md
@@ -10,6 +10,8 @@ screen. Then I started using the device to manage my photo collection,
 and suddenly there was a lot of "confidential" information on the
 device that I didn't want to store in clear text anymore.
 
+[[!toc levels=2]]
+
 # Pre-requisites
 
 So, how does one convert an existing install from plain text to full
@@ -117,7 +119,7 @@ computer. Otherwise, follow the following guides:
 - [Disabling Lockdown Mode with Secure Boot on Distro Kernel](https://copyninja.in/blog/disable_lockdown_on_distro_kernel.html)
 - [Signing the systemd-boot on Upgrade Using Dpkg Triggers](https://copyninja.in/blog/sign_systemd_boot_trigger.html)
 
-## Re-encrypting root filesystem
+# Re-encrypting root filesystem
 
 Now that we have a way to boot an encrypted filesystem, we can switch
 to LUKS for our filesystem. Note that you can probably follow this

diff --git a/blog/2025-08-20-luks-ukify-conversion.md b/blog/2025-08-20-luks-ukify-conversion.md
index 4630dead..3ad25571 100644
--- a/blog/2025-08-20-luks-ukify-conversion.md
+++ b/blog/2025-08-20-luks-ukify-conversion.md
@@ -245,3 +245,7 @@ this to also resize the LVM bits. The RHEL guide has some information
 about this.
 
 [[!tag draft]]
+
+
+<!-- posted to the federation on 2025-08-20T15:45:21.679946 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/115062808342134677"]]
\ No newline at end of file

diff --git a/blog/2025-08-20-luks-ukify-conversion.md b/blog/2025-08-20-luks-ukify-conversion.md
new file mode 100644
index 00000000..4630dead
--- /dev/null
+++ b/blog/2025-08-20-luks-ukify-conversion.md
@@ -0,0 +1,247 @@
+[[!meta title="Encrypting a Debian install with UKI"]]
+
+I originally setup a machine without any full disk encryption, then
+somehow regretted it quickly after. My original reasoning was that
+this was a "play" machine so I wanted as few restrictions on accessing
+the machine as possible, which meant removing passwords, mostly.
+
+I actually ended up having a user password, but disabled the lock
+screen. Then I started using the device to manage my photo collection,
+and suddenly there was a lot of "confidential" information on the
+device that I didn't want to store in clear text anymore.
+
+# Pre-requisites
+
+So, how does one convert an existing install from plain text to full
+disk encryption? One way is to backup to an external drive,
+re-partition everything and copy things back, but that's slow and
+boring. Besides, `cryptsetup` has a [cryptsetup-reencrypt](http://manpages.debian.org/cryptsetup-reencrypt) command,
+surely we can do this in place?
+
+Having not set aside enough room for `/boot`, I briefly
+considered a "encrypted /boot" configuration and conversion (e.g. with
+[this guide](https://blog.williamdes.eu/Infrastructure/tutorials/encrypt-an-existing-debian-system-with-luks/)) but remembered grub's support for this is flaky, at
+best, so I figured I would try something else.
+
+Here, I'm going to guide you through how I first converted from grub
+to `systemd-boot` then to UKI kernel, then re-encrypt my main
+partition.
+
+Note that secureboot is disabled here, see further discussion below.
+
+# systemd-boot and Unified Kernel Image conversion
+
+systemd folks have been developing [UKI](https://www.freedesktop.org/software/systemd/man/latest/ukify.html) ("unified kernel image")
+to ship kernels. The way this works is the kernel and initrd (and UEFI
+boot stub) in a single portable executable that lives in the EFI
+partition, as opposed to `/boot`. This neatly solves my problem,
+because I already have such a clear-text partition and won't need to
+re-partition my disk to convert.
+
+Debian has started some preliminary support for this. It's not
+default, but I found [this guide from Vasudeva Kamath](https://copyninja.in/blog/enable_ukify_debian.html) which was
+pretty complete. Since the guide assumes some previous configuration,
+I had to adapt it to my case.
+
+Here's how I did the conversion to both systemd-boot and UKI, all at
+once. I could have perhaps done it one at a time, but doing both at
+once works fine.
+
+Before your start, make sure secureboot is disabled, see the
+discussion below.
+
+ 1. install systemd tools:
+
+        apt install systemd-ukify systemd-boot
+
+ 2. Configure `systemd-ukify`, in `/etc/kernel/install.conf`:
+
+        layout=uki
+        initrd_generator=dracut
+        uki_generator=ukify
+
+    TODO: it doesn't look like this generates a `initrd` with dracut, do
+    we care?
+
+ 3. Configure the kernel boot arguments with the following in `/etc/kernel/uki.conf`:
+
+        [UKI]
+        Cmdline=@/etc/kernel/cmdline
+
+    The `/etc/kernel/cmdline` file doesn't actually exist here, and
+    that's fine. Defaults are okay, as the image gets generated from
+    your current `/proc/cmdline`. Check your `/etc/default/grub` and
+    `/proc/cmdline` if you are unsure. You'll see the generated
+    arguments in `bootctl list` below.
+
+ 4. Build the image:
+
+        dpkg-reconfigure linux-image-$(uname -r)
+
+ 5. Check the boot options:
+
+        bootctl list
+
+    Look for a `Type #2 (.efi)` entry for the kernel.
+
+ 6. Reboot:
+
+        reboot
+
+You can tell you have booted with `systemd-boot` because (a) you won't
+see grub and (b) the `/proc/cmdline` will reflect the configuration
+listed in `bootctl list`. In my case, a `systemd.machine_id` variable
+is set there, and not in grub (compare with `/boot/grub/grub.cfg`).
+
+By default, the `systemd-boot` loader just boots, without a menu. You
+can force the menu to show up by un-commenting the `timeout` line in
+`/boot/efit/loader/loader.conf`, by hitting keys during boot
+(e.g. hitting "space" repeatedly), or by calling:
+
+    systemctl reboot --boot-loader-menu=0
+
+See the `systemd-boot(7)` manual for details on that.
+
+I did not go through the [secureboot process](https://copyninja.in/blog/enable_secureboot_ukify.html), presumably I had
+already disabled secureboot. This is trickier: because one needs a
+"special key" to sign the UKI image, one would need the collaboration
+of `debian.org` to get this working out of the box with the
+keys shipped onboard most computers.
+
+In other words, if you want to make this work with secureboot enabled
+on your computer, you'll need to figure out how to sign the generated
+images before rebooting here, because otherwise you will break your
+computer. Otherwise, follow the following guides:
+
+- [Enabling Secure Boot with UKI on Debian](https://copyninja.in/blog/enable_secureboot_ukify.html)
+- [Disabling Lockdown Mode with Secure Boot on Distro Kernel](https://copyninja.in/blog/disable_lockdown_on_distro_kernel.html)
+- [Signing the systemd-boot on Upgrade Using Dpkg Triggers](https://copyninja.in/blog/sign_systemd_boot_trigger.html)
+
+## Re-encrypting root filesystem
+
+Now that we have a way to boot an encrypted filesystem, we can switch
+to LUKS for our filesystem. Note that you can probably follow this
+guide if, somehow, you managed to make grub work with your LUKS setup,
+although as [this guide](https://blog.williamdes.eu/Infrastructure/tutorials/encrypt-an-existing-debian-system-with-luks/) shows, you'd need to downgrade the
+cryptographic algorithms, which seems like a bad tradeoff.
+
+We're using `cryptsetup-reencrypt` for this which, amazingly, supports
+re-encrypting devices on the fly. The trick is it needs free space at
+the end of the partition for the LUKS header (which, I guess, makes it
+a footer), so we need to resize the filesystem to leave room for that,
+which is the trickiest bit.
+
+This is a possibly destructive behavior. Be sure your backups are up
+to date, or be ready to lose all data on the device.
+
+We assume 512 byte sectors here. Check your sector size with `fdisk
+-l` and adjust accordingly.
+
+ 1. Before you perform the procedure, make sure requirements are
+    installed:
+ 
+        apt install cryptsetup systemd-cryptsetup cryptsetup-initramfs
+
+    Note that this requires network access, of course.
+
+ 2. Reboot in a live image, I like [GRML](https://grml.org/) but any Debian live image
+    will work, possibly including the installer
+
+ 3. First, calculate how many sectors to free up for the LUKS header
+
+        qalc> 32Mibyte / ( 512 byte )
+
+          (32 mebibytes) / (512 bytes) = 65536
+
+ 2. Find the sector sizes of the Linux partitions:
+
+        fdisk  -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 }' |
+
+    For example, here's an example with a `/boot` and `/` filesystem:
+
+        $ sudo fdisk -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 }'
+        /dev/nvme0n1p2 999424
+        /dev/nvme0n1p3 3904979087
+
+ 3. Substract 1 from 2:
+
+        qalc> set precision 100
+        qalc> 3904979087 - 65536
+
+    Or, last step and this one, in one line:
+
+        fdisk -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 - 65536 }'
+
+ 4. Recheck filesystem:
+
+        e2fsck -f /dev/nvme0n1p2
+
+ 5. Resize filesystem:
+
+        resize2fs /dev/nvme0n1p2 $(fdisk -l /dev/nvme0n1 | awk '/nvme0n1p2/ { print $4 - 65536 }')s
+
+    Notice the trailing `s` here: it makes resize2fs interpret the
+    number as a 512 byte sector size, as opposed to the default (4k
+    blocks).
+
+ 6. Re-encrypt filesystem:
+
+        cryptsetup reencrypt --encrypt /dev/nvme0n1p2 --redice-device-size=32M
+
+    This will show progress information like:
+
+        Progress:   2.4% ETA 23m45s,      53GiB written, speed   1.3 GiB/s
+

(Diff truncated)

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index d1a5058c..929f7d19 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -164,6 +164,8 @@ page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-relea
 
 ## UKI
 
+TODO move this section and the next in a blog post
+
 I originally setup the machine without any full disk encryption, then
 regretted it. Having not set aside enough room for `/boot`, I briefly
 considered a "encrypted /boot" configuration and conversion (e.g. with
@@ -314,15 +316,19 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
 
     If this fails, now is the time to consider restoring from backups.
 
- 8. Generate a `crypttab`:
-
-        echo crypt_dev_nvme0n1p2 UUID=$(blkid -o value -s UUID /dev/nvme0n1p2) none luks,discard >> /mnt/etc/crypttab
-
  8. Enter the filesystem:
 
         chroot /mnt
 
- 9. Regenerate UKI:
+ 9. Generate a `crypttab`:
+
+        echo crypt_dev_nvme0n1p2 UUID=$(blkid -o value -s UUID /dev/nvme0n1p2) none luks,discard >> /etc/crypttab
+
+ 1. Configure the root filesystem in the `initrd`:
+ 
+        echo root=/dev/mapper/crypt_dev_nvme0n1p2 > /etc/kernel/cmdline
+
+ 2. Regenerate UKI:
 
         dpkg-reconfigure linux-image-$(uname -r)
 
@@ -331,14 +337,14 @@ We assume 512 byte sectors here. Check your sector size with `fdisk
     unsupported commandline items from your boot environment, in my
     case grml. 
 
- 10. Exit chroot and reboot
+ 3. Exit chroot and reboot
  
         exit
         reboot
 
 The ideas here were extracted from [this guide](https://blog.williamdes.eu/Infrastructure/tutorials/encrypt-an-existing-debian-system-with-luks/) but was mostly
 rewritten to simplify the work and avoid depending on grub or a
-specific initrd system (as the guide uses initramfs-tools and grub,
+specific initrd system (as the guide uses `initramfs-tools` and grub,
 while I, above, switched to dracut and systemd-boot). [RHEL also has a
 similar guide](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/security_hardening/encrypting-block-devices-using-luks_security-hardening#encrypting-existing-data-on-a-block-device-using-luks2_encrypting-block-devices-using-luks), perhaps better, even.
 

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index c1e471cf..d1a5058c 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -4,6 +4,8 @@ not to be confused with the larger [[Framework
 
 Currently in pre-order / shipping, as of 2025-07-08.
 
+[[!toc levels=3]]
+
 # First impressions
 
 - [missed first post](https://bisco.org/notes/debian-on-framework-12/)

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index f3b518e6..c1e471cf 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -160,6 +160,192 @@ There's already a BIOS update! At first it was not installable with
 LVFS, but I have recently been able to do it, see the [BIOS updates
 page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-releases-13th-gen-intel-core-HyrqeX2ex) and the [forum discussion](https://community.frame.work/t/framework-laptop-12-13th-gen-intel-bios-3-04-release/72019/26?u=anarcat).
 
+## UKI
+
+I originally setup the machine without any full disk encryption, then
+regretted it. Having not set aside enough room for `/boot`, I briefly
+considered a "encrypted /boot" configuration and conversion (e.g. with
+[this guide](https://blog.williamdes.eu/Infrastructure/tutorials/encrypt-an-existing-debian-system-with-luks/)) but remembered grub's support for this is flaky, at
+best, so I figured I would try something else.
+
+systemd folks have been looking at UKI to ship kernels, and Debian has
+started some preliminary support for this. It's not default, but I
+found [this guide from Vasudeva Kamath](https://copyninja.in/blog/enable_ukify_debian.html) which was pretty
+complete. It turned out to be:
+
+ 1. install systemd tools:
+
+        apt install systemd-ukify systemd-boot
+
+ 2. Configure `systemd-ukify`, in `/etc/kernel/install.conf`:
+
+        layout=uki
+        initrd_generator=dracut
+        uki_generator=ukify
+
+    TODO: it doesn't look like this generates a `initrd` with dracut, do
+    we care?
+
+ 3. Configure the kernel boot arguments with the following in `/etc/kernel/uki.conf`:
+
+        [UKI]
+        Cmdline=@/etc/kernel/cmdline
+
+    The `/etc/kernel/cmdline` file doesn't actually exist here, and
+    that's fine. Defaults are okay. Check your `/etc/default/grub` and
+    `/proc/cmdline` if you are unsure that you need anything
+    extra. You'll see the generated arguments in `bootctl list` below.
+
+ 4. Build the image:
+
+        dpkg-reconfigure linux-image-$(uname -r)
+
+ 5. Check the boot options:
+
+        bootctl list
+
+    Look for a `Type #2 (.efi)` entry for the kernel.
+
+ 6. Reboot:
+
+        reboot
+
+You can tell you have booted with `systemd-boot` because (a) you won't
+see grub and (b) the `/proc/cmdline` will reflect the configuration
+listed in `bootctl list`. In my case, a `systemd.machine_id` variable
+is set there, and not in grub (compare with `/boot/grub/grub.cfg`).
+
+By default, the `systemd-boot` loader just boots, without a menu. You
+can force the menu to show up by uncommenting the `timeout` line in
+`/boot/efit/loader/loader.conf`, by hitting keys during boot
+(e.g. hitting "space" repeatedly), or by calling:
+
+    systemctl reboot --boot-loader-menu=0
+
+See the `systemd-boot(7)` manual for details on that.
+
+I did not go through the [secureboot process](https://copyninja.in/blog/enable_secureboot_ukify.html), presumably I had
+already disabled secureboot.
+
+## Re-encrypting root filesystem
+
+Now that we have a way to boot without grub, we can switch to LUKS for
+our filesystem.
+
+We're using `cryptsetup-reencrypt` for this which, amazingly, supports
+re-encrypting devices on the fly. The trick is it needs free space at
+the end of the partition for the LUKS header (which, I guess, makes it
+a footer), so we need to resize the filesystem to leave room for that,
+which is the trickiest bit.
+
+This is a possibly destructive behavior. Be sure your backups are up
+to date, or be ready to lose all data on the device.
+
+We assume 512 byte sectors here. Check your sector size with `fdisk
+-l` and adjust accordingly.
+
+ 1. Before you perform the procedure, make sure requirements are
+    installed:
+ 
+        apt install cryptsetup systemd-cryptsetup cryptsetup-initramfs
+
+    Note that this requires network access, of course.
+
+ 2. Reboot in a live image, i like [GRML](https://grml.org/) but any Debian live image
+    will work, possibly including the installer
+
+ 3. First, calculate how many sectors to free up for the LUKS header
+
+        qalc> 32Mibyte / ( 512 byte )
+
+          (32 mebibytes) / (512 bytes) = 65536
+
+ 2. Find the sector sizes of the Linux partitions:
+
+        fdisk  -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 }' |
+
+    For example, here's an example with a `/boot` and `/` filesystem:
+
+        $ sudo fdisk -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 }'
+        /dev/nvme0n1p2 999424
+        /dev/nvme0n1p3 3904979087
+
+ 3. Substract 1 from 2:
+
+        qalc> set precision 100
+        qalc> 3904979087 - 65536
+
+    Or, last step and this one, in one line:
+
+        fdisk -l /dev/nvme0n1 | awk '/filesystem/ { print $1 " " $4 - 65536 }'
+
+ 4. Recheck filesystem:
+
+        e2fsck -f /dev/nvme0n1p2
+
+ 5. Resize filesystem:
+
+        resize2fs /dev/nvme0n1p2 $(fdisk -l /dev/nvme0n1 | awk '/nvme0n1p2/ { print $4 - 65536 }')s
+
+    Notice the trailing `s` here: it makes resize2fs interpret the
+    number as a 512 byte sector size, as opposed to the default (4k
+    blocks).
+
+ 6. Re-encrypt filesystem:
+
+        cryptsetup reencrypt --encrypt /dev/nvme0n1p2 --redice-device-size=32M
+
+    This will show progress information like:
+
+        Progress:   2.4% ETA 23m45s,      53GiB written, speed   1.3 GiB/s
+
+    Wait until the ETA has passed.
+
+ 7. Mount the encrypted filesystem:
+
+        cryptsetup open /dev/nvme0n1p2 crypt
+        mount /dev/mapper/crypt /mnt
+        mount /dev/nvme0n1p1 /mnt/boot/efi
+        for fs in proc sys dev ; do
+          mount --bind /$fs /mnt/$fs
+        done
+
+    If this fails, now is the time to consider restoring from backups.
+
+ 8. Generate a `crypttab`:
+
+        echo crypt_dev_nvme0n1p2 UUID=$(blkid -o value -s UUID /dev/nvme0n1p2) none luks,discard >> /mnt/etc/crypttab
+
+ 8. Enter the filesystem:
+
+        chroot /mnt
+
+ 9. Regenerate UKI:
+
+        dpkg-reconfigure linux-image-$(uname -r)
+
+    be careful here: systemd-boot inherits the commandline from the
+    system where it is generated, so this will possibly feature some
+    unsupported commandline items from your boot environment, in my
+    case grml. 
+
+ 10. Exit chroot and reboot
+ 
+        exit
+        reboot
+
+The ideas here were extracted from [this guide](https://blog.williamdes.eu/Infrastructure/tutorials/encrypt-an-existing-debian-system-with-luks/) but was mostly
+rewritten to simplify the work and avoid depending on grub or a
+specific initrd system (as the guide uses initramfs-tools and grub,
+while I, above, switched to dracut and systemd-boot). [RHEL also has a
+similar guide](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/security_hardening/encrypting-block-devices-using-luks_security-hardening#encrypting-existing-data-on-a-block-device-using-luks2_encrypting-block-devices-using-luks), perhaps better, even.
+
+Somehow I have made this system without LVM at all,
+which simplifies things a bit (as I don't need to also resize the
+physical volume/volume groups), but if you have LVM, you need to tweak
+this to also resize the LVM bits. The RHEL guide has some information
+about this.
+
 # Other reviews
 
 The Framework 12" received mixed reviews, in general. Most complained

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 89f0c131..f3b518e6 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -26,6 +26,12 @@ Currently in pre-order / shipping, as of 2025-07-08.
 - power usage seems decent, after installing the base system, a bunch
   of apps, running syncthing, battery is at 45% with, presumably, 1h36
   remaining... so I guess not that great?
+- MPP pen works fine, but software support (like touch) is not great
+  in Debian (e.g. I had trouble using Krita, let alone Gimp)
+
+> Framework Laptop 12 is compatible with MPP 2.0 and USI 2.0 stylus
+> types. The default setting is MPP-compatibility, and you can
+> switch to USI mode in BIOS settings.
 
 TODO: maybe software setup goes into [[hardware/dorothea]]?
 
@@ -39,6 +45,7 @@ TODO: maybe software setup goes into [[hardware/dorothea]]?
   a whim (but i *can* use it with a DP adapter, and treat the monitor
   as a dock, presumably, to be tested)
 - a bit too heavy for a tablet
+- [nowhere to put away the pen](https://community.frame.work/t/where-to-put-the-pen/67602)
 
 ## Open questions
 
@@ -46,12 +53,6 @@ TODO: maybe software setup goes into [[hardware/dorothea]]?
 - will the screen suck? maybe [a matte protector](https://viascreens.com/screen-protector/framework/laptop-12-2-in-1/matte) (so far not
   noticed any issue, colors do look a little washed out)
 - how will battery life be? (installer doesn't show battery, oops!)
-- will the pen work well? [where to put it?](https://community.frame.work/t/where-to-put-the-pen/67602)
-
-> Framework Laptop 12 is compatible with MPP 2.0 and USI 2.0 stylus
-> types. The default setting is MPP-compatibility, and you can
-> switch to USI mode in BIOS settings.
-
 - will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964), but not in
   the Debian installer either)
 
@@ -196,6 +197,7 @@ Overall, the pros and cons seem to be:
   "latch" design (and i don't really like the 13" design either)
 - too expensive
 - mediocre colors and large bezel
+
 # Order history
 
 - pre-orders opened on April 10 (at least, that's when the email was

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 027d1984..89f0c131 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -4,59 +4,6 @@ not to be confused with the larger [[Framework
 
 Currently in pre-order / shipping, as of 2025-07-08.
 
-# Order history
-
-- pre-orders opened on April 10 (at least, that's when the email was
-  sent!)
-- pre-ordered on April 9th (!), with the following spec:
-  - base setup: 827.00
-    - CPU: Intel i3-1315U, a step down from the current 13", but [still
-      comparable](https://www.cpubenchmark.net/compare/4759vs5300/Intel-i5-1240P-vs-Intel-i3-1315U), but is more recent (2023-Q2 vs 2022-Q1, 6/8 cores
-      instead of 12/16, 1.2GHz vs 1.7GHz base speed, but similar turbo
-      at 4.5GHz and better TDP at 15W vs 28W)
-    - color: sage
-    - memory: DDR5-5600 - 16GB (my original setup on the 13", was mostly fine)
-  - keyboard: US English - Gray
-  - 65W power adapter: $64.00 (i thought i had a spare one of those, but seems
-    not, and those are so useful!)
-  - expansion cards:
-    - DisplayPort (2nd Gen) $25.00 (wanted to test the 2nd gen)
-    - HDMI (3rd Gen) $25.00 (same)
-    - 1TB (2nd Gen) $169.00 (same)
-    - USB-C (Translucent Green) $12.00 (wanted to test the green, i
-      have two more space USB-C, so this is actually too much)
-    - 2 x USB-A $24.00 (like my current setup, i often run out of
-      USB-A when i have a single one)
-  - total: 1146$CAD + tax, est. 1317.60$CAD, before 100$ deposit
-  - did *not* pick their NVMe drive, as the [1TB drive is 220$CAD](https://frame.work/ca/en/products/wd_black-sn770m-nvme?v=FRANTAWD0A),
-    for about that price I got a [2TB drive at B&H for 269.29$CAD](https://www.bhphotovideo.com/c/product/1802215-REG/wd_wdbdnh0020bbk_wrsn_wd_black_2tb_sn770m.html)
-    (shipping and taxes included!) instead
-- as of 2025-07-08, still not received confirmation of shipping,
-  changed a few minor things with the order (added a 1TB drive,
-  removed one USB-C module, added USB-A module), even though [others
-  have received theirs](https://bisco.org/notes/debian-on-framework-12/), seems like the [colored ones are in a
-  different batch](https://community.frame.work/t/fw12-color-batch-1-guild/71354) which is [rumored](https://community.frame.work/t/fw12-batch-1-guild/67317/234?u=anarcat) to have started shipping
-  today, although that might be [confused with the colored batch 0](https://community.frame.work/t/fw12-batch-0-guild/67353/322)
-- 2025-07-10 00:52 +0000: "step 2" (preparing your batch) email
-- 2025-07-15 14:19 +0000: "step 3" (payment complete) email
-- 2025-07-15 21:50 +0000: requested shipping delay (!)
-- 2025-07-16 04:49 +0000: response from support, will ship within 5
-  business days, too late to delay, ask Fedex for a temporary hold
-  with the confirmation number
-- 2025-07-16 09:54 +0000: "step 4" (your order has shipped) email
-- 2025-07-16 01:37: shipment info at fedex
-- 2025-07-16 03:44: picked up in Taoyuan TW
-- 2025-07-16 08:46: Ta Yuan District TW
-- 2025-07-17 02:26: Sennan-Shi JP
-- 2025-07-17 12:58: Memphis, TN
-- 2025-07-17 12:36: Winnipeg, MB
-- 2025-07-18 04:20: Mississauga, ON
-- 2025-07-18 05:17: Mirabel, PQ
-- 2025-07-18 07:45: Saint-Laurent, PQ
-- 2025-07-18 12:01: Delivered!
-
-The laptop was supposed to ship "in July", and it did!
-
 # First impressions
 
 - [missed first post](https://bisco.org/notes/debian-on-framework-12/)
@@ -108,7 +55,13 @@ TODO: maybe software setup goes into [[hardware/dorothea]]?
 - will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964), but not in
   the Debian installer either)
 
-# KDE
+# Configuration
+
+I did something special with this machine, as opposed to the rest of
+my fleet, and just configured it by hand. I installed it using the
+beta Debian installer for trixie, which went flawlessly.
+
+## KDE
 
 Works well! Like the "retro" look compared to GNOME.
 
@@ -161,7 +114,7 @@ night mode is only night light, would like reverse video too.
 
 loving the info center, no idea how i got there or how to get back
 
-## installed
+## Installed packages
 
 - krita
 - darktable
@@ -170,7 +123,7 @@ loving the info center, no idea how i got there or how to get back
 - vlc
 - git-annex
 
-couldn't install darktable, flatpak or llm from the app center
+couldn't install darktable, flatpak or `llm` from the app center, weirdly.
 
 ### flatpaks
 
@@ -182,9 +135,9 @@ couldn't install darktable, flatpak or llm from the app center
 - speech note
 - organic maps
 
-# Firefox
+## Firefox
 
-## Installed add-ons
+### Installed add-ons
 
 - ublock
 - wallabag
@@ -200,12 +153,13 @@ logged into
 - grafana.anarc.at
 - kagi (and changed search engine)
 
-# BIOS updates
+## BIOS updates
 
-There's already a BIOS update! Should be installable with LVFS, see
-the [BIOS updates page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-releases-13th-gen-intel-core-HyrqeX2ex).
+There's already a BIOS update! At first it was not installable with
+LVFS, but I have recently been able to do it, see the [BIOS updates
+page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-releases-13th-gen-intel-core-HyrqeX2ex) and the [forum discussion](https://community.frame.work/t/framework-laptop-12-13th-gen-intel-bios-3-04-release/72019/26?u=anarcat).
 
-# Reviews
+# Other reviews
 
 The Framework 12" received mixed reviews, in general. Most complained
 about the old CPU shipped with the device, and pricing.
@@ -242,3 +196,55 @@ Overall, the pros and cons seem to be:
   "latch" design (and i don't really like the 13" design either)
 - too expensive
 - mediocre colors and large bezel
+# Order history
+
+- pre-orders opened on April 10 (at least, that's when the email was
+  sent!)
+- pre-ordered on April 9th (!), with the following spec:
+  - base setup: 827.00
+    - CPU: Intel i3-1315U, a step down from the current 13", but [still
+      comparable](https://www.cpubenchmark.net/compare/4759vs5300/Intel-i5-1240P-vs-Intel-i3-1315U), but is more recent (2023-Q2 vs 2022-Q1, 6/8 cores
+      instead of 12/16, 1.2GHz vs 1.7GHz base speed, but similar turbo
+      at 4.5GHz and better TDP at 15W vs 28W)
+    - color: sage
+    - memory: DDR5-5600 - 16GB (my original setup on the 13", was mostly fine)
+  - keyboard: US English - Gray
+  - 65W power adapter: $64.00 (i thought i had a spare one of those, but seems
+    not, and those are so useful!)
+  - expansion cards:
+    - DisplayPort (2nd Gen) $25.00 (wanted to test the 2nd gen)
+    - HDMI (3rd Gen) $25.00 (same)
+    - 1TB (2nd Gen) $169.00 (same)
+    - USB-C (Translucent Green) $12.00 (wanted to test the green, i
+      have two more space USB-C, so this is actually too much)
+    - 2 x USB-A $24.00 (like my current setup, i often run out of
+      USB-A when i have a single one)
+  - total: 1146$CAD + tax, est. 1317.60$CAD, before 100$ deposit
+  - did *not* pick their NVMe drive, as the [1TB drive is 220$CAD](https://frame.work/ca/en/products/wd_black-sn770m-nvme?v=FRANTAWD0A),
+    for about that price I got a [2TB drive at B&H for 269.29$CAD](https://www.bhphotovideo.com/c/product/1802215-REG/wd_wdbdnh0020bbk_wrsn_wd_black_2tb_sn770m.html)
+    (shipping and taxes included!) instead
+- as of 2025-07-08, still not received confirmation of shipping,
+  changed a few minor things with the order (added a 1TB drive,
+  removed one USB-C module, added USB-A module), even though [others
+  have received theirs](https://bisco.org/notes/debian-on-framework-12/), seems like the [colored ones are in a
+  different batch](https://community.frame.work/t/fw12-color-batch-1-guild/71354) which is [rumored](https://community.frame.work/t/fw12-batch-1-guild/67317/234?u=anarcat) to have started shipping
+  today, although that might be [confused with the colored batch 0](https://community.frame.work/t/fw12-batch-0-guild/67353/322)
+- 2025-07-10 00:52 +0000: "step 2" (preparing your batch) email
+- 2025-07-15 14:19 +0000: "step 3" (payment complete) email
+- 2025-07-15 21:50 +0000: requested shipping delay (!)
+- 2025-07-16 04:49 +0000: response from support, will ship within 5
+  business days, too late to delay, ask Fedex for a temporary hold
+  with the confirmation number
+- 2025-07-16 09:54 +0000: "step 4" (your order has shipped) email
+- 2025-07-16 01:37: shipment info at fedex
+- 2025-07-16 03:44: picked up in Taoyuan TW
+- 2025-07-16 08:46: Ta Yuan District TW
+- 2025-07-17 02:26: Sennan-Shi JP
+- 2025-07-17 12:58: Memphis, TN
+- 2025-07-17 12:36: Winnipeg, MB
+- 2025-07-18 04:20: Mississauga, ON
+- 2025-07-18 05:17: Mirabel, PQ
+- 2025-07-18 07:45: Saint-Laurent, PQ
+- 2025-07-18 12:01: Delivered!
+
+The laptop was supposed to ship "in July", and it did!

diff --git a/software/zfs.md b/software/zfs.md
index 3542e583..81b655db 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -502,6 +502,7 @@ package](https://github.com/Gregy/znapzend-debian). It is written in Perl.
  - rate-limiting
  - debug/dry-run mode
  - progressive thinning
+ - packaged in Debian 14/forky and later
 
 ### Other DIY solutions
 

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 3c2da63b..a9eb2d05 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1081,8 +1081,8 @@ how many things you were using are tightly bound to X.
    basically)
 
  * notifications: previously [dunst][] in some places, which works
-   well in both Xorg and Wayland, not a blocker, [fnott][], [salut][]
-   (not in Debian) possible alternatives: damjan [uses
+   well in both Xorg and Wayland, not a blocker, [salut][] (not in
+   Debian), [fnott][]. possible alternatives: damjan [uses
    mako][]. Eventually migrated to [sway-nc][], but found it too
    complicated for my needs. Ended up with a simple mako-based setup
    with inhibition.

diff --git a/services/upgrades/trixie.md b/services/upgrades/trixie.md
index 9881bda5..f92da5b3 100644
--- a/services/upgrades/trixie.md
+++ b/services/upgrades/trixie.md
@@ -243,6 +243,11 @@ See also the [noteworthy obsolete packages](https://www.debian.org/releases/test
 - pinentry-qt now has Wayland support
 - Signal Desktop seems to work properly in Wayland
 
+## Other sources
+
+- [mikas](https://michael-prokop.at/blog/2025/07/20/what-to-expect-from-debian-trixie-newintrixie/)
+- [bisco](https://bisco.org/notes/updates-and-additions-in-debian-13-trixie/)
+
 # Issues
 
 See also the official list of [known issues](https://www.debian.org/releases/testing/release-notes/issues.en.html#known-severe-bugs).

