RecentChanges

diff --git a/blog/2022-06-17-matrix-notes.md b/blog/2022-06-17-matrix-notes.md
index 948bf023..2caa12af 100644
--- a/blog/2022-06-17-matrix-notes.md
+++ b/blog/2022-06-17-matrix-notes.md
@@ -1217,3 +1217,7 @@ internet]]
 
       Those are not the kind of numbers you just "need to convince a
       brother or sister" to grow the network...
+
+
+<!-- posted to the federation on 2025-03-25T10:30:55.309320 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114223549979121873"]]
\ No newline at end of file

diff --git a/blog/2022-06-17-matrix-notes.md b/blog/2022-06-17-matrix-notes.md
index f76c5178..948bf023 100644
--- a/blog/2022-06-17-matrix-notes.md
+++ b/blog/2022-06-17-matrix-notes.md
@@ -428,7 +428,7 @@ federation, when you bridge a room with another network, you inherit
 all the problems from *that* network but without the entire abuse
 control tools from the original network's API...
 
-## Room admins
+## Room admins hijacking
 
 Matrix, in particular, has the problem that room administrators (which
 have the power to redact messages, ban users, and promote other users)
@@ -464,6 +464,43 @@ researchers](https://nebuchadnezzar-megolm.github.io/) that confirmed the flaw I
 [response from Matrix.org](https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients) has been rather underwhelming, with many
 issues still unaddressed.
 
+## Room admin privilege management
+
+Another issue with room admins is the way privileges are
+granted. Those are, essentially, an integer from 0 to 100, with roles
+associated with certain numbers. For example, a normal "user" is level
+0 (or "privilege level zero", PL0), a "moderator" is level 50 (PL50)
+and an "admin" is PL100.
+
+The problem is that once you escalate a user to a certain privilege,
+you can't demote them. If, for example, Alice promotes Bernard to
+PL100, only Bernard can demote himself from that admin
+privilege. Offboarding, then becomes *really* tricky because you
+essentially need to politely ask Bernard to please relegate their
+powers.
+
+In practice, what most people do is delegate the PL100 / admin
+privilege to bots (like `mjolnir`) or role accounts, but this feels
+really subpar and introduces a single point of failure in the access
+control system.
+
+Matrix argue this is by design: "otherwise you'd never be able to add
+any new people at 100 because they'd be able to take over your channel
+and bump you out". Yet this is how privileges worked on IRC for
+decades and it has actually worked fine. Essentially, now, you can
+never add a PL100 user because you can never bump *them* out, so that
+rationale is somewhat bizarre.
+
+The alternative to removing those admins is to "upgrade" a channel
+with "tombstone" events (see below) but (a) those are not supported by
+all clients and (b) are not exposed in the user interface by default,
+and quite disruptive.
+
+If you run the homeserver where the admin to be remove is, you can of
+course remove that account, but that's also quite disruptive to that
+user, and will not actually remove the user from the access list in
+the room.
+
 # Availability
 
 While Matrix has a strong advantage over Signal in that it's

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 906fa0aa..6ba77a6d 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -130,8 +130,6 @@ rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136
    the Halo96 v2 and Halo75 v2
  * [Field75](https://nuphy.com/collections/keyboards/products/field75): not best in anything ([full review](https://www.rtings.com/keyboard/reviews/nuphy/field75))
 
-# Possible keyboards
-
 ## Keychron
 
 [Keychron](https://www.keychron.com/) - nice wireless keyboards, maybe?
@@ -173,6 +171,70 @@ Note that there's also the "Max" series which, according to rtings:
 > raw performance. The K Max boards also have more layers of internal
 > acoustic material.
 
+Update: I bought this keyboard! It's a little weird: the top-right
+three keys are "screenshot", "siri" and "change the LED colors" which
+seems *really* superfluous. Thankfully, Keychron provides a [git
+repo](https://github.com/Keychron/qmk_firmware) with their firmware and [clear instructions for the K1
+max](https://github.com/Keychron/qmk_firmware/tree/wireless_playground/keyboards/keychron/k1_max). In my case, it was:
+
+    apt install qmk
+    git clone -b wireless_playground https://github.com/Keychron/qmk_firmware
+    cd qmk_firmware
+    sudo apt install $(python3 /usr/share/dh-python/dhpython/pydist.py  requirements.txt | sed 's/,//g')
+
+Then patch the keymap:
+
+```diff
+diff --git i/keyboards/keychron/k1_max/ansi/rgb/keymaps/default/keymap.c w/keyboards/keychron/k1_max/ansi/rgb/keymaps/default/keymap.c
+index e5d5b1aede..e54fdaffd9 100644
+--- i/keyboards/keychron/k1_max/ansi/rgb/keymaps/default/keymap.c
++++ w/keyboards/keychron/k1_max/ansi/rgb/keymaps/default/keymap.c
+@@ -42,7 +42,7 @@ const uint16_t PROGMEM keymaps[][MATRIX_ROWS][MATRIX_COLS] = {
+         _______,  _______,  _______,                                _______,                                _______,  _______,  _______,  _______,  _______,  _______,  _______),
+ 
+     [WIN_BASE] = LAYOUT_ansi_87(
+-        KC_ESC,             KC_F1,    KC_F2,    KC_F3,    KC_F4,    KC_F5,    KC_F6,    KC_F7,    KC_F8,    KC_F9,    KC_F10,   KC_F11,   KC_F12,   KC_PSCR,  KC_CTANA, RGB_MOD,
++        KC_ESC,             KC_F1,    KC_F2,    KC_F3,    KC_F4,    KC_F5,    KC_F6,    KC_F7,    KC_F8,    KC_F9,    KC_F10,   KC_F11,   KC_F12,   KC_PSCR,  KC_SCRL,  KC_PAUS,
+         KC_GRV,   KC_1,     KC_2,     KC_3,     KC_4,     KC_5,     KC_6,     KC_7,     KC_8,     KC_9,     KC_0,     KC_MINS,  KC_EQL,   KC_BSPC,  KC_INS,   KC_HOME,  KC_PGUP,
+         KC_TAB,   KC_Q,     KC_W,     KC_E,     KC_R,     KC_T,     KC_Y,     KC_U,     KC_I,     KC_O,     KC_P,     KC_LBRC,  KC_RBRC,  KC_BSLS,  KC_DEL,   KC_END,   KC_PGDN,
+         KC_CAPS,  KC_A,     KC_S,     KC_D,     KC_F,     KC_G,     KC_H,     KC_J,     KC_K,     KC_L,     KC_SCLN,  KC_QUOT,            KC_ENT,
+```
+
+Build and install it:
+
+    make keychron/k1_max/ansi/rgb:default
+    make keychron/k1_max/ansi/rgb:default:flash
+
+This will ask you to set the keyboard in "bootloader mode". For that,
+unplug the keyboard and plug it again with the <kbd>Esc</kbd> key
+pressed.
+
+Only problem now is the keycaps are wrong, but who looks at those. I'm
+also not quite sure what the keys above <kbd>F3</kbd> and
+<kbd>F4</kbd> are supposed to be. In the layout, it says
+<kbd>KC_TASK</kbd> and <kbd>KC_FILE</kbd> but those are not even in
+the [full keycode list](https://docs.qmk.fm/keycodes) upstream. The latter gets intercepted by
+Sway and moves windows around while the former does... nothing. wev(1)
+seems to say it sends <kbd>Return</kbd> with <kbd>Super_L</kbd> which
+is super weird.
+
+I thought I could customize the default RGB setup since reflashing it
+removes customizations done with the keyboard, but I stopped looking
+at this as I need to do actual work on that thing, not nerd around
+until death tears us apart.
+
+Otherwise pretty cool layout. I'm kind of amazed that I have moved to
+"red" (linear) switches, but those feel (and sound) pretty good. I
+like the small travel and the touch. 
+
+One criticism i have is there's no "bezel" around the keys so you can
+easily rip out keycaps from the keys around the keyboard, they're a
+little too exposed. But it makes the keyboard as small as possible.
+
+I also bought one of them "coiled cables" because I thought it would
+look cool, but that was a bit of a waste: it's too short and I ended
+up reusing the old cable I already had.
+
 # Requirements
 
 ## Layout

diff --git a/blog/2025-03-21-losing-war-internet.md b/blog/2025-03-21-losing-war-internet.md
index dc1c4331..f6c70d72 100644
--- a/blog/2025-03-21-losing-war-internet.md
+++ b/blog/2025-03-21-losing-war-internet.md
@@ -77,6 +77,8 @@ Share your wifi with your neighbours.
 Build a LAN. Throw a wire over to your neighbour too, it works better
 than wireless.
 