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index 2fda29a7..265b8efa 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -47,7 +47,7 @@ I uploaded a few photos [in this album](https://photos.anarc.at/documentation/ra
 - [sBITX](https://www.sbitx.net/): 80-20m (receive 500KHz-30MHz, 25W), SSB, CW, FT8,
   packet, SDR, 400$ with a raspi kit, 10"x6"x2", 4lbs, back-order as
   of 2025-03-29, but [should be back in stock "in a month" so in
-  March](https://groups.io/g/BITX20/message/115582?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Acreated%2C%2Csbitx%20out%20of%20stock%2C20%2C2%2C0%2C111139360)
+  March](https://groups.io/g/BITX20/message/115582?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Acreated%2C%2Csbitx%20out%20of%20stock%2C20%2C2%2C0%2C111139360), [sbitx v3](https://www.hfsignals.com/index.php/sbitx-v3/) and others can apparently [run Debian!](https://www.cybertec-postgresql.com/en/the-debian-conference-2025-in-brest/)
 - [uBITX v6](https://www.hfsignals.com/index.php/ubitx-v6/): 10W HF, SSB/CW, SDR, arduino-based, GPL-3, 210$ for
   kit
 - [QMX](https://qrp-labs.com/qmx.html): low power QRP transceiver HF 20-80M, SDR / CW, packet,

diff --git a/services/mail.mdwn b/services/mail.mdwn
index 10ece0e9..b571cd6e 100644
--- a/services/mail.mdwn
+++ b/services/mail.mdwn
@@ -1246,33 +1246,40 @@ be able to send mail. Test with:
 
 ### Renewing a key
 
-Renewing the cert:
+If a certificate expired, you need to renew it.
 
-    cd /etc/ssl/ca
-    openssl ca --config openssl.cnf -days 365 -in req/tubman.anarc.at.csr -out certs/tubman.anarc.at.crt
+ 1. issue a new cert
 
-Updating fingerprints (copy-paste from above):
+        cd /etc/ssl/ca
+        openssl ca --config openssl.cnf -days 365 -in req/angela.anarc.at.csr -out certs/angela.anarc.at.crt
 
-    rm /etc/postfix/client-certs-fingerprints
-    for cert in certs/* ; do 
-        printf "%s %s\n" "$(
-            openssl x509 -in $cert -noout -pubkey |
-                openssl pkey -pubin -outform DER |
-                openssl dgst -sha256 -c |
-                sed 's/.*= //'
-            )" $cert >> /etc/postfix/client-certs-fingerprints
-    done
-    postmap /etc/postfix/client-certs-fingerprints
+    If you get an error like:
 
-Telling dovecot:
+        ERROR:There is already a certificate for /CN=angela.anarc.at/emailAddress=anarcat
 
-    openssl ca -config openssl.cnf  -gencrl  > crl.pem
-    cat cacert.pem crl.pem > cacrl.pem
-    service dovecot restart
+    It might be the CRL just needs an update, ignore the error and
+    regenerate the CRL (last step below).
+
+ 2. Copy the `.crt` file back to the client
+
+ 3. Updating Postfix fingerprints (copy-paste from above):
+
+        rm /etc/postfix/client-certs-fingerprints
+        for cert in certs/* ; do 
+            printf "%s %s\n" "$(
+                openssl x509 -in $cert -noout -pubkey |
+                    openssl pkey -pubin -outform DER |
+                    openssl dgst -sha256 -c |
+                    sed 's/.*= //'
+                )" $cert >> /etc/postfix/client-certs-fingerprints
+        done
+        postmap /etc/postfix/client-certs-fingerprints
 
-Then copy the `.crt` file back to the client.
+ 4. Regenerate CRL and tell Dovecot:
 
-TODO: does reload work too?
+        openssl ca -config openssl.cnf  -gencrl  > crl.pem
+        cat cacert.pem crl.pem > cacrl.pem
+        service dovecot reload
 
 ### Easy-RSA CA notes
 

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 28f2c53d..55032cab 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -57,7 +57,7 @@ Currently in pre-order / shipping, as of 2025-07-08.
 
 The laptop was supposed to ship "in July", and it did!
 
-## First impressions
+# First impressions
 
 - [missed first post](https://bisco.org/notes/debian-on-framework-12/)
 - lid tighter
@@ -75,16 +75,12 @@ The laptop was supposed to ship "in July", and it did!
   tried it last, and like what I saw on the Steam Deck
 - really nice to see it's actually a touch screen (I expected to be
   disappointed and have the screen work only with the stylus)
+- becomes warm on my legs, presumably because syncthing
+- power usage seems decent, after installing the base system, a bunch
+  of apps, running syncthing, battery is at 45% with, presumably, 1h36
+  remaining... so I guess not that great?
 
-## Open questions
-
-- [which sleeve/case](https://community.frame.work/t/suggestions-on-carrying-bag-or-sleeves/71796)
-- will the screen suck? maybe [a matte protector](https://viascreens.com/screen-protector/framework/laptop-12-2-in-1/matte) (so far not
-  noticed any issue, maybe colors a little less punchy?)
-- how will battery life be? (installer doesn't show battery, oops!)
-- will the pen work well? [where to put it?](https://community.frame.work/t/where-to-put-the-pen/67602)
-- will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964), but not in
-  the Debian installer either)
+TODO: maybe software setup goes into [[hardware/dorothea]]?
 
 ## Downsides
 
@@ -96,15 +92,104 @@ The laptop was supposed to ship "in July", and it did!
   a whim (but i *can* use it with a DP adapter, and treat the monitor
   as a dock, presumably, to be tested)
 
-## Other notes
+## Open questions
 
-### Stylus
+- [which sleeve/case](https://community.frame.work/t/suggestions-on-carrying-bag-or-sleeves/71796)
+- will the screen suck? maybe [a matte protector](https://viascreens.com/screen-protector/framework/laptop-12-2-in-1/matte) (so far not
+  noticed any issue, colors do look a little washed out)
+- how will battery life be? (installer doesn't show battery, oops!)
+- will the pen work well? [where to put it?](https://community.frame.work/t/where-to-put-the-pen/67602)
 
 > Framework Laptop 12 is compatible with MPP 2.0 and USI 2.0 stylus
 > types. The default setting is MPP-compatibility, and you can
 > switch to USI mode in BIOS settings.
 
-### BIOS updates
+- will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964), but not in
+  the Debian installer either)
+
+# KDE
+
+Works well! Like the "retro" look compared to GNOME.
+
+Seems like KDE's "touch mode" (which makes UI elements bigger) does
+not trigger? It's still relatively useable.
+
+Out of the box, auto-rotation and virtual keyboard don't work.
+
+The virtual keyboard gets fixed by installing `maliit-keyboard`, then
+selecting it in the "virtual keyboard" dialog, which i found in [this
+discussion](https://discuss.kde.org/t/how-to-enable-virtual-keyboard-included-in-kde/264/11).
+
+To fix the rotating display issue, you need to install
+`iio-sensor-proxy` hack at udev and then reboot:
+
+```
+sudo apt install iio-sensor-proxy
+sudo sed -i 's/.*iio-buffer-accel/#&/' /usr/lib/udev/rules.d/80-iio-sensor-proxy.rules
+sudo udevadm trigger --settle
+sudo systemctl restart iio-sensor-proxy
+sudo reboot
+```
+
+To see if the sensors work, try: `monitor-sensor --accel`. For
+example, a normally sitting laptop flipped to the side and back should
+show this:
+
+```
+anarcat@dorothea:~$ monitor-sensor --accel
+    Waiting for iio-sensor-proxy to appear
++++ iio-sensor-proxy appeared
+=== Has accelerometer (orientation: normal, tilt: vertical)
+    Accelerometer orientation changed: left-up
+    Tilt changed: tilted-up
+    Accelerometer orientation changed: normal
+    Tilt changed: vertical
+```
+
+In my case, after installing `iio-sensor-proxy` patching its udev, and
+restarting services, the above worked, but Plasma didn't pick it up, I
+had to reboot for the fix to be complete.
+
+This is a [known issue with some component part of Ubuntu and Debian](https://github.com/FrameworkComputer/linux-docs/blob/main/framework12/Ubuntu-25-04-accel-ubuntu25.04.md#ubuntu-2504-tablet-mode-setup-udev-edit)
+
+I filed this [as a new topic](https://community.frame.work/t/tablet-mode-in-kde-auto-rotate-virtual-keyboard/72357) before finding this.
+
+
+night mode is only night light, would like reverse video too.
+
+
+loving the info center, no idea how i got there or how to get back
+
+## installed
+
+- krita
+- darktable
+- syncthingtray
+- emacs
+- vlc
+- git-annex
+
+couldn't install darktable, flatpak or llm from the app center
+
+# Firefox
+
+## Installed add-ons
+
+- ublock
+- wallabag
+- url to qr code
+- clean urls
+- bitwarden
+
+logged into
+
+- sonic.anarc.at
+- jellyfin.anarc.at
+- photoprism.anarc.at
+- grafana.anarc.at
+- kagi (and changed search engine)
+
+# BIOS updates
 
 There's already a BIOS update! Should be installable with LVFS, see
 the [BIOS updates page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-releases-13th-gen-intel-core-HyrqeX2ex).

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 55032cab..027d1984 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -91,6 +91,7 @@ TODO: maybe software setup goes into [[hardware/dorothea]]?
   of setups, which means i can't use it to replace my current setup on
   a whim (but i *can* use it with a DP adapter, and treat the monitor
   as a dock, presumably, to be tested)
+- a bit too heavy for a tablet
 
 ## Open questions
 
@@ -171,6 +172,16 @@ loving the info center, no idea how i got there or how to get back
 
 couldn't install darktable, flatpak or llm from the app center
 
+### flatpaks
+
+- element
+- supersonic
+- koreader
+- zotero
+- signal desktop?
+- speech note
+- organic maps
+
 # Firefox
 
 ## Installed add-ons

diff --git a/hardware/dorothea.mdwn b/hardware/dorothea.mdwn
new file mode 100644
index 00000000..259c5ffd
--- /dev/null
+++ b/hardware/dorothea.mdwn
@@ -0,0 +1,26 @@
+`dorothea` is named after [Dorothea Lange](https://en.wikipedia.org/wiki/Dorothea_Lange), "was an American
+documentary photographer and photojournalist, best known for her
+Depression-era work for the Farm Security Administration
+(FSA). Lange's photographs influenced the development of documentary
+photography and humanized the consequences of the Great
+Depression."
+
+From 1941, "she documented the [internment of Japanese Americans](https://en.wikipedia.org/wiki/Japanese_American_internment)
+and their subsequent incarceration, traveling throughout urban and
+rural California to photograph families required to leave their houses
+and hometowns on orders of the government. Sensitive to the
+implications of her images, authorities impounded most of Lange's
+photography of the (Japanese American) internment process—these photos
+were not seen publicly during the war. "
+
+"In 1952, Lange co-founded the photography magazine [Aperture](https://en.wikipedia.org/wiki/Aperture_(magazine))",
+which is still in print today (as of 2025).
+
+> The camera is an instrument that teaches people how to see without a
+> camera. -- Dorothea Lange: A Photographer's Life. p. vii (1978)
+
+# details
+
+- hardware: [[hardware/laptop/framework-12]]
+- software: Debian 13 trixie (at the time of install)
+- purpose: play
diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 5f60d26f..28f2c53d 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -38,16 +38,53 @@ Currently in pre-order / shipping, as of 2025-07-08.
   different batch](https://community.frame.work/t/fw12-color-batch-1-guild/71354) which is [rumored](https://community.frame.work/t/fw12-batch-1-guild/67317/234?u=anarcat) to have started shipping
   today, although that might be [confused with the colored batch 0](https://community.frame.work/t/fw12-batch-0-guild/67353/322)
 - 2025-07-10 00:52 +0000: "step 2" (preparing your batch) email
-
-In theory, the laptop should ship "in July".
+- 2025-07-15 14:19 +0000: "step 3" (payment complete) email
+- 2025-07-15 21:50 +0000: requested shipping delay (!)
+- 2025-07-16 04:49 +0000: response from support, will ship within 5
+  business days, too late to delay, ask Fedex for a temporary hold
+  with the confirmation number
+- 2025-07-16 09:54 +0000: "step 4" (your order has shipped) email
+- 2025-07-16 01:37: shipment info at fedex
+- 2025-07-16 03:44: picked up in Taoyuan TW
+- 2025-07-16 08:46: Ta Yuan District TW
+- 2025-07-17 02:26: Sennan-Shi JP
+- 2025-07-17 12:58: Memphis, TN
+- 2025-07-17 12:36: Winnipeg, MB
+- 2025-07-18 04:20: Mississauga, ON
+- 2025-07-18 05:17: Mirabel, PQ
+- 2025-07-18 07:45: Saint-Laurent, PQ
+- 2025-07-18 12:01: Delivered!
+
+The laptop was supposed to ship "in July", and it did!
+
+## First impressions
+
+- [missed first post](https://bisco.org/notes/debian-on-framework-12/)
+- lid tighter
+- had trouble finding the power button!
+- secureboot couldn't boot grml, but could boot trixie. trick is there
+  is *another* BIOS than the main one, press <kbd>F2</kbd> real fast
+  while booting, and pick "Administer secure boot" to disable it to
+  boot grml. but trixie boots fine with secureboot.
+- play laptop, considering entirely password-less setup
+- installed Trixie RC2, went flawlessly, but Debian's installer is
+  still too complicated for what it does, and (IMHO) should be spun
+  out into a new applications running on top of live images, briefly
+  considered Fedora, but was scared of novelty
+- installed KDE Plasma because I was really confused by GNOME when I
+  tried it last, and like what I saw on the Steam Deck
+- really nice to see it's actually a touch screen (I expected to be
+  disappointed and have the screen work only with the stylus)
 
 ## Open questions
 
 - [which sleeve/case](https://community.frame.work/t/suggestions-on-carrying-bag-or-sleeves/71796)
-- will the screen suck?
-- how will battery life be?
+- will the screen suck? maybe [a matte protector](https://viascreens.com/screen-protector/framework/laptop-12-2-in-1/matte) (so far not
+  noticed any issue, maybe colors a little less punchy?)
+- how will battery life be? (installer doesn't show battery, oops!)
 - will the pen work well? [where to put it?](https://community.frame.work/t/where-to-put-the-pen/67602)
-- will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964))
+- will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964), but not in
+  the Debian installer either)
 
 ## Downsides
 
@@ -59,6 +96,19 @@ In theory, the laptop should ship "in July".
   a whim (but i *can* use it with a DP adapter, and treat the monitor
   as a dock, presumably, to be tested)
 
+## Other notes
+
+### Stylus
+
+> Framework Laptop 12 is compatible with MPP 2.0 and USI 2.0 stylus
+> types. The default setting is MPP-compatibility, and you can
+> switch to USI mode in BIOS settings.
+
+### BIOS updates
+
+There's already a BIOS update! Should be installable with LVFS, see
+the [BIOS updates page](https://knowledgebase.frame.work/framework-laptop-12-bios-and-driver-releases-13th-gen-intel-core-HyrqeX2ex).
+
 # Reviews
 
 The Framework 12" received mixed reviews, in general. Most complained
diff --git a/services/dns.mdwn b/services/dns.mdwn
index 4c419db2..088a2f85 100644
--- a/services/dns.mdwn
+++ b/services/dns.mdwn
@@ -144,6 +144,8 @@ femmes. Exemples utilisés:
 
  * [[hardware/angela]] ([Davis][])
  * [[hardware/bell]] ([Hooks][])
+ * [[hardware/dorothea]] ([Lange][]) - famous female photographer, I
+   admire her [Migrant Mother](https://en.wikipedia.org/wiki/Migrant_Mother)
  * [[hardware/louise]] ([Michel][])
  * ([Margaret][]) [[hardware/atwood]]
  * [[hardware/margaret]] ([Hamilton][Margaret Hamilton]) - developed
@@ -179,6 +181,7 @@ femmes. Exemples utilisés:
 [yes, the character]: https://en.wikipedia.org/wiki/Mafalda
 [Harriet]: https://en.wikipedia.org/wiki/Harriet_Tubman
 [Fumiko Kaneko]: https://en.wikipedia.org/wiki/Fumiko_Kaneko
+[Lange]: https://en.wikipedia.org/wiki/Dorothea_Lange
 
 Anciens
 -------

diff --git a/hardware/tablet/kobo-clara-hd.md b/hardware/tablet/kobo-clara-hd.md
index 09e3b4b5..04b380b9 100644
--- a/hardware/tablet/kobo-clara-hd.md
+++ b/hardware/tablet/kobo-clara-hd.md
@@ -291,3 +291,7 @@ decided *not* to do here because my time is precious:
 Now maybe I'll have time to actually read a book...
 
 [[!tag blog hardware python-planet debian-planet kobo syncthing]]
+
+
+<!-- posted to the federation on 2025-07-11T14:33:34.777083 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114836033674441232"]]
\ No newline at end of file

diff --git a/hardware/tablet/kobo-clara-hd.md b/hardware/tablet/kobo-clara-hd.md
index 96f1a657..09e3b4b5 100644
--- a/hardware/tablet/kobo-clara-hd.md
+++ b/hardware/tablet/kobo-clara-hd.md
@@ -67,7 +67,28 @@ bypass the annoying registration step. Basically:
  4. `INSERT INTO user(UserID,UserKey) VALUES('1','');`
  5. unmount the device
 
-More details in the above guide, again.
+More details in the above guide.
+
+Update: this works on the Clara HD, or at least the firmware version I
+was using then. But on newer devices (e.g. this Kobo Libra from 2025),
+that didn't work. [Another hack](https://www.reddit.com/r/kobo/comments/mt2f30/comment/k4pt8tx/) is possible, thankfully. The trick
+is to:
+
+ 1. Mount the device
+ 2. Delete `.kobo/KoboReader.sqlite` (if you are already signed in)
+ 3. Reboot
+ 4. Edit the `.kobo/Kobo/Kobo eReader.conf` file
+ 5. Add the line `SideloadedMode=true` under the
+    `[ApplicationPreferences]` section
+ 6. (Possibly?) Delete `.kobo/KoboReader.sqlite` (again?)
+ 7. Eject and restart
+
+I'm not 100% sure of the procedure. [This guide](https://www.reddit.com/r/kobo/comments/1dl6hym/libra_colour_how_to_bypass_registration/) doesn't mention
+deleting the database at all and it didn't work for me, but I had
+already started the registration process.
+
+Also note that deleting the database will reset your reading progress
+and so on.
 
 ## Install koreader
 

diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
index 00b604d4..5f60d26f 100644
--- a/hardware/laptop/framework-12.md
+++ b/hardware/laptop/framework-12.md
@@ -37,6 +37,7 @@ Currently in pre-order / shipping, as of 2025-07-08.
   have received theirs](https://bisco.org/notes/debian-on-framework-12/), seems like the [colored ones are in a
   different batch](https://community.frame.work/t/fw12-color-batch-1-guild/71354) which is [rumored](https://community.frame.work/t/fw12-batch-1-guild/67317/234?u=anarcat) to have started shipping
   today, although that might be [confused with the colored batch 0](https://community.frame.work/t/fw12-batch-0-guild/67353/322)
+- 2025-07-10 00:52 +0000: "step 2" (preparing your batch) email
 
 In theory, the laptop should ship "in July".
 

diff --git a/blog/secrets-recovery.md b/blog/secrets-recovery.md
index cef602fb..1fdcbee1 100644
--- a/blog/secrets-recovery.md
+++ b/blog/secrets-recovery.md
@@ -57,9 +57,10 @@ https://github.com/cyphar/paperback
 
 to review: https://news.ycombinator.com/item?id=37534615
 
+[review of various paper encodings](https://www.monperrus.net/martin/store-data-paper)
 
 128-bit metal punch card backup https://volution.ro/pckb/
 
 
 <!-- posted to the federation on 2025-06-01T23:04:28.772798 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/114611550199170060"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114611550199170060"]]

diff --git a/services/dns.mdwn b/services/dns.mdwn
index efc5b78a..4c419db2 100644
--- a/services/dns.mdwn
+++ b/services/dns.mdwn
@@ -130,6 +130,11 @@ Situation actuelle:
  * gandi: `reseaulibre.ca` (2024-04-28), `anarc.at` (2024-09-06),
    `insomniaque.org` (2029-04-28)
 
+## Secondaires
+
+[This Debian person made a list of secondary DNS
+providers](https://blog.sahilister.in/2025/07/secondary-authoritative-name-server-options-for-self-hosted-domains/). [1986.is particularly interesting](https://1984.hosting/product/freedns/).
+
 Convention de noms
 ==================
 

diff --git a/services/archive/rescue.mdwn b/services/archive/rescue.mdwn
index 9a5db6f7..9989f5ab 100644
--- a/services/archive/rescue.mdwn
+++ b/services/archive/rescue.mdwn
@@ -244,8 +244,6 @@ quality. You should end up with the following files:
 The `.bin` file is a duplicate but can be used to regenerate the
 others (except the `.iso` file of course).
 
-
-
 Identifying disks
 -----------------
 
@@ -565,7 +563,21 @@ here is a summary of what's in the box.
 
 Note that this might be poor storage on my part, others have had more
 luck with their CDs, see [this report from a fellow Debian
-developer](https://k1024.org/posts/2024/2024-10-15-optical-media-lifetime/) for example.
+developer](https://k1024.org/posts/2024/2024-10-15-optical-media-lifetime/) for example:
+
+> for all explicitly selected media - TDK, JVC and Verbatim - they hold for 10-20 years
+
+There are other [similar reports](https://blog.dshr.org/2024/08/2024-optical-media-durability-update.html):
+
+> Surprisingly, with no special storage precautions, generic low-cost
+> media, and consumer drives, I'm getting good data from CD-Rs more
+> than 20 years old, and from DVD-Rs nearly 18 years old. 
+
+That said, many of the disks processed here *might* have crossed the
+10-20 year threshold: the archival work was done in 2018, and it's
+unclear how old the disks were. Some were certainly older than at
+least 2004 (so 14 years old), others likely much older (previous
+millennia).
 
 References
 ==========

diff --git a/hardware/server/marcos/v3.md b/hardware/server/marcos/v3.md
index e5eddec5..f060b70f 100644
--- a/hardware/server/marcos/v3.md
+++ b/hardware/server/marcos/v3.md
@@ -126,7 +126,20 @@ Other providers:
 
 - <http://www.atic.ca/> built marcos v2, still no HTTPS?!
 
+## Other cases
+
+- [Jonsbro](https://www.jonsbo.com/) comes up a lot, see e.g. the [N3](https://www.jonsbo.com/en/products/N3.html)
+
 ## Other reviews
 
 - [2024: Best CPU + Motherboard combo for your NAS build](https://nascompares.com/2024/02/09/the-best-m-itx-cpumotherboard-combo-for-your-nas-build-2024-edition/)
 - [DIY NAS: 2025 edition](https://blog.briancmoses.com/2024/11/diy-nas-2025-edition.html)
+
+## Motherboards
+
+- Topton:
+  - [NAS Motherboard N6005 4x Intel i226-V 2.5G 17x17CM Soft
+    Routing](https://www.toptonpc.com/product/nas-motherboard-n6005-4x-intel-i226-v-2-5g-17x17cm-soft-routing/): 6x SATA, 2xNVMe, Intel 11th gen, 2xSO-DIMM DDR4,
+    4x2.5Gbps, HDMI/DP, 17x17cm Mini-ITX
+- [Minisforum](https://www.minisforum.com/) also make tiny boards, but not lots of SATA sockets,
+  i had bookmarked the [BD770i](https://minixpc.com/blogs/news/minisforum-bd770i-mini-itx-on-board-amd-ryzen-7-7745hx-motherboard-available-at-us-399) for some reason

diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index 7c4050bf..de54d1eb 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -139,6 +139,9 @@ are mixed because it reuses the old 12th gen Intel platform, but I
 don't mind so much that platform, it's the laptop I have now, and it
 works pretty amazingly well.
 
+Review in [[framework-12]] (not to be confused with the
+[[framework-12th-gen]] review, which is the 13" Intel 12th gen laptop.
+
 ## GPD pocket
 
 native ubuntu
diff --git a/hardware/laptop/framework-12.md b/hardware/laptop/framework-12.md
new file mode 100644
index 00000000..00b604d4
--- /dev/null
+++ b/hardware/laptop/framework-12.md
@@ -0,0 +1,97 @@
+Some draft notes about the [Framework Laptop 12" 2-in-1 laptop](https://frame.work/ca/en/laptop12),
+not to be confused with the larger [[Framework
+13"|framework-12th-gen]].
+
+Currently in pre-order / shipping, as of 2025-07-08.
+
+# Order history
+
+- pre-orders opened on April 10 (at least, that's when the email was
+  sent!)
+- pre-ordered on April 9th (!), with the following spec:
+  - base setup: 827.00
+    - CPU: Intel i3-1315U, a step down from the current 13", but [still
+      comparable](https://www.cpubenchmark.net/compare/4759vs5300/Intel-i5-1240P-vs-Intel-i3-1315U), but is more recent (2023-Q2 vs 2022-Q1, 6/8 cores
+      instead of 12/16, 1.2GHz vs 1.7GHz base speed, but similar turbo
+      at 4.5GHz and better TDP at 15W vs 28W)
+    - color: sage
+    - memory: DDR5-5600 - 16GB (my original setup on the 13", was mostly fine)
+  - keyboard: US English - Gray
+  - 65W power adapter: $64.00 (i thought i had a spare one of those, but seems
+    not, and those are so useful!)
+  - expansion cards:
+    - DisplayPort (2nd Gen) $25.00 (wanted to test the 2nd gen)
+    - HDMI (3rd Gen) $25.00 (same)
+    - 1TB (2nd Gen) $169.00 (same)
+    - USB-C (Translucent Green) $12.00 (wanted to test the green, i
+      have two more space USB-C, so this is actually too much)
+    - 2 x USB-A $24.00 (like my current setup, i often run out of
+      USB-A when i have a single one)
+  - total: 1146$CAD + tax, est. 1317.60$CAD, before 100$ deposit
+  - did *not* pick their NVMe drive, as the [1TB drive is 220$CAD](https://frame.work/ca/en/products/wd_black-sn770m-nvme?v=FRANTAWD0A),
+    for about that price I got a [2TB drive at B&H for 269.29$CAD](https://www.bhphotovideo.com/c/product/1802215-REG/wd_wdbdnh0020bbk_wrsn_wd_black_2tb_sn770m.html)
+    (shipping and taxes included!) instead
+- as of 2025-07-08, still not received confirmation of shipping,
+  changed a few minor things with the order (added a 1TB drive,
+  removed one USB-C module, added USB-A module), even though [others
+  have received theirs](https://bisco.org/notes/debian-on-framework-12/), seems like the [colored ones are in a
+  different batch](https://community.frame.work/t/fw12-color-batch-1-guild/71354) which is [rumored](https://community.frame.work/t/fw12-batch-1-guild/67317/234?u=anarcat) to have started shipping
+  today, although that might be [confused with the colored batch 0](https://community.frame.work/t/fw12-batch-0-guild/67353/322)
+
+In theory, the laptop should ship "in July".
+
+## Open questions
+
+- [which sleeve/case](https://community.frame.work/t/suggestions-on-carrying-bag-or-sleeves/71796)
+- will the screen suck?
+- how will battery life be?
+- will the pen work well? [where to put it?](https://community.frame.work/t/where-to-put-the-pen/67602)
+- will the sensors work for auto-rotate? ([apparently](https://community.frame.work/t/auto-rotate-and-accelerometer/70964))
+
+## Downsides
+
+- [no keyboard backlight](https://community.frame.work/t/framework-12-backlit-keyboard/67371)
+- [poor screen color accuracy](https://community.frame.work/t/fw12-poor-screen-colour-accuracy/71025) (66% sRGB), but it turns out that's
+  [similar to the Steam Deck LCD](https://community.frame.work/t/fw12-poor-screen-colour-accuracy/71025/11?u=anarcat)
+- [no thunderbolt](https://community.frame.work/t/no-thunderbolt/67331), which means no "one wire for everything" kind
+  of setups, which means i can't use it to replace my current setup on
+  a whim (but i *can* use it with a DP adapter, and treat the monitor
+  as a dock, presumably, to be tested)
+
+# Reviews
+
+The Framework 12" received mixed reviews, in general. Most complained
+about the old CPU shipped with the device, and pricing.
+
+- [Phoronix: An Upgrade-Friendly, Convertible 2-in-1 Linux Laptop](https://www.phoronix.com/review/framework-laptop-12):
+  
+  > The only downside is the performance if you are wanting to run any
+  > moderately demanding workloads but for those looking at a
+  > well-built, upgradeable, and all-around dependable mini Linux
+  > laptop or convertible tablet that can run your favorite modern
+  > Linux distribution, the Framework Laptop 12 is another great
+  > addition to the Framework Computer family.
+
+- [The Verge: plastic fantastic](https://www.theverge.com/reviews/688959/framework-laptop-12-review-modular-touchscreen-intel)
+
+  > The quirky 2-in-1 has an endearing design that could be a great
+  > fit for students. But Framework once again has to prove itself.
+
+- [Ars: A sturdy, thoughtful, cute design that just can't compete in
+  its price range](https://arstechnica.com/gadgets/2025/06/framework-laptop-12-review-im-excited-to-see-what-the-2nd-generation-looks-like/)
+
+  > I hope that Framework does what it's done for the Laptop 13 over
+  > the last four or so years: introduce updated components, iterate
+  > on different elements of the design, and gradually bring the price
+  > down into a more reasonable range through refurbished and
+  > factory-second parts. As a $1,000-ish computer, this leaves a lot
+  > to be desired. But as the foundation for a new Framework platform,
+  > it has enough promise to be interesting.
+
+Overall, the pros and cons seem to be:
+
+- plastic seems sturdy (MIL-STD-810)
+- modular ports with "child locks" are better than the Framework 13"
+  "latch" design (and i don't really like the 13" design either)
+- too expensive
+- mediocre colors and large bezel

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 7160bde6..44dbcf65 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -157,6 +157,8 @@ and here is my progress:
 - 2025-05-20: 12903 (-1040, plus 700+ new shots, two months mark,
   5k done, ETA 2-3 more months)
 - 2025-06-07: 12044 (-859, plus some new shots)
+- 2025-06-27: 11346 (-658, plus +452 new, done back to 2023, 2005-2022
+  to go (!), 2 weeks missed)
 
 Inventaire
 ==========

diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index f8adfb78..7c4050bf 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -37,7 +37,19 @@ Comparateur: https://www.thelaptoplist.com/
 
 <https://frame.work/>
 
-### 11th gen
+### 13"
+
+The framework line used to be divided in generations (11th gen, 12th
+gen, etc) aligned with the Intel CPU generations. But now they have
+AMD CPUs and laptops of another form factor, so a "Framework 12" is
+actually pretty confusing now, because it can refer to the "12th gen
+13" laptop (which i have) or the "12th gen 12 inch 2-1 laptop
+announced in 2025).
+
+From now on, i'll try to be specific about the size of the
+laptop. This section documents the classic 13" laptops.
+
+#### 11th gen
 
 Specs (Intel 11th gen, newer specs available, see below):
 
@@ -55,12 +67,12 @@ Specs (Intel 11th gen, newer specs available, see below):
  * Intel® Wi-Fi 6E AX210
  * fingerprint reader
 
-### 12th gen
+#### 12th gen
 
 Ordered a Framework 12th Gen intel DIY laptop in late August 2022, see
 detailed review in [[framework-12th-gen]].
 
-### 13th gen and AMD
+#### 13th gen and AMD
 
 There's now a third generation of Framework laptops, along with an AMD
 version. The AMD version is particularly interesting because AMD has
@@ -84,11 +96,32 @@ Review:
  * [Phoronix](https://www.phoronix.com/review/framework-13-amd/6), AMD - "fantastic choice for Linux users"
  * [rtings](https://www.rtings.com/laptop/reviews/framework/laptop-13-2023)
 
-### Framework 16
-
-Another product in development is the Framework 16, currently in
-pre-order. It's a larger laptop than the "13" (which the 11th, 12th
-and 13th gen all fit into) with 6 expansion ports, hotswappable
+### 16"
+
+Framework just (2023-03-23) just announced a whole bunch of new stuff:
+
+ * [AMD Ryzen 7040 and 13th gen Intel board](https://frame.work/blog/framework-laptop-13-with-13th-gen-intel-core-and-amd-ryzen-7040-series)
+ * [16" laptop version](https://frame.work/blog/introducing-the-framework-laptop-16) (pre-order) with an expansion "bay" for an
+   upgradeable graphics module which could also fit M.2 storage
+ * [audio expansion card](https://frame.work/products/audio-expansion-card), since the 16 laptop doesn't have a combo
+   jack
+ * official [mainboard case](https://frame.work/products/cooler-master-mainboard-case) (back-ordered)
+ * official *battery case* (!) (no site yet)
+ * new bezel colors, including [transluscent](https://frame.work/products/bezel?v=FRANCBCP04), green, purple and
+   red (back-ordered)
+ * new, louder (80dB) [speakers](https://frame.work/products/speaker-kit?v=FRANBXFG03)
+ * [new 61Wh battery](https://frame.work/products/battery?v=FRANGWAT01)
+ * [matte display](https://frame.work/products/display-kit?v=FRANFX0001)
+ * [new hinge](https://frame.work/products/hinge-kit-2nd-gen-3-5kg)
+
+The recording is available in [this video](https://www.youtube.com/watch?v=ccpsyRipHlk) and it's not your
+typical keynote. It starts ~25 minutes late, audio is crap, lightning
+and camera are crap, clapping seems to be from whatever staff they
+managed to get together in a room, decor is bizarre, colors are
+shit. It's amazing.
+
+The Framework 16 is a larger laptop than the "13" (which the 11th,
+12th and 13th gen all fit into) with 6 expansion ports, hotswappable
 keyboard mods and a hotswappable GPU.
 
 Reviews:
@@ -97,6 +130,15 @@ Reviews:
  * [Upstream's review index](https://frame.work/ca/en/blog/framework-laptop-16-reviews-are-live)
  * [ifixit teardown](https://www.youtube.com/watch?v=Y8uv8fajOrc) (10/10)
 
+### 12" 
+
+Framework did it again, and there's yet another line of (incompatible)
+hardware that came out: a 2-in-1 laptop. I pre-ordered it because I
+was looking for a [[tablet]], we'll see how it goes. So far reviews
+are mixed because it reuses the old 12th gen Intel platform, but I
+don't mind so much that platform, it's the laptop I have now, and it
+works pretty amazingly well.
+
 ## GPD pocket
 
 native ubuntu
diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index 25827b57..e95f9fe7 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -57,6 +57,12 @@ around the table of contents as you see fit for after you did buy the
 laptop, as it might include some crucial hints on how to make it work
 best for you, especially on (Debian) Linux.
 
+Heads up: the 3.17 BIOS upgrade changed *everything*. Performance is
+much better: i've seen three-fold performance improvements in
+asncounter benchmarks, although the fan is noisier, it's great!
+Presumably power management is better too. Lots in here needs to be
+updated to reflect that, but I lack the time to do so.
+
 [[!toc levels=5]]
 
 # Advice for buyers
@@ -98,29 +104,6 @@ I have decided to use the Framework as my daily driver, and had to buy
 a [[USB-C dock|blog/2023-02-10-usb-c]] to get my two monitors
 connected, which was own adventure.
 
-Update: Framework just (2023-03-23) just announced a whole bunch of
-new stuff:
-
- * [AMD Ryzen 7040 and 13th gen Intel board](https://frame.work/blog/framework-laptop-13-with-13th-gen-intel-core-and-amd-ryzen-7040-series)
- * [16" laptop version](https://frame.work/blog/introducing-the-framework-laptop-16) (pre-order) with an expansion "bay" for an
-   upgradeable graphics module which could also fit M.2 storage
- * [audio expansion card](https://frame.work/products/audio-expansion-card), since the 16 laptop doesn't have a combo
-   jack
- * official [mainboard case](https://frame.work/products/cooler-master-mainboard-case) (back-ordered)
- * official *battery case* (!) (no site yet)
- * new bezel colors, including [transluscent](https://frame.work/products/bezel?v=FRANCBCP04), green, purple and
-   red (back-ordered)
- * new, louder (80dB) [speakers](https://frame.work/products/speaker-kit?v=FRANBXFG03)
- * [new 61Wh battery](https://frame.work/products/battery?v=FRANGWAT01)
- * [matte display](https://frame.work/products/display-kit?v=FRANFX0001)
- * [new hinge](https://frame.work/products/hinge-kit-2nd-gen-3-5kg)
-
-The recording is available in [this video](https://www.youtube.com/watch?v=ccpsyRipHlk) and it's not your
-typical keynote. It starts ~25 minutes late, audio is crap, lightning
-and camera are crap, clapping seems to be from whatever staff they
-managed to get together in a room, decor is bizarre, colors are
-shit. It's amazing.
-
 # Specifications
 
 Those are the specifications of the 12th gen, in general terms. Your

diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index 1df943e0..25827b57 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -2046,6 +2046,59 @@ Thunderbolt dock from [Cable Matters](https://www.cablematters.com/), with the l
 [201053-SIL](https://www.cablematters.com/pc-1054-127-usb-c-docking-station-with-dual-4k-hdmi-and-80w-charging-for-windows-computers.aspx). It has issues, see [[this blog
 post|blog/2023-02-10-usb-c]] for an in-depth discussion.
 
+## Touch pad replacement
+
+Today (2025-06-27), I replaced the touch pad. It was pretty flaky: I
+had [filed a request on the forum](https://community.frame.work/t/mouse-pad-click-fatigue/38052/5) but ended up reaching out to
+support for help, and after a few back and forth, they confirmed that
+the part was faulty and not under warranty. I ordered a [new one](https://frame.work/ca/en/products/touchpad-kit?v=FRANFT0001)
+(51$) which came quickly enough, and replaced it.
+
+It took 25 minutes to [follow the guide](https://guides.frame.work/Guide/Touchpad+Replacement+Guide/90) from the time I posted
+"I'm rebooting" to the time I returned, so their estimate of "5-12
+minutes" on that page is quite optimistic.
+
+The old touchpad is still somewhat functional: taps work, but
+scrolling doesn't work so well (sometimes there are spurious clicks!)
+and the "click" feature just doesn't work at all anymore, which is a
+problem because it's essentially the only way to "right-click-drag" in
+Sway, likely because of a bug in sway or wlroots itself, as it doesn't
+send dragging even for the "three finger taps" (even though `evtest`
+sees them).
+
+Timeline:
+
+- 2022-09-27: received laptop
+- 2023-10-15: first reports of click fatigue on the forum
+- 2023-10-20: followed a [workaround guide](https://guides.frame.work/Guide/Touchpad+Rubbing+Fix+Guide/103?lang=en), marginal improvements
+- 2024-05-13: still having issues, filed [as a different topic](
+https://community.frame.work/t/responded-spurious-clicks-while-using-touch-pad/50834)
+  because I forgot about the first
+- 2025-06-17 20:27:18 +00000: opened issue with Framework support (auto-reply)
+- 2025-06-17 23:57:24 +0000: first prompts from support
+- 2025-06-17 22:22:50 -0400: response to most prompts, asks for quick decision
+- 2025-06-18 03:44:51 +0000: support recommends getting a new input
+  cover
+- 2025-06-18 10:06:45 -0400: ask for clarification whether the entire
+  keyboard needs replacement
+- 2025-06-18 15:59:41 +0000: support sends correct link to touch pad
+  (<https://frame.work/ca/en/products/touchpad-kit?v=FRANFT0001>)
+- 2025-06-18 17:22:13 +0000: touchpad ordered
+- 2025-06-19 16:43:17 +0000: touchpad shipped
+- 2025-06-23 13:52:00 -0400: touchpad delivered (~4 days)
+- 2025-06-27 15:47:04 -0400: touchpad installation starts (shutdown
+  takes a couple minutes)
+- 2025-06-27 16:11:35 -0400: touchpad installation completes (fully
+  booted, ~23 minutes)
+
+All in all, from when I opened the issue to when I had the fix, it
+took 10 days, 4 of which were spent in shipping, and 4 of which were
+spent in me not doing anything. So this is a repair that could have
+been done inside a week, even including a day of back-and-forth with
+support.
+
+Pretty happy with this.
+
 # Shipping details
 
 I ordered the Framework in August 2022 and received it about a month

diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index 1cb94a29..e65f2667 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -11,17 +11,17 @@ warn:
 	@echo "run '$(MAKE) renew hu upload upload-tpo' to make a full renewal"
 	@echo "this is not default because 'renew' and 'upload-tpo' are not idempotent"
 
-# thanks to kushal for this: https://kushaldas.in/posts/setting-up-wkd.html
+# thanks to kushal for this, originally: https://kushaldas.in/posts/setting-up-wkd.html
 #
-# the hack of moving stuff around is because sq refuses to update a
-# WKD directory in "direct" mode.
-#
-# we would need to try "advanced" mode but that requires a whole
-# different vhost (openpgpkey.anarc.at), ugh.
+# since then switched to simpler sq, which i found confusing, but this
+# works, i think. see:
+# https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/576
 hu:
-	sq network wkd publish --domain=anarc.at --cert=BBB6CD4C98D74E1358A752A602293A6FA4E53473 --method=direct --create .
-	mv .well-known/openpgpkey/hu/* hu/
-	rm -rf .well-known
+	if ! [ -d hu ]; then \
+		sq network wkd publish --domain=anarc.at --cert=BBB6CD4C98D74E1358A752A602293A6FA4E53473 --method=direct --create ../.. \
+	; else \
+		sq network wkd publish --domain=anarc.at --cert=BBB6CD4C98D74E1358A752A602293A6FA4E53473 ../.. \
+	; fi
 
 upload:
 	gpg --keyserver keyring.debian.org --send-keys $(FINGERPRINT)
diff --git a/.well-known/openpgpkey/anarc.at/policy b/.well-known/openpgpkey/anarc.at/policy
deleted file mode 100644
index 6c55ace9..00000000
--- a/.well-known/openpgpkey/anarc.at/policy
+++ /dev/null
@@ -1 +0,0 @@
-# Policy flags for domain anarc.at

diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index a033da76..1cb94a29 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -12,15 +12,16 @@ warn:
 	@echo "this is not default because 'renew' and 'upload-tpo' are not idempotent"
 
 # thanks to kushal for this: https://kushaldas.in/posts/setting-up-wkd.html
-# also tried sq but couldn't make it work:
-# 	sq network wkd publish --domain=anarc.at --cert=$(FINGERPRINT) --method=direct ../..
-# this fails because it wants --create, but create fails because directory already exists
+#
+# the hack of moving stuff around is because sq refuses to update a
+# WKD directory in "direct" mode.
 #
 # we would need to try "advanced" mode but that requires a whole
 # different vhost (openpgpkey.anarc.at), ugh.
 hu:
-	echo "$(FINGERPRINT) $(ADDRESS)" | /usr/lib/gnupg/gpg-wks-client -v --install-key --directory .
-	mv anarc.at/hu/* hu/
+	sq network wkd publish --domain=anarc.at --cert=BBB6CD4C98D74E1358A752A602293A6FA4E53473 --method=direct --create .
+	mv .well-known/openpgpkey/hu/* hu/
+	rm -rf .well-known
 
 upload:
 	gpg --keyserver keyring.debian.org --send-keys $(FINGERPRINT)
diff --git a/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe b/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe
index fe41fb5d..34c381d8 100644
Binary files a/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe and b/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe differ

diff --git a/.well-known/openpgpkey/.gitattributes b/.well-known/openpgpkey/.gitattributes
new file mode 100644
index 00000000..36c68f0d
--- /dev/null
+++ b/.well-known/openpgpkey/.gitattributes
@@ -0,0 +1 @@
+hu/* diff=key
diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index ef568656..a033da76 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -12,6 +12,12 @@ warn:
 	@echo "this is not default because 'renew' and 'upload-tpo' are not idempotent"
 
 # thanks to kushal for this: https://kushaldas.in/posts/setting-up-wkd.html
+# also tried sq but couldn't make it work:
+# 	sq network wkd publish --domain=anarc.at --cert=$(FINGERPRINT) --method=direct ../..
+# this fails because it wants --create, but create fails because directory already exists
+#
+# we would need to try "advanced" mode but that requires a whole
+# different vhost (openpgpkey.anarc.at), ugh.
 hu:
 	echo "$(FINGERPRINT) $(ADDRESS)" | /usr/lib/gnupg/gpg-wks-client -v --install-key --directory .
 	mv anarc.at/hu/* hu/
diff --git a/.well-known/openpgpkey/anarc.at/.gitattributes b/.well-known/openpgpkey/anarc.at/.gitattributes
deleted file mode 100644
index af7c7edc..00000000
--- a/.well-known/openpgpkey/anarc.at/.gitattributes
+++ /dev/null
@@ -1 +0,0 @@
-* diff=gpg

diff --git a/software.mdwn b/software.mdwn
index 626f57fe..47926900 100644
--- a/software.mdwn
+++ b/software.mdwn
@@ -12,6 +12,12 @@ J'ai écrit un manuel
 [[d'entretien de packages debian|debian-development]] (en anglais)
 parce qu'il semblait qu'il n'y avait rien de complet à ce niveau...
 
+## asncounter
+
+[asncounter](https://gitlab.com/anarcat/asncounter/) permet de suivre le traffic sur un serveur par
+[ASN](https://en.wikipedia.org/wiki/Autonomous_system_(Internet)), ce qui permet de gérer des "robots" abusifs et autres
+attaques, voir [[blog/2025-05-30-asncounter]].
+
 ## feed2exec
 
 J'ai écrit un lecteur de fils RSS nommé [feed2exec](https://gitlab.com/anarcat/feed2exec) afin de

diff --git a/blog/2024-05-29-playing-with-fonts-again.md b/blog/2024-05-29-playing-with-fonts-again.md
index fa3be514..6dfe9aef 100644
--- a/blog/2024-05-29-playing-with-fonts-again.md
+++ b/blog/2024-05-29-playing-with-fonts-again.md
@@ -45,6 +45,21 @@ do with the Wayland transition. I've tried with both [grim](https://sr.ht/~emers
 complicated issue having to do with *displaying* images as well as
 screenshots, see the issues in [shotman](https://todo.sr.ht/~whynothugo/shotman/11) and [grim](https://todo.sr.ht/~emersion/grim/98).)
 
+And here is an update of those in a single screenshot with the new
+test sheet:
+
+<figure>
+<img src="snap-20250613T103257.png" alt="Two dark terminals showing
+Fira Mono and Commit Mono side by side." />
+<figcaption>Fira and Commit mono with the new test sheet, generated
+with `foot -W 80x63 -T pop-up -f 'Commit mono:size=12' --hold sh -c
+"sed -n '/```/,/```/{/```/d;p}'  *fonts-again.md ; printf 'Commit
+mono'" 2>/dev/null` and `foot -W 80x61 -T pop-up -f 'Fira
+mono:size=12' --hold sh -c "sed -n '/```/,/```/{/```/d;p}'
+*fonts-again.md ; printf 'Fira mono'" 2>/dev/null`.</figcaption>
+</figure>
+
+
 They are pretty similar! Commit Mono feels a *bit* more vertically
 compressed maybe too much so, actually -- the line height feels too
 low.  But it's heavily customizable so that's something that's
diff --git a/blog/2024-05-29-playing-with-fonts-again/snap-20250613T103257.png b/blog/2024-05-29-playing-with-fonts-again/snap-20250613T103257.png
new file mode 100644
index 00000000..fd8042ee
Binary files /dev/null and b/blog/2024-05-29-playing-with-fonts-again/snap-20250613T103257.png differ

diff --git a/blog/2024-05-29-playing-with-fonts-again.md b/blog/2024-05-29-playing-with-fonts-again.md
index 15a6ffb9..fa3be514 100644
--- a/blog/2024-05-29-playing-with-fonts-again.md
+++ b/blog/2024-05-29-playing-with-fonts-again.md
@@ -41,7 +41,9 @@ showing the test sheet in Fira Mono" />
 (Notice how those screenshots are not sharp? I'm surprised too. The
 originals *look* sharp on my display, I suspect this is something to
 do with the Wayland transition. I've tried with both [grim](https://sr.ht/~emersion/grim/) and
-[flameshot](https://github.com/flameshot-org/flameshot), for what its worth.)
+[flameshot](https://github.com/flameshot-org/flameshot), for what its worth. Update: turns out this is a really
+complicated issue having to do with *displaying* images as well as
+screenshots, see the issues in [shotman](https://todo.sr.ht/~whynothugo/shotman/11) and [grim](https://todo.sr.ht/~emersion/grim/98).)
 
 They are pretty similar! Commit Mono feels a *bit* more vertically
 compressed maybe too much so, actually -- the line height feels too

diff --git a/blog/2024-05-29-playing-with-fonts-again.md b/blog/2024-05-29-playing-with-fonts-again.md
index d1745a02..15a6ffb9 100644
--- a/blog/2024-05-29-playing-with-fonts-again.md
+++ b/blog/2024-05-29-playing-with-fonts-again.md
@@ -125,6 +125,8 @@ Lines alignment test:
 ———————————————————————————————————————— EM DASH
 ―――――――――――――――――――――――――――――――――――――――― HORIZONTAL BAR
 ________________________________________ LOW LINE
+
+All in one line, surrounded by PLUS SIGN: +-−–—―_+
 ```
 
 Update: [here is another such sample sheet](https://sheet.shiar.nl/sample), it's pretty good and

diff --git a/blog/2024-05-29-playing-with-fonts-again.md b/blog/2024-05-29-playing-with-fonts-again.md
index d6e47333..d1745a02 100644
--- a/blog/2024-05-29-playing-with-fonts-again.md
+++ b/blog/2024-05-29-playing-with-fonts-again.md
@@ -118,15 +118,13 @@ Box drawing alignment tests:
 ║└─╥─┘║  │╚═╤═╝│  │╘═╪═╛│  │╙─╀─╜│  ┃└─╂─┘┃ ░░▒▒▓▓██ ┊  ┆ ╎ ╏  ┇ ┋ ▎
 ╚══╩══╝  └──┴──┘  ╰──┴──╯  ╰──┴──╯  ┗━━┻━━┛          └╌╌┘ ╎ ┗╍╍┛ ┋ ▏▁▂▃▄▅▆▇█
 
-Dashes alignment test:
-
-HYPHEN-MINUS, MINUS SIGN, EN, EM DASH, HORIZONTAL BAR, LOW LINE
---------------------------------------------------
-−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
-––––––––––––––––––––––––––––––––––––––––––––––––––
-——————————————————————————————————————————————————
-――――――――――――――――――――――――――――――――――――――――――――――――――
-__________________________________________________
+Lines alignment test:
+---------------------------------------- HYPHEN-MINUS
+−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− MINUS SIGN
+–––––––––––––––––––––––––––––––––––––––– EN
+———————————————————————————————————————— EM DASH
+―――――――――――――――――――――――――――――――――――――――― HORIZONTAL BAR
+________________________________________ LOW LINE
 ```
 
 Update: [here is another such sample sheet](https://sheet.shiar.nl/sample), it's pretty good and

diff --git a/blog/2024-05-29-playing-with-fonts-again.md b/blog/2024-05-29-playing-with-fonts-again.md
index 2f55ca62..d6e47333 100644
--- a/blog/2024-05-29-playing-with-fonts-again.md
+++ b/blog/2024-05-29-playing-with-fonts-again.md
@@ -86,8 +86,8 @@ zs$S52Z%  ´`'"‘’“”«»
 
 all characters in a sentence, uppercase:
 
-the quick fox jumps over the lazy dog
-THE QUICK FOX JUMPS OVER THE LAZY DOG
+the quick brown fox jumps over the lazy dog
+THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG
 
 same, in french:
 

diff --git a/blog/mobile-massive-gallery.md b/blog/mobile-massive-gallery.md
index 7ffabcc3..b48bf5d3 100644
--- a/blog/mobile-massive-gallery.md
+++ b/blog/mobile-massive-gallery.md
@@ -248,3 +248,7 @@ update: https://apps.nextcloud.com/apps/memories seems to do what we need
 https://bpatrik.github.io/pigallery2/
 
 [[!tag draft]]
+
+
+<!-- posted to the federation on 2025-06-11T16:30:55.303235 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114666625772226557"]]
\ No newline at end of file

diff --git a/blog/mobile-massive-gallery.md b/blog/mobile-massive-gallery.md
index f8f81f7b..7ffabcc3 100644
--- a/blog/mobile-massive-gallery.md
+++ b/blog/mobile-massive-gallery.md
@@ -245,4 +245,6 @@ consider tls client certs.
 
 update: https://apps.nextcloud.com/apps/memories seems to do what we need
 
+https://bpatrik.github.io/pigallery2/
+
 [[!tag draft]]

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 6836c750..7160bde6 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -156,6 +156,7 @@ and here is my progress:
 - 2025-05-09: 13943 (-504, plus 200 new shots)
 - 2025-05-20: 12903 (-1040, plus 700+ new shots, two months mark,
   5k done, ETA 2-3 more months)
+- 2025-06-07: 12044 (-859, plus some new shots)
 
 Inventaire
 ==========
@@ -260,6 +261,14 @@ Reference
    * [Lens buying guide](https://www.dpreview.com/articles/9162056837/digital-camera-lens-buying-guide)
  * [Darktable camera support](https://www.darktable.org/resources/camera-support/): pretty uniform across brands
 
+# 2025 shopping
+
+[Fuji's X-M5](https://www.dpreview.com/reviews/fujifilm-x-m5-in-depth-review) looks interesting for travel and "every day": small,
+works with existing lenses. Big downside is lack of an EVF. A X-Pro
+*might* be coming in 2025, but I'm not sure I like it better than the
+X-T5 series, it's not smaller. The [X-E5](https://www.fujirumors.com/fujifilm-x-e5-this-is-when-it-will-be-announced/) might be coming too, and
+a possibly good compromise, exciting times.
+
 2018 shopping
 =============
 

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index f9d88562..3c2da63b 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -947,12 +947,13 @@ involved calling xterm and xmessage for user interaction. Now,
 anyone freaks out, I already had to use GTK for proper clipboard
 support, so this isn't much of a stretch...)
 
-One thing I'm, missing is some review/annotation
-tool. [Satty](https://github.com/gabm/Satty) provides a nice minimal wrapper like that. For now,
-I'm using whatever default image viewer I have configured (currently
-geeqie), one key feature is that it must support the "copy image to
-clipboard" (not the path! the actual full image!) functionality,
-typically to paste to GitHub/GitLab issues, or Signal.
+One thing I'm, missing is some review/annotation tool. [Satty](https://github.com/gabm/Satty)
+provides a nice minimal wrapper like that. See also [Gradia](https://github.com/AlexanderVanhee/Gradia).
+
+For now, I'm using whatever default image viewer I have configured
+(currently geeqie), one key feature is that it must support the "copy
+image to clipboard" (not the path! the actual full image!)
+functionality, typically to paste to GitHub/GitLab issues, or Signal.
 
 I've also started testing [shotman](https://shotman.whynothugo.nl/) (part of Debian Trixie) which
 outlined that I might have an issue with fractional display and image

diff --git a/hardware/svetlana.md b/hardware/svetlana.md
index 25635c68..28bc9425 100644
--- a/hardware/svetlana.md
+++ b/hardware/svetlana.md
@@ -40,7 +40,7 @@ maybe it's still broken.
 Followed [the flashing instructions](https://openwrt.org/toh/ubiquiti/unifi_6_lite), terrified because device
 switched to 192.168.1.1 and I thought it was bricked.
 
-# Confguration
+# Configuration
 
 Did the following config:
 

diff --git a/blog/secrets-recovery.md b/blog/secrets-recovery.md
index e394c89d..cef602fb 100644
--- a/blog/secrets-recovery.md
+++ b/blog/secrets-recovery.md
@@ -59,3 +59,7 @@ to review: https://news.ycombinator.com/item?id=37534615
 
 
 128-bit metal punch card backup https://volution.ro/pckb/
+
+
+<!-- posted to the federation on 2025-06-01T23:04:28.772798 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114611550199170060"]]
\ No newline at end of file

diff --git a/blog/secrets-recovery.md b/blog/secrets-recovery.md
index 454baae3..e394c89d 100644
--- a/blog/secrets-recovery.md
+++ b/blog/secrets-recovery.md
@@ -56,3 +56,6 @@ https://github.com/cyphar/paperback
 
 
 to review: https://news.ycombinator.com/item?id=37534615
+
+
+128-bit metal punch card backup https://volution.ro/pckb/

diff --git a/blog/2025-05-30-asncounter.md b/blog/2025-05-30-asncounter.md
index 3a6ba5f1..44e8464c 100644
--- a/blog/2025-05-30-asncounter.md
+++ b/blog/2025-05-30-asncounter.md
@@ -113,7 +113,7 @@ script that loops over IPs and counts IPs per ASN".
 monitoring. Argos, for example, presumably does this, but it's a kind
 of a huge stack. You can also get into netflows, but there's serious
 privacy implications with those. There are also lots of per-IP
-counters like [promacct](https://github.com/kumina/promacct), but that doesn't scale.
+counters like [`promacct`](https://github.com/kumina/promacct), but that doesn't scale.
 
 Or maybe someone already had solved this problem and I just wasted a
 week of my life, who knows. Someone will let me know, I hope, either
@@ -167,7 +167,7 @@ less than an hour, just look at [the first version](https://gitlab.com/anarcat/a
 (`sloccount`) of Python, and it works, provided you have already
 downloaded the required datafiles from routeviews.org. (Obviously, the
 latest version is longer at close to 1000 lines, but it downloads the
-datafiles automatically, and has many more features).
+data files automatically, and has many more features).
 
 The way the first prototype (and later versions too, mostly) worked is
 that you feed it a list of IP addresses on standard input, it looks up
@@ -222,7 +222,7 @@ bonkers: they have *hundreds* of such prefixes.
 
 Now, clever people in the know will say "of course they do, it's an
 hyperscaler; just ASN14618 (AMAZON-AES) there is *way* more
-announcements, they have 1416 prefies!" Yes, of course, but they are
+announcements, they have 1416 prefixes!" Yes, of course, but they are
 not generating half of my traffic (at least, not yet). But even then:
 this *also* applies to Amazon! This way of counting traffic is *way*
 more useful for large scale operations like this, because you group by
@@ -230,7 +230,7 @@ organisation instead of by *server* or individual endpoint.
 
 And, ultimately, this is why `asncounter` matters: it allows you to
 group your traffic by *organisation*, the place you can actually
-negociate with.
+negotiate with.
 
 Now, of course, that assumes those are entities you can talk with. I
 have written to both Alibaba and Huawei, and have yet to receive a
@@ -257,7 +257,7 @@ At first glance, they looked legit, like:
 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
 ```
 
-Saferi on a Mac, so far so good. But when you start digging, you
+Safari on a Mac, so far so good. But when you start digging, you
 notice some strange things, like here's Safari running on Linux:
 
 ```
@@ -266,7 +266,7 @@ Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Ch
 
 Was Safari ported to Linux? I guess that's.. possible? 
 
-But here here Safari running on a 15 year old Ubuntu release (10.10):
+But here is Safari running on a 15 year old Ubuntu release (10.10):
 
 ```
 Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Ubuntu/10.10 Chromium/12.0.702.0 Chrome/12.0.702.0 Safari/534.24
@@ -281,7 +281,7 @@ Mozilla/5.0 (Windows; U; Windows NT 5.1; en-CA) AppleWebKit/534.13 (KHTML like G
 
 Really?
 
-Here's Firefox 3.6, released 14 years ago, there werequite a lot of
+Here's Firefox 3.6, released 14 years ago, there were quite a lot of
 those:
 
 ```
@@ -304,7 +304,7 @@ which, according their [documentation](https://developers.facebook.com/docs/shar
 
 > crawls the web for use cases such as training AI models or improving products by indexing content directly
 
-From what I coult tell, it was even respecting our rather liberal
+From what I could tell, it was even respecting our rather liberal
 `robots.txt` rules, in that it wasn't crawling the sprawling `/blame/`
 or `/commit/` endpoints, explicitly forbidden by `robots.txt`.
 
@@ -313,7 +313,7 @@ just went away. Good job Facebook, as much as I think you've given the
 empire to neo-nazis, cause depression and genocide, you know how to
 run a crawler, thanks.
 
-Huawei was blocked at the webserver level, with a friendly 429 status
+Huawei was blocked at the web server level, with a friendly 429 status
 code telling people to contact us (over email) if they need help. And
 they don't care: they're still hammering the server, from what I can
 tell, but then again, I didn't block the entire ASN just yet, just the
@@ -324,7 +324,7 @@ blocks I found crawling the server over a couple hours.
 So what does a day in asncounter look like? Well, you start with a
 problem, say you're getting too much traffic and want to see where
 it's from. First you need to sample it. Typically, you'd do that with
-`tcpdump` or tailing a logfile:
+`tcpdump` or tailing a log file:
 
     tail -F /var/log/apache2/*access*.log | awk '{print $2}' | asncounter
 
@@ -335,7 +335,7 @@ instead:
     tcpdump -q -n | asncounter --input-format=tcpdump --repl
 
 If you *really* get a lot of traffic, you might want to get a subset
-of that to avoid overwhelming asncounter, it's not fast enough to do
+of that to avoid overwhelming `asncounter`, it's not fast enough to do
 multiple gigabit/second, I bet, so here's only incoming SYN IPv4
 packets:
 
@@ -396,13 +396,13 @@ request duration stats" for various time ranges, 20h after the block:
 | 30d   | 2.08s | 3.86m | 8.86s |
 | 6m    | 901ms | 27.3s | 2.43s |
 
-We went from *two seconds* mean to 500ms! And look at that stdev!
+We went from *two seconds* mean to 500ms! And look at that standard deviation!
 39ms! It was *ten seconds* before! I doubt we'll keep it that way very
 long but for now, it feels like I won a battle, and I didn't even have
-to setup [anubis](https://github.com/TecharoHQ/anubis) or [go-away](https://git.gammaspectra.live/git/go-away), although I suspect that will
+to setup [`anubis`](https://github.com/TecharoHQ/anubis) or [`go-away`](https://git.gammaspectra.live/git/go-away), although I suspect that will
 unfortunately come.
 
-Note that asncounter also supports exporting Prometheus metrics, but
+Note that `asncounter also supports exporting Prometheus metrics, but
 you should be careful with this, as it can lead to cardinal explosion,
 especially if you track by prefix (which can be disabled with
 `--no-prefixes`.
@@ -423,7 +423,7 @@ comments. Hacker News, let it rip, I know you can give me another
 juicy quote [[for my blog|blog]].
 