+Use [Tor](https://www.torproject.org/). [Run a relay](https://community.torproject.org/relay/), a [snowflake](https://snowflake.torproject.org/), a [webtunnel](https://blog.torproject.org/call-for-webtunnel-bridges/). 
+
 Host a web server. Build a site with a static site generator and throw
 it in the wind.
 
@@ -87,7 +89,7 @@ you want to federate and lose high availability).
 
 At least use [Signal](https://signal.org/), not Whatsapp or Messenger.
 
-And yes, why not, run a mail server.
+And yes, why not, run a mail server, join a mesh.
 
 Don't write new software, there's plenty of that around already.
 
@@ -101,8 +103,13 @@ their own people.
 Otherwise, it's just like sitting in front of the television and
 watching the ads. Opium of the people, like the good old time.
 
+Let a billion droplets build the biggest multitude of clouds that will
+storm over this world and rip apart this fascist conspiracy.
+
 Disobey. Revolt. Build.
 
+We are more than them.
+
 [[!tag debian-planet python-planet hacking network neutrality sysadmin radio]]
 
 

diff --git a/blog/2025-03-21-another-home-outage.md b/blog/2025-03-21-another-home-outage.md
index 3a282799..ac3a6b2c 100644
--- a/blog/2025-03-21-another-home-outage.md
+++ b/blog/2025-03-21-another-home-outage.md
@@ -177,3 +177,7 @@ Times are in UTC-4.
   Montréal and Toronto"
 
 [[!tag debian-planet python-planet debian outage meta fail networking sysadmin]]
+
+
+<!-- posted to the federation on 2025-03-22T00:25:20.116787 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114204181784093630"]]
\ No newline at end of file
diff --git a/blog/2025-03-21-losing-war-internet.md b/blog/2025-03-21-losing-war-internet.md
index 181dd175..dc1c4331 100644
--- a/blog/2025-03-21-losing-war-internet.md
+++ b/blog/2025-03-21-losing-war-internet.md
@@ -104,3 +104,7 @@ watching the ads. Opium of the people, like the good old time.
 Disobey. Revolt. Build.
 
 [[!tag debian-planet python-planet hacking network neutrality sysadmin radio]]
+
+
+<!-- posted to the federation on 2025-03-22T00:25:20.706845 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114204181823947954"]]
\ No newline at end of file

diff --git a/blog/2025-03-21-another-home-outage.md b/blog/2025-03-21-another-home-outage.md
new file mode 100644
index 00000000..3a282799
--- /dev/null
+++ b/blog/2025-03-21-another-home-outage.md
@@ -0,0 +1,179 @@
+[[!meta title="Minor outage at Teksavvy business"]]
+
+This morning, internet was down at home. The last time I had such an
+issue was in [[February 2023|2023-02-08-major-outage]], when my
+provider was Oricom. Now I'm with a business service at Teksavvy
+Internet (TSI), in which I pay 100$ per month for a 250/50 mbps
+business package, with a static IP address, on which I run, well,
+everything: email services, this website, etc.
+
+# Mitigation
+
+## Email
+
+The main problem when the service goes down like this for prolonged
+outages is email. Mail is pretty resilient to failures like this but
+after some delay (which varies according to the other end), mail
+starts to drop. I am actually not sure what the various settings are
+among different providers, but I would assume mail is typically kept
+for about 24h, so that's our mark.
+
+Last time, I setup VMs at Linode and Digital Ocean to deal better with
+this. I have actually kept those VMs running as DNS servers until now,
+so that part is already done.
+
+I had fantasized about Puppetizing the mail server configuration so
+that I could quickly spin up mail exchangers on those machines. But
+now I am realizing that my Puppet server is one of the service that's
+down, so this would not work, at least not unless the manifests can be
+applied without a Puppet server (say with `puppet apply`).
+
+Thankfully, my colleague groente did amazing work to refactor our
+Postfix configuration in Puppet at Tor, and that gave me the
+motivation to reproduce the setup in the lab. So I have finally
+Puppetized part of my mail setup at home. That used to be hand-crafted
+experimental stuff documented in a couple of pages in this wiki, but
+is now being deployed by Puppet.
+
+It's not complete yet: spam filtering (including DKIM checks and
+graylisting) are not implemented yet, but that's the next step,
+presumably to do during the next outage. The setup *should* be
+deployable with `puppet apply`, however, and I have refined that
+mechanism a little bit, with the `run` script.
+
+Heck, it's not even *deployed* yet. But the hard part / grunt work is
+done.
+
+## Other
+
+The outage was "short" enough (5 hours) that I didn't take time to
+deploy the other mitigations I had deployed in the previous incident.
+
+But I'm starting to seriously consider deploying a web (and caching)
+reverse proxy so that I endure such problems more gracefully.
+
+# Side note on proper servics
+
+Typically, I tend to think of a properly functioning service as having
+four things:
+
+ 1. backups
+ 2. documentation
+ 3. monitoring
+ 4. automation
+ 5. high availability
+
+Yes, I miscounted. This is why you have high availability.
+
+## Backups
+
+Duh. If data is maliciously or accidentally destroyed, you need a copy
+somewhere. Preferably in a way that malicious joe can't get to.
+
+This is harder than you think.
+
+## Documentation
+
+I have an entire [template](https://gitlab.torproject.org/tpo/tpa/wiki-replica/-/raw/master/service/template.md?ref_type=heads) for this. Essentially, it boils down to
+using <https://diataxis.fr/> and [this "audit" guide](https://bluesock.org/~willkg/blog/dev/auditing_projects.html). For me, the
+most important parts are:
+
+- disaster recovery (includes backups, probably)
+- playbook
+- install/upgrade procedures (see automation)
+
+You probably know this is hard, and this is why you're not doing
+it. Do it anyways, you'll think it sucks, but you'll be really
+grateful for whatever scraps you wrote when you're in trouble.
+
+## Monitoring
+
+If you don't have monitoring, you'll know it fails too late, and you
+won't know it recovers. Consider high availability, work hard to
+reduce noise, and don't have machine wake people up, that's literally
+torture and is against the Geneva convention.
+
+Consider predictive algorithm to prevent failures, like "add storage
+within 2 weeks before this disk fills up". 
+
+This is harder than you think.
+
+## Automation
+
+Make it easy to redeploy the service elsewhere.
+
+Yes, I know you have backups. That is not enough: that typically
+restores data and while it can also include configuration, you're
+going to need to change things when you restore, which is what
+automation (or call it "configuration management" if you will) will do
+for you anyways.
+
+This also means you can do unit tests on your configuration, otherwise
+you're building legacy.
+
+This is probably as hard as you think.
+
+## High availability
+
+Make it not fail when one part goes down.
+
+Eliminate single points of failures.
+
+This is easier than you think, except for storage and DNS (which, I
+guess, means it's harder than you think too).
+
+## Assessment
+
+In the above 5 items, I check two:
+
+ 1. backups
+ 2. documentation
+
+And barely: I'm not happy about the offsite backups, and my
+documentation is much better at work than at home (and even there, I
+have a 15 year backlog to catchup on).
+
+I barely have monitoring: Prometheus is scraping parts of the infra,
+but I don't have any sort of alerting -- by which I don't mean
+"electrocute myself when something goes wrong", I mean "there's a set
+of thresholds and conditions that define an outage and I can look at
+it".
+
+Automation is wildly incomplete. My home server is a random collection
+of old experiments and technologies, ranging from Apache with Perl and
+CGI scripts to Docker containers running Golang applications. Most of
+it is not Puppetized (but the ratio is growing). Puppet itself
+introduces a huge attack vector with kind of catastrophic lateral
+movement if the Puppet server gets compromised.
+
+And, fundamentally, I am not sure I can provide high availability in
+the lab. I'm just this one guy running my home network, and I'm
+growing older. I'm thinking more about winding things down than
+building things now, and that's just really sad, because I feel
+[[we're losing|2025-03-21-losing-war-internet]] (well that escalated
+quickly).
+
+# Resolution
+
+In the end, I didn't need any mitigation and the problem fixed
+itself. I did do quite a bit of cleanup so that feels somewhat good,
+although I despaired quite a bit at the amount of technical debt I've
+accumulated in the lab.
+
+# Timeline
+
+Times are in UTC-4.
+
+- 6:52: IRC bouncer goes offline
+- 9:20: called TSI support, waited on the line 15 minutes then was
+  told I'd get a call back
+- 9:54: outage apparently detected by TSI
+- 11:00: no response, tried calling back support again
+- 11:10: confirmed bonding router outage, no official ETA but "today",
+  source of the 9:54 timestamp above
+- 12:08: TPA monitoring notices service restored
+- 12:34: call back from TSI; service restored, problem was with the
+  "bonder" configuration on their end, which was "fighting between
+  Montréal and Toronto"
+
+[[!tag debian-planet python-planet debian outage meta fail networking sysadmin]]
diff --git a/blog/2025-03-21-losing-war-internet.md b/blog/2025-03-21-losing-war-internet.md
new file mode 100644
index 00000000..181dd175
--- /dev/null
+++ b/blog/2025-03-21-losing-war-internet.md
@@ -0,0 +1,106 @@
+[[!meta title="Losing the war for the free internet"]]
+
+Warning: this is a long ramble I wrote after an outage of my home
+internet. You'll get your regular scheduled programming shortly.
+
+I didn't realize this until relatively recently, but we're at war.
+
+Fascists and capitalists are trying to take over the world, and it's
+bringing utter chaos.