 This work was done as part of my paid work for the [Tor Project](https://www.torproject.org/),
-currently in a fundraising drive, give us money if you like what you
+currently in a fundraising drive, [give us money](https://donate.torproject.org/) if you like what you
 read.
 
 [[!tag debian-planet python-planet software network sysadmin tor censorship python]]

diff --git a/blog/2025-05-30-asncounter.md b/blog/2025-05-30-asncounter.md
index faff7b37..3a6ba5f1 100644
--- a/blog/2025-05-30-asncounter.md
+++ b/blog/2025-05-30-asncounter.md
@@ -165,7 +165,9 @@ possibly also the list of prefixes (because why not). Turns out pyasn
 makes that *really* easy. I managed to build a prototype in probably
 less than an hour, just look at [the first version](https://gitlab.com/anarcat/asncounter/-/blob/efaa08c431f3145e70f7cd378d19be558a70fc38/asn-tracker.py), it's 44 lines
 (`sloccount`) of Python, and it works, provided you have already
-downloaded the required datafiles from routeviews.org.
+downloaded the required datafiles from routeviews.org. (Obviously, the
+latest version is longer at close to 1000 lines, but it downloads the
+datafiles automatically, and has many more features).
 
 The way the first prototype (and later versions too, mostly) worked is
 that you feed it a list of IP addresses on standard input, it looks up
@@ -428,4 +430,4 @@ read.
 
 
 <!-- posted to the federation on 2025-05-30T22:33:00.130467 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/114600101725690613"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114600101725690613"]]

diff --git a/blog/2025-05-30-asncounter.md b/blog/2025-05-30-asncounter.md
index ae235aef..faff7b37 100644
--- a/blog/2025-05-30-asncounter.md
+++ b/blog/2025-05-30-asncounter.md
@@ -15,6 +15,8 @@ degenerate AI on your content with a bot army?
 
 If that rings a bell, read on.
 
+[[!toc]]
+
 # TL;DR:
 
 ... or just skip the cruft and install [asncounter](https://gitlab.com/anarcat/asncounter/):

diff --git a/blog/2025-05-30-asncounter.md b/blog/2025-05-30-asncounter.md
index 49c759c7..ae235aef 100644
--- a/blog/2025-05-30-asncounter.md
+++ b/blog/2025-05-30-asncounter.md
@@ -423,3 +423,7 @@ currently in a fundraising drive, give us money if you like what you
 read.
 
 [[!tag debian-planet python-planet software network sysadmin tor censorship python]]
+
+
+<!-- posted to the federation on 2025-05-30T22:33:00.130467 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114600101725690613"]]
\ No newline at end of file

diff --git a/blog/2025-05-30-asncounter.md b/blog/2025-05-30-asncounter.md
new file mode 100644
index 00000000..49c759c7
--- /dev/null
+++ b/blog/2025-05-30-asncounter.md
@@ -0,0 +1,425 @@
+[[!meta title="Traffic meter per ASN without logs"]]
+
+Have you ever found yourself in the situation where you had no or
+anonymized logs and still wanted to figure out where your traffic was
+coming from?
+
+Or you have multiple upstreams and are looking to see if you can save
+fees by getting into peering agreements with some other party?
+
+Or your site is getting heavy load but you can't pinpoint it on a
+single IP and you suspect some amoral corporation is training their
+degenerate AI on your content with a bot army?
+
+(You might be getting onto something there.)
+
+If that rings a bell, read on.
+
+# TL;DR:
+
+... or just skip the cruft and install [asncounter](https://gitlab.com/anarcat/asncounter/):
+
+    pip install asncounter
+
+Also available in Debian 14 or later, or possibly in Debian 13
+backports (soon to be released) if people are interested:
+
+    apt install asncounter
+
+Then count whoever is hitting your network with:
+
+    awk '{print $2}' /var/log/apache2/*access*.log | asncounter
+
+or:
+
+    tail -F /var/log/apache2/*access*.log | awk '{print $2}' | asncounter
+
+or:
+
+    tcpdump -q -n | asncounter --input-format=tcpdump --repl
+
+or:
+
+    tcpdump -q -i eth0 -n -Q in "tcp and tcp[tcpflags] & tcp-syn != 0 and (port 80 or port 443)" | asncounter --input-format=tcpdump --repl
+
+Read on for why this matters, and why I wrote yet another weird tool
+(almost) from scratch.
+
+# Background and manual work
+
+This is a tool I've been dreaming of for a long, long time. Back in
+2006, at [Koumbit](https://koumbit.org/) a colleague had setup [TAS](https://web.archive.org/web/20011204205829/http://www.chelcom.ru/~anton/projects/tas/) ("Traffic
+Accounting System", "Система учета трафика" in Russian, apparently), a
+collection of Perl script that would do per-IP accounting. It was
+pretty cool: it would count bytes per IP addresses and, from that, you
+could do analysis. But the project died, and it was kind of bespoke.
+
+Fast forward twenty years, and I find myself fighting off bots at the
+Tor Project (the irony...), with our GitLab suffering pretty bad
+slowdowns (see issue [tpo/tpa/team#41677](https://gitlab.torproject.org/tpo/tpa/team/-/issues/41677) for the latest public
+issue, the juicier one is confidential, unfortunately).
+
+(We did have some issues caused by overloads in CI, as we host, after
+all, a fork of Firefox, which is a massive repository, but the
+applications team did sustained, awesome work to fix issues on that
+side, again and again (see [tpo/applications/tor-browser#43121](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43121) for
+the latest, and [tpo/applications/tor-browser#43121](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43121) for some
+pretty impressive correlation work, I work with really skilled
+people). But those issues, I believe were fixed.)
+
+So I had the feeling it was our turn to get hammered by the AI
+bots. But how do we tell? I could tell *something* was hammering at
+the costly `/commit/` and (*especially* costly) `/blame/` endpoint. So
+at first, I pulled out the trusted `awk`, `sort | uniq -c | sort -n |
+tail` pipeline I am sure others have worked out before:
+
+    awk '{print $1}' /var/log/nginx/*.log | sort | uniq -c | sort -n | tail -10
+
+For people new to this, that pulls the first field out of web server
+log files, sort the list, counts the number of unique entries, and
+sorts *that* so that the most common entries (or IPs) show up first,
+then show the top 10.
+
+That, other words, answers the question of "which IP address visits
+this web server the most?" Based on this, I found a couple of IP
+addresses that looked like Alibaba. I had already addressed an abuse
+complaint to them ([tpo/tpa/team#42152](https://gitlab.torproject.org/tpo/tpa/team/-/issues/42152)) but never got a response,
+so I just blocked their entire network blocks, rather violently:
+
+```
+for cidr in 47.240.0.0/14 47.246.0.0/16 47.244.0.0/15 47.235.0.0/16 47.236.0.0/14; do 
+  iptables-legacy -I INPUT -s $cidr -j REJECT
+done
+```
+
+That made [Ali Baba and his forty thieves](https://en.wikipedia.org/wiki/Ali_Baba_and_the_Forty_Thieves) (specifically their
+[AL-3 network](https://rdap.arin.net/registry/ip/47.235.0.0) go away, but our load was still high, and I was
+still seeing various IPs crawling the costly endpoints. And this time,
+it was hard to tell who they were: you'll notice all the Alibaba IPs
+are inside the same 47.0.0.0/8 prefix. Although it's not a `/8`
+itself, it's all *inside* the same prefix, so it's *visually* easy to
+pick it apart, especially for a brain like mine who's stared too long
+at logs flowing by too fast for their own mental health.
+
+What I had then was different, and I was tired of doing the stupid
+thing I had been doing for decades at this point. I had recently
+stumbled upon [pyasn](https://github.com/hadiasghari/pyasn) recently (in January, according to my notes)
+and somehow found it again, and thought "I bet I could write a quick
+script that loops over IPs and counts IPs per ASN".
+
+(Obviously, there are *lots* of other tools out there for that kind of
+monitoring. Argos, for example, presumably does this, but it's a kind
+of a huge stack. You can also get into netflows, but there's serious
+privacy implications with those. There are also lots of per-IP
+counters like [promacct](https://github.com/kumina/promacct), but that doesn't scale.
+
+Or maybe someone already had solved this problem and I just wasted a
+week of my life, who knows. Someone will let me know, I hope, either
+way.)
+
+# ASNs and networks
+
+A quick aside, for people not familiar with how the internet
+works. People that know about ASNs, BGP announcements and so on can
+skip.
+
+The internet is the network of networks. It's made of multiple
+networks that talk to each other. The way this works is there is a
+Border Gateway Protocol (BGP), a relatively simple TCP-based protocol,
+that the edge routers of those networks used to announce each other
+what network they manage. Each of those network is called an
+Autonomous System (AS) and has an AS number (ASN) to uniquely identify
+it. Just like IP addresses, ASNs are allocated by IANA and local
+registries, they're pretty cheap and useful if you like running your
+own routers, get one.
+
+When you have an ASN, you'll use it to, say, announce to your BGP
+neighbors "I have `198.51.100.0/24`" over here and the others might
+say "okay, and I have `216.90.108.31/19` over here, and I know of this
+other ASN over there that has `192.0.2.1/24` too! And gradually, those
+announcements flood the entire network, and you end up with each BGP
+having a routing table of the global internet, with a map of which
+network block, or "prefix" is announced by which ASN.
+
+It's how the internet works, and it's a useful thing to know, because
+it's what, ultimately, makes an organisation responsible for an IP
+address. There are "looking glass" tools like [the one provided by
+routeviews.org](https://lg.routeviews.org/lg/) which allow you to effectively run "trace routes"
+(but not the same as `traceroute`, which actively sends probes from
+your location), type an IP address in that form to fiddle with it. You
+will end up with an "AS path", the way to get from the looking glass
+to the announced network. But I digress, and that's kind of out of
+scope.
+
+Point is, internet is made of networks, networks are autonomous
+systems (AS) and they have numbers (ASNs), and they announced IP
+prefixes (or "network blocks") that ultimately tells you who is
+responsible for traffic on the internet.
+
+# Introducing asncounter
+
+So my goal was to get from "lots of IP addresses" to "list of ASNs",
+possibly also the list of prefixes (because why not). Turns out pyasn
+makes that *really* easy. I managed to build a prototype in probably
+less than an hour, just look at [the first version](https://gitlab.com/anarcat/asncounter/-/blob/efaa08c431f3145e70f7cd378d19be558a70fc38/asn-tracker.py), it's 44 lines
+(`sloccount`) of Python, and it works, provided you have already
+downloaded the required datafiles from routeviews.org.
+
+The way the first prototype (and later versions too, mostly) worked is
+that you feed it a list of IP addresses on standard input, it looks up
+the ASN and prefix associated with the IP, and increments a counter
+for those, then print the result.
+
+That showed me something like this:
+
+```
+root@gitlab-02:~/anarcat-scripts# tcpdump -q -i eth0 -n -Q in "(udp or tcp)" | ./asncounter.py --tcpdump                                                                                                                                                                          
+tcpdump: verbose output suppressed, use -v[v]... for full protocol decode                                                                
+listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes                                                             
+INFO: collecting IPs from stdin, using datfile ipasn_20250523.1600.dat.gz                                                                
+INFO: loading datfile /root/.cache/pyasn/ipasn_20250523.1600.dat.gz...                                                                   
+INFO: loading /root/.cache/pyasn/asnames.json                       
+ASN     count   AS               
+136907  7811    HWCLOUDS-AS-AP HUAWEI CLOUDS, HK                                                                                         
+[----]  359     [REDACTED]
+[----]  313     [REDACTED]
+8075    254     MICROSOFT-CORP-MSN-AS-BLOCK, US
+[---]   164     [REDACTED]
+[----]  136     [REDACTED]
+24940   114     HETZNER-AS, DE  
+[----]  98      [REDACTED]
+14618   82      AMAZON-AES, US                                                                                                           
+[----]  79      [REDACTED]
+prefix  count                                         
+166.108.192.0/20        1294                                                                                                             

(Diff truncated)

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 1d416311..6836c750 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -154,6 +154,8 @@ and here is my progress:
 - 2025-04-28: 15000 (-743 in more than 1h, past the 15k mark, -2k in about 2 mth)
 - 2025-05-02: 14447 (-553, 294 new shots processed)
 - 2025-05-09: 13943 (-504, plus 200 new shots)
+- 2025-05-20: 12903 (-1040, plus 700+ new shots, two months mark,
+  5k done, ETA 2-3 more months)
 
 Inventaire
 ==========

diff --git a/services/mail.mdwn b/services/mail.mdwn
index dd4ce5c7..10ece0e9 100644
--- a/services/mail.mdwn
+++ b/services/mail.mdwn
@@ -1208,10 +1208,18 @@ Then create `openssl.conf`:
     CN = tubman.anarc.at
     emailAddress = tubman-mail
 
-Then generate the private key and the CSR:
+Then generate the private key and the CSR, on the client:
 
     openssl genpkey -algorithm ed25519 -out client.key
-    openssl req -key client.key -out client.csr -config openssl.cnf -new
+    openssl req -key client.key -out tubman.anarc.at.csr -config openssl.cnf -new
+
+For my (android) phone, I tried RSA:
+
+    openssl genpkey -algorithm rsa -out private/phone.anarc.at.key
+    openssl req -key private/phone.anarc.at.key -out req/phone.anarc.at.csr -config openssl.cnf -new
+
+(Note that this only works for IMAP on Thunderbird, as fails to
+configure client certs for SMTP, see <https://github.com/thunderbird/thunderbird-android/issues/3933>.)
 
 Then copy that over to the CA in `/etc/ssl/ca/req/tubman.anarc.at.csr`
 and sign the request:

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index ed49144a..2fda29a7 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -86,6 +86,7 @@ that we might want to learn from. In particular, it ships:
    really excited](https://unsigned.io/articles/2024_05_16_Are_We_There_Yet.html)
  - [CHA MPAS 2.0](https://chameleonantenna.com/products/cha-mpas-modular-portable-antenna-system-2-0): fancy multi-band "mobile" HF antenna, but
    expensive (900$CAD+)
+ - [ARRL EFHW kit](https://home.arrl.org/action/Store/Product-Details/productId/133267) (80$)
 
 ### Old stuff
 

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 81c53b93..1d416311 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -153,6 +153,7 @@ and here is my progress:
 - 2025-04-22: 15743 (-568 in about 1h, about 32h of work left?)
 - 2025-04-28: 15000 (-743 in more than 1h, past the 15k mark, -2k in about 2 mth)
 - 2025-05-02: 14447 (-553, 294 new shots processed)
+- 2025-05-09: 13943 (-504, plus 200 new shots)
 
 Inventaire
 ==========

diff --git a/.well-known/openpgpkey/anarc.at/policy b/.well-known/openpgpkey/anarc.at/policy
new file mode 100644
index 00000000..6c55ace9
--- /dev/null
+++ b/.well-known/openpgpkey/anarc.at/policy
@@ -0,0 +1 @@
+# Policy flags for domain anarc.at

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 44fce240..81c53b93 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -151,6 +151,8 @@ and here is my progress:
 - 2025-04-15: 16311 (-261, +6)
 - 2025-04-21: 16311 (+600~ added and rated)
 - 2025-04-22: 15743 (-568 in about 1h, about 32h of work left?)
+- 2025-04-28: 15000 (-743 in more than 1h, past the 15k mark, -2k in about 2 mth)
+- 2025-05-02: 14447 (-553, 294 new shots processed)
 
 Inventaire
 ==========

diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index c1015d78..ef568656 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -2,7 +2,7 @@
 
 ADDRESS=anarcat@anarc.at
 FINGERPRINT=BBB6CD4C98D74E1358A752A602293A6FA4E53473
-NEXT_EXPIRE=$(shell LANG=C date -d '+1 year +1 month' '+%Y-%m-%d')
+NEXT_EXPIRE=$(shell LANG=C date -d '+1 year' '+%Y-%m-%d')
 TPO_KEYRING=~/src/tor/account-keyring/
 
 all: warn hu upload

diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index 423f9e14..c1015d78 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -4,7 +4,6 @@ ADDRESS=anarcat@anarc.at
 FINGERPRINT=BBB6CD4C98D74E1358A752A602293A6FA4E53473
 NEXT_EXPIRE=$(shell LANG=C date -d '+1 year +1 month' '+%Y-%m-%d')
 TPO_KEYRING=~/src/tor/account-keyring/
-TPO_PWMANAGER=~/src/tor/tor-passwords/
 
 all: warn hu upload
 

diff --git a/.well-known/openpgpkey/Makefile b/.well-known/openpgpkey/Makefile
index 1c6aa85f..423f9e14 100644
--- a/.well-known/openpgpkey/Makefile
+++ b/.well-known/openpgpkey/Makefile
@@ -22,9 +22,9 @@ upload:
 	gpg --keyserver pgpkeys.eu --send-keys $(FINGERPRINT)
 	gpg --keyserver keys.openpgp.org --send-keys $(FINGERPRINT)
 	@echo "Not covered: GitLab and GitHub accounts:"
-	@echo "https://gitlab.torproject.org/-/profile/gpg_keys"
-	@echo "https://gitlab.com/-/profile/gpg_keys"
-	@echo "https://salsa.debian.org/-/profile/gpg_keys"
+	@echo "https://gitlab.torproject.org/-/user_settings/gpg_keys"
+	@echo "https://gitlab.com/-/user_settings/gpg_keys"
+	@echo "https://salsa.debian.org/-/user_settings/gpg_keys"
 	@echo "https://github.com/settings/keys"
 	@echo "most involves deleting the old key then reuploading the new one"
 	@echo "next time, try using GitLab API: https://docs.gitlab.com/ee/api/users.html#list-all-gpg-keys"

diff --git a/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe b/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe
index 1d3f569e..fe41fb5d 100644
Binary files a/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe and b/.well-known/openpgpkey/hu/myctwj4an6ne7htuzyoo8osctuji68xe differ

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index a545b577..44fce240 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -149,6 +149,8 @@ and here is my progress:
 - 2025-04-08: 16797 (-120)
 - 2025-04-11: 16572 (-125 rated, +68 added and rated)
 - 2025-04-15: 16311 (-261, +6)
+- 2025-04-21: 16311 (+600~ added and rated)
+- 2025-04-22: 15743 (-568 in about 1h, about 32h of work left?)
 
 Inventaire
 ==========

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index 01e6d866..ed49144a 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -80,10 +80,12 @@ that we might want to learn from. In particular, it ships:
  * the radio's manual
  * a bandplan
 
-More stuff:
+#### Antennas
 
  - [Diamond X700HNA VHF/UHF antenna](https://www.dxengineering.com/parts/dmn-x700hna) that got the [reticulum guy
    really excited](https://unsigned.io/articles/2024_05_16_Are_We_There_Yet.html)
+ - [CHA MPAS 2.0](https://chameleonantenna.com/products/cha-mpas-modular-portable-antenna-system-2-0): fancy multi-band "mobile" HF antenna, but
+   expensive (900$CAD+)
 
 ### Old stuff
 

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 36ba52ba..f9d88562 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -804,6 +804,7 @@ Alternatives:
    interface, seems designed for mobile, translates poorly on desktop,
    not in Debian, not to be confused with the [X-apps pix][]
    ([ITP](https://bugs.debian.org/968859))
+ * [photoqt][]: grid viewer, could be good for a tablet/touch interface
  * [pqiv][]: has grid viewer, but not working that great
  * [pwall][]: mainly grid viewer, interesting but Flatpak is x11-only,
    2 minutes to index 2400 photos, hangs when I click to expand
@@ -855,6 +856,7 @@ list of image viewers, not necessarily ported to Wayland.
 [qimgv]: https://github.com/easymodo/qimgv
 [oculante]: https://github.com/woelper/oculante
 [qview]: https://interversehq.com/qview/
+[photoqt]: https://photoqt.org/
 
 ## Media player: mpv, gmpc / sublime
 

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 602029a0..ba102542 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -438,7 +438,7 @@ mode relatively easily.
 - [LWN review][] (2025)
 - [Another meshtastic guide](https://anarchosolarpunk.substack.com/p/encryptedcomms)
 
-[LWN review]: 
+[LWN review]: https://lwn.net/Articles/1009782/
 
 # Fellow meshes
 

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 687f495b..602029a0 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -222,16 +222,9 @@ and a [LoRa antenna](https://meshtastic.org/docs/hardware/antennas/#community-fa
 
 ## Other devices
 
-Those I haven't tested yet:
+Those are currently in testing, I'll write more about them as I find
+the time:
 
-- [T-Echo](https://lilygo.cc/products/t-echo-lilygo): e-ink display, GPS, BT 5.0, no wifi, only three
-  buttons, NFC, 850mAh battery, temperature/pressure sensor, 55$
-- [T-Beam Supreme](https://lilygo.cc/products/t-beam-supreme?variant=43067944173749): 1.3" OLED display, 18650 battery socket,
-  magnetometer, 2.4GHz WiFi, BLE 5, GNSS, no case, 52$, the [T-Beam
-  SoftRF](https://lilygo.cc/products/t-beam-softrf?variant=43170158477493) is similar but without a display and cheaper, 30$
-- [T-Deck Pro](https://lilygo.cc/products/t-deck-pro): 3.1" e-ink touch screen, 4G module, WiFi 2.4GHz,
-  BLE 5, GPS, TF Card, mic, speaker, keypad, see also the [T5 e-paper
-  s3 pro](https://lilygo.cc/products/t5-e-paper-s3-pro)
 - [WisMesh Pocket V2](https://store.rakwireless.com/products/wismesh-pocket): GNSS, 1.3" OLED, acceleration sensor, power
   button, 3200mAh battery, USB-C powered, 100$
 - [WisMesh Solar Repeater](https://store.rakwireless.com/products/wismesh-meshtastic-solar-repeater): solar, battery, mast-mountable, unclear
@@ -245,13 +238,6 @@ Those I haven't tested yet:
   configuration still has to go through Bluetooth, but monitoring is
   possible over MQTT, and of course the gateway receives and relays
   messages over LoRa/Meshtastic!
-- Seeedstudio [XIAO ESP32S3 & Wio-SX1262 Kit](https://www.seeedstudio.com/XIAO-ESP32S3-for-Meshtastic-LoRa-with-3D-Printed-Enclosure-p-6314.html): tiny, cheap, - 40℃ ~
-  100℃, WiFi 2.4GHz, BLE 5.0 / Mesh, reset/boot button, 22x23x57mm,
-  37g, exposed GPIO ports, unclear if has a battery, 20$
-- the [HELTEC v3](https://heltec.org/project/wifi-lora-32-v3/) might be a more reliable bet as it's listed more
-  prominently in Meshtastic docs, also 20$ with the case (but no
-  battery, and battery doesn't fit in the case), they also have an
-  [eink dev board](https://heltec.org/project/vision-master-e290/)
 - the [RAK19003 base kit](https://store.rakwireless.com/products/wisblock-meshtastic-starter-kit?variant=43884035113158) is also nice. it's more expensive (28$,
   *without* a case), but a case [can be printed](https://www.printables.com/model/286664-rak19003-micro-case-for-meshtastic) but it's tricky
   because there are many (83!) design files in there, useful if you
@@ -266,6 +252,27 @@ Those I haven't tested yet:
     optional?)
   - there's also an optional [battery cutoff switch](https://www.amazon.com/gp/product/B086L2GPGX), couldn't find
     an [equivalent on Abra](https://abra-electronics.com/electromechanical/switches/pushbutton-switches/)
+
+Those I haven't tested yet as I haven't laid hand on them:
+
+- [SenseCAP Solar Node P1](https://www.seeedstudio.com/SenseCAP-Solar-Node-P1-for-Meshtastic-LoRa-p-6425.html): pre-order (as of 2025-04-22), 70$USD,
+  outdoors solar-powered relay with 4x18650 batteries, nRF4840, GNSS,
+  BT 5.0, 3 power buttons, 5 LEDs, USB-C for debug
+- [T-Echo](https://lilygo.cc/products/t-echo-lilygo): e-ink display, GPS, BT 5.0, no wifi, only three
+  buttons, NFC, 850mAh battery, temperature/pressure sensor, 55$
+- [T-Beam Supreme](https://lilygo.cc/products/t-beam-supreme?variant=43067944173749): 1.3" OLED display, 18650 battery socket,
+  magnetometer, 2.4GHz WiFi, BLE 5, GNSS, no case, 52$, the [T-Beam
+  SoftRF](https://lilygo.cc/products/t-beam-softrf?variant=43170158477493) is similar but without a display and cheaper, 30$
+- [T-Deck Pro](https://lilygo.cc/products/t-deck-pro): 3.1" e-ink touch screen, 4G module, WiFi 2.4GHz,
+  BLE 5, GPS, TF Card, mic, speaker, keypad, see also the [T5 e-paper
+  s3 pro](https://lilygo.cc/products/t5-e-paper-s3-pro)
+- Seeedstudio [XIAO ESP32S3 & Wio-SX1262 Kit](https://www.seeedstudio.com/XIAO-ESP32S3-for-Meshtastic-LoRa-with-3D-Printed-Enclosure-p-6314.html): tiny, cheap, - 40℃ ~
+  100℃, WiFi 2.4GHz, BLE 5.0 / Mesh, reset/boot button, 22x23x57mm,
+  37g, exposed GPIO ports, unclear if has a battery, 20$
+- the [HELTEC v3](https://heltec.org/project/wifi-lora-32-v3/) might be a more reliable bet as it's listed more
+  prominently in Meshtastic docs, also 20$ with the case (but no
+  battery, and battery doesn't fit in the case), they also have an
+  [eink dev board](https://heltec.org/project/vision-master-e290/)
 - [Lamp hack](https://hackaday.io/project/194509-harbor-breeze-meshtastic-hack)
 - [Antennas](https://meshtastic.org/docs/hardware/antennas/) vary as well
 - Power is a whole other question, see [power consumption

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index fb113909..a545b577 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -148,6 +148,7 @@ and here is my progress:
 - 2025-04-??: 16919 (-200)
 - 2025-04-08: 16797 (-120)
 - 2025-04-11: 16572 (-125 rated, +68 added and rated)
+- 2025-04-15: 16311 (-261, +6)
 
 Inventaire
 ==========
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index bde50dd2..36ba52ba 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -721,7 +721,7 @@ scripts. I wrote the following:
    ([pass-domains](https://gitlab.com/anarcat/scripts/-/blob/main/pass-domains)) and piped the picked password to the clipboard
    or `wl-type`
  * [dmenu-unicode](https://gitlab.com/anarcat/scripts/-/blob/main/dmenu-unicode): (NEW!) grep around the unicode database for
-   emojis and other stuff
+   emojis and other stuff, see also [jome](https://github.com/eepp/jome) for a standalone solution
 
 With those, I can basically use fuzzel or any other `dmenu`-compatible
 program and not care, it will "just work".

diff --git a/services/mail.mdwn b/services/mail.mdwn
index 2023e662..dd4ce5c7 100644
--- a/services/mail.mdwn
+++ b/services/mail.mdwn
@@ -1236,6 +1236,36 @@ be able to send mail. Test with:
 
     mail -s test anarcat@example.com < /dev/null
 
+### Renewing a key
+
+Renewing the cert:
+
+    cd /etc/ssl/ca
+    openssl ca --config openssl.cnf -days 365 -in req/tubman.anarc.at.csr -out certs/tubman.anarc.at.crt
+
+Updating fingerprints (copy-paste from above):
+
+    rm /etc/postfix/client-certs-fingerprints
+    for cert in certs/* ; do 
+        printf "%s %s\n" "$(
+            openssl x509 -in $cert -noout -pubkey |
+                openssl pkey -pubin -outform DER |
+                openssl dgst -sha256 -c |
+                sed 's/.*= //'
+            )" $cert >> /etc/postfix/client-certs-fingerprints
+    done
+    postmap /etc/postfix/client-certs-fingerprints
+
+Telling dovecot:
+
+    openssl ca -config openssl.cnf  -gencrl  > crl.pem
+    cat cacert.pem crl.pem > cacrl.pem
+    service dovecot restart
+
+Then copy the `.crt` file back to the client.
+
+TODO: does reload work too?
+
 ### Easy-RSA CA notes
 
 I tested building a CA with easy-rsa but ended up not using it because
@@ -1332,7 +1362,7 @@ meaningful regression.
 
 ### Remaining work
 
- * TODO: renewals, switch to easyrsa fully?
+ * TODO: switch to easyrsa fully?
  * TODO: generate and distribute certs with Puppet
 
 ## Todo

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index f51ffcba..fb113909 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -147,6 +147,7 @@ and here is my progress:
 - 2025-03-17: 17172 (-600)
 - 2025-04-??: 16919 (-200)
 - 2025-04-08: 16797 (-120)
+- 2025-04-11: 16572 (-125 rated, +68 added and rated)
 
 Inventaire
 ==========

diff --git a/blog/2022-06-17-matrix-notes.md b/blog/2022-06-17-matrix-notes.md
index 2caa12af..04e0cf9f 100644
--- a/blog/2022-06-17-matrix-notes.md
+++ b/blog/2022-06-17-matrix-notes.md
@@ -85,9 +85,9 @@ that servers try to continuously merged. And as such it's actually
 *really hard* to delete past history. Even with expiration enabled,
 that's advisory for other servers *and* some room parameters (like
 join/part/bans) *must* be kept forever. See [this lengthy discussion
-for details][why-not-matrix].
+for details][Why Not Matrix].
 
-[why-not-matrix]: https://telegra.ph/why-not-matrix-08-07
+[Why Not Matrix]: https://telegra.ph/why-not-matrix-08-07
 
 ## GDPR in the federation
 
@@ -366,7 +366,7 @@ ago (see [the IRC history](https://en.wikipedia.org/wiki/Internet_Relay_Chat#His
 
 Update: it's much worse than I imagined. Abuse is *really* easy on
 Matrix, with simple attacks like flood-joining permanently crippling
-rooms. According to [Why Not Matrix][why-not-matrix] this is a problem that's been
+rooms. According to [Why Not Matrix][] this is a problem that's been
 known for years, a fundamental design flaw that's barely acknowledged,
 but usually swept under the rug by Matrix people.
 
@@ -1158,7 +1158,7 @@ course.
 
 This one is more damning and makes me reconsider using Matrix at
 all. I encourage anyone who is planning to do anything serious with
-Matrix to take a long, deep look at [why not matrix][].
+Matrix to take a long, deep look at [Why Not Matrix][].
 
 It certainly gave me food for thought. As a basic example: I have sent
 myself an attachment over FluffyChat from my phone, in a (failed)
@@ -1220,4 +1220,4 @@ internet]]
 
 
 <!-- posted to the federation on 2025-03-25T10:30:55.309320 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/114223549979121873"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114223549979121873"]]

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 5dca8f21..f51ffcba 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -135,6 +135,19 @@ A list of "number of photos per camera" can be built with:
 But Darktable also shows this now, by selection "camera" in the
 "Collections" module.
 
+## Rating backlog
+
+In early March 2025, I realized I had built a *huge* backlog of
+unrated images. I have [written a script](https://discuss.pixls.us/t/batch-copying-ratings-in-group/48874) to fix ratings on image
+groups, but that only brought me from 17875 to 17172, only about 700
+images, or 4% of the work. I'm hoping to process 500 images per week,
+and here is my progress:
+
+- 2025-03-16: 17875
+- 2025-03-17: 17172 (-600)
+- 2025-04-??: 16919 (-200)
+- 2025-04-08: 16797 (-120)
+
 Inventaire
 ==========
 

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index 1b64c9df..01e6d866 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -80,6 +80,11 @@ that we might want to learn from. In particular, it ships:
  * the radio's manual
  * a bandplan
 
+More stuff:
+
+ - [Diamond X700HNA VHF/UHF antenna](https://www.dxengineering.com/parts/dmn-x700hna) that got the [reticulum guy
+   really excited](https://unsigned.io/articles/2024_05_16_Are_We_There_Yet.html)
+
 ### Old stuff
 
 * <del>VHF/UHF SWR meter</del> Got a workman, above

diff --git a/index.mdwn b/index.mdwn
index 2d4c7d63..e81bd4bd 100644
--- a/index.mdwn
+++ b/index.mdwn
@@ -3,7 +3,10 @@
 <!-- do not count headings on frontpage -->
 <span /><div class="nocount">
 
-<img src="folipon.jpg" align="right" />
+<span class="h-card">
+  <a class="u-url" rel="me" href="https://kolektiva.social/@Anarcat"></a>
+  <img class "u-photos" src="folipon.jpg" align="right" />
+</span>
 
 Je suis un analyste informatique et social. J'examine, débugge et arrange les systèmes, particulièrement informatiques, parce que la société c'est plus compliqué. 
 