(Diff truncated)

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index 9dd33371..5dca8f21 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -4,6 +4,10 @@ Voir aussi [[communication/photo]].
 
 [[!toc levels=2]]
 
+# Workflow
+
+I wrote a blurb about my current (2025) workflow in [this pixls.us thread](https://discuss.pixls.us/t/bulk-import-workflow-advice/33763/21).
+
 History
 =======
 

diff --git a/communication/photo.mdwn b/communication/photo.mdwn
index 7262138c..6b57bcd3 100644
--- a/communication/photo.mdwn
+++ b/communication/photo.mdwn
@@ -40,5 +40,6 @@ Calendrier
 ----------
 
 J'ai fait un projet élaboré de calendrier regroupant mes meilleures
-photo de l'année, incluant montage et impression, voir
-[[calendrier-2019]].
+photo de l'année, incluant montage et impression, voir:
+
+[[!map pages="page(calendes/*)"]]
diff --git a/communication/photo/calendes/2019.md b/communication/photo/calendes/2019.md
new file mode 100644
index 00000000..c4049684
--- /dev/null
+++ b/communication/photo/calendes/2019.md
@@ -0,0 +1,909 @@
+[[!meta title="Projet Calendes 2019"]]
+
+[[!toc levels=2]]
+
+Le projet "Calendes" est un projet pour développer mes talents de
+photographe mais aussi une façon de ma familiariser avec ma première
+caméra digitale à objectifs interchangeables.
+
+Le but est d'imprimer un calendrier de photos pour l'année 2019, avec
+une photo par mois. Chaque mois de 2018, j'ai sélectionné mes photos
+les plus notables prises pendant le mois et je les publie sur une
+gallerie de photo privée. À la fin de l'année, les meilleures photos
+(originalement: les plus populaires, mais je n'ai pas eu beaucoup de
+feedback) sont réunies dans un calendrier.
+
+Certaines photos n'ont pas été développées ("[straight out of
+camera](https://www.flickr.com/groups/sooc/)") et pourront l'être ultérieurement. (D'ailleurs, pour les
+fanatiques du développement, les "négatifs" ("raw") sont disponibles
+sur demande.)
+
+Les détails sur mes outils de travail sont dans la page
+[camera](/hardware/camera/). J'ai également mentionné le projet dans mon [[rapport
+mensuel de décembre 2018|blog/2018-12-21-report]].
+
+# Note sur le nom
+
+Les *calendes* (en latin archaïque : *kǎlendāī*, *-āsōm* ; en latin
+classique : *cǎlendae*, *-ārum*) étaient le premier jour de chaque
+mois dans le calendrier romain, celui de la nouvelle lune quand le
+calendrier suivait un cycle lunaire (années de Romulus et de Numa
+Pompilius).
+
+Ce jour-là, les pontifes annonçaient la date des fêtes mobiles du
+mois suivant et les débiteurs devaient payer leurs dettes inscrites
+dans les calendaria, les livres de comptes, à l'origine du mot
+calendrier. [...]
+
+## Héritage linguistique
+
+Ce mot est à l'origine de plusieurs termes et expressions utilisés
+en français.
+
+Le calendrier dérive de l'adjectif calendarium (« calendaire »), qui
+désignait un registre de comptes (que l'on apurait le premier du
+mois ; le calendarium était proprement le « registre des échéances
+») et, partant, le calendrier est, originellement, le registre sur
+lequel l'on note les événements liés à une date précise du mois. Le
+mot français provient directement de l'adjectif latin, avec un sens
+plus général.
+
+« Renvoyer aux calendes grecques » (Ad kalendas graecas) signifie «
+repousser indéfiniment la réalisation d'une action ». En effet, les
+Grecs n'ayant jamais eu de calendes, l'expression fait référence à
+une date inconnue. Les calendes grecques, tout comme la
+[Saint-Glinglin](https://fr.wikipedia.org/wiki/Saint-Glinglin), évoquent de manière ironique une date qui
+semble fixée mais qui en fin de compte n'aura jamais lieu.
+
+> *— [Wikipedia](https://fr.wikipedia.org/wiki/Calendes)*
+
+# Photos
+
+Chaque photo a été choisie en fonction du mois où elle a été prise,
+et, dans la mesure du possible, pour refléter l'esprit de ce
+mois. Certaines photos de nuit et les couchers de soleil ont été
+écartés car ils sont typiquement difficiles à faire ressortir sur
+l'imprimé, du moins c'est l'avis que j'ai reçu. Même chose pour les
+photos généralement sombres.
+
+Toutes les photos ont été prises avec un [Fuji X-T2](https://en.wikipedia.org/wiki/Fujifilm_X-T2), avec
+différents objectifs, détaillés en dernière page du calendrier (le
+"colophon"). Les photos de nuit ont été prises avec trépied. Les
+photos avec un de ces objectifs:
+
+ * [Fujifilm 18-55mm f/2.8-4 R LM OIS](http://www.fujifilm.ca/products/digital_cameras/x/fujinon_lens_xf18_55mmf28_4_r_lm_ois/)
+ * [Fujifilm 55-200mm f/3.5-4.8 R LM OIS](http://www.fujifilm.ca/products/digital_cameras/x/fujinon_lens_xf55_200mmf35_48_r_lm_ois/)
+ * [Fujifilm 27mm f/2.8 ø39](http://www.fujifilm.com/products/digital_cameras/x/fujinon_lens_xf27mmf28/)
+
+Voir également [[hardware/camera]] pour le matériel que j'utilise. La
+plupart des photos ont été retravaillées avec [Darktable 2.4](https://darktable.org), sauf
+le mois de janvier, qui a été traité avec Adobe Lightroom 6.
+
+# Évènements #
+
+Un calendrier, c'est des petites boîtes en colonnes avec des chiffres
+dedans qui montre l'arrangement des jours dans les semaines et mois de
+l'année. Mais c'est aussi des évènements ponctuels.
+
+J'ai fait le choix de ne pas refléter les congés fériés et religieux
+traditionnels. Les gens savent généralement qu'ils sont là et de toute
+façon cela varie selon le milieu de travail ou d'éducation. À la
+place, on célèbre différents évènements importants ou farfelus.
+
+## Fêtes officielles, selon Koumbit ##
+
+ * 1er janvier: [jour de l'an][Jour de l'an]
+ * 8 mars: [Journée internationale des femmes][Fête des femmes]
+ * 19 avril: [Vendredi saint][]
+ * 1er mai: [fête des travailleurs][Fête des travailleurs]
+ * 20 mai: [Journée nationale des Patriotes][] (le lundi qui précède
+   le 25 mai)
+ * 24 juin: [St-Jean-Baptiste][]
+ * 1er juillet: [Confédération][]
+ * 2 septembre: [fête du travail][Fête du travail]
+ * 14 octobre: [Action de grâce][]
+ * 25 décembre: [Noël][]
+
+## Alternatives aux fêtes traditionnelles ##
+
+Pour sortir du carcan des fêtes traditionnelles et célébrer plutôt
+l'absence de dieu et d'autres valeurs, on cherche des alternatives.
+
+ * Noël:
+   * 22 décembre: [Solstice][Solstice]/[Yule][]
+   * 23 décembre: [Festivus][]
+   * 26 décembre: [Boxing day][]
+   * 26 décembre: [Kwanzaa][]
+ * [Vendredi saint][] (19 avril 2019) / [Pâques][] (21 avril 2019):
+   * [420][] (20 avril)
+   * [Record store day][] (20 avril)
+   * [Jour de la terre][Jour de la terre] (22 april)
+ * [Action de grâce][action de grâce]: voir [Columbus day][], plus bas
+ * [Fête des patriotes][Journée nationale des Patriotes]: [Towel day][] (25 mai), plus bas
+
+## Autres fêtes intéressantes ##
+
+ * 1er janvier: [Indépendance d'Haïti][]
+ * 21 janvier: [MLK day][MLK] (troisième lundi de janvier)
+ * 21 janvier: [National Hugging Day][]
+ * 25 janvier: [Opposite Day][] ("Day where you do everything opposite")
+ * 31 janvier: [National Gorilla Suit Day][]
+ * 12 février: [Darwin day][]
+ * 14 février: [Saint-Valentin][]
+ * 14 mars: [Pi Day][]
+ * 15 mars: [journée internationale contre la brutalité policière][JICBP]
+ * 17 mars: [Saint-patrick][]
+ * 20 mars: [Équinoxe][] (nuit = jour)
+ * 4 avril: [420][]
+ * 20 avril: [Record store day][] (3e samedi d'avril)
+ * 22 avril: [Jour de la terre][] (voir aussi 5 juin)
+ * 1er vendredi de mai: [No Pants Day][]
+ * 2 mai: [national day of reason][]
+ * 12 mai: [Fête des mères][]
+ * 25 May: [Towel Day][] (en référence à feu Douglas Adams)
+ * 5 juin: [jour de l'environnement][] (voir aussi 22 avril)
+ * 16 juin: [Fête des pères][]
+ * 21 juin: [Solstice][Solstice] d'été (jour le plus long), [Wold Humanist day][]
+ * 22 juillet: [Pi Approximation Day][] or Pi day (14 mars, ci-haut)
+ * 13 août: [International Lefthanders Day][]
+ * 19 septembre: [International Talk Like a Pirate Day][]
+ * 21 septembre: [International Day of Peace][]
+ * 23 septembre: [Équinoxe][], [Human Rights Day][]
+ * 31 octobre: [Halloween][]
+ * 5 novembre: [Guy Fawkes Night][]
+ * 28 novembre: [Thanksgiving][]
+ * 29 novembre: [Buy Nothing Day][]
+ * 14 décembre: [Monkey Day][]
+ * 22 décembre: [Solstice][] d'hiver (jour le plus court)
+ * 26 décembre - 1er janvier: [Kwanzaa][] (Héritage, unité et culture
+   africaine)
+
+## Autres idées ##
+
+ * autres fêtes religieuses, selon le rapport annuel de [Projet
+   Genèse](http://genese.qc.ca/):
+   * islam
+     * [Ramadan][]: variable, du 6 mai au 4 juin 2019 ([Eid al-Fitr][])
+     * [Eid al-Adha][]: variable, 12 août 2019
+   * judaïsme:
+     * [Rosh Hashanah][]: variable, 1er octobre 2019
+     * [Yom Kippur][]: variable, 9 octobre 2019
+   * hindouisme, bouddhisme:
+     * [Diwali][]: variable, 27 octobre 2019
+ * évènements astronomiques majeurs (voir plus bas)
+ * [Friendship Day][]
+ * [Nanomonestotse][]: préparé le troisième lundi d'octobre, célébré
+   le vendredi suivant
+ * 31 octobre - 2 novembre: [day of the dead][]
+ * [Poisson d'avril][April fool's day]... autres choses amusante le
+   [premier avril][]:
+   * 1868 – [Edmond Rostand][]
+   * 1873 – [Sergei Rachmaninoff][]

(Diff truncated)

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index 12fc3707..321b6074 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -95,7 +95,15 @@ Whereas it should show up like this:
     sq keyring merge torproject-keyring/lavamind-95F341D746CF1FC8B05A0ED5D3F900749268E55E.gpg torproject-keyring/weasel-E3ED482E44A53F5BBE585032D50F9EBC09E69937.gpg | wl-copy
 
 Note that this is an issue specific to foot(1), alacritty(1) and
-gnome-terminal(1) don't suffer from that issue.
+gnome-terminal(1) don't suffer from that issue. I have already [filed
+it upstream in foot](https://codeberg.org/dnkl/foot/issues/1487) and it is apparently fixed already.
+
+Globbing is driving me *nuts*. You can't pass a `*` to a command
+unless fish agrees it's going to match something. You need to escape
+it if it doesn't immediately match, and then you need the called
+command to actually support globbing. `202[345]` doesn't match
+folders named `2023`, `2024`, `2025`, it will send the string
+`202[345]` to the command.
 
 # Blockers
 

diff --git a/hardware/camera.mdwn b/hardware/camera.mdwn
index c1eac58e..9dd33371 100644
--- a/hardware/camera.mdwn
+++ b/hardware/camera.mdwn
@@ -12,48 +12,55 @@ Overview of important dates
 
  * 1988: film photography starts
  * 2004: digital photography starts, <1GB/year
- * 2006: Canon PowerShot A430, ~1GB/year
+ * 2006: Canon PowerShot A430, ~1GB/year, 1000 shots/year
  * 2009: Nokia N900 (mobile phone), ~1GB/year
- * 2012: Canon PowerShot G12, 10-30GB/year
- * 2018: Fujifilm X-T2, ~10-15GB/mth
+ * 2012: Canon PowerShot G12, 10-30GB/year, ~2500 shots/year
+ * 2018: Fujifilm X-T2, ~10-15GB/mth, 3000-4000 shots/year
+ * 2021: Pixels, back to ~10GB/year, 1000-3000 shots/year
 
 Disk usage
 ----------
 
 This list details per-year disk usage of my Photo archive:
 