@@ -54,5 +57,4 @@ Tous les wikis ont un [[bac à sable|SandBox]], donc lui aussi.
 
 <small>*Ceci est mon wiki. Il y en a beaucoup comme ça mais celui là c'est le [mien](https://en.wikipedia.org/wiki/Full_Metal_Jacket).*</small>
 
-<a rel="me" href="https://kolektiva.social/@Anarcat"></a>
 </div>

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 91324c7e..bde50dd2 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1062,12 +1062,15 @@ how many things you were using are tightly bound to X.
    figure out something that does, like feh, a random shuffle.
    [swaybg][] just loads a *single* image, duh. [oguri][] might be a
    solution, but unmaintained, [used here][], not in
-   Debian. [waypaper](https://github.com/anufrievroman/waypaper), [wpaperd](https://github.com/danyspin97/wpaperd), [wallutils][] and [swww](https://github.com/LGFae/swww) ([ITP](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084753)) are other option, also not in
+   Debian. [waypaper](https://github.com/anufrievroman/waypaper), [dnkl/wbg](https://codeberg.org/dnkl/wbg) (no support for per-output
+   background), [wpaperd](https://github.com/danyspin97/wpaperd) ([RFP](https://bugs.debian.org/1091891)), [wallutils][] ([RFP](https://bugs.debian.org/1091890)) and
+   [swww](https://github.com/LGFae/swww) ([ITP](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084753)) are other option, also not in
    Debian. [azote][] is now in Debian and seems like a good
-   alternative. [hyprpaper](https://wiki.hyprland.org/Hypr-Ecosystem/hyprpaper/) is in Debian and works in Sway, but has
-   a clunky configuration file, with only one image at a time. In
+   alternative, but the UX is confusing and just delegates to
+   swaybg. [hyprpaper](https://wiki.hyprland.org/Hypr-Ecosystem/hyprpaper/) is in Debian and works in Sway, but has a
+   clunky configuration file, with only one image at a time. In
    theory, it can load other images through IPC, but that only works
-   through hypr's IPC mechanism. 
+   through hypr's IPC mechanism.
    
    For now I just don't have a wallpaper, the background is a solid
    gray, which is better than Xorg's default (which is whatever crap

diff --git a/hardware/server/marcos/v3.md b/hardware/server/marcos/v3.md
index 1048bf85..e5eddec5 100644
--- a/hardware/server/marcos/v3.md
+++ b/hardware/server/marcos/v3.md
@@ -106,6 +106,12 @@ which depths are apparently "600 mm (23.62 in), 800 mm (31.50 in) or
 1,010 mm (39.76 in)", and I'd target the shorter depths. The [rack I'm
 targeting](https://www.startech.com/en-us/server-management/4postrack15u) shrinks down to 22" (and up to 44"), for example.
 
+Update: seems like it's either the CX4712 or the CX3702, but which
+doesn't have direct fan. They say it has decent airflow, but it could
+be an issue for my warm drives. They're working on a 12-drive
+top-loaded 4U case that would be 17" deep that might pre-order in May
+with shipping in June, so maybe I'll wait for that.
+
 ## Local rackmount suppliers
 
 Those are interesting [local suppliers of Gigabyte servers](https://www.gigabyte.com/ca/WheretoBuy/Enterprise?ck=130):

diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index 50813067..8e3bda71 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -336,15 +336,16 @@ that's designed to be a "phone monitor" but that also runs Android
 
 ## Supernote
 
-https://supernote.com/
+<https://supernote.com/>
 
 interesting devices, "paperlike", no backlight, handwriting
 recognition, mark/review system, PDF annotations, wacom pen,
 dropbox/drive backups, screencast support, USB transfer, no backlight.
 (.xps) formats".
 
-10.3" device replacement "in development", for now 7.3" device
-available ([Supernote Nomad](https://supernote.com/products/supernote-nomad)) for 300$USD:
+### Nomad (2023)
+
+The [Supernote Nomad](https://supernote.com/products/supernote-nomad) was releaed in 2023 for 300$USD:
 
 - 191.85 mm x 139.2 mm x 6.8 mm
 - 266g
@@ -354,7 +355,8 @@ available ([Supernote Nomad](https://supernote.com/products/supernote-nomad)) fo
 - MicroSD card support
 - CPU: RK3566 Quad-Core 1.8 GHz
 - battery: 2700 mAh
-- Android 11
+- Android 11, likely without proper source code release, relatively
+  closed ecosystem
 - USB-C 2.0, support Charger/Earphone/OTG
 - Wi-Fi 2.4 GHz + 5 GHz, 802.11a/b/g/n/ac
 - Bluetooth 5.0
@@ -364,6 +366,36 @@ available ([Supernote Nomad](https://supernote.com/products/supernote-nomad)) fo
 
 Seems repairable, see [this teardown video from the company](https://www.youtube.com/watch?v=d2X0c3MprAM).
 
+### Manta (2024)
+
+The [Supernote Manta](https://supernote.com/pages/supernote-manta) was released in 2024 for 460$USD:
+
+- 251.3 mm x 182.6mm x 6.0mm, 375g
+- 10.7" display, 300PPI, 1920 × 2560, palm rejection
+- 32GB on-board storage
+- MicroSD card support
+- 3600mAh replaceable battery
+- RK3566 Quad-Core 1.8GHz CPU, replaceable motherboard, 4GB RAM
+- top USB-C charging port (works through folio)
+- WiFi 2.4 & 5 GHz
+- Bluetooth 5
+- no frontlight
+- replaceable pen holder
+- dual touch sidebars
+- Android 11, probably without source code release, apparently [can be
+  sideloaded](https://www.reddit.com/r/Supernote/comments/1bfz4o0/how_to_sideloading_on_a6_x2_guide/) with F-Droid and other APKs, but not trivial
+- format supports: Note (.note), PDF, EPUB, Word, Text (.txt), PNG,
+  JPG, BMP, WebP, CBZ, FB2 and XPS, and integration with Kindle app
+  which supports MOBI and other formats
+- offline handwriting recognition
+- ships a screwdriver
+- [screen mirroring](https://support.supernote.com/en_US/Tools-Features/1791924-screen-mirroring)
+- [desktop app](https://support.supernote.com/en_US/Tools-Features/supernote-partner-app-for-desktop), only for Mac and Windows for now, Linux "in
+  development", no source code visible
+- [mobile app](https://support.supernote.com/en_US/Tools-Features/1753209-supernote-partner-app-for-mobile) only for iOS and Google Play, no source code visible
+- [file transfer methods](https://support.supernote.com/organizing/transfer-files) include "Cloud" (their own, dropbox,
+  google drive), email, USB, web over wifi and "direct transfer"
+
 # Tablets
 
 Tablets are basically like ebook-readers, except they use a normal,
@@ -372,6 +404,13 @@ direct sunlight. It's also not good for your eyes and your sleep, but
 those are generally cheaper and more powerful than ebook readers
 because the technology is more common.
 
+## 2025 update
+
+Framework is pushing out a "2 in 1", a 12" laptop that flips backwards
+to make a tablet with a pen. They call it the [Laptop 12](https://frame.work/ca/en/laptop12), very
+little known about it for now, pre-orders should open in April 2025 in
+theory, so I'm waiting on that.
+
 ## 2024 update
 
 Right now, I am considering a new tablet since I bricked the Samsung

diff --git a/hardware/server/marcos/v3.md b/hardware/server/marcos/v3.md
index 2af3614a..1048bf85 100644
--- a/hardware/server/marcos/v3.md
+++ b/hardware/server/marcos/v3.md
@@ -1,10 +1,63 @@
 
 # Requirements
 
-- at least 16TB of storage after RAID-1 (so 32TB)
-- 32GiB RAM (current marcos swaps at 16GiB)
-- 8 CPU cores is fine, v2 has 10 cores and is mostly idle
-- low noise (not fully silent, noctua fans are fan)
+[Posted the following on r/homelab](https://www.reddit.com/r/homelab/comments/1jnug3v/advice_for_a_modest_nashome_server/):
+
+> Hi,
+> 
+> First time poster, long time home lab builder.
+> 
+> I'm looking at building a new rackmount server for the home, specs are:
+> 
+> - at least 16TB of storage after RAID-1 (so 32TB), keeping the current 4x8TiB, ideally with room for expansion, at least one 8TiB spare
+> - 32GiB RAM (current has 1.3GiB in swap with 16GiB onboard)
+> - 8 CPU cores is fine, v2 has 10 cores and is mostly idle
+> - low noise (not fully silent, noctua fans are fine)
+> - low power (not sure how much power is in use now)
+> - some remote management, some standard like IPMI or serial is best, would tolerate HDMI with a NanoKVM
+> - rackmount (4U, max 21" depth, ideally 3U and less than 20" depth), must fit a [a 4-post rack like this](https://www.startech.com/en-us/server-management/4postrack15u) 
+> - 2000-5000$CAD budget (1500-3500$USD)
+> 
+> I currently have a [CSE-733TQ-500B][] Supermicro case with a 
+> [ASUS PRIME X470-PRO][] board, 16GB of Kingston memory and a AMD Ryzen 5 2600x. I'm not happy with that build:
+> 
+> - the box is huge (20" x 17" x 7", tower)
+> - yet the 4 SATA drives are all crammed together in this tiny enclosure
+> - the 2600x doesn't have a GPU, so i had to use an extra GPU card
+> - the OOB management is non-existent: I tried setting up a serial adapter to get the BIOS over serial but got garbage
+> 
+> The enclosure issue is a huge problem. Even with only the first two 8TB Ironwolf drives in there, they reach 46°C and 51°C, with the 4 drives, it burns up to 55°C and 61°C. There's essentially no cooling there, fully enclosed.
+> 
+> Because of [this post](https://mtlynch.io/budget-nas/#25-year-update), I'm considering a Sliger case, possibly a
+> [CX3701](https://www.sliger.com/products/rackmount/3u/cx3701/) (3U, 10 x 3.5" drive slots), but I worry about cooling:
+> how can those 10 slots possibly cool down without a fan? So I'm also
+> looking at the [CX4712](https://www.sliger.com/products/rackmount/storage/cx4712/) (4U, 10 x 3.5" + 2 x 5.25"), which has room
+> for cooling fans for the drives. I like the upgradability through the
+> 5.25" slots as I'm bound to pivot to SSDs eventually, possibly in the
+> lifetime of this build, but perhaps that's overkill.
+> 
+> The Sliger cases also seem expensive to me, and have free shipping
+> only to the US (I'm in Canada).
+> 
+> Ideally, I'd keep the current board to save on costs, but I feel it's
+> close to EOL anyways (it's 5 year old), so I wouldn't mind building
+> from scratch. Wondering if I need mITX or mATX or a full ATX
+> build. Worried about finding a board with enough SATA connectors or
+> messing with incompatible expansion cards.
+> 
+> Considering staying with AMD, but open to other opinions. I like the
+> low-power, so also considering Ampere.
+> 
+> RAID is software (ZFS), OS is Debian (of which I am a developer).
+> 
+> I'm sparing you the absolutely horrid view of the two-post rack right
+> now: building this server would be a good step in the right direction
+> in cleaning all this up.
+> 
+> Thoughts? Thanks!
+> 
+> [CSE-733TQ-500B]: https://www.supermicro.com/en/products/archive/chassis/SC733TQ-500B
+> [ASUS PRIME X470-PRO]: https://www.asus.com/us/Motherboards/PRIME-X470-PRO/
 
 # Research
 
@@ -19,12 +72,15 @@ rackmount servers is an option?
 
 ### Sliger
 
-[Michael Lynch](https://mtlynch.io/) built a [budget NAS in 2022](https://mtlynch.io/budget-nas/) and updated it in
-2024 to this [Sliger 2U trayless case](https://www.sliger.com/products/rackmount/3u/cx3701/) with room for 10x3.5"
-drives, 4x2.5" SSD mounts, two 120mm exhaust fans, for 340$, about the
-price of my original Supermicro case. It's a Mini-ITX build though,
-and I have a full-sized ATX board, which he regretted because of
-limited expansion:
+[Michael Lynch](https://mtlynch.io/) built a [budget NAS in 2022](https://mtlynch.io/budget-nas/) with the [Fractal
+Node 304](https://www.fractal-design.com/products/cases/node/node-304/Black/), a clever 6 x 3.5" drive mITX case (yes, it must be
+*crammed* in there). (Sold by [Canada Computers at 155$](https://www.canadacomputers.com/en/small-form-factor-mini-itx-cases/57560/fractal-design-node-304-black-usb3-0-mini-itx-dtx-case-fd-ca-node-304-bl.html).)
+
+He updated it in 2024 to this [Sliger 3U trayless case](https://www.sliger.com/products/rackmount/3u/cx3701/) with room
+for 10x3.5" drives, 4x2.5" SSD mounts, two 120mm exhaust fans, for
+340$, about the price of my original Supermicro case. It's a Mini-ITX
+build though, and I have a full-sized ATX board, which he regretted
+because of limited expansion:
 
 > If I were to do this over again, I would have bought a rack-mounted
 > chassis that has slots for six to eight 3.5" hard drives and a
@@ -34,4 +90,37 @@ limited expansion:
 I asked sliger for a spec. I think those cases look amazing, and
 probably the next build.
 
+From what I gathered from reviews, they are seen as too expensive for
+the build quality, but I kind of like the design. It's really bare
+though: no power supply, backplace, essentially nothing. An
+alternative I've found on reddit is [Chenbro](https://www.chenbro.com/en-US).
+
+They seem to have trouble finding me a case that's 23" while still
+providing cooling for the drives. They typically send me towards
+Icydock type solutions, in which case I could just slot a [FatCage](https://global.icydock.com/product_65.html)
+into my existing 5.25" slot ([189$USD at B&H](https://www.bhphotovideo.com/c/product/1214435-REG/icy_dock_mb155sp_b_fatcage_5_bay_ez_tray_backplane.html/specs)).
+
+They *do*have the [CX4712](https://www.sliger.com/products/rackmount/storage/cx4712/) but it's 25" deep, 2" deeper than the
+current server. I'd like to keep this within the [19" rack size](https://en.wikipedia.org/wiki/19-inch_rack)
+which depths are apparently "600 mm (23.62 in), 800 mm (31.50 in) or
+1,010 mm (39.76 in)", and I'd target the shorter depths. The [rack I'm
+targeting](https://www.startech.com/en-us/server-management/4postrack15u) shrinks down to 22" (and up to 44"), for example.
+
+## Local rackmount suppliers
+
+Those are interesting [local suppliers of Gigabyte servers](https://www.gigabyte.com/ca/WheretoBuy/Enterprise?ck=130):
+
+- [Asi](https://www.asipartner.com/canada/)
+- [Canada Computers](https://www.canadacomputers.com/en/837/servers-server-components)
+- [Cloud Ninjas](https://cloudninjas.com/)
+- [Elco systems](https://elcosystems.com/) (no online pricing)
+- [International Computing Concepts](https://www.icc-usa.com/)
+
+Other providers:
+
+- <http://www.atic.ca/> built marcos v2, still no HTTPS?!
+
+## Other reviews
 
+- [2024: Best CPU + Motherboard combo for your NAS build](https://nascompares.com/2024/02/09/the-best-m-itx-cpumotherboard-combo-for-your-nas-build-2024-edition/)
+- [DIY NAS: 2025 edition](https://blog.briancmoses.com/2024/11/diy-nas-2025-edition.html)

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 6ba77a6d..739dbb53 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -171,7 +171,8 @@ Note that there's also the "Max" series which, according to rtings:
 > raw performance. The K Max boards also have more layers of internal
 > acoustic material.
 
-Update: I bought this keyboard! It's a little weird: the top-right
+Update: I bought this keyboard, specifically the [Keychron K1 Max with
+RGB backlight (hot-swappable)](https://www.keychron.com/products/keychron-k1-max-qmk-via-wireless-custom-mechanical-keyboard?variant=40779459002457)! It's a little weird: the top-right
 three keys are "screenshot", "siri" and "change the LED colors" which
 seems *really* superfluous. Thankfully, Keychron provides a [git
 repo](https://github.com/Keychron/qmk_firmware) with their firmware and [clear instructions for the K1

diff --git a/services/ham.md b/services/ham.md
new file mode 100644
index 00000000..fdcf8e39
--- /dev/null
+++ b/services/ham.md
@@ -0,0 +1 @@
+[[!redirect hardware/radio]]

diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index eb94ad3b..90b4ef95 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -16,616 +16,12 @@ Marcos est mon serveur principal, ainsi nommée en l'honneur du
 Voir aussi la documentation de [[maintenance|services]], en
 particulier [[services/mail]] et [[services/backup]].
 
-[[!toc levels=3]]
+Marcos had many incarnations and each is tracked in its own page
+because otherwise tracking history here gets messy:
 
-# Specification
-
- * Case: [CSE-733TQ-500B][] ([300$][]), incl. 80+ bronze 500W PSU,
-   4x3.5" hotswap bays, 2x5.25" bays, 1x3.5" bay, 7" (4U) x 20.9" x
-   16.8" or 178 x 531 x 427mm (WxDxL), 17Kg ([manual][])
- * Motherboard: [ASUS PRIME X470-PRO][]: [187$][] (AM4/PGA 1331 ATX
-   12"x9.6" 6 SATA Intel® I211-AT chipset, [detailed specs][])
- * Memory: Kingston KSM26ED8/16ME (16GB RAM): [114$][]
- * [AMD Ryzen 5 2600][] - replaced with a [2600x](http://www.atic.ca/index.php?page=details&psku=196096) at same cost (no
-   GPU, 6 cores, 95W 3.4GHz): [287$][]
- * Total: 889$CAD
-
- [manual]: https://www.supermicro.com/manuals/chassis/Mid-tower/SC733.pdf
-
-The server is also backed by a UPS, a [APC 1500VA BX1500m](https://www.apc.com/ca/en/product/BX1500M/apc-back-ups-1500-compact-tower-1500va-120v-avr-lcd-10-nema-outlets-5-surge/).
-
-[CSE-733TQ-500B]: https://www.supermicro.com/en/products/archive/chassis/SC733TQ-500B
-[300$]: http://www.atic.ca/index.php?page=details&psku=63796
-[ASUS PRIME X470-PRO]: https://www.asus.com/us/Motherboards/PRIME-X470-PRO/
-[187$]: http://www.atic.ca/index.php?page=details&psku=196101
-[detailed specs]: https://www.asus.com/us/Motherboards/PRIME-X470-PRO/specifications/
-[Kingston KSM26ED8/16ME]: 
-[114$]: http://www.atic.ca/index.php?page=details&psku=211327
-[AMD Ryzen 5 2400G]: http://www.atic.ca/index.php?page=details&psku=191280
-[AMD Ryzen 5 2600]: http://www.atic.ca/index.php?page=details&psku=196095
-[287$]: http://www.atic.ca/index.php?page=details&psku=196095
-
-# Hardware maintenance
-
-See [[hardware/server/marcos/v1]] for the initial setup notes. Those
-are kept only for historical reference, as the machine was rebuilt
-with new hardware in 2020.
-
-See [[services/backup]] for backup and drive replacement procedures.
-
-## 2025 disk growth
-
-Switched to ZFS on 2025-02-10 to add two new 8TiB drives because LVM
-was refusing to add a new RAID-1 array to the VG because of different
-block size (old disks are 512 logical / 4096 physical, new disks are
-4k/4k). The actual error from `vgextend` was:
-
-```
-Devices have inconsistent logical block sizes (512 and 4096).
-```
-
-There is apparently the solution of using `allow_mixed_block_sizes`
-but that seemed [really unsafe](https://unix.stackexchange.com/a/676537/30227)).
-
-The [[software/zfs]] page has the goods on how the pool was created,
-with a normal LUKS encryption under it to avoid trouble with ZFS
-encryption.
-
-The `rsync` took 2d9 h40m, or 57h40m. Resync took 1h5m.
-
-Interestingly, zstd compression didn't give us any significant gain in
-disk capacity:
-
-```
-root@marcos:/home/anarcat# df   /mnt /srv
-Sys. de fichiers       blocs de 1K    Utilisé Disponible Uti% Monté sur
-/dev/mapper/vg_hdd-srv  7512681384 7276294760  161208316  98% /mnt
-tank/srv                7667172736 7240802944  426369792  95% /srv
-```
-
-But you'll note that the ZFS dataset gives us more room than ext4, for
-some reason:
-
-```
-root@marcos:/home/anarcat# df -h  /mnt /srv
-Sys. de fichiers       Taille Utilisé Dispo Uti% Monté sur
-/dev/mapper/vg_hdd-srv   7,0T    6,8T  154G  98% /mnt
-tank/srv                 7,2T    6,8T  407G  95% /srv
-```
-
-... 250GiGB! Note sure where that's coming from, but the capacity is larger.
-
-The old disk array wasn't yet added to the ZFS pool: for that the
-drives need to be reformatted, encrypted, and re-added to the pool.
-
-Update: this is causing heating issues. Turns out the
-[CSE-733TQ-500B][] Supermicro case can't handle the heat at all in the
-hotswap drive block. I will have to either replace the entire case (!)
-or move drives around in there. Not great. See the [silent
-rackmounts](#silent-rackmounts) for next steps.
-
-## 2024 Fan replacement
-
-From the 2020 replacement, the server has always been away, either in
-a basement or a closet, and its noisy stock fan didn't really
-matter. But now it's moved inside the office and damn that thing is
-noisy. It's noisy when *idle* and sounds like a hair drier when it
-spins up. So, it's got to go.
-
-I've heard good things from friends about [Noctua](https://noctua.at), so let's go
-with that. My previous "gold standard" was the stock Intel fan that
-came with the [[v1]], which, according to this [old review](https://silentpcreview.com/lga775-low-profile-heatsink-roundup/) ranges
-from 14 to 26dBa in noise.
-
-Noctua seems to be Amazon sellouts, but they have products at
-memoryexpress.com and NewEgg, so I guess I'll try Memory Express
-now. Out of [their Noctua selection](https://www.memoryexpress.com/Category/CoolingCPU?FilterID=26b78891-590d-2259-fa23-6e925f4e75eb&Sort=Price), their cheapest fan
-[compatible with my CPU](https://ncc.noctua.at/cpus/model/AMD-Ryzen-5-2600X-1010) is the [NH-D9L](https://noctua.at/en/nh-d9l/) if I read all of this
-right, at 80$ + tax + 13$ purolator shipping. The [specification](https://noctua.at/en/nh-d9l/specification)
-on that is:
-
- * dimensions: 110 x 95 x 95 mm (531 g)
- * NSPR*: 88
- * kit:
-   * NF-A9 PWM premium fan
-   * NA-RC7 Low-Noise Adaptor (L.N.A.)
-   * NT-H1 high-grade thermal compound
-   * SecuFirm2™ Mounting Kit
-   * Fan-clips for second NF-A9
-   * Noctua Metal Case-Badge
- * fan ([Noctua NF-A9 PWM](https://noctua.at/en/products/fan/nf-a9-pwm.html)):
-   * 400-2000RPM
-   * max noise: 22.8db(A)
-   * stops at 0% PWN
-
-There's a big asterisk with Noctua which is that they don't follow the
-TDP (Thermal Design Power) rating and instead have their own NSPR
-([Noctua Standard Performance Rating](https://noctua.at/en/noctua-standardised-performance-rating)). So who knows what that "88"
-stands for. In their compatibility table, it's rated as "low
-turbo/overclocking headroom", which is fine by me: I haven't done
-"overclocking" in decades at this point.
-
-The sink is also [compatible with the board](https://ncc.noctua.at/motherboards/model/ASUS-Prime-X470-Pro-4796), apparently, so
-presumably I don't need to worry about pins, voltage, or actually
-knowing WTF I am doing, in general, which is reassuring but probably
-wrong.
-
-The other concern is fitting the fan in the case. There's a case
-compatibility chart but my case isn't there. The closest is the
-[Supermicro-SuperChassis-743T-500B-1842](https://ncc.noctua.at/cases/model/Supermicro-SuperChassis-743T-500B-1842) but that one is 25.5" x
-17.8" x 7" while mine is 7" (4U) x 20.9" x 16.8". But really, both are
-7" where it matters, which is 168mm, which is plenty of room for a
-110mm fan.
-
-Interestingly though, it marks the 158mm [U12S](https://noctua.at/en/nh-u12s) as "insufficient
-clearance" while the [C14S](https://noctua.at/en/nh-c14s), at 115-142mm supposedly fits. Its fan
-([NF-A14-PWM](https://noctua.at/en/nf-a14-pwm)) is less interesting for me: it's much noisier at
-24.6db(A).
-
-I have also considered:
-
- * [NH-U12S](https://noctua.at/en/nh-u12s/specification): 22.4db(A), slightly quieter, but much bigger, marked
-   as not fitting in the Supermicro (158mm)
- * [NH-D12L](https://noctua.at/en/nh-d12l/specification): 22.6dB(A) but much larger dissipation power (148 vs
-   88 for the D9L), not available at MemoryExpress, more expensive
-   ([115$ at amazon](https://www.amazon.ca/dp/B09TB5KJ5V), [newegg](https://www.newegg.ca/p/13C-0005-002A0))
- * [NH-U9S](https://noctua.at/en/nh-u9s/): 22.8dB(A), slightly more powerful, not at
-   MemoryExpress, more expensive ([75$ at amazon](https://www.amazon.ca/dp/B00TBHYYFK), [NH-D9L is
-   70$](https://www.amazon.ca/Noctua-NH-D9L-Premium-Cooler-NF-A9/dp/B00QCEWTAW))
-
-Update: I ordered the NH-D9L and installed it and immediately realized
-the problem was actually not the CPU fan, but the board fan, which is
-spec'd at 45dB. That fan is a weird construction that has a 92x25mm
-fan inside an enclosure that directs the airflow, see [FAN-0076L4](https://store.supermicro.com/us_en/92mm-fan-0076l4.html)
-for the detailed specs. I asked Supermicro if they had a better
-replacement fan, and so far they just keep pointing me at that fan. So
-I asked Noctua if [their fans](https://noctua.at/en/products/fan) would fit.
-
-## 2020 Replacement
-
-In 2020, hardware for marcos was swapped out into a new box.
-
-The machine has 4x3.5" hotswap drives so there's plenty of room for
-expansion *and* it should be easier to replace drives when they
-fail. Here's the inventory of drives.
-
-Currently in marcos:
-
- * `Samsung SSD 850 EVO 500GB`: 465GiB
- * `Seagate HDD IronWolf 8TB ST8000VN004-2M21`: 7.3TiB
- * `Seagate HDD IronWolf 8TB ST8000VN0022-2EL112`: 7.3TiB
- * `Western Digital Green 3TB WDC_WD30EZRX-00D8PB0`: 2.7TiB (external
-   "WD My Drive" backup drive)
-
-There should also be spare drives in the office which could be used to
-create RAID-1 arrays of those. I believe there should be:
-
- * Crucial SSD 500GB (dead)
- * 4TB backup WD green
-
-Unfortunately it looks like my old HDD inventory is too old to provide
-a good replacement strategy. We could get:
-

(Diff truncated)

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index f6d4698b..1b64c9df 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -42,21 +42,21 @@ I uploaded a few photos [in this album](https://photos.anarc.at/documentation/ra
 
 ## Stuff to buy next
 
-* <del>VHF/UHF SWR meter</del> Got a workman, above
-  * [Daiwa CN-801V](http://www.universal-radio.com/catalog/meters/2140.html) 150$ 140-525 MHz.	20/200 Watts ([5 reviews: 4.2/5](http://www.eham.net/reviews/detail/7378))
-  * [the bird 43](http://www.universal-radio.com/catalog/meters/1739.html) 85$ (but only one way at a time) 200-500 MHz.	    50 Watts ([39 reviews: 4.5/5](http://www.eham.net/reviews/detail/7378))
-* <del>Cabling</del> - got plenty of spare cable now that my main
-  setup was destroyed
-  * 100' of RG8 cabling
-* [Call those guys?](http://www.paratonnerres.qc.ca/produits.html)
-* <del>J146/440 - dual band VHF/UHF antenna (2m-70cm) [40$ at radioworld](http://radioworld.ca/product_info.php?cPath=73_191_193&products_id=886)</del> /!\ backorder
-* <del>MFJ-260C - 300W dummy load  0-150Mhz dry [50$ at radiowrodl](http://radioworld.ca/product_info.php?products_id=8098)</del> built into the tuner now
-- [(tr)uSDX](https://dl2man.de/), example [portable kit](https://imgur.com/gallery/ultralightish-tr-usdx-sota-shack-box-kit-QPuv1d9)
-- [kv4p](https://www.kv4p.com/)
-- UV-K5, [custom firmware](https://github.com/nikant/kamilsss655-uv-k5-firmware-custom-nkk?tab=readme-ov-file), [also](https://whosmatt.github.io/uvmod/)
-- [QMX](https://qrp-labs.com/qmx.html)
-- [uBITX v6](https://www.hfsignals.com/index.php/ubitx-v6/)
-- [sBITX](https://www.sbitx.net/)
+### Modern
+
+- [sBITX](https://www.sbitx.net/): 80-20m (receive 500KHz-30MHz, 25W), SSB, CW, FT8,
+  packet, SDR, 400$ with a raspi kit, 10"x6"x2", 4lbs, back-order as
+  of 2025-03-29, but [should be back in stock "in a month" so in
+  March](https://groups.io/g/BITX20/message/115582?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Acreated%2C%2Csbitx%20out%20of%20stock%2C20%2C2%2C0%2C111139360)
+- [uBITX v6](https://www.hfsignals.com/index.php/ubitx-v6/): 10W HF, SSB/CW, SDR, arduino-based, GPL-3, 210$ for
+  kit
+- [QMX](https://qrp-labs.com/qmx.html): low power QRP transceiver HF 20-80M, SDR / CW, packet,
+  *not* voice
+- [(tr)uSDX](https://dl2man.de/): tiny, low power (80mA/500mA) QRP HF (20-80m,
+  CW/LSB/USB/AM/FM) transceiver, example [portable kit](https://imgur.com/gallery/ultralightish-tr-usdx-sota-shack-box-kit-QPuv1d9), ~140$
+- [Quansheng UV-K5](https://qsfj.com/products/3002): similar to baofeng UV-5R, but more hackable,
+  see [custom firmware](https://github.com/nikant/kamilsss655-uv-k5-firmware-custom-nkk?tab=readme-ov-file), [also](https://whosmatt.github.io/uvmod/)
+- [kv4p](https://www.kv4p.com/): ham radio adapter (VHF, USB-C) for Android phones, GPL-3
 
 There's a [great guide](https://www.tothewoods.net/Comms-Yaesu-817-818-Manpack-Mobile-QRP-Ham-Radio-Kit.php) on how to setup a mobile HF rig that I
 could reuse with my FT-100d. It seems I am missing:
@@ -80,6 +80,18 @@ that we might want to learn from. In particular, it ships:
  * the radio's manual
  * a bandplan
 
+### Old stuff
+
+* <del>VHF/UHF SWR meter</del> Got a workman, above
+  * [Daiwa CN-801V](http://www.universal-radio.com/catalog/meters/2140.html) 150$ 140-525 MHz.	20/200 Watts ([5 reviews: 4.2/5](http://www.eham.net/reviews/detail/7378))
+  * [the bird 43](http://www.universal-radio.com/catalog/meters/1739.html) 85$ (but only one way at a time) 200-500 MHz.	    50 Watts ([39 reviews: 4.5/5](http://www.eham.net/reviews/detail/7378))
+* <del>Cabling</del> - got plenty of spare cable now that my main
+  setup was destroyed
+  * 100' of RG8 cabling
+* [Call those guys?](http://www.paratonnerres.qc.ca/produits.html)
+* <del>J146/440 - dual band VHF/UHF antenna (2m-70cm) [40$ at radioworld](http://radioworld.ca/product_info.php?cPath=73_191_193&products_id=886)</del> /!\ backorder
+* <del>MFJ-260C - 300W dummy load  0-150Mhz dry [50$ at radiowrodl](http://radioworld.ca/product_info.php?products_id=8098)</del> built into the tuner now
+
 I did a review of [[FmTransmitter]]s a long time ago that is probably
 now completely useless.
 