-| Year      | Size (GB) | File count | JPG count | Notes                  |
-|-----------|-----------|------------|-----------|------------------------|
-| 1969      | 0.1       | 5          | 1         |                        |
-| 1970      | 0.8       | 26         | 0         |                        |
-| 1998      | 0.3       | 10         | 10        |                        |
-| 2004      | 0.4       | 48         | 48        |                        |
-| 2005      | 0.3       | 557        | 557       |                        |
-| 2006      | 0.9       | 932        | 931       | Canon PowerShot A430   |
-| 2007      | 2         | 1161       | 1156      |                        |
-| 2008      | 0.9       | 656        | 631       |                        |
-| 2009      | 0.8       | 495        | 495       | Nokia N900             |
-| 2010      | 1         | 1077       | 1070      |                        |
-| 2011      | 1         | 1241       | 1193      |                        |
-| 2012      | 10        | 2908       | 2590      | Canon PowerShot G12    |
-| 2013      | 33        | 4192       | 2763      |                        |
-| 2014      | 27        | 4126       | 2470      |                        |
-| 2015      | 11        | 2004       | 1332      |                        |
-| 2016      | 0.4       | 131        | 131       |                        |
-| 2017      | 32        | 2958       | 1656      | Fairphone 2            |
-| 2018      | 164       | 9154       | 4705      | FujiFilm X-T2          |
-| 2019      | 127       | 7228       | 3695      |                        |
-| 2020      | 95.36     | 5260       | 2815      |                        |
-| 2021      | 23.78     | 2126       | 1598      | Pixel 4a               |
-| 2022      | 7.28      | 1079       | 1009      |                        |
-| 2023      | 10.74     | 2555       | 2474      | Pixel 6a, *incomplete* |
-| **Total** | 555.16    | 50239      | 33496     |                        |
+| Year      | Size (GB) | File count | JPG count | Notes                |
+|-----------|-----------|------------|-----------|----------------------|
+| 1969      | 0.1       | 5          | 1         |                      |
+| 1970      | 0.8       | 26         | 0         |                      |
+| 1998      | 0.3       | 10         | 10        |                      |
+| 2004      | 0.4       | 48         | 48        |                      |
+| 2005      | 0.3       | 557        | 557       |                      |
+| 2006      | 0.9       | 932        | 931       | Canon PowerShot A430 |
+| 2007      | 2         | 1161       | 1156      |                      |
+| 2008      | 0.9       | 656        | 631       |                      |
+| 2009      | 0.8       | 495        | 495       | Nokia N900           |
+| 2010      | 1         | 1077       | 1070      |                      |
+| 2011      | 1         | 1241       | 1193      |                      |
+| 2012      | 10        | 2908       | 2590      | Canon PowerShot G12  |
+| 2013      | 33        | 4192       | 2763      |                      |
+| 2014      | 27        | 4126       | 2470      |                      |
+| 2015      | 11        | 2004       | 1332      |                      |
+| 2016      | 0.4       | 131        | 131       |                      |
+| 2017      | 32        | 2958       | 1656      | Fairphone 2          |
+| 2018      | 164       | 9154       | 4705      | FujiFilm X-T2        |
+| 2019      | 127       | 7228       | 3695      |                      |
+| 2020      | 95.36     | 5260       | 2815      |                      |
+| 2021      | 23.78     | 2126       | 1598      | Pixel 4a             |
+| 2022      | 7.28      | 1079       | 1009      |                      |
+| 2023      | 16.99     | 3250       | 3050      | Pixel 6a             |
+| 2024      | 12.81     | 2491       | 2365      |                      |
+| 2025      | 1.92      | 105        | 107       | *incomplete*         |
+| **Total** | 577.72    | 53599      | 36702     |                      |
 
 Years before 2004 are probably mislabeled. Archives from 1988 to 2004
 are still in film and haven't been imported.
 
 The introduction of the Fuji and its higher resolution really made a
-huge change in disk usage.
+huge change in disk usage. It also kicked off a couple of years with
+thousands of pictures taken, but this slowed down quite a bit when the
+new Pixel phones came in. Those have pretty good cameras which meant
+that I didn't feel the need to bring the big camera with, but
+paradoxically, also meant I took less pictures, to a certain extent.
 
 Keep in mind the "File count" columns counts "RAW" shots as double: one
 file for the JPG, one for the RAW. And it may also count sidecars
@@ -61,7 +68,7 @@ file for the JPG, one for the RAW. And it may also count sidecars
 
 The above was created with:
 
-    git annex info --json * | jq   --compact-output '[.["directory","local annex size","local annex keys"]]'
+    git annex info --json * | jq   -r  '[.["directory","local annex size","local annex keys"]] | join(" | ")'     (master)
 
 .. and some manual formatting in Emacs because the [jq manpage](https://manpages.debian.org/jq)
 drives me utterly insane.

diff --git a/recette.mdwn b/recette.mdwn
index 69cc4995..ef6b6422 100644
--- a/recette.mdwn
+++ b/recette.mdwn
@@ -5,7 +5,7 @@ Ces recettes sont généralement des recettes que j'ai prises ailleurs
 mais modifiées suffisamment et cuisinées assez souvent pour que je les
 considère miennes.
 
-[[!map pages="page(recette/*) or tagged(blog/recette)"]]
+[[!map pages="page(recette/*) or tagged(recette)"]]
 
 Autres sources
 ==============

diff --git a/recette.mdwn b/recette.mdwn
index b783295d..69cc4995 100644
--- a/recette.mdwn
+++ b/recette.mdwn
@@ -1,9 +1,11 @@
 Répertoire de recettes
 ======================
 
-[[!map pages="page(recette/*)"]]
+Ces recettes sont généralement des recettes que j'ai prises ailleurs
+mais modifiées suffisamment et cuisinées assez souvent pour que je les
+considère miennes.
 
-Mes recettes sont présentement sur mon [[blog|tag/recette]], mais devraient être déplacées ici.
+[[!map pages="page(recette/*) or tagged(blog/recette)"]]
 
 Autres sources
 ==============

diff --git a/recette/fondue.md b/recette/fondue.md
new file mode 100644
index 00000000..9c0831a6
--- /dev/null
+++ b/recette/fondue.md
@@ -0,0 +1,30 @@
+[[!meta title="Fondue au fromage"]]
+
+# Ingrédients
+
+- 1kg fromage:
+  - 500g emmental
+  - 250g gruyère
+  - 250g fribourgeois
+- 4 c à thé de fécule de maïs
+- 2 gousses d'ail
+- 3/4 tasse vin blanc de table
+- 1 c à table kirsh (optionnel)
+- 1 couronnes de brocoli taillée en fleurets
+- 3 petites patates coupées en gros dés, ou équivalent patates grelots
+- 2 baguettes taillées en dés
+
+# Préparation
+
+ 1. râper le fromage, incorporer la fécule de maïs, réserver
+ 2. frotter le caquelon avec les gousses d'ail taillées en deux,
+    garder dans le caquelon (ou pas)
+ 3. ajouter le vin et kirsh, chauffer au frémissement
+ 4. incorporer progressivement le fromage à feu moyen, en brassant
+    continuellement
+ 5. en parallèle, cuire les brocolis à la vapeur, bouillir les patates
+    "al dente"
+ 6. servir immédiatement avec réchaud sur table et baguettes
+
+Note: plus fort, meilleur goût et plus cher en réduisant emmental et
+augmentant gruyère.
diff --git a/recette/riz_frit.md b/recette/riz_frit.md
new file mode 100644
index 00000000..51374e65
--- /dev/null
+++ b/recette/riz_frit.md
@@ -0,0 +1,50 @@
+[[!meta title="Riz frit au légumes"]]
+
+# Ingrédients
+
+ - 5 tasses de riz (étuvé? basmati?) cuit et refroidi (2 tasses sec)
+ - 5 oeufs
+ - 45ml (3 c à soupe) d'huile végétale
+ - 1 livre (454g) de tofu ferme, coupé en petits dés
+ - 1 oignon haché
+ - 3 oignons verts, émincés, blanc et vert séparés
+ - 2 carottes moyennes, coupées en petits dés
+ - 2 branches de céleri, coupées en petits dés
+ - 2 gousses d'ail hachées
+ - 15mL (1 c. à soupe) d'huile de sésame
+ - 225g (1 ½ tasse) de petits pois surgelés (ou frais!)
+ - 60 mL (¼ tasse) de sauce soya
+ - 10 mL (2 c. à thé) de sambal oelek (facultatif)
+
+# Préparation
+
+ 1. cuire le riz et refroidir au frigo quelques heures, éviter la
+    surcuisson
+
+ 2. battre un oeuf, incorporer au riz et bien enrober, réserver
+
+ 3. battre le reste des oeufs et cuire dans 1 c. à soupe d'huile
+    d'olive, réserver
+
+ 4. en parallèle, frire le tofu dans un poêlon
+
+ 5. dorer l'oignon et le blanc des oignons verts
+
+ 6. ajouter et sauter les carottes et le céleri, cuire *al dente*
+
+ 7. ajouter l'ail et l'huile de sésame, sauter une minute
+
+ 8. ajouter et faire sauter le riz 8-10 minutes jusqu'à ce qu'il soit
+    légèrement doré
+
+ 9. ajouter les petits pois et cuire 2 minutes
+
+ 10. incorporer le reste des ingrédients: oeufs cuits, verts des oignons
+     verts, sauce soya, sambal oelek; cuire jusqu'à ce que les oeufs
+     soient réchauffés
+
+ 11. rectifier l'assaisonnement
+
+# Notes
+
+Source: ricardo, avec ajout tofu.