@@ -177,9 +189,12 @@ Je collecte ici des bons sites au sujet du ham radio.
   * [certification pour licence canadienne](http://www.ic.gc.ca/eic/site/smt-gst.nsf/fra/h_sf01709.html)
   * [Exams at the Last HOPE](http://wiki.hope.net/index.php/TLH_Amateur_Radio_License_Exams)
 * Clubs
+  * [Radio Amateur Canada](http://www.rac.ca/)
   * [Montreal Amateur Radio Club](http://www.marc.qc.ca/) - Dorval est. 1932, mostly english and west-island-ish
   * [Rive sud](http://www.ve2clm.ca/)
-  * [Radio Amateur Canada](http://www.rac.ca/)
+  * [VE2UMS](https://ve2ums.ca/) (Montréal et banlieues)
+  * [VE2CWQ](https://www.ve2cwq.ca/) ("CanWarn", emergency net and first responders)
+  * [Packet Québec](https://groups.io/g/PacketQuebec/)
   * [Radio Amateur Estrie](https://www.ve2rae.com/) (VA2RAE), ils ont un repeater sur le Mt
     Orford!  ([VE2TA](https://www.repeaterbook.com/repeaters/callResult.php?call=VE2TA&status_id=%25), 147.3300 +0.6 MHz, [YSF](https://www.repeaterbook.com/repeaters/callResult.php?call=VE2TA&status_id=%25), but "fusion
     mode" should work in analog)
@@ -187,6 +202,17 @@ Je collecte ici des bons sites au sujet du ham radio.
   * [RepeaterBook](https://www.repeaterbook.com/), e.g. [all quebec repeaters](https://www.repeaterbook.com/repeaters/Display_SS.php?state_id=CA10)
   * [RadioReference.com](https://www.radioreference.com/), repeaters, but also other frequencies
   * [Reseaux au quebec selon VA2RAE](https://www.ve2rae.com/reseaux.pdf)
+  * [Réseau VE2CWQ](https://www.ve2cwq.ca/reseau/) (VHF/UHF/packet)
+  * [Réseau VE2UMS](https://ve2ums.ca/reseau.php) (VHF/echolink/DMR)
+  * 80m:
+    - 3.7450 MHz (LSB) Réseau VE2CAA (dimanche matin)
+    - 3.7500 MHz (LSB) Réseau VE2CAA (Urgences Amériques)
+    - 3.7750 MHz (LSB) Réseau VE2CWQ (Canwarn 1er tour, français?)
+    - 3.7800 MHz (LSB) Réseau RHFQ (Réseau HF du Québec, Sécurité Civile)
+    - 3.7870 MHz (LSB) Professional Loafers (PL Net, anglais?)
+  * 40m
+    - 7.1200 MHz (LSB) VE2CWQ (Canwarn 2e tour, français?)
+  	- 7.1250 MHz (LSB) VE2AQC (Réseau RAQI, français?)
 * Other documentation
   * [IRLP](http://www.irlp.net/) -  Internet Radio Linking Project - using the internet to link stations
   * [Call sign lookup](http://hamcall.net/call)
@@ -225,3 +251,4 @@ This needs to be merged into [[Software]]
   * [predict](http://packages.debian.org/predict) and [predict](http://packages.debian.org/predict)-gsat - console only, doesn't bring much the gorgeous visuals of DebianPackage:gpredict
 
 ... others to follow, there's a whole [hamradio section](http://packages.debian.org/sid/hamradio/) in debian.
+

diff --git a/recette/porc-romarin-porto.md b/recette/porc-romarin-porto.md
index 6c36601e..43fc77d6 100644
--- a/recette/porc-romarin-porto.md
+++ b/recette/porc-romarin-porto.md
@@ -1,7 +1,3 @@
----
-geometry: margin=3cm
----
-
 # Filets de porc au romarin et sauce au porto 
 
 ## Ingredients
@@ -60,42 +56,4 @@ Ajouter le jus dans la sauce Porto.
 
 Arroser de sauce.
 
-\pagebreak
-
-## Tofu addendum
-
-```
-Antoine Beaupré <anarcat@orangeseeds.org> (2024-01-07) (inbox sent)
-Date: Sun, 07 Jan 2024 16:07:25 -0500
-From: Antoine Beaupré <anarcat@orangeseeds.org>
-To: Nick Ackerley <ea610@ncf.ca>
-Subject: Re: Tofu
-
-On 2024-01-06 10:49:00, Nick Ackerley wrote:
-> Hi Antoine!
->
-> Can you share your amazing not-pork-tofu recipe with me?
->
-> Sad you weren't able to visit with Rachel et al., this time. Maybe next?
-
-It would have been great to hang out indeed! But I took a rain check and
-visited other friends up north, but really mostly alone, taking a break
-from the family has been kind of great, to be frank. :) Hopefully we can
-make this ride soon enough again, now that it seems the boys handle it
-much better!
-
-Here's the pork-based recipe, from my mom. Replace tofu with pork,
-obviously, but after the marinade, i kind of just wing it: if you can
-fry the tofu on a BBQ that's good, oven can be good as well, best would
-probably be an air frier. For heapmas, i just fried the green onions
-with oil, fried the tofu until it's almost charred, then deglazed with
-the port and vineager, then added all the marinade and reduced until it
-was yum yummy.
-
--- 
-The odds are greatly against you being immensely smarter than everyone\
-else in the field. If your analysis says your terminal velocity is
-twice the speed of light, you may have invented warp drive, but the
-chances are a lot better that you've screwed up.
-- Akin's Laws of Spacecraft Design
-```
+Note: voir aussi [[tofu-romarin-porto]].

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 9807afa9..687f495b 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -24,6 +24,65 @@ The [site planner](https://site.meshtastic.org/) can help you show what you *sho
 see. Combine with one of the [maps](#maps), you should get a good idea of
 what you *should* be seeing.
 
+# Scalability
+
+I have serious concerns about the scalability of the Meshtastic
+algorithm. It is basically "rebroadcast everything you get, up to
+three hops" and while they are pretty good at "marketing" it, my hunch
+is that this won't scale to a dense, thousand-node busy network,
+especially since everything (including direct messages) is on a common
+carrier.
+
+@nullagent has a [long rant about this on Mastodon](https://partyon.xyz/@nullagent/113861754522594610) that confirms
+my hunch and made me write this section. A few quotes:
+
+> Floodfill can't scale.
+>
+> That's the core issue with meshtastic. 
+>
+> All the nodes repeat what they hear, kinda like "the people's mic"
+> at a protest. This strategy is great if we all want to hear ONE
+> person's speech across a whole crowd.
+>
+> But try the people's mic with 10's hundreds or thousands of
+> different bi-directional conversations and things get messy.
+>
+> We're all shouting to hear and expecting the person next to us to
+> repeat. But all they hear is noise and very rarely a few words here
+> & there
+
+> I -frequently- run out of hops NOT network!
+> 
+> The broadcast algo eats up all the hops in the core downtown and
+> rarely makes it out the otherside with low hop limit or even with
+> the max
+
+More concerning is his criticism of the core team culture:
+
+> The project is run in the usual tech-bro seeming ways and are rude
+> ass fuck to new comers with less experience / platform than I who've
+> made the -same- observations about floodfill's limits.
+> 
+> The core team is dying on the hill of the shitiest routing algo
+> possible because they I guess don't want to read anything about
+> routing research.
+> 
+> Bruh... I worked in a networking research lab in the early 2000's,
+> almost every excuse this team has made is bullshit.
+>
+> So when I have spent time and money learning an open source project,
+> encouraged friends to also go learn and spend money.... and then the
+> core team is rude as fuck to them when they have polite and honest
+> feedback.... yea fuck that noise.
+>
+> Meshtastic is gonna fail on the same dumb hill as many tech-bro led
+> projects, fighting their community over dumbshit.
+>
+> It's a perfectly fine toy of a project to learn LoRa but please know
+> better is possible and we don't have to deal with these assholes.
+
+He points at Meshcore and Reticulum as possible replacements.
+
 # Hardware
 
 Below are some Meshtastic-compatible devices I found interesting.
@@ -71,6 +130,16 @@ Make sure you [configure the device](https://wiki.seeedstudio.com/sensecap_t1000
 environment sensors and a neat trick to find the device if lost, see
 below.
 
+Note that the [intro guide](https://wiki.seeedstudio.com/t1000_e_intro/) has crucial information about the
+device, but know that those are the functions of the main button:
+
+| Button action         | Description               | Buzzer         |
+|-----------------------|---------------------------|----------------|
+| Press once            | Power on                  | Rising melody  |
+| Press twice           | Update node/location info | -              |
+| Press three times     | Switch on/off the GPS     | -              |
+| Press and hold for 5s | Power off                 | Falling melody |
+
 ### Fun story
 
 I lost that device one day! I had put it on top of a doorframe on the
@@ -110,10 +179,22 @@ The [T-Deck Plus](https://lilygo.cc/products/t-deck-plus-1) is another unique pl
 The "meshtastic" firmware that comes with it is just bad, definitely
 not worth paying for. There's a "pre release" "technical preview"
 (2.6.0.f7afa9a) that is *much* better (see below), although writing
-this I have just noticed than the 2.6.3 "alpha" release.
+this I have just noticed than the 2.6.3 "alpha" release. I have
+actually performed the following upgrades so far:
+
+- stock to 2.6.0.f7afa9a ("pre-release")
+- [2.6.0.f7afa9a to 2.6.2.31c0e8f](https://github.com/meshtastic/firmware/compare/v2.6.0.f7afa9a...v2.6.2.31c0e8f) (second to last "alpha",
+  2.6.3.640e731 is latest as of 2025-03-27)
+
+I have tried flashing at 115200 at first but 921600 seems to work fine
+too over USB. USB-C to USB-C does *not* work though, I need a USB-C to
+USB-A cable, bizarrely.
 
 I couldn't use the GPS at first, and [filed an issue](https://github.com/Xinyuan-LilyGO/T-Deck/issues/78) which was
-promptly fixed: you need to enable it in the Meshtastic app.
+promptly fixed: you need to enable it: from the UI, hold the "pin"
+logo in the main screen, this will turn on GPS and reboot. Same with
+wifi, one row below: hold the wifi icon and it will turn on WiFi and
+reboot.
 
 There seems to be an issue with the remote control interface: I have
 found that I need to reboot in "programming mode" to get access to the
@@ -123,9 +204,21 @@ recent one and it didn't work. It could be a conflict with WiFi as
 well. [According to the Meshtastic docs though](https://meshtastic.org/docs/software/meshtastic-ui/#bluetooth-programming-mode), it's just the way
 it is.
 
+Note that the device works as normal in programming mode: it's just
+the user interface that's different, but it otherwise receives, relays
+and sends packets fine, which is useful if you wan to do a [range
+test](https://meshtastic.org/docs/overview/range-tests/).
+
 All in all, this is a pretty amazing machine and one of the rare
 systems that allows communication without any other external device
-(like a phone or computer), which is really great.
+(like a phone or computer), which is really great. The new UI is
+fantastic, and you even have a rudimentary map showing remote nodes
+with [offline maps](https://www.reddit.com/r/meshtastic/comments/1j1chem/meshtastic_26_map_tiles_with_higher_zoom_levels/)
+
+One improvement I want to do is to add an external antenna to increase
+the range, because as it is now it's not great. Apparently, there's an
+on-board [ipex connector](https://github.com/Xinyuan-LilyGO/T-Deck/issues/20), so I'd just need a IPEX/SMA connector
+and a [LoRa antenna](https://meshtastic.org/docs/hardware/antennas/#community-favorites).
 
 ## Other devices
 
@@ -136,6 +229,9 @@ Those I haven't tested yet:
 - [T-Beam Supreme](https://lilygo.cc/products/t-beam-supreme?variant=43067944173749): 1.3" OLED display, 18650 battery socket,
   magnetometer, 2.4GHz WiFi, BLE 5, GNSS, no case, 52$, the [T-Beam
   SoftRF](https://lilygo.cc/products/t-beam-softrf?variant=43170158477493) is similar but without a display and cheaper, 30$
+- [T-Deck Pro](https://lilygo.cc/products/t-deck-pro): 3.1" e-ink touch screen, 4G module, WiFi 2.4GHz,
+  BLE 5, GPS, TF Card, mic, speaker, keypad, see also the [T5 e-paper
+  s3 pro](https://lilygo.cc/products/t5-e-paper-s3-pro)
 - [WisMesh Pocket V2](https://store.rakwireless.com/products/wismesh-pocket): GNSS, 1.3" OLED, acceleration sensor, power
   button, 3200mAh battery, USB-C powered, 100$
 - [WisMesh Solar Repeater](https://store.rakwireless.com/products/wismesh-meshtastic-solar-repeater): solar, battery, mast-mountable, unclear
@@ -153,11 +249,23 @@ Those I haven't tested yet:
   100℃, WiFi 2.4GHz, BLE 5.0 / Mesh, reset/boot button, 22x23x57mm,
   37g, exposed GPIO ports, unclear if has a battery, 20$
 - the [HELTEC v3](https://heltec.org/project/wifi-lora-32-v3/) might be a more reliable bet as it's listed more
-  prominently in Meshtastic docs, also 20$, they also have an [eink
-  dev board](https://heltec.org/project/vision-master-e290/)
+  prominently in Meshtastic docs, also 20$ with the case (but no
+  battery, and battery doesn't fit in the case), they also have an
+  [eink dev board](https://heltec.org/project/vision-master-e290/)
 - the [RAK19003 base kit](https://store.rakwireless.com/products/wisblock-meshtastic-starter-kit?variant=43884035113158) is also nice. it's more expensive (28$,
-  *without* a case), but a case [can be printed](https://www.printables.com/model/286664-rak19003-micro-case-for-meshtastic), useful if you
-  already order from RAK wireless and need extra kits
+  *without* a case), but a case [can be printed](https://www.printables.com/model/286664-rak19003-micro-case-for-meshtastic) but it's tricky
+  because there are many (83!) design files in there, useful if you
+  already order from RAK wireless and need extra kits and know your
+  way around DIY builds. you need to also buy:
+  - 4 × M3x20mm socket head cap screws ([this kit](https://abra-electronics.com/hardware/metric-hardware-kits/nuts/sc-h-m-ss-kit-m2-m3-m4-stainless-steel-hex-socket-cap-head-screws-washers-nuts-assortment-kit-1080pcs.html) covers this and
+    the nuts)
+  - 4 × M3 nuts
+  - 2 × M2.5 screws (*not* part of the above kit, [length unclear](https://www.printables.com/model/286664-rak19003-micro-case-for-meshtastic/comments/2516182),
+    [here are M2.5x6mm](https://abra-electronics.com/hardware/metric-hardware-round-phillips-head-screws/1968p-machine-screw-m2.5-6mm-length-phillips-25-pack.html) or [this kit](https://abra-electronics.com/hardware/metric-hardware-kits/screws-bolts/repair-kit-for-eyeglasses-watches-screws-and-nuts-caps-m1m2m2.5-stainless.html)3)
+  - 1 × battery ([Amazon](https://www.amazon.com/gp/product/B091FKGW8H), possibly the same as [Abra](https://abra-electronics.com/batteries-holders/batteries-polymer-lithium-ion/1578-ada-lithium-ion-polymer-battery-37v-500mah-1578-ada.html),
+    optional?)
+  - there's also an optional [battery cutoff switch](https://www.amazon.com/gp/product/B086L2GPGX), couldn't find
+    an [equivalent on Abra](https://abra-electronics.com/electromechanical/switches/pushbutton-switches/)
 - [Lamp hack](https://hackaday.io/project/194509-harbor-breeze-meshtastic-hack)
 - [Antennas](https://meshtastic.org/docs/hardware/antennas/) vary as well
 - Power is a whole other question, see [power consumption
@@ -339,3 +447,4 @@ See also the [official list of local groups](https://meshtastic.org/docs/communi
 - <https://mycelium-mesh.net/> (dead?)
 - [Reticulum](https://github.com/markqvist/Reticulum), talks over LoRa but also packet radio, WiFi, i2p,
   etc, see [sidebande](https://github.com/markqvist/Sideband?tab=readme-ov-file), [meshchat](https://lib3.net/wallabag/view/56011), [nomadnet](https://github.com/markqvist/NomadNet)
+- [Meshcore](https://github.com/ripplebiz/MeshCore), similar to Meshtastic, but different routing algorithm

diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index a38c1afb..eb94ad3b 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -22,7 +22,7 @@ particulier [[services/mail]] et [[services/backup]].
 
  * Case: [CSE-733TQ-500B][] ([300$][]), incl. 80+ bronze 500W PSU,
    4x3.5" hotswap bays, 2x5.25" bays, 1x3.5" bay, 7" (4U) x 20.9" x
-   16.8" or 178 x 531 x 427mm (WxDxL), 17Kg ([manual](https://www.supermicro.com/manuals/chassis/Mid-tower/SC733.pdf))
+   16.8" or 178 x 531 x 427mm (WxDxL), 17Kg ([manual][])
  * Motherboard: [ASUS PRIME X470-PRO][]: [187$][] (AM4/PGA 1331 ATX
    12"x9.6" 6 SATA Intel® I211-AT chipset, [detailed specs][])
  * Memory: Kingston KSM26ED8/16ME (16GB RAM): [114$][]
@@ -30,6 +30,8 @@ particulier [[services/mail]] et [[services/backup]].
    GPU, 6 cores, 95W 3.4GHz): [287$][]
  * Total: 889$CAD
 
+ [manual]: https://www.supermicro.com/manuals/chassis/Mid-tower/SC733.pdf
+
 The server is also backed by a UPS, a [APC 1500VA BX1500m](https://www.apc.com/ca/en/product/BX1500M/apc-back-ups-1500-compact-tower-1500va-120v-avr-lcd-10-nema-outlets-5-surge/).
 
 [CSE-733TQ-500B]: https://www.supermicro.com/en/products/archive/chassis/SC733TQ-500B
@@ -96,6 +98,12 @@ tank/srv                 7,2T    6,8T  407G  95% /srv
 The old disk array wasn't yet added to the ZFS pool: for that the
 drives need to be reformatted, encrypted, and re-added to the pool.
 
+Update: this is causing heating issues. Turns out the
+[CSE-733TQ-500B][] Supermicro case can't handle the heat at all in the
+hotswap drive block. I will have to either replace the entire case (!)
+or move drives around in there. Not great. See the [silent
+rackmounts](#silent-rackmounts) for next steps.
+
 ## 2024 Fan replacement
 
 From the 2020 replacement, the server has always been away, either in
@@ -494,6 +502,8 @@ Update: FreeNAS is now called [TrueNAS](https://www.truenas.com/) and they have
 cases now, checkout their [TrueNAS mini](https://www.truenas.com/truenas-mini/) boxes. Their 4-bay hotswap
 thing starts at 1000$.
 
+Update: According to servethehome.com, the TrueNAS mini is too noisy.
+
 ## Pine 64
 
 They have SBCs of course -- that's how they started -- but also a neat
@@ -529,6 +539,32 @@ getting out of scope, but:
 
 https://protectli.com/
 
+## Silent rackmounts
+
+- [SilentPC 2u Xeon server](https://silentpc.com/servers/2u-rack-mount-server): 2245$, 3 x 3.5" drives. Not great.
+- [eRacks QUIET2](https://eracks.com/products/quiet-systems/QUIET2/): 1400$, 3 x 3.5", still not enough drives
+- [QuietPC 2U Breeze D5](https://www.quietpc.com/sys-2u-rackmount-i17): 1600$CAD+, 4 x 3.5"?
+
+[Reddit recommended Dell R270 in 2022](https://www.reddit.com/r/homelab/comments/vdultt/recommendations_for_quietish_1u2u_server/), maybe using normal
+rackmount servers is an option?
+
+### Sliger
+
+[Michael Lynch](https://mtlynch.io/) built a [budget NAS in 2022](https://mtlynch.io/budget-nas/) and updated it in
+2024 to this [Sliger 2U trayless case](https://www.sliger.com/products/rackmount/3u/cx3701/) with room for 10x3.5"
+drives, 4x2.5" SSD mounts, two 120mm exhaust fans, for 340$, about the
+price of my original Supermicro case. It's a Mini-ITX build though,
+and I have a full-sized ATX board, which he regretted because of
+limited expansion:
+
+> If I were to do this over again, I would have bought a rack-mounted
+> chassis that has slots for six to eight 3.5" hard drives and a
+> motherboard with either multiple PCI slots or at least eight SATA
+> ports.
+
+I asked sliger for a spec. I think those cases look amazing, and
+probably the next build.
+
 ## Other SoC boards
 
 There are many SoC boards that could be used to create a device from
@@ -588,8 +624,6 @@ needs to be double-checked.
 
 ## Other builds
 
-See also <https://mtlynch.io/budget-nas/>.
-
 At work, we built two rescue hosts with the PC engines boards, right
 before they went EOL. I documented a bunch of alternatives, see [this
 list](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/apu#apu-eol-and-alternatives).
diff --git a/services/wifi.mdwn b/services/wifi.mdwn
index 6232ace0..3a1ac74b 100644
--- a/services/wifi.mdwn
+++ b/services/wifi.mdwn
@@ -123,6 +123,8 @@ ever since.
    (45$)](https://www.canadacomputers.com/product_info.php?cPath=38_944&item_id=066549) could hold the routers, but is back-ordered, so maybe
    [this deeper shelf](https://www.canadacomputers.com/product_info.php?cPath=38_944&item_id=144628) (16" 44lbs) could do it, and this [18U
    rack](https://www.canadacomputers.com/product_info.php?cPath=38_944&item_id=166475) is quite interesting, 385$
+ * [Startech have their own racks shop](https://www.startech.com/en-us/server-management/racks), the [15U looks more
+   interesting](https://www.startech.com/en-us/server-management/4postrack15u) (300$USD) because smaller, so more headroom
  * [recyborg sometimes has racks](https://recyborg.com/?s=rack&post_type=product&type_aws=true) and [gigabit switches](https://recyborg.com/?s=gigabit&post_type=product&type_aws=true)
 
 Some other home lab had the following recommendations:

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index 669a1d3d..f6d4698b 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -5,10 +5,12 @@ I also volunteered at [CKUT](https://ckut.ca/) for a while, but I didn't have ti
 commit long term. It was still a pretty awesome experience. See
 [[communication]] for more details on that side.
 
+See also [[services/meshtastic]] (think DIY text mesh) and
+[[services/radio]] (think jukebox).
+
 [[!toc levels=3]]
 
-Hardware
-========
+# Hardware
 
 * Hand helds:
   * Baofeng UV-3R MKII radio (<50$)
@@ -38,8 +40,7 @@ Total rig cost so far: 1242.60$ (not counting the quad project below)
 
 I uploaded a few photos [in this album](https://photos.anarc.at/documentation/radio/#/0).
 
-Stuff to buy next
------------------
+## Stuff to buy next
 
 * <del>VHF/UHF SWR meter</del> Got a workman, above
   * [Daiwa CN-801V](http://www.universal-radio.com/catalog/meters/2140.html) 150$ 140-525 MHz.	20/200 Watts ([5 reviews: 4.2/5](http://www.eham.net/reviews/detail/7378))
@@ -82,8 +83,7 @@ that we might want to learn from. In particular, it ships:
 I did a review of [[FmTransmitter]]s a long time ago that is probably
 now completely useless.
 
-Stores
-------
+## Stores
 
  * [Radioworld](https://radioworld.ca/)
  * [Universal Radio](https://www.universal-radio.com/)
@@ -92,18 +92,20 @@ Stores
  * [eBay](http://shop.ebay.com/Fixed-/163857/i.html)
  * [local](http://www.raqi.ca/~ve2bzl/)
 
-Quad antenna project
-====================
+# Quad antenna project
 
-I am working on building a new antenna. It is based on [this design](http://www.hamuniverse.com/n1uue2el1011quad.html), which uses a mix of PVC pipes and fiberglass rods, except I adapt it to a 20m antenna and replace the PVC with aluminium for solidity. It should be possible to take the antenna apart and rebuild it if necessary.
+I was working on building a new antenna. It was based on [this design](http://www.hamuniverse.com/n1uue2el1011quad.html), which uses a mix of PVC pipes and fiberglass rods, except I adapted it to a 20m antenna and replace the PVC with aluminium for solidity. It should be possible to take the antenna apart and rebuild it if necessary.
 
 <figure> 
 <img src="Quad-sketch0001.jpg" alt="Hand-drawn sketch of a Quad antenna" />
 <figcaption>Sketch of my antenna</figcaption>
 </figure>
 
-Parts list
-----------
+I have mostly lost the parts to this and it's now just an old crazy
+project that never materialized. I'm keeping it here for future
+reference and to inspire other people to do crazy things like this.
+
+## Parts list
 
 ### Mast
 
@@ -145,8 +147,7 @@ Notes:
 
 Current blocker(s): Waiting for parts to be shipped and for the rain to stop.
 
-Discarded approaches
---------------------
+## Discarded approaches
 
 Those parts were considered during the design phase but were discarded for various reasons.
 
@@ -161,8 +162,7 @@ Those parts were considered during the design phase but were discarded for vario
 
 I had a lot of problems finding proper parts (pipes, raw materials like wiring and so on) in Montreal, which made building the antenna quite tricky, as a lot of things needed to be ordered online, which raised the overall costs because of shipping.
 
-Références
-==========
+# Références
 
 Je collecte ici des bons sites au sujet du ham radio.
 
@@ -180,6 +180,13 @@ Je collecte ici des bons sites au sujet du ham radio.
   * [Montreal Amateur Radio Club](http://www.marc.qc.ca/) - Dorval est. 1932, mostly english and west-island-ish
   * [Rive sud](http://www.ve2clm.ca/)
   * [Radio Amateur Canada](http://www.rac.ca/)
+  * [Radio Amateur Estrie](https://www.ve2rae.com/) (VA2RAE), ils ont un repeater sur le Mt
+    Orford!  ([VE2TA](https://www.repeaterbook.com/repeaters/callResult.php?call=VE2TA&status_id=%25), 147.3300 +0.6 MHz, [YSF](https://www.repeaterbook.com/repeaters/callResult.php?call=VE2TA&status_id=%25), but "fusion
+    mode" should work in analog)
+* Frequency lists:
+  * [RepeaterBook](https://www.repeaterbook.com/), e.g. [all quebec repeaters](https://www.repeaterbook.com/repeaters/Display_SS.php?state_id=CA10)
+  * [RadioReference.com](https://www.radioreference.com/), repeaters, but also other frequencies
+  * [Reseaux au quebec selon VA2RAE](https://www.ve2rae.com/reseaux.pdf)
 * Other documentation
   * [IRLP](http://www.irlp.net/) -  Internet Radio Linking Project - using the internet to link stations
   * [Call sign lookup](http://hamcall.net/call)
@@ -187,35 +194,34 @@ Je collecte ici des bons sites au sujet du ham radio.
   * [US Ham bands](http://www.arrl.org/FandES/field/regulations/bands.html)
   * [Family_Radio_Service](https://en.wikipedia.org/wiki/Family_Radio_Service) - intéressant pour commencer, comme le CB mais plus puissant et sans interférence, pas cher, j'ai acheté un [cobra FRS](http://radioworld.ca/product_info.php?cPath=161_381&products_id=5790)
 
-Software
-========
+# Software
 
 This needs to be merged into [[Software]]
 
 * the oracles
-  * http://packages.debian.org/gpredict
-  * http://packages.debian.org/minimuf - allows you to compute the WikiPedia:MUF depending on salar activity and so on, but has an unusuable interface (you need to enter a series of digits... how about a GUI?!)
-  * http://packages.debian.org/gcb - calculates the right angle for your antenna
-  * http://packages.debian.org/xplanet - can show azimuthal projections of the earth on your background, screensaver or window - I use this in myxsession:
+  * [gpredict](http://packages.debian.org/gpredict)
+  * [minimuf](http://packages.debian.org/minimuf) - allows you to compute the WikiPedia:MUF depending on salar activity and so on, but has an unusuable interface (you need to enter a series of digits... how about a GUI?!)
+  * [gcb](http://packages.debian.org/gcb) - calculates the right angle for your antenna
+  * [xplanet](http://packages.debian.org/xplanet) - can show azimuthal projections of the earth on your background, screensaver or window - I use this in myxsession:
     xplanet -latitude 45.5 -longitude -73.66 -wait 60 -label -projection azimuthal -fork -radius 90
 * testing tools
-  * http://packages.debian.org/ibp - very useful for training to receive distant comms: show you which beacon is active when, with a map: `ibp FN35EM`
+  * [ibp](http://packages.debian.org/ibp) - very useful for training to receive distant comms: show you which beacon is active when, with a map: `ibp FN35EM`
 * packet:
-  * http://packages.debian.org/gmfsk - for packet radio
-  * http://packages.debian.org/fldigi - also looks interesting and fairly complete, not tested
-  * http://packages.debian.org/gpsk31, DebianPackage:linpsk, DebianPackage:phaseshift - same?
-  * http://packages.debian.org/fbb - mailboxes?
+  * [gmfsk](http://packages.debian.org/gmfsk) - for packet radio
+  * [fldigi](http://packages.debian.org/fldigi) - also looks interesting and fairly complete, not tested
+  * [gpsk31](http://packages.debian.org/gpsk31), DebianPackage:linpsk, DebianPackage:phaseshift - same?
+  * [fbb](http://packages.debian.org/fbb) - mailboxes?
 * programming:
   * [Chirp](https://chirp.danplanet.com/) ([Debian](https://tracker.debian.org/pkg/chirp)) - programming radios
 * to be tested:
-  * http://packages.debian.org/grig - can control your radio from your computer
-  * http://packages.debian.org/splat 
-  * http://packages.debian.org/wwl
-  * http://packages.debian.org/wsjt
-  * http://packages.debian.org/xastir
-  * http://packages.debian.org/xwota
-  * http://packages.debian.org/xdemorse
+  * [grig](http://packages.debian.org/grig) - can control your radio from your computer
+  * [splat](http://packages.debian.org/splat) 
+  * [wwl](http://packages.debian.org/wwl)
+  * [wsjt](http://packages.debian.org/wsjt)
+  * [xastir](http://packages.debian.org/xastir)
+  * [xwota](http://packages.debian.org/xwota)
+  * [xdemorse](http://packages.debian.org/xdemorse)
 * dismissed:
-  * http://packages.debian.org/predict and http://packages.debian.org/predict-gsat - console only, doesn't bring much the gorgeous visuals of DebianPackage:gpredict
+  * [predict](http://packages.debian.org/predict) and [predict](http://packages.debian.org/predict)-gsat - console only, doesn't bring much the gorgeous visuals of DebianPackage:gpredict
 
 ... others to follow, there's a whole [hamradio section](http://packages.debian.org/sid/hamradio/) in debian.

diff --git a/services/ham.md b/services/ham.md
deleted file mode 100644
index 9d0ceaec..00000000
--- a/services/ham.md
+++ /dev/null
@@ -1,200 +0,0 @@
-I am
-[anarcat](http://web.archive.org/web/20190209012421/https://wiki.koumbit.net/TheAnarcat).
-I just passed my basic qualitification in Canada, with honors (so I can
-operate HF), yay! I am now AKA VA2ANK. -- **TheAnarcat** 21:50, 10 October
-2010 (CDT)
-
-[[!toc levels=3]]
-
-# My rig
-
-  * Transceiver: 
-    * Yaesu FT-100D - [499$ on ebay](http://web.archive.org/web/20190209012421/http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=180565016542&ssPageName=STRK:MEWNX:IT) \- actual price: ~570$ (to be verified)
-  * Antennas and gizmos at radioworld, first pass: 
-    * MFJ-941E - antenna tuner and switch [155$ at radioworld](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=2885)
-    * MAP-G5RV 1/2 - G5RV 50' dipole antenna (10-40m) [85$ at radioworld](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?manufacturers_id=121&products_id=7788)
-    * ~~J146/440 - dual band VHF/UHF antenna (2m-70cm)[40$ at radioworld](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_191_193&products_id=886)~~ /!\ backorder
-    * 100' of RG8 coax cabling [65$ at radioworld](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&products_id=6831)
-    * ~~MFJ-260C - 300W dummy load 0-150Mhz dry[50$ at radiowrodl](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=8098)~~ built into the tuner now
-    * 3 PL259 connectors [4$ at radioworld](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&products_id=3244)
-    * Total, incl. shipping: 452.35$
-  * Ferrites: ~40$ + 24$ customs fees (PN: 2643167851 from [IBS electronics](http://web.archive.org/web/20190209012421/http://www.ibselectronics.com/search_r.asp?mfgpn=2643167851))
-  * A shitload of PL259 connectors, usually around 2$ each
-  * Documentation: 
-    * [Canadian Amateur Radio Basic Qualification Study Guide](http://web.archive.org/web/20190209012421/http://www.coaxpublications.ca/): 40$
-    * [The RAC Operating Manual](http://web.archive.org/web/20190209012421/https://www.rac.ca/store/operating-manual.htm): 42$ (note: i didn't find this one really useful)
-    * ARRL Handbook 2011, Softcover: 49.95$USD
-    * ARRL Antenna Book: 44.95$USD
-  * Total rig cost so far: 1242.60$ (not counting the quad project below)
-
-I uploaded a few photos [in this
-album](http://web.archive.org/web/20190209012421/http://photos.anarcat.koumbit.org/main.php?g2_itemId=4619).
-
-## New quad antenna project
-
-I am working on building a new antenna. It is based on [this
-design](http://web.archive.org/web/20190209012421/http://www.hamuniverse.com/n1uue2el1011quad.html),
-which uses a mix of PVC pipes and fiberglass rods, except I adapt it to a 20m
-antenna and replace the PVC with aluminium for solidity. It should be possible
-to take the antenna apart and rebuild it if necessary.
-
-### Parts list
-
-[![](/web/20190209012421im_/http://www.amateur-radio-
-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/400px-Quad-
-sketch0001.jpg)](/web/20190209012421/http://www.amateur-radio-
-wiki.net/index.php?title=File:Quad-sketch0001.jpg)
-
-[](/web/20190209012421/http://www.amateur-radio-
-wiki.net/index.php?title=File:Quad-sketch0001.jpg "Enlarge")
-
-A sketch of my antenna
-
-Mast:
-
-| Part                | Amount | Where          | Weight   | Price  | Notes                                                                                                                                                           |
-|---------------------|--------|----------------|----------|--------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| tripod              | 1      | addison        | ?        | 45.56$ | ~2' x 2'                                                                                                                                                        |
-| 3m steel pole       | 1      | downstairs     | ?        | 0$     | to connect the boom and tripod, 1-1¼"                                                                                                                           |
-| sandbags            | 3      | home depot     | 30kg ea. | 10.76$ | one per leg                                                                                                                                                     |
-| plywood             | 3'x4'  | attic          | ?        | 0$     | ~~1' x 2' used for the beam/pole fitting~~ \- found some                                                                                                        |
-| Mast clamps (1"3/4) | 4      | hardware store | ?        | 4.92$  | to connect the boom with the mast, bigger mast, 1.23¢ ea                                                                                                        |
-| Mast clamps (1"3/8) | 2      | hardware store | ?        | 1.60$  | to connect the boom with the mast, 80¢ ea                                                                                                                       |
-| guy rope            | 2x100' | hardware store | ?        | 63.98$ | to secure the mast, using poplypropylene/nylon rope, each line should support around 300lbs of pressure, enough for the 500lbs of pressure with a 90mph wind    |
-
-Antenna and accessories  
-
-| Part               | Amount  | Where                                                                                                                                                      | Weight  | Price                        | Notes                                                                                                            |
-|--------------------|---------|------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|------------------------------|------------------------------------------------------------------------------------------------------------------|
-| 1" hose clamps     | 8       | home depot                                                                                                                                                 | ?       | ?                            | to tie the antenna line to the spreaders                                                                         |
-| tie wraps, small   | 100     | hardware store                                                                                                                                             | ?       | 3.09$                        | to tie the antenna line to the spreaders                                                                         |
-| 2"½ hose clamps    | 19      | hardware store                                                                                                                                             | ?       | 26.41$                       | to tie-up the boom together (2), the spreaders to the spider (8) and the spreaders themselves (8), +spare (1)    |
-| 8"x½" plastic tube | 1       | home depot                                                                                                                                                 | ~0      | 0$                           | for spreader/wire attachment - found some                                                                        |
-| 15' 1¼" fiberglass | 8       | [mgs4u.com](http://web.archive.org/web/20190209012421/http://www.mgs4u.com/fiberglass-cubical-quad-spreaders.htm) (type 1)                                 | 17.6lbs | ~160$ - actual: 255$CAD (!!) | 4.4lbs ea, unit price 19.80$                                                                                     |
-| Clamps             | 10-pack | [dxengineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=1868&PLID=161&SecID=129&DeptID=36&PartNo=DXE-CPC-375)  | ~0      | 14.95$                       | to secure the feedline                                                                                           |
-| 4m aluminium boom  | 2       | [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=5107&PLID=364&SecID=136&DeptID=43&PartNo=DXE-AT1492)  | 2.5lbs  | 24.90$                       |                                                                                                                  |
-| 500' of wiring     | 1       | [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=2012&PLID=159&SecID=77&DeptID=40&PartNo=DXE-ANTW-500) | N/A     | 74.95$                       | only parts of this will be used (120' to be more precise)                                                        |
-| U clamps and bolts | 4       | ~~home depot~~ [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                           | ~0      | 0$                           | included in the beam/pole fitting                                                                                |
-| boom/pole plate    | 1       | [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                                          | ?       | 45$ + 30$ shipping           | need to drill holes, includes reinforcement pole                                                                 |
-| spider             | 2       | [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                                          | 2.3lbs  | 70$USD                       | 14oz ea. 40$/ea, seems strong and sturdy, and Rick helped me through email, let's try!                           |
-
-Antenna (parts in shipping)  
-
-Nothing!  
-
-Antenna (parts to order)  
-
-| Part           | Amount | Where          | Weight | Price | Notes                   |
-|----------------|--------|----------------|--------|-------|-------------------------|
-| more sandbags? | 3      | hardware store | ?      | ?     | to attach the tower?    |
-  
-Total planned price: ~373.77$
-
-Total planned weight: ~25lbs++ - not including 180lbs of sandbags, the pole
-and tripod.
-
-### Notes
-
-  * Gauge: 10-16 AWG is okay (see [AWG](http://web.archive.org/web/20190209012421/http://en.wikipedia.org/wiki/American_wire_gauge), that is 1.2-2.5mm or 1/10" - 1/20"), and can be insulated, according to [this page](http://web.archive.org/web/20190209012421/http://n6ach.com/calc/quad.html)
-  * Using welding wire is a good idea, as the [lightning bolt quad](http://web.archive.org/web/20190209012421/http://www.qsl.net/w3df/quad2/quad.html) uses
-  * I was suggested [Dubo](http://web.archive.org/web/20190209012421/http://www.dubo.qc.ca/) for electric supplies
-
-### Current blocker(s)
-
-Waiting for parts to be shipped and for the rain to stop.
-
-### Discarded approaches
-
-Those parts were considered during the design phase but were discarded for
-various reasons.
-
-| Part                   | Amount     | Where                                                                                                                                              | Price                                         | Notes                                                                                                                                                                                                                                                                                                                                                                                                                                 |
-|------------------------|------------|----------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| welding wire aluminium | 270' spool | [canadian tire](http://web.archive.org/web/20190209012421/http://www.canadiantire.ca/AST/browse/6/Tools/WeldingSoldering/AccessoriesRodsWire.jsp)? | ?                                             | example: [Aluminium 5356 MIG alloy](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx) \- too hard to find                                                                                                                                                                                                                                   |
-| ~~4m 1"PVC~~           | 1          | home depot                                                                                                                                         | ?                                             | according to Rick, this could create interference                                                                                                                                                                                                                                                                                                                                                                                     |
-| ~~5-way 1"PVC conn.~~  | 2          | [creativeshelters.com](http://web.archive.org/web/20190209012421/http://www.creativeshelters.com/Fittings/PVC-Structure-Fitting.aspx)              | 3.08$                                         | couldn't order, they don't accept canadian zip codes, and shipping is 30$ anyways, and I don't trust PVC                                                                                                                                                                                                                                                                                                                              |
-| ~~1"x½" copper pipe~~  | 8          | home depot                                                                                                                                         | ~5$                                           | we'll use tie-wraps instead for spreader/wire attachment                                                                                                                                                                                                                                                                                                                                                                              |
-| ~~8m ½"PVC~~           | 4          | home depot                                                                                                                                         | ?                                             | PVC pipes are too flexible to hold properly, we need fiberglass                                                                                                                                                                                                                                                                                                                                                                       |
-| ~~AUG 12 copper wire~~ | 44.4m      | ???                                                                                                                                                | 29.32$ (addison?) 48.64$ pour 2x12 22m (dubo) | ~~addison doesn't have bare wire, and[dubo](http://web.archive.org/web/20190209012421/http://www.dubo.qc.ca/) only has bare up to 8 gage, too big (it's mainly for grounds)~~ copper wire never comes bare, and i may have better luck finding mig soldering wire like [Aluminium-5356](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx)   |
-  
-I had a lot of problems finding proper parts (pipes, raw materials like wiring
-and so on) in Montreal, which made building the antenna quite tricky, as a lot
-of things needed to be ordered online, which raised the overall costs because
-of shipping.
-
-# Références
-
-Je collecte ici des bons sites au sujet du ham radio.
-
-  * Manuals, courses 
-    * [Good overview](http://web.archive.org/web/20190209012421/http://www.visi.com/~tneu/whatsham.html)
-    * [Emergencyradio.ca online course](http://web.archive.org/web/20190209012421/http://www.emergencyradio.ca/course/)
-    * [tech manual](http://web.archive.org/web/20190209012421/http://kb6nu.com/tech-manual/)
-    * [HAM Radio primer](http://web.archive.org/web/20190209012421/http://www.baproducts.com/ham.htm) \- un peu vieux (14 ans!) dit que son kit a coûté 1000$
-  * Hardware 
-    * [hardware guide](http://web.archive.org/web/20190209012421/http://batlabs.com/) \- motorola
-  * Exams 
-    * [certification pour licence canadienne](http://web.archive.org/web/20190209012421/http://www.ic.gc.ca/eic/site/smt-gst.nsf/fra/h_sf01709.html)
-    * [Exams at the Last HOPE](http://web.archive.org/web/20190209012421/http://wiki.hope.net/index.php/TLH_Amateur_Radio_License_Exams)
-  * Clubs 
-    * [Montreal Amateur Radio Club](http://web.archive.org/web/20190209012421/http://www.marc.qc.ca/) \- Dorval est. 1932, mostly english and west-island-ish
-    * [Rive sud](http://web.archive.org/web/20190209012421/http://www.ve2clm.ca/)
-    * [Radio Amateur Canada](http://web.archive.org/web/20190209012421/http://www.rac.ca/)
-  * Other documentation 
-    * [IRLP](http://web.archive.org/web/20190209012421/http://www.irlp.net/) \- Internet Radio Linking Project - using the internet to link stations
-    * [Call sign lookup](http://web.archive.org/web/20190209012421/http://hamcall.net/call)
-    * [Available call signs in Canada](http://web.archive.org/web/20190209012421/http://www.rac.ca/acl/)
-    * [US Ham bands](http://web.archive.org/web/20190209012421/http://www.arrl.org/FandES/field/regulations/bands.html)
-    * [Wikipedia:Family_Radio_Service](http://web.archive.org/web/20190209012421/http://en.wikipedia.org/wiki/Family_Radio_Service "wikipedia:Family Radio Service") \- intéressant pour commencer, comme le CB mais plus puissant et sans interférence, pas cher, j'ai acheté un [cobra FRS](http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=161_381&products_id=5790)
-
-## Software
-
-This needs to be merged into
-[Software](/web/20190209012421/http://www.amateur-radio-
-wiki.net/index.php?title=Software "Software")
-
-  * the oracles 
-    * [http://packages.debian.org/gpredict](http://web.archive.org/web/20190209012421/http://packages.debian.org/gpredict)
-    * [http://packages.debian.org/minimuf](http://web.archive.org/web/20190209012421/http://packages.debian.org/minimuf) \- allows you to compute the WikiPedia:MUF depending on salar activity and so on, but has an unusuable interface (you need to enter a series of digits... how about a GUI?!)
-    * [http://packages.debian.org/gcb](http://web.archive.org/web/20190209012421/http://packages.debian.org/gcb) \- calculates the right angle for your antenna
-    * [http://packages.debian.org/xplanet](http://web.archive.org/web/20190209012421/http://packages.debian.org/xplanet) \- can show azimuthal projections of the earth on your background, screensaver or window - I use this in myxsession: `xplanet -latitude 45.5 -longitude -73.66 -wait 60 -label -projection azimuthal -fork -radius 90`
-  * testing tools 
-    * [http://packages.debian.org/ibp](http://web.archive.org/web/20190209012421/http://packages.debian.org/ibp) \- very useful for training
-      to receive distant comms: show you which beacon is active when,
-      with a map `ibp FN35EM`
-  * packet: 
-    * [http://packages.debian.org/gmfsk](http://web.archive.org/web/20190209012421/http://packages.debian.org/gmfsk) \- for packet radio
-    * [http://packages.debian.org/fldigi](http://web.archive.org/web/20190209012421/http://packages.debian.org/fldigi) \- also looks interesting and fairly complete, not tested
-    * [http://packages.debian.org/gpsk31](http://web.archive.org/web/20190209012421/http://packages.debian.org/gpsk31), DebianPackage:linpsk, DebianPackage:phaseshift - same?
-    * [http://packages.debian.org/fbb](http://web.archive.org/web/20190209012421/http://packages.debian.org/fbb) \- mailboxes?
-  * to be tested: 
-    * [http://packages.debian.org/grig](http://web.archive.org/web/20190209012421/http://packages.debian.org/grig) \- can control your radio from your computer
-    * [http://packages.debian.org/splat](http://web.archive.org/web/20190209012421/http://packages.debian.org/splat)
-    * [http://packages.debian.org/wwl](http://web.archive.org/web/20190209012421/http://packages.debian.org/wwl)
-    * [http://packages.debian.org/wsjt](http://web.archive.org/web/20190209012421/http://packages.debian.org/wsjt)
-    * [http://packages.debian.org/xastir](http://web.archive.org/web/20190209012421/http://packages.debian.org/xastir)
-    * [http://packages.debian.org/xwota](http://web.archive.org/web/20190209012421/http://packages.debian.org/xwota)
-    * [http://packages.debian.org/xdemorse](http://web.archive.org/web/20190209012421/http://packages.debian.org/xdemorse)
-  * dismissed: 
-    * [http://packages.debian.org/predict](http://web.archive.org/web/20190209012421/http://packages.debian.org/predict) and [http://packages.debian.org/predict-gsat](http://web.archive.org/web/20190209012421/http://packages.debian.org/predict-gsat) \- console only, doesn't bring much the gorgeous visuals of DebianPackage:gpredict
-
-... others to follow, there's a whole [hamradio
-section](http://web.archive.org/web/20190209012421/http://packages.debian.org/sid/hamradio/)
-in debian.
-
-# Stuff to buy next
-
-  * VHF/UHF SWR meter 
-    * [Daiwa CN-801V](http://web.archive.org/web/20190209012421/http://www.universal-radio.com/catalog/meters/2140.html) 150$ 140-525 MHz. 20/200 Watts ([5 reviews: 4.2/5](http://web.archive.org/web/20190209012421/http://www.eham.net/reviews/detail/7378))
-    * [workman 50$](http://web.archive.org/web/20190209012421/http://www.ebay.com/itm/SWR-Power-500-Watt-METER-120-500-MHz-UHF-VHF-Ham-Radio-w-RG8X-Jumper-/380424888249) ([17 reviews: 3.5/5](http://web.archive.org/web/20190209012421/http://www.eham.net/reviews/detail/3905))
-    * [the bird 43](http://web.archive.org/web/20190209012421/http://www.universal-radio.com/catalog/meters/1739.html) 85$ (but only one way at a time) 200-500 MHz. 50 Watts ([39 reviews: 4.5/5](http://web.archive.org/web/20190209012421/http://www.eham.net/reviews/detail/7378))
-  * Handhelds: 
-    * Baofeng UV-3R MKII radio (<50$) avec cable de prog ou UV-5R
-  * Cabling: 
-    * 100' of RG8 cabling

(Diff truncated)

diff --git a/services/ham.md b/services/ham.md
index 67b223d2..9d0ceaec 100644
--- a/services/ham.md
+++ b/services/ham.md
@@ -4,17 +4,7 @@ I just passed my basic qualitification in Canada, with honors (so I can
 operate HF), yay! I am now AKA VA2ANK. -- **TheAnarcat** 21:50, 10 October
 2010 (CDT)
 
-## Contents
-
-  * 1 My rig
-    * 1.1 New quad antenna project
-      * 1.1.1 Parts list
-      * 1.1.2 Notes
-      * 1.1.3 Current blocker(s)
-      * 1.1.4 Discarded approaches
-  * 2 Références
-    * 2.1 Software
-  * 3 Stuff to buy next
+[[!toc levels=3]]
 
 # My rig
 
@@ -60,34 +50,43 @@ wiki.net/index.php?title=File:Quad-sketch0001.jpg "Enlarge")
 
 A sketch of my antenna
 
-Mast  
----  
-Part  |  Amount  |  Where  |  Weight  |  Price  |  Notes   
-tripod  |  1  |  addison  |  ?  |  45.56$  |  ~2' x 2'   
-3m steel pole  |  1  |  downstairs  |  ?  |  0$  |  to connect the boom and tripod, 1-1¼"   
-sandbags  |  3  |  home depot  |  30kg ea.  |  10.76$  |  one per leg   
-plywood  |  3'x4'  |  attic  |  ?  |  0$  |  ~~1' x 2' used for the beam/pole fitting~~ \- found some   
-Mast clamps (1"3/4) |  4  |  hardware store  |  ?  |  4.92$  |  to connect the boom with the mast, bigger mast, 1.23¢ ea   
-Mast clamps (1"3/8) |  2  |  hardware store  |  ?  |  1.60$  |  to connect the boom with the mast, 80¢ ea   
-guy rope  |  2x100'  |  hardware store  |  ?  |  63.98$  |  to secure the mast, using poplypropylene/nylon rope, each line should support around 300lbs of pressure, enough for the 500lbs of pressure with a 90mph wind   
+Mast:
+
+| Part                | Amount | Where          | Weight   | Price  | Notes                                                                                                                                                           |
+|---------------------|--------|----------------|----------|--------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| tripod              | 1      | addison        | ?        | 45.56$ | ~2' x 2'                                                                                                                                                        |
+| 3m steel pole       | 1      | downstairs     | ?        | 0$     | to connect the boom and tripod, 1-1¼"                                                                                                                           |
+| sandbags            | 3      | home depot     | 30kg ea. | 10.76$ | one per leg                                                                                                                                                     |
+| plywood             | 3'x4'  | attic          | ?        | 0$     | ~~1' x 2' used for the beam/pole fitting~~ \- found some                                                                                                        |
+| Mast clamps (1"3/4) | 4      | hardware store | ?        | 4.92$  | to connect the boom with the mast, bigger mast, 1.23¢ ea                                                                                                        |
+| Mast clamps (1"3/8) | 2      | hardware store | ?        | 1.60$  | to connect the boom with the mast, 80¢ ea                                                                                                                       |
+| guy rope            | 2x100' | hardware store | ?        | 63.98$ | to secure the mast, using poplypropylene/nylon rope, each line should support around 300lbs of pressure, enough for the 500lbs of pressure with a 90mph wind    |
+
 Antenna and accessories  
-Part  |  Amount  |  Where  |  Weight  |  Price  |  Notes   
-1" hose clamps  |  8  |  home depot  |  ?  |  ?  |  to tie the antenna line to the spreaders   
-tie wraps, small  |  100  |  hardware store  |  ?  |  3.09$  |  to tie the antenna line to the spreaders   
-2"½ hose clamps  |  19  |  hardware store  |  ?  |  26.41$  |  to tie-up the boom together (2), the spreaders to the spider (8) and the spreaders themselves (8), +spare (1)   
-8"x½" plastic tube  |  1  |  home depot  |  ~0  |  0$ |  for spreader/wire attachment - found some   
-15' 1¼" fiberglass  |  8  |  [mgs4u.com](http://web.archive.org/web/20190209012421/http://www.mgs4u.com/fiberglass-cubical-quad-spreaders.htm) (type 1)  |  17.6lbs  |  ~160$ - actual: 255$CAD (!!)  |  4.4lbs ea, unit price 19.80$   
-Clamps  |  10-pack  |  [dxengineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=1868&PLID=161&SecID=129&DeptID=36&PartNo=DXE-CPC-375) |  ~0  |  14.95$  |  to secure the feedline   
-4m aluminium boom  |  2  |  [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=5107&PLID=364&SecID=136&DeptID=43&PartNo=DXE-AT1492) |  2.5lbs  |  24.90$  |   
-500' of wiring  |  1  |  [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=2012&PLID=159&SecID=77&DeptID=40&PartNo=DXE-ANTW-500) |  N/A  |  74.95$  |  only parts of this will be used (120' to be more precise)   
-U clamps and bolts  |  4  |  ~~home depot~~ [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/) |  ~0  |  0$  |  included in the beam/pole fitting   
-boom/pole plate  |  1  |  [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/) |  ?  |  45$ + 30$ shipping  |  need to drill holes, includes reinforcement pole   
-spider  |  2  |  [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/) |  2.3lbs  |  70$USD  |  14oz ea. 40$/ea, seems strong and sturdy, and Rick helped me through email, let's try!   
+
+| Part               | Amount  | Where                                                                                                                                                      | Weight  | Price                        | Notes                                                                                                            |
+|--------------------|---------|------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|------------------------------|------------------------------------------------------------------------------------------------------------------|
+| 1" hose clamps     | 8       | home depot                                                                                                                                                 | ?       | ?                            | to tie the antenna line to the spreaders                                                                         |
+| tie wraps, small   | 100     | hardware store                                                                                                                                             | ?       | 3.09$                        | to tie the antenna line to the spreaders                                                                         |
+| 2"½ hose clamps    | 19      | hardware store                                                                                                                                             | ?       | 26.41$                       | to tie-up the boom together (2), the spreaders to the spider (8) and the spreaders themselves (8), +spare (1)    |
+| 8"x½" plastic tube | 1       | home depot                                                                                                                                                 | ~0      | 0$                           | for spreader/wire attachment - found some                                                                        |
+| 15' 1¼" fiberglass | 8       | [mgs4u.com](http://web.archive.org/web/20190209012421/http://www.mgs4u.com/fiberglass-cubical-quad-spreaders.htm) (type 1)                                 | 17.6lbs | ~160$ - actual: 255$CAD (!!) | 4.4lbs ea, unit price 19.80$                                                                                     |
+| Clamps             | 10-pack | [dxengineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=1868&PLID=161&SecID=129&DeptID=36&PartNo=DXE-CPC-375)  | ~0      | 14.95$                       | to secure the feedline                                                                                           |
+| 4m aluminium boom  | 2       | [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=5107&PLID=364&SecID=136&DeptID=43&PartNo=DXE-AT1492)  | 2.5lbs  | 24.90$                       |                                                                                                                  |
+| 500' of wiring     | 1       | [DX engineering](http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=2012&PLID=159&SecID=77&DeptID=40&PartNo=DXE-ANTW-500) | N/A     | 74.95$                       | only parts of this will be used (120' to be more precise)                                                        |
+| U clamps and bolts | 4       | ~~home depot~~ [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                           | ~0      | 0$                           | included in the beam/pole fitting                                                                                |
+| boom/pole plate    | 1       | [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                                          | ?       | 45$ + 30$ shipping           | need to drill holes, includes reinforcement pole                                                                 |
+| spider             | 2       | [Rick Adams](http://web.archive.org/web/20190209012421/http://www.rickadams.net/)                                                                          | 2.3lbs  | 70$USD                       | 14oz ea. 40$/ea, seems strong and sturdy, and Rick helped me through email, let's try!                           |
+
 Antenna (parts in shipping)  
+
 Nothing!  
+
 Antenna (parts to order)  
-Part  |  Amount  |  Where  |  Weight  |  Price  |  Notes   
-more sandbags?  |  3  |  hardware store  |  ?  |  ?  |  to attach the tower?   
+
+| Part           | Amount | Where          | Weight | Price | Notes                   |
+|----------------|--------|----------------|--------|-------|-------------------------|
+| more sandbags? | 3      | hardware store | ?      | ?     | to attach the tower?    |
   
 Total planned price: ~373.77$
 
@@ -109,14 +108,14 @@ Waiting for parts to be shipped and for the rain to stop.
 Those parts were considered during the design phase but were discarded for
 various reasons.
 
-Part  |  Amount  |  Where  |  Price  |  Notes   
----|---|---|---|---  
-welding wire aluminium  |  270' spool  |  [canadian tire](http://web.archive.org/web/20190209012421/http://www.canadiantire.ca/AST/browse/6/Tools/WeldingSoldering/AccessoriesRodsWire.jsp)?  |  ?  |  example: [Aluminium 5356 MIG alloy](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx) \- too hard to find   
-~~4m 1"PVC~~ |  1  |  home depot  |  ?  |  according to Rick, this could create interference   
-~~5-way 1"PVC conn.~~ |  2  |  [creativeshelters.com](http://web.archive.org/web/20190209012421/http://www.creativeshelters.com/Fittings/PVC-Structure-Fitting.aspx) |  3.08$  |  couldn't order, they don't accept canadian zip codes, and shipping is 30$ anyways, and I don't trust PVC   
-~~1"x½" copper pipe~~ |  8  |  home depot  |  ~5$  |  we'll use tie-wraps instead for spreader/wire attachment   
-~~8m ½"PVC~~ |  4  |  home depot  |  ?  |  PVC pipes are too flexible to hold properly, we need fiberglass   
-~~AUG 12 copper wire~~ |  44.4m  |  ???  |  29.32$ (addison?) 48.64$ pour 2x12 22m (dubo)  |  ~~addison doesn't have bare wire, and[dubo](http://web.archive.org/web/20190209012421/http://www.dubo.qc.ca/) only has bare up to 8 gage, too big (it's mainly for grounds)~~ copper wire never comes bare, and i may have better luck finding mig soldering wire like [Aluminium-5356](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx)  
+| Part                   | Amount     | Where                                                                                                                                              | Price                                         | Notes                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+|------------------------|------------|----------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| welding wire aluminium | 270' spool | [canadian tire](http://web.archive.org/web/20190209012421/http://www.canadiantire.ca/AST/browse/6/Tools/WeldingSoldering/AccessoriesRodsWire.jsp)? | ?                                             | example: [Aluminium 5356 MIG alloy](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx) \- too hard to find                                                                                                                                                                                                                                   |
+| ~~4m 1"PVC~~           | 1          | home depot                                                                                                                                         | ?                                             | according to Rick, this could create interference                                                                                                                                                                                                                                                                                                                                                                                     |
+| ~~5-way 1"PVC conn.~~  | 2          | [creativeshelters.com](http://web.archive.org/web/20190209012421/http://www.creativeshelters.com/Fittings/PVC-Structure-Fitting.aspx)              | 3.08$                                         | couldn't order, they don't accept canadian zip codes, and shipping is 30$ anyways, and I don't trust PVC                                                                                                                                                                                                                                                                                                                              |
+| ~~1"x½" copper pipe~~  | 8          | home depot                                                                                                                                         | ~5$                                           | we'll use tie-wraps instead for spreader/wire attachment                                                                                                                                                                                                                                                                                                                                                                              |
+| ~~8m ½"PVC~~           | 4          | home depot                                                                                                                                         | ?                                             | PVC pipes are too flexible to hold properly, we need fiberglass                                                                                                                                                                                                                                                                                                                                                                       |
+| ~~AUG 12 copper wire~~ | 44.4m      | ???                                                                                                                                                | 29.32$ (addison?) 48.64$ pour 2x12 22m (dubo) | ~~addison doesn't have bare wire, and[dubo](http://web.archive.org/web/20190209012421/http://www.dubo.qc.ca/) only has bare up to 8 gage, too big (it's mainly for grounds)~~ copper wire never comes bare, and i may have better luck finding mig soldering wire like [Aluminium-5356](http://web.archive.org/web/20190209012421/http://www.harrisproductsgroup.com/en/Products/Alloys/Welding/Aluminum-Alloy/Alloy-5356-MIG.aspx)   |
   