diff --git a/recette/tofu_general_tao.mdwn b/recette/tofu_general_tao.mdwn
index c2a4757c..da98cced 100644
--- a/recette/tofu_general_tao.mdwn
+++ b/recette/tofu_general_tao.mdwn
@@ -18,7 +18,7 @@
 
 ## Sauté
 
- * 1 paquet de 454 g (1 lb) de tofu ferme, coupé en cubes et bien épongé (voir note)
+ * 1 paquet de 454 g (1 lb) de tofu ferme, coupé en cubes et bien épongé
  * 30 ml (2 c. à soupe) de fécule de maïs
  * 60 ml (¼ tasse) d’huile de canola
  * 2 oignons verts, hachés finement

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 9637852d..91324c7e 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1691,3 +1691,6 @@ worrisome.
 [[!tag unix wayland blog desktop firefox emacs debian debian-planet]]
 
 [xdg-desktop-portal-wrl(5)]: https://manpages.debian.org/xdg-desktop-portal-wlr.5
+
+<!-- posted to the federation on 2025-03-11T14:45:51.192822 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114145280025076006"]]

diff --git a/recette/tofu_general_tao.mdwn b/recette/tofu_general_tao.mdwn
index a7809f91..c2a4757c 100644
--- a/recette/tofu_general_tao.mdwn
+++ b/recette/tofu_general_tao.mdwn
@@ -4,27 +4,29 @@
  * Temps de préparation: 0:25
  * Source: [Ricardo](http://www.ricardocuisine.com/recettes/5675-tofu-general-tao)
 
-# Sauce
+# Ingredients
+
+## Sauce
 
  * 60 ml (¼ tasse) de bouillon de poulet ou de légumes
- * 60 ml (¼ tasse) de cassonade
  * 30 ml (2 c. à soupe) de sauce soya
  * 30 ml (2 c. à soupe) de vinaigre de riz
  * 30 ml (2 c. à soupe) de ketchup
+ * 60 ml (¼ tasse) de cassonade
  * 5 ml (1 c. à thé) de fécule de maïs
  * 5 ml (1 c. à thé) de sambal oelek
 
-# Sauté
+## Sauté
 
  * 1 paquet de 454 g (1 lb) de tofu ferme, coupé en cubes et bien épongé (voir note)
  * 30 ml (2 c. à soupe) de fécule de maïs
  * 60 ml (¼ tasse) d’huile de canola
- * 4 oignons verts, hachés finement
+ * 2 oignons verts, hachés finement
  * 5 ml (1 c. à thé) de gingembre frais haché finement
  * 2 gousses d’ail, hachées finement
  * Sel et poivre
  
-# Accompagnements
+## Accompagnements
 
  * 1 brocoli coupé en bouquets, cuit à la vapeur
  * Riz cuit vapeur

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index b3e3a1b5..9637852d 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -183,7 +183,8 @@ Other options include:
  * [dwl][]: tiling, minimalist, dwm for Wayland, not in Debian
  * [hikari][]: tiling/stacking, not in Debian
  * [Hyprland][]: tiling, fancy animations, not in Debian ([1040971][])
- * [Qtile][]: tiling, extensible, in Python, in Debian since trixie ([1015267][])
+ * [niri][]: scrolling, paper-vm like, Rust, not in Debian ([1065355][])
+ * [Qtile][]: tiling, extensible, Python, in Debian since trixie ([1015267][])
  * [river][]: Zig, stackable, tagging, not in Debian  ([1006593][])
  * [smithay][], and many derivatives: Rust, not in Debian
  * [velox][]: inspired by xmonad and dwm, not in Debian
@@ -210,6 +211,8 @@ Other options include:
 [1040971]: https://bugs.debian.org/1040971
 [wlmaker]: https://github.com/phkaeser/wlmaker
 [smithay]: https://github.com/Smithay/smithay
+[niri]: https://github.com/YaLTeR/niri
+[1065355]: https://bugs.debian.org/1065355
 
 ## Status bar: py3status → waybar
 

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 442404dc..906fa0aa 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -130,6 +130,49 @@ rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136
    the Halo96 v2 and Halo75 v2
  * [Field75](https://nuphy.com/collections/keyboards/products/field75): not best in anything ([full review](https://www.rtings.com/keyboard/reviews/nuphy/field75))
 
+# Possible keyboards
+
+## Keychron
+
+[Keychron](https://www.keychron.com/) - nice wireless keyboards, maybe?
+
+[Review from a DD](https://venthur.de/2021-04-30-keychron-c1-on-linux.html) says:
+
+> Although the fix [making F-keys work] was not very hard to find and
+> apply, this experience still leaves a foul taste. I naively assumed
+> the problem of having a properly functioning keyboard that simply
+> works when you plug it in, has been thoroughly solved by 2021.
+
+The Keychron Q5 Max was rated [best mechanical keyboard at rtings in 2023-2025](https://www.rtings.com/keyboard/reviews/best/mechanical)
+
+### Keychron K1 Pro
+
+The [K1 Pro](https://www.keychron.com/products/keychron-k1-pro-qmk-via-wireless-custom-mechanical-keyboard) is a good candidate:
+
+- 87 keys
+- wired (USB-C), wireless (BT 5.1), the "Max" has RF
+- 130h battery
+- Low-profile Gateron Red/Brown switches
+- QMK
+- Double-shot keycaps
+- rgb backlight
+- 1000Hz
+- N-Key Rollover
+- 18-24mm x 346mm x 118.5mm
+- 580g
+- ABS / aluminium
+- optional hot-swappable switches
+
+Rated [best mechanical keyboard for work at rtings since 2024](https://www.rtings.com/keyboard/reviews/best/work).
+
+Note that there's also the "Max" series which, according to rtings:
+
+> The major difference between the keyboards in these two lineups is
+> that the K Max keyboards have expanded wireless versatility with the
+> addition of 2.4GHz receiver connectivity, offering better overall
+> raw performance. The K Max boards also have more layers of internal
+> acoustic material.
+
 # Requirements
 
 ## Layout
@@ -385,47 +428,6 @@ control, alt and shift). There are also "palm" keys that act as Fn
 keys. All this is probably totally alien and too weird for my poor old
 fingers to adapt to, but it does look gorgeous.
 
-## Keychron
-
-[Keychron](https://www.keychron.com/) - nice wireless keyboards, maybe?
-
-[Review from a DD](https://venthur.de/2021-04-30-keychron-c1-on-linux.html) says:
-
-> Although the fix [making F-keys work] was not very hard to find and
-> apply, this experience still leaves a foul taste. I naively assumed
-> the problem of having a properly functioning keyboard that simply
-> works when you plug it in, has been thoroughly solved by 2021.
-
-The Keychron Q5 Max was rated [best mechanical keyboard at rtings in 2023-2025](https://www.rtings.com/keyboard/reviews/best/mechanical)
-
-### Keychron K1 Pro
-
-The [K1 Pro](https://www.keychron.com/products/keychron-k1-pro-qmk-via-wireless-custom-mechanical-keyboard) is a good candidate:
-
-- 87 keys
-- wired (USB-C), wireless (BT 5.1), the "Max" has RF
-- 130h battery
-- Low-profile Gateron Red/Brown switches
-- QMK
-- Double-shot keycaps
-- rgb backlight
-- 1000Hz
-- N-Key Rollover
-- 18-24mm x 346mm x 118.5mm
-- 580g
-- ABS / aluminium
-- optional hot-swappable switches
-
-Rated [best mechanical keyboard for work at rtings since 2024](https://www.rtings.com/keyboard/reviews/best/work).
-
-Note that there's also the "Max" series which, according to rtings:
-
-> The major difference between the keyboards in these two lineups is
-> that the K Max keyboards have expanded wireless versatility with the
-> addition of 2.4GHz receiver connectivity, offering better overall
-> raw performance. The K Max boards also have more layers of internal
-> acoustic material.
-
 ## Cannon Keys
 
 After reading that [New Yorker magazine article](https://www.newyorker.com/tech/annals-of-technology/the-obsessive-pleasures-of-mechanical-keyboard-tinkerers), I found this:

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index b1da0ac0..b3e3a1b5 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -183,7 +183,7 @@ Other options include:
  * [dwl][]: tiling, minimalist, dwm for Wayland, not in Debian
  * [hikari][]: tiling/stacking, not in Debian
  * [Hyprland][]: tiling, fancy animations, not in Debian ([1040971][])
- * [Qtile][]: tiling, extensible, in Python, not in Debian ([1015267][])
+ * [Qtile][]: tiling, extensible, in Python, in Debian since trixie ([1015267][])
  * [river][]: Zig, stackable, tagging, not in Debian  ([1006593][])
  * [smithay][], and many derivatives: Rust, not in Debian
  * [velox][]: inspired by xmonad and dwm, not in Debian

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 26e300c0..442404dc 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -59,12 +59,25 @@ TKL keyboards.
 
 ### Short review
 
-I have found a second hand Air75 at some Amazon overflow thing here,
-and it is *really* nice. It's really slim, I (surprisingly) like the
-short travel and the sound is exquisite, even with red switches. It's
-nice to have the combo Bluetooth / USB-C setup, and there's even a
-"2.4GHz transmitter" in there for non-BT operation, but somehow the
-adapter for that was missing from the case.
+I have found a second hand [Air75](https://nuphy.com/collections/in-stock-keyboards/products/air75-v2) at some Amazon overflow thing here,
+and it is *really* nice.
+
+- QMK
+- wireless (BT 4 devices, RF), wired (USB-C)
+- 220h battery (~10days?)
+- 84-keys
+- [Cowberry red switches](https://nuphy.com/products/nuphy-cowberry-l45-low-profile-switches), hotswappable
+- double-shot keycaps
+- RGB backlights
+- 13.5-21mm x 132.5mm x 316.4mm
+- 598 grams
+- n-key rollover
+
+It's really slim, I (surprisingly) like the short travel and the sound
+is exquisite, even with the red switches. It's nice to have
+the combo Bluetooth / USB-C setup, and there's even a "2.4GHz
+transmitter" in there for non-BT operation, but somehow the adapter
+for that was missing from the case.
 
 Two major downsides:
 
@@ -98,7 +111,8 @@ which is likely a GPL violation, as [qmk_firmware](https://github.com/qmk/qmk_fi
 is [keeping track of the various third-party firmwares](https://github.com/zhogov/nuphy-state-of-qmk-firmware).
 
 The whole point of this was to try to get a scroll lock key to work. I
-haven't figured it out.
+haven't figured it out. I did find their [layout manual](https://cdn.shopifycdn.net/s/files/1/0268/7297/1373/files/NuPhy_Air75_V2_Q_A.pdf?v=1692772705) and the
+[quick guide](https://cdn.shopify.com/s/files/1/0268/7297/1373/files/NuPhy_Air75_V2_Quick_Guide.pdf?v=1696498123) but it doesn't seem to support those extra keys.
 
 ### Other reviews
 
@@ -328,7 +342,7 @@ Update: they have an "easy" version now: <https://ergodox-ez.com/>.
 
 From the same people as the above ergodox.
 
-* split keyboard
+ * split keyboard
  * programmable, open firmware
  * mechanical, hot-swappable switches
  * backlit
@@ -342,11 +356,10 @@ From the same people as the above ergodox.
 
 ## Keyboard for life
 
-15$. Spill-proof. Lifetime warranty. Next keyboard?
+15$. Spill-proof. Lifetime warranty.
 
 <http://www.kensington.com/us/us/4489/k64370a/keyboard-for-life#.VsjA1j9Xbec>
 
-
 ## Ultimate hacking keyboard
 
 "Built to last", "split keyboard" and all sorts of buzzwords...
@@ -383,7 +396,35 @@ fingers to adapt to, but it does look gorgeous.
 > the problem of having a properly functioning keyboard that simply
 > works when you plug it in, has been thoroughly solved by 2021.
 
-[Best mechanical keyboard at rtings](https://www.rtings.com/keyboard/reviews/best/mechanical)
+The Keychron Q5 Max was rated [best mechanical keyboard at rtings in 2023-2025](https://www.rtings.com/keyboard/reviews/best/mechanical)
+
+### Keychron K1 Pro
+
+The [K1 Pro](https://www.keychron.com/products/keychron-k1-pro-qmk-via-wireless-custom-mechanical-keyboard) is a good candidate:
+
+- 87 keys
+- wired (USB-C), wireless (BT 5.1), the "Max" has RF
+- 130h battery
+- Low-profile Gateron Red/Brown switches
+- QMK
+- Double-shot keycaps
+- rgb backlight
+- 1000Hz
+- N-Key Rollover
+- 18-24mm x 346mm x 118.5mm
+- 580g
+- ABS / aluminium
+- optional hot-swappable switches
+
+Rated [best mechanical keyboard for work at rtings since 2024](https://www.rtings.com/keyboard/reviews/best/work).
+
+Note that there's also the "Max" series which, according to rtings:
+
+> The major difference between the keyboards in these two lineups is
+> that the K Max keyboards have expanded wireless versatility with the
+> addition of 2.4GHz receiver connectivity, offering better overall
+> raw performance. The K Max boards also have more layers of internal
+> acoustic material.
 
 ## Cannon Keys
 
@@ -448,6 +489,24 @@ key on the right though.
 A friend built a [Neo80 keyboard](https://divinikey.com/collections/neo80-keyboard-kit-and-components/products/qwertykeys-neo80-case) by buying a PCB presoldered with
 Gazzew Boba U4 switches, and [earth tone keycaps](https://www.deskhero.ca/products/gmk-earth-tones-keycaps?variant=40347274805314) and likes it.
 
+## Boardsource
+
+A friend recommended the [Rechteck](https://www.boardsource.xyz/products/Rechteck):
+
+- ZMK
+- 60%
+- wired (USB-C) and wireless (BLE, 3-4 weeks battery)
+- Choc mechnical switches
+- keycaps have japanese engravings as well
+- really thin! even thinner than the Nuphy
+- 19mm x 274mm x 91mm
+- has a "print screen" key in the [default layout](https://github.com/boardsource/Rechtek_zmk_config/blob/main/config/bs_lp_60.keymap) (but not scroll
+  lock)
+- DIY build kit, see [instructions](https://www.boardsource.xyz/docs/build_guides-rechteck)
+- 300$USD for case, PCB, legs, choc red switches, and dark keycaps
+
+A bit too small for my taste, but nice looking.
+
 # Mini / travel keyboards
 
 Those are useful for the media station or traveling on the road with a

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index 22a5f100..e59fe8ff 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -66,7 +66,7 @@ It didn't help that I tried to run nixpkgs on Debian which is
 technically possible, but you can tell that I'm not supposed to be
 doing this. My friend who reviewed this article expressed surprised at
 how easy this was, but then he only saw the finished result, not me
-tearing my hear out to make this actually work.
+tearing my hair out to make this actually work.
 
 # Nix on Debian primer
 
@@ -163,7 +163,7 @@ don't work with arms manufacturers or, if I would, I would be sure as
 hell to accept the nick (or nix?) on the chin when people would get
 upset, and try to make amends.
 
-So long live to the Nix people, I hope the community recovers from
+So long live the Nix people! I hope the community recovers from
 that dark moment, so far it seems like it will.
 
 And thanks for helping me test Harper!
@@ -176,4 +176,4 @@ And thanks for helping me test Harper!
 