 I had a lot of problems finding proper parts (pipes, raw materials like wiring
 and so on) in Montreal, which made building the antenna quite tricky, as a lot
@@ -158,21 +157,11 @@ wiki.net/index.php?title=Software "Software")
     * [http://packages.debian.org/gpredict](http://web.archive.org/web/20190209012421/http://packages.debian.org/gpredict)
     * [http://packages.debian.org/minimuf](http://web.archive.org/web/20190209012421/http://packages.debian.org/minimuf) \- allows you to compute the WikiPedia:MUF depending on salar activity and so on, but has an unusuable interface (you need to enter a series of digits... how about a GUI?!)
     * [http://packages.debian.org/gcb](http://web.archive.org/web/20190209012421/http://packages.debian.org/gcb) \- calculates the right angle for your antenna
-    * [http://packages.debian.org/xplanet](http://web.archive.org/web/20190209012421/http://packages.debian.org/xplanet) \- can show azimuthal projections of the earth on your background, screensaver or window - I use this in myxsession:
-
-    
-    
-      xplanet -latitude 45.5 -longitude -73.66 -wait 60 -label -projection azimuthal -fork -radius 90
-    
-
+    * [http://packages.debian.org/xplanet](http://web.archive.org/web/20190209012421/http://packages.debian.org/xplanet) \- can show azimuthal projections of the earth on your background, screensaver or window - I use this in myxsession: `xplanet -latitude 45.5 -longitude -73.66 -wait 60 -label -projection azimuthal -fork -radius 90`
   * testing tools 
-    * [http://packages.debian.org/ibp](http://web.archive.org/web/20190209012421/http://packages.debian.org/ibp) \- very useful for training to receive distant comms: show you which beacon is active when, with a map
-
-    
-    
-      ibp FN35EM
-    
-
+    * [http://packages.debian.org/ibp](http://web.archive.org/web/20190209012421/http://packages.debian.org/ibp) \- very useful for training
+      to receive distant comms: show you which beacon is active when,
+      with a map `ibp FN35EM`
   * packet: 
     * [http://packages.debian.org/gmfsk](http://web.archive.org/web/20190209012421/http://packages.debian.org/gmfsk) \- for packet radio
     * [http://packages.debian.org/fldigi](http://web.archive.org/web/20190209012421/http://packages.debian.org/fldigi) \- also looks interesting and fairly complete, not tested

diff --git a/services/ham.html b/services/ham.html
deleted file mode 100644
index 476215e8..00000000
--- a/services/ham.html
+++ /dev/null
@@ -1,407 +0,0 @@
-<div id="mw-content-text" lang="en" dir="ltr" class="mw-content-ltr"><p>I am <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/https://wiki.koumbit.net/TheAnarcat">anarcat</a>. I just passed my basic qualitification in Canada, with honors (so I can operate HF), yay! I am now AKA VA2ANK. -- <strong class="selflink">TheAnarcat</strong> 21:50, 10 October 2010 (CDT)
-</p>
-<div id="toc" class="toc"><div id="toctitle"><h2>Contents</h2></div>
-<ul>
-<li class="toclevel-1 tocsection-1"><a href="#My_rig"><span class="tocnumber">1</span> <span class="toctext">My rig</span></a>
-<ul>
-<li class="toclevel-2 tocsection-2"><a href="#New_quad_antenna_project"><span class="tocnumber">1.1</span> <span class="toctext">New quad antenna project</span></a>
-<ul>
-<li class="toclevel-3 tocsection-3"><a href="#Parts_list"><span class="tocnumber">1.1.1</span> <span class="toctext">Parts list</span></a></li>
-<li class="toclevel-3 tocsection-4"><a href="#Notes"><span class="tocnumber">1.1.2</span> <span class="toctext">Notes</span></a></li>
-<li class="toclevel-3 tocsection-5"><a href="#Current_blocker.28s.29"><span class="tocnumber">1.1.3</span> <span class="toctext">Current blocker(s)</span></a></li>
-<li class="toclevel-3 tocsection-6"><a href="#Discarded_approaches"><span class="tocnumber">1.1.4</span> <span class="toctext">Discarded approaches</span></a></li>
-</ul>
-</li>
-</ul>
-</li>
-<li class="toclevel-1 tocsection-7"><a href="#R.C3.A9f.C3.A9rences"><span class="tocnumber">2</span> <span class="toctext">Références</span></a>
-<ul>
-<li class="toclevel-2 tocsection-8"><a href="#Software"><span class="tocnumber">2.1</span> <span class="toctext">Software</span></a></li>
-</ul>
-</li>
-<li class="toclevel-1 tocsection-9"><a href="#Stuff_to_buy_next"><span class="tocnumber">3</span> <span class="toctext">Stuff to buy next</span></a></li>
-</ul>
-</div>
-
-<h1><span class="mw-headline" id="My_rig">My rig</span></h1>
-<ul><li> Transceiver:
-<ul><li> Yaesu FT-100D - <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&amp;item=180565016542&amp;ssPageName=STRK:MEWNX:IT">499$ on ebay</a> - actual price: ~570$ (to be verified)</li></ul></li>
-<li> Antennas and gizmos at radioworld, first pass:
-<ul><li> MFJ-941E - antenna tuner and switch <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=2885">155$ at radioworld</a></li>
-<li> MAP-G5RV 1/2 - G5RV 50' dipole antenna (10-40m) <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?manufacturers_id=121&amp;products_id=7788">85$ at radioworld</a></li>
-<li> <del>J146/440 - dual band VHF/UHF antenna (2m-70cm) <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_191_193&amp;products_id=886">40$ at radioworld</a></del> /!\ backorder</li>
-<li> 100' of RG8 coax cabling <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&amp;products_id=6831">65$ at radioworld</a></li>
-<li> <del>MFJ-260C - 300W dummy load  0-150Mhz dry <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=8098">50$ at radiowrodl</a></del> built into the tuner now</li>
-<li> 3 PL259 connectors <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&amp;products_id=3244">4$ at radioworld</a></li>
-<li> Total, incl. shipping: 452.35$</li></ul></li>
-<li> Ferrites: ~40$ + 24$ customs fees (PN: 2643167851 from <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.ibselectronics.com/search_r.asp?mfgpn=2643167851">IBS electronics</a>)</li>
-<li> A shitload of PL259 connectors, usually around 2$ each</li>
-<li> Documentation:
-<ul><li> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.coaxpublications.ca/">Canadian Amateur Radio Basic Qualification Study Guide</a>: 40$</li>
-<li> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/https://www.rac.ca/store/operating-manual.htm">The RAC Operating Manual</a>: 42$ (note: i didn't find this one really useful)</li>
-<li> ARRL Handbook 2011, Softcover: 49.95$USD</li>
-<li> ARRL Antenna Book: 44.95$USD</li></ul></li>
-<li> Total rig cost so far: 1242.60$ (not counting the quad project below)</li></ul>
-<p>I uploaded a few photos <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://photos.anarcat.koumbit.org/main.php?g2_itemId=4619">in this album</a>.
-</p>
-<h2><span class="mw-headline" id="New_quad_antenna_project">New quad antenna project</span></h2>
-<p>I am working on building a new antenna. It is based on <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.hamuniverse.com/n1uue2el1011quad.html">this design</a>, which uses a mix of PVC pipes and fiberglass rods, except I adapt it to a 20m antenna and replace the PVC with aluminium for solidity. It should be possible to take the antenna apart and rebuild it if necessary.
-</p>
-<h3><span class="mw-headline" id="Parts_list">Parts list</span></h3>
-<div class="thumb tright"><div class="thumbinner" style="width:402px;"><a href="/web/20190209012421/http://www.amateur-radio-wiki.net/index.php?title=File:Quad-sketch0001.jpg" class="image"><img alt="" src="/web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/400px-Quad-sketch0001.jpg" width="400" height="527" class="thumbimage" srcset="/web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/600px-Quad-sketch0001.jpg 1.5x, /web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/800px-Quad-sketch0001.jpg 2x"></a>  <div class="thumbcaption"><div class="magnify"><a href="/web/20190209012421/http://www.amateur-radio-wiki.net/index.php?title=File:Quad-sketch0001.jpg" class="internal" title="Enlarge"></a></div>A sketch of my antenna</div></div></div>
-<table class="wikitable">
-<caption>
-</caption>
-<tbody><tr>
-<th colspan="6">Mast
-</th>
-</tr></tbody><caption>
-</caption>
-<tbody><tr><th> Part               </th>
-<th> Amount </th>
-<th> Where </th>
-<th> Weight </th>
-<th> Price </th>
-<th> Notes
-</th></tr>
-<tr>
-<td> tripod             </td>
-<td> 1    </td>
-<td> addison    </td>
-<td>&nbsp;? </td>
-<td> 45.56$ </td>
-<td> ~2' x 2'
-</td></tr>
-<tr>
-<td> 3m steel pole      </td>
-<td> 1    </td>
-<td> downstairs </td>
-<td>&nbsp;? </td>
-<td> 0$ </td>
-<td> to connect the boom and tripod, 1-1¼"
-</td></tr>
-<tr>
-<td> sandbags           </td>
-<td> 3    </td>
-<td> home depot </td>
-<td> 30kg ea. </td>
-<td> 10.76$ </td>
-<td> one per leg
-</td></tr>
-<tr>
-<td> plywood            </td>
-<td> 3'x4' </td>
-<td> attic </td>
-<td>&nbsp;? </td>
-<td> 0$ </td>
-<td> <s>1' x 2' used for the beam/pole fitting</s> - found some
-</td></tr>
-<tr>
-<td> Mast clamps (1"3/4)</td>
-<td> 4 </td>
-<td> hardware store </td>
-<td>&nbsp;? </td>
-<td> 4.92$ </td>
-<td> to connect the boom with the mast, bigger mast, 1.23¢ ea
-</td></tr>
-<tr>
-<td> Mast clamps (1"3/8)</td>
-<td> 2 </td>
-<td> hardware store </td>
-<td>&nbsp;? </td>
-<td> 1.60$ </td>
-<td> to connect the boom with the mast, 80¢ ea
-</td></tr>
-<tr>
-<td> guy rope           </td>
-<td> 2x100' </td>
-<td> hardware store </td>
-<td>&nbsp;? </td>
-<td> 63.98$ </td>
-<td> to secure the mast, using poplypropylene/nylon rope, each line should support around 300lbs of pressure, enough for the 500lbs of pressure with a 90mph wind
-</td>
-</tr></tbody><caption>
-</caption>
-<tbody><tr><th colspan="6">Antenna and accessories
-</th>
-</tr></tbody><caption>
-</caption>
-<tbody><tr><th> Part               </th>
-<th> Amount </th>
-<th> Where </th>
-<th> Weight </th>
-<th> Price </th>
-<th> Notes
-</th></tr>
-<tr>
-<td> 1" hose clamps        </td>
-<td> 8    </td>
-<td> home depot </td>
-<td>&nbsp;? </td>
-<td>&nbsp;? </td>
-<td> to tie the antenna line to the spreaders
-</td></tr>
-<tr>
-<td> tie wraps, small   </td>
-<td> 100 </td>
-<td> hardware store </td>
-<td>&nbsp;? </td>
-<td> 3.09$ </td>
-<td> to tie the antenna line to the spreaders
-</td></tr>
-<tr>
-<td> 2"½ hose clamps    </td>
-<td> 19 </td>
-<td> hardware store </td>
-<td>&nbsp;? </td>
-<td> 26.41$ </td>
-<td> to tie-up the boom together (2), the spreaders to the spider (8) and the spreaders themselves (8), +spare (1)
-</td></tr>
-<tr>
-<td> 8"x½" plastic tube </td>
-<td> 1    </td>
-<td> home depot </td>
-<td> ~0 </td>
-<td>  0$</td>
-<td> for spreader/wire attachment - found some
-</td></tr>
-<tr>
-<td> 15' 1¼" fiberglass </td>
-<td> 8    </td>
-<td> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.mgs4u.com/fiberglass-cubical-quad-spreaders.htm">mgs4u.com</a> (type 1) </td>
-<td> 17.6lbs </td>
-<td> ~160$ - actual: 255$CAD (!!)  </td>
-<td> 4.4lbs ea, unit price 19.80$
-</td></tr>
-<tr>
-<td> Clamps     </td>
-<td> 10-pack </td>
-<td> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=1868&amp;PLID=161&amp;SecID=129&amp;DeptID=36&amp;PartNo=DXE-CPC-375">dxengineering</a> </td>
-<td> ~0 </td>
-<td> 14.95$ </td>
-<td> to secure the feedline
-</td></tr>
-<tr>
-<td> 4m aluminium boom  </td>
-<td> 2     </td>
-<td>  <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=5107&amp;PLID=364&amp;SecID=136&amp;DeptID=43&amp;PartNo=DXE-AT1492">DX engineering</a> </td>
-<td> 2.5lbs </td>
-<td> 24.90$ </td>
-<td>
-</td></tr>
-<tr>
-<td> 500' of wiring     </td>
-<td> 1     </td>

(Diff truncated)

diff --git a/services/ham.html b/services/ham.html
new file mode 100644
index 00000000..476215e8
--- /dev/null
+++ b/services/ham.html
@@ -0,0 +1,407 @@
+<div id="mw-content-text" lang="en" dir="ltr" class="mw-content-ltr"><p>I am <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/https://wiki.koumbit.net/TheAnarcat">anarcat</a>. I just passed my basic qualitification in Canada, with honors (so I can operate HF), yay! I am now AKA VA2ANK. -- <strong class="selflink">TheAnarcat</strong> 21:50, 10 October 2010 (CDT)
+</p>
+<div id="toc" class="toc"><div id="toctitle"><h2>Contents</h2></div>
+<ul>
+<li class="toclevel-1 tocsection-1"><a href="#My_rig"><span class="tocnumber">1</span> <span class="toctext">My rig</span></a>
+<ul>
+<li class="toclevel-2 tocsection-2"><a href="#New_quad_antenna_project"><span class="tocnumber">1.1</span> <span class="toctext">New quad antenna project</span></a>
+<ul>
+<li class="toclevel-3 tocsection-3"><a href="#Parts_list"><span class="tocnumber">1.1.1</span> <span class="toctext">Parts list</span></a></li>
+<li class="toclevel-3 tocsection-4"><a href="#Notes"><span class="tocnumber">1.1.2</span> <span class="toctext">Notes</span></a></li>
+<li class="toclevel-3 tocsection-5"><a href="#Current_blocker.28s.29"><span class="tocnumber">1.1.3</span> <span class="toctext">Current blocker(s)</span></a></li>
+<li class="toclevel-3 tocsection-6"><a href="#Discarded_approaches"><span class="tocnumber">1.1.4</span> <span class="toctext">Discarded approaches</span></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toclevel-1 tocsection-7"><a href="#R.C3.A9f.C3.A9rences"><span class="tocnumber">2</span> <span class="toctext">Références</span></a>
+<ul>
+<li class="toclevel-2 tocsection-8"><a href="#Software"><span class="tocnumber">2.1</span> <span class="toctext">Software</span></a></li>
+</ul>
+</li>
+<li class="toclevel-1 tocsection-9"><a href="#Stuff_to_buy_next"><span class="tocnumber">3</span> <span class="toctext">Stuff to buy next</span></a></li>
+</ul>
+</div>
+
+<h1><span class="mw-headline" id="My_rig">My rig</span></h1>
+<ul><li> Transceiver:
+<ul><li> Yaesu FT-100D - <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&amp;item=180565016542&amp;ssPageName=STRK:MEWNX:IT">499$ on ebay</a> - actual price: ~570$ (to be verified)</li></ul></li>
+<li> Antennas and gizmos at radioworld, first pass:
+<ul><li> MFJ-941E - antenna tuner and switch <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=2885">155$ at radioworld</a></li>
+<li> MAP-G5RV 1/2 - G5RV 50' dipole antenna (10-40m) <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?manufacturers_id=121&amp;products_id=7788">85$ at radioworld</a></li>
+<li> <del>J146/440 - dual band VHF/UHF antenna (2m-70cm) <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_191_193&amp;products_id=886">40$ at radioworld</a></del> /!\ backorder</li>
+<li> 100' of RG8 coax cabling <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&amp;products_id=6831">65$ at radioworld</a></li>
+<li> <del>MFJ-260C - 300W dummy load  0-150Mhz dry <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?products_id=8098">50$ at radiowrodl</a></del> built into the tuner now</li>
+<li> 3 PL259 connectors <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://radioworld.ca/product_info.php?cPath=73_394&amp;products_id=3244">4$ at radioworld</a></li>
+<li> Total, incl. shipping: 452.35$</li></ul></li>
+<li> Ferrites: ~40$ + 24$ customs fees (PN: 2643167851 from <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.ibselectronics.com/search_r.asp?mfgpn=2643167851">IBS electronics</a>)</li>
+<li> A shitload of PL259 connectors, usually around 2$ each</li>
+<li> Documentation:
+<ul><li> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.coaxpublications.ca/">Canadian Amateur Radio Basic Qualification Study Guide</a>: 40$</li>
+<li> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/https://www.rac.ca/store/operating-manual.htm">The RAC Operating Manual</a>: 42$ (note: i didn't find this one really useful)</li>
+<li> ARRL Handbook 2011, Softcover: 49.95$USD</li>
+<li> ARRL Antenna Book: 44.95$USD</li></ul></li>
+<li> Total rig cost so far: 1242.60$ (not counting the quad project below)</li></ul>
+<p>I uploaded a few photos <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://photos.anarcat.koumbit.org/main.php?g2_itemId=4619">in this album</a>.
+</p>
+<h2><span class="mw-headline" id="New_quad_antenna_project">New quad antenna project</span></h2>
+<p>I am working on building a new antenna. It is based on <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.hamuniverse.com/n1uue2el1011quad.html">this design</a>, which uses a mix of PVC pipes and fiberglass rods, except I adapt it to a 20m antenna and replace the PVC with aluminium for solidity. It should be possible to take the antenna apart and rebuild it if necessary.
+</p>
+<h3><span class="mw-headline" id="Parts_list">Parts list</span></h3>
+<div class="thumb tright"><div class="thumbinner" style="width:402px;"><a href="/web/20190209012421/http://www.amateur-radio-wiki.net/index.php?title=File:Quad-sketch0001.jpg" class="image"><img alt="" src="/web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/400px-Quad-sketch0001.jpg" width="400" height="527" class="thumbimage" srcset="/web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/600px-Quad-sketch0001.jpg 1.5x, /web/20190209012421im_/http://www.amateur-radio-wiki.net/images/thumb/7/70/Quad-sketch0001.jpg/800px-Quad-sketch0001.jpg 2x"></a>  <div class="thumbcaption"><div class="magnify"><a href="/web/20190209012421/http://www.amateur-radio-wiki.net/index.php?title=File:Quad-sketch0001.jpg" class="internal" title="Enlarge"></a></div>A sketch of my antenna</div></div></div>
+<table class="wikitable">
+<caption>
+</caption>
+<tbody><tr>
+<th colspan="6">Mast
+</th>
+</tr></tbody><caption>
+</caption>
+<tbody><tr><th> Part               </th>
+<th> Amount </th>
+<th> Where </th>
+<th> Weight </th>
+<th> Price </th>
+<th> Notes
+</th></tr>
+<tr>
+<td> tripod             </td>
+<td> 1    </td>
+<td> addison    </td>
+<td>&nbsp;? </td>
+<td> 45.56$ </td>
+<td> ~2' x 2'
+</td></tr>
+<tr>
+<td> 3m steel pole      </td>
+<td> 1    </td>
+<td> downstairs </td>
+<td>&nbsp;? </td>
+<td> 0$ </td>
+<td> to connect the boom and tripod, 1-1¼"
+</td></tr>
+<tr>
+<td> sandbags           </td>
+<td> 3    </td>
+<td> home depot </td>
+<td> 30kg ea. </td>
+<td> 10.76$ </td>
+<td> one per leg
+</td></tr>
+<tr>
+<td> plywood            </td>
+<td> 3'x4' </td>
+<td> attic </td>
+<td>&nbsp;? </td>
+<td> 0$ </td>
+<td> <s>1' x 2' used for the beam/pole fitting</s> - found some
+</td></tr>
+<tr>
+<td> Mast clamps (1"3/4)</td>
+<td> 4 </td>
+<td> hardware store </td>
+<td>&nbsp;? </td>
+<td> 4.92$ </td>
+<td> to connect the boom with the mast, bigger mast, 1.23¢ ea
+</td></tr>
+<tr>
+<td> Mast clamps (1"3/8)</td>
+<td> 2 </td>
+<td> hardware store </td>
+<td>&nbsp;? </td>
+<td> 1.60$ </td>
+<td> to connect the boom with the mast, 80¢ ea
+</td></tr>
+<tr>
+<td> guy rope           </td>
+<td> 2x100' </td>
+<td> hardware store </td>
+<td>&nbsp;? </td>
+<td> 63.98$ </td>
+<td> to secure the mast, using poplypropylene/nylon rope, each line should support around 300lbs of pressure, enough for the 500lbs of pressure with a 90mph wind
+</td>
+</tr></tbody><caption>
+</caption>
+<tbody><tr><th colspan="6">Antenna and accessories
+</th>
+</tr></tbody><caption>
+</caption>
+<tbody><tr><th> Part               </th>
+<th> Amount </th>
+<th> Where </th>
+<th> Weight </th>
+<th> Price </th>
+<th> Notes
+</th></tr>
+<tr>
+<td> 1" hose clamps        </td>
+<td> 8    </td>
+<td> home depot </td>
+<td>&nbsp;? </td>
+<td>&nbsp;? </td>
+<td> to tie the antenna line to the spreaders
+</td></tr>
+<tr>
+<td> tie wraps, small   </td>
+<td> 100 </td>
+<td> hardware store </td>
+<td>&nbsp;? </td>
+<td> 3.09$ </td>
+<td> to tie the antenna line to the spreaders
+</td></tr>
+<tr>
+<td> 2"½ hose clamps    </td>
+<td> 19 </td>
+<td> hardware store </td>
+<td>&nbsp;? </td>
+<td> 26.41$ </td>
+<td> to tie-up the boom together (2), the spreaders to the spider (8) and the spreaders themselves (8), +spare (1)
+</td></tr>
+<tr>
+<td> 8"x½" plastic tube </td>
+<td> 1    </td>
+<td> home depot </td>
+<td> ~0 </td>
+<td>  0$</td>
+<td> for spreader/wire attachment - found some
+</td></tr>
+<tr>
+<td> 15' 1¼" fiberglass </td>
+<td> 8    </td>
+<td> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.mgs4u.com/fiberglass-cubical-quad-spreaders.htm">mgs4u.com</a> (type 1) </td>
+<td> 17.6lbs </td>
+<td> ~160$ - actual: 255$CAD (!!)  </td>
+<td> 4.4lbs ea, unit price 19.80$
+</td></tr>
+<tr>
+<td> Clamps     </td>
+<td> 10-pack </td>
+<td> <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=1868&amp;PLID=161&amp;SecID=129&amp;DeptID=36&amp;PartNo=DXE-CPC-375">dxengineering</a> </td>
+<td> ~0 </td>
+<td> 14.95$ </td>
+<td> to secure the feedline
+</td></tr>
+<tr>
+<td> 4m aluminium boom  </td>
+<td> 2     </td>
+<td>  <a rel="nofollow" class="external text" href="http://web.archive.org/web/20190209012421/http://www.dxengineering.com/Parts.asp?ID=5107&amp;PLID=364&amp;SecID=136&amp;DeptID=43&amp;PartNo=DXE-AT1492">DX engineering</a> </td>
+<td> 2.5lbs </td>
+<td> 24.90$ </td>
+<td>
+</td></tr>
+<tr>
+<td> 500' of wiring     </td>
+<td> 1     </td>

(Diff truncated)

diff --git a/communication/photo.mdwn b/communication/photo.mdwn
index 6b57bcd3..40ed1379 100644
--- a/communication/photo.mdwn
+++ b/communication/photo.mdwn
@@ -42,4 +42,4 @@ Calendrier
 J'ai fait un projet élaboré de calendrier regroupant mes meilleures
 photo de l'année, incluant montage et impression, voir:
 
-[[!map pages="page(calendes/*)"]]
+[[!map pages="page(communication/photo/calendes/*)"]]

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 0b85923f..9807afa9 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -1,4 +1,5 @@
-I started playing around with [meshtastic](https://meshtastic.org/).
+After reading this [LWN review][] and being poked a few times by
+friends, I started playing around with [meshtastic](https://meshtastic.org/).
 
 [[!toc levels=3]]
 
@@ -274,7 +275,7 @@ like forward-secrecy, authentication, or integrity, see the
 threat vector as, for example, if someone knows you wrote "hi" to a
 channel, even if they don't have the encryption key, they can replay
 that "hi" by sending the exact same encrypted packet. Security is
-hard.
+hard. It seems like [Reticulum does this better](https://reticulum.network/crypto.html).
 
 Nodes often transmit other telemetry like GPS location, temperature,
 and other sensors, by default. GPS location precision can be reduced
@@ -314,15 +315,25 @@ mode relatively easily.
 - <https://meshmap.net/>
 - <https://meshtastic.liamcottle.net/> (AKA <https://meshmap.app/>)
 - <https://site.meshtastic.org/>
+- [Canada mesh map](https://map.mt.gt/)
 
 # Links
 
 - <https://www.meshtastic.org/>
-- [Canada mesh map](https://map.mt.gt/)
-- [Canadaverse mesh wiki](https://wiki.mt.gt/), there's also a [Telegram group for Quebec](https://t.me/meshtQuebec).
-- [LWN review](https://lwn.net/Articles/1009782/) (2025)
+- [LWN review][] (2025)
 - [Another meshtastic guide](https://anarchosolarpunk.substack.com/p/encryptedcomms)
 
+[LWN review]: 
+
+# Fellow meshes
+
+- [Canadaverse mesh wiki](https://wiki.mt.gt/)
+- [meshtQuebec (Telegram group)](https://t.me/meshtQuebec)
+- [Puget Mesh](https://pugetmesh.org/): Seattle area, they have their own [MQTT server](https://pugetmesh.org/meshtastic/#mqtt-and-maps)
+  and [map](https://meshtastic.davekeogh.com/), 2274 nodes as of  2025-03-26
+
+See also the [official list of local groups](https://meshtastic.org/docs/community/local-groups/).
+
 # Alternative LoRa networks
 
 - <https://mycelium-mesh.net/> (dead?)

diff --git a/software/zfs.md b/software/zfs.md
index 83e625d8..3542e583 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -490,6 +490,19 @@ package](https://github.com/Gregy/znapzend-debian). It is written in Perl.
 
 [zelta](https://github.com/bellhyve/zelta) is written in Awk. Incomplete, ran with [zfsnap](https://github.com/zfsnap/zfsnap).
 
+### zfs-autobackup
+
+[zfs-autobackup](https://github.com/psy0rz/zfs_autobackup):
+
+ - Python
+ - v3.3 Dec 2024
+ - 14 contributors
+ - compression
+ - (re-)encryption support
+ - rate-limiting
+ - debug/dry-run mode
+ - progressive thinning
+
 ### Other DIY solutions
 
 twb (`#debian-til`) wrote [cyber-zfs-backup](https://github.com/cyberitsolutions/cyber-zfs-backup). It's short (~300

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 857eba67..0b85923f 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -66,6 +66,30 @@ Only downside is it requires a phone, but it's a great device to start
 with as you can just shove it outside for three days and see what you
 pick up.
 
+Make sure you [configure the device](https://wiki.seeedstudio.com/sensecap_t1000_e/#configure-the-parameters): this will bring you
+environment sensors and a neat trick to find the device if lost, see
+below.
+
+### Fun story
+
+I lost that device one day! I had put it on top of a doorframe on the
+second floor to get better range, but when i came back at lunch, it
+wasn't there! I looked around on the floor, couldn't find it... but my
+phone could reach it over Bluetooth, so it was still around somewhere!
+
+So i followed the [upstream guide](https://wiki.seeedstudio.com/sensecap_t1000_e/#configure-the-parameters) to setup the sensors, which
+includes a setting to use the "buzzer" to make sounds when new
+messages are received. So I started sending messages to the card from
+another Meshtastic device (the T-Deck+), which made the thing "buzz",
+and I could hear it!
+
+It wasn't on the second floor anymore though. After about 2 minutes
+and 10 "ping" messages sent, I found it! It had fallen two floors
+down, in the basement stairwell, and here it was ringing... phew!
+
+Seems like it survived the fall too. Amazing little device, and
+Meshtastic success!
+
 ## T-Deck Plus
 
 The [T-Deck Plus](https://lilygo.cc/products/t-deck-plus-1) is another unique platform:

diff --git a/services/meshtastic.md b/services/meshtastic.md
index b2de0e85..857eba67 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -33,7 +33,7 @@ should consult for recommendations, particularly on chipset tradeoffs
 
 I explain below some tests I've made with various devices.
 
-## T100-E
+## SenseCAP Card Tracker T1000-E
 
 The [SenseCAP Card Tracker T1000-E](https://www.seeedstudio.com/SenseCAP-Card-Tracker-T1000-E-for-Meshtastic-p-5913.html) is a neat little device:
 

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 26bf7876..b2de0e85 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -130,6 +130,9 @@ Those I haven't tested yet:
 - the [HELTEC v3](https://heltec.org/project/wifi-lora-32-v3/) might be a more reliable bet as it's listed more
   prominently in Meshtastic docs, also 20$, they also have an [eink
   dev board](https://heltec.org/project/vision-master-e290/)
+- the [RAK19003 base kit](https://store.rakwireless.com/products/wisblock-meshtastic-starter-kit?variant=43884035113158) is also nice. it's more expensive (28$,
+  *without* a case), but a case [can be printed](https://www.printables.com/model/286664-rak19003-micro-case-for-meshtastic), useful if you
+  already order from RAK wireless and need extra kits
 - [Lamp hack](https://hackaday.io/project/194509-harbor-breeze-meshtastic-hack)
 - [Antennas](https://meshtastic.org/docs/hardware/antennas/) vary as well
 - Power is a whole other question, see [power consumption

diff --git a/services/meshtastic.md b/services/meshtastic.md
index f386f029..26bf7876 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -119,7 +119,11 @@ Those I haven't tested yet:
 - [WishMesh Solar Repeater Mini](https://store.rakwireless.com/products/wishmesh-meshtastic-solar-repeater-mini): solar, battery, mast-mountable,
   cheaper, 100$
 - [WisMesh Ethernet Gateway](https://store.rakwireless.com/products/wismesh-ethernet-gateway): no battery, no solar, but ethernet
-  and PoE, [asked about converting this to solar](https://forum.rakwireless.com/t/ethernet-gateway-with-batteries-solar/14601), seems like a project
+  and PoE, [asked about converting this to solar](https://forum.rakwireless.com/t/ethernet-gateway-with-batteries-solar/14601), seems like a
+  project but possible, [HTTP-based management not possible](https://github.com/meshtastic/firmware/issues/2908), so
+  configuration still has to go through Bluetooth, but monitoring is
+  possible over MQTT, and of course the gateway receives and relays
+  messages over LoRa/Meshtastic!
 - Seeedstudio [XIAO ESP32S3 & Wio-SX1262 Kit](https://www.seeedstudio.com/XIAO-ESP32S3-for-Meshtastic-LoRa-with-3D-Printed-Enclosure-p-6314.html): tiny, cheap, - 40℃ ~
   100℃, WiFi 2.4GHz, BLE 5.0 / Mesh, reset/boot button, 22x23x57mm,
   37g, exposed GPIO ports, unclear if has a battery, 20$

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 62a259be..f386f029 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -235,9 +235,15 @@ packets are encrypted, but with a known key.
 *Other* channels seem to use pretty solid encryption, but there's
 likely metadata leakage ("who is talking to who") in cleartext over
 the airwaves that can be easily sniffed by anyone in range. Joining a
-MQTT server makes that even easier to sniff. Note that we're only
-talking about *encryption* here: you don't get things like
-forward-secrecy, authentication, or integrity, see the [encryption section](https://meshtastic.org/docs/overview/encryption/).
+MQTT server makes that even easier to sniff. 
+
+Also note that Meshtastic only does *encryption*: you don't get things
+like forward-secrecy, authentication, or integrity, see the
+[encryption section](https://meshtastic.org/docs/overview/encryption/). This sounds minor, but this is a significant
+threat vector as, for example, if someone knows you wrote "hi" to a
+channel, even if they don't have the encryption key, they can replay
+that "hi" by sending the exact same encrypted packet. Security is
+hard.
 
 Nodes often transmit other telemetry like GPS location, temperature,
 and other sensors, by default. GPS location precision can be reduced

diff --git a/services/meshtastic.md b/services/meshtastic.md
index 38b01f81..62a259be 100644
--- a/services/meshtastic.md
+++ b/services/meshtastic.md
@@ -242,10 +242,15 @@ forward-secrecy, authentication, or integrity, see the [encryption section](http
 Nodes often transmit other telemetry like GPS location, temperature,
 and other sensors, by default. GPS location precision can be reduced
 (say "I'm in Montreal" instead of "I'm at 1234 boulevard
-Saint-Laurent") or completely turned off, but it's still possible to
-triangulate users positions, as with any typical radio
-transmission. The [Meshtastic ZPS](https://github.com/a-f-G-U-C/Meshtastic-ZPS) project even implements this
-deliberately.
+Saint-Laurent") or completely turned off, but it might still possible
+to triangulate device's positions, as with any typical radio
+transmission. LoRa signals are "bursty" and low power, so that's more
+difficult than, say, classic ham radio signals though.
+
+There's a [Meshtastic ZPS](https://github.com/a-f-G-U-C/Meshtastic-ZPS) project that tries to implement GPS-less
+localization, but it's using external positioning systems and
+WiFi/Bluetooth scans instead of a GPS, so it's not triangulation per
+se.
 
 Weak default Bluetooth pairing codes (the "PIN") are often
 [luggage-strength](https://en.wikipedia.org/wiki/Spaceballs) like `1234` or `123456`. They should be changed