 
 <!-- posted to the federation on 2025-03-06T15:59:56.639958 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/114117495781980196"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114117495781980196"]]

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index cb48d8e3..22a5f100 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -173,3 +173,7 @@ And thanks for helping me test Harper!
 [NixOS]: https://en.wikipedia.org/wiki/NixOS
 
 [[!tag debian-planet debian packaging review python-planet]]
+
+
+<!-- posted to the federation on 2025-03-06T15:59:56.639958 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/114117495781980196"]]
\ No newline at end of file

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index 9c5a385a..cb48d8e3 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -173,7 +173,3 @@ And thanks for helping me test Harper!
 [NixOS]: https://en.wikipedia.org/wiki/NixOS
 
 [[!tag debian-planet debian packaging review python-planet]]
-
-
-<!-- posted to the federation on 2025-03-06T15:59:17.227401 -->
-[[!mastodon "http://example.com/simulated"]]
\ No newline at end of file

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index cb48d8e3..9c5a385a 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -173,3 +173,7 @@ And thanks for helping me test Harper!
 [NixOS]: https://en.wikipedia.org/wiki/NixOS
 
 [[!tag debian-planet debian packaging review python-planet]]
+
+
+<!-- posted to the federation on 2025-03-06T15:59:17.227401 -->
+[[!mastodon "http://example.com/simulated"]]
\ No newline at end of file

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index 74791a02..cb48d8e3 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -2,20 +2,20 @@
 
 # Meta
 
-So I've been trying to post more to this blog, in case you haven't
-noticed and one of the things that entails is to just dump over the
-fence a bunch of draft notes. In this specific case, I had a set of
-rough notes about [NixOS][] and particularly [Nix, the package
-manager][].
-
-In this case, you will even be able to see the very birth of an
-article, what it looks like before it becomes the prose that it is
-now, by looking at the [Git history of this file](https://gitlab.com/anarcat/anarc.at/-/blob/main/blog/2025-03-06-nix.md?ref_type=heads), particularly its
-[birth](https://gitlab.com/anarcat/anarc.at/-/blob/83ff51e4f06764a464b85664146e8fefedd08efe/blog/2025-03-06-nix.md), which shows how primitive an article can be, I guess. I
-have a couple of those left, and it would be pretty easy to publish
-them as is, but I feel I'd be doing others (and myself! I write for my
-own documentation too after all) a disservice by not going the extra
-mile on those.
+In case you haven't noticed, I'm trying to post and one of the things
+that entails is to just dump over the fence a bunch of draft notes. In
+this specific case, I had a set of rough notes about [NixOS][] and
+particularly [Nix, the package manager][].
+
+In this case, you can see the very birth of an article, what it looks
+like before it becomes the questionable prose it is now, by looking at
+the [Git history of this file](https://gitlab.com/anarcat/anarc.at/-/blob/main/blog/2025-03-06-nix.md?ref_type=heads), particularly its [birth](https://gitlab.com/anarcat/anarc.at/-/blob/83ff51e4f06764a464b85664146e8fefedd08efe/blog/2025-03-06-nix.md). I have
+a couple of those left, and it would be pretty easy to publish them as
+is, but I feel I'd be doing others (and myself! I write for my own
+documentation too after all) a disservice by not going the extra mile
+on those.
+
+So here's the long version of my experiment with Nix.
 
 # Nix
 
@@ -32,28 +32,31 @@ with other systems as I know that would inevitably get me dragged down
 into contributing into yet another free software project. I'm mature
 now and know where to draw the line. Right?
 
-So I'm just testing Nix, the package manager, on Debian. And what
-triggered this is that I learned from my friend that [nixpkgs](https://github.com/nixos/nixpkgs) is
-the [largest package repository](https://repology.org/repositories/statistics/total), a mind-boggling 100,000 at the
-time of writing (with [88% of packages up to date](https://repology.org/repositories/statistics/pnewest)), compared to
-around 40,000 in Debian (or 72,000 if you count binary packages, with
-72% up to date). I naively thought Debian was the largest, perhaps
-competing with Arch, and was wrong: Arch is larger than Debian too.
+So I'm just testing Nix, the package manager, on Debian, because I
+learned from my friend that [nixpkgs](https://github.com/nixos/nixpkgs) is the [largest package
+repository](https://repology.org/repositories/statistics/total) out there, a mind-boggling 100,000 at the time of
+writing (with [88% of packages up to date](https://repology.org/repositories/statistics/pnewest)), compared to around
+40,000 in Debian (or 72,000 if you count binary packages, with 72% up
+to date). I naively thought Debian was the largest, perhaps competing
+with Arch, and I was wrong: Arch is larger than Debian too.
 
-What brought me there is I wanted to run [Harper](https://writewithharper.com/), a neat and fast
+What brought me there is I wanted to run [Harper](https://writewithharper.com/), a fast
 spell-checker written in Rust. The logic behind using Nix instead of
-just downloading the source and running it myself is that I'm doing
-this thing where I delegate the work of supply-chain integrity
-checking to a distributor, a bit like you trust Debian developers like
-myself to package things for you in a sane way. I know this widens the
-attack surface to a third party as well of course, but the rationale
-is that I shift cryptographic verification to another stack than just
-"TLS + GitHub" (although that is somewhat still involved). Anyways.
+just downloading the source and running it myself is that I delegate
+the work of supply-chain integrity checking to a distributor, a bit
+like you trust Debian developers like myself to package things in a
+sane way. I know this widens the attack surface to a third party of
+course, but the rationale is that I shift cryptographic verification
+to another stack than just "TLS + GitHub" (although that is somewhat
+still involved) that's *linked* with my current chain (Debian
+packages).
 
 I have since then [stopped using Harper for various reasons](https://gitlab.com/anarcat/emacs-d/-/commit/093318283240b428b6ff2b8fdd565a82161ae03a) and
 also wrapped up my Nix experiment, but felt it worthwhile to jot down
 some observations on the project.
 
+# Hot take
+
 Overall, Nix is hard to get into, with a complicated learning curve. I
 have found the documentation to be a bit confusing, since there are
 many ways to do certain things. I particularly tripped on "flakes"
@@ -61,7 +64,9 @@ and, frankly, incomprehensible error reporting.
 
 It didn't help that I tried to run nixpkgs on Debian which is
 technically possible, but you can tell that I'm not supposed to be
-doing this.
+doing this. My friend who reviewed this article expressed surprised at
+how easy this was, but then he only saw the finished result, not me
+tearing my hear out to make this actually work.
 
 # Nix on Debian primer
 
@@ -74,41 +79,42 @@ get the rights to deploy Nix packages:
 
     adduser anarcat nix-users
 
-That wasn't easy to find, but is mentioned in the [README.Debian](https://sources.debian.org/src/nix/2.24.12%2Bdfsg-1/debian/nix-bin.README.Debian/)
-that's shipped with the Debian package.
+That wasn't easy to find, but is mentioned in the [README.Debian
+file](https://sources.debian.org/src/nix/2.24.12%2Bdfsg-1/debian/nix-bin.README.Debian/) shipped with the Debian package.
 
 Then, I didn't write this down, but the `README.Debian` file above
-mentions that, I *think* i added a "channel" like this:
+mentions it, so I *think* I added a "channel" like this:
 
     nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs
     nix-channel --update
 
-And installed the [Harper package](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ha/harper/package.nix) with:
+And I likely installed the [Harper package](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ha/harper/package.nix) with:
 
     nix-env --install harper
 
-At this point, `harper` was installed in a ... profile? i think? I had
-to add `~/.nix-profile/bin` (a symlink to
+At this point, `harper` was installed in a ... profile? Not sure.
+
+I had to add `~/.nix-profile/bin` (a symlink to
 `/nix/store/sympqw0zyybxqzz6fzhv03lyivqqrq92-harper-0.10.0/bin`) to my
 `$PATH` environment for this to actually work.
 
 ## Side notes on documentation
 
-The last two steps were *hard* to figure out, which is kind of amazing
-because you'd think a tutorial on Nix would feature something like
-this prominently. But [three](https://zero-to-nix.com/start/install/) [different](https://nix.dev/manual/nix/2.24/quick-start) [tutorials](https://nix.dev/tutorials/) failed
-to bring me up to that basic setup, even the `README.Debian` didn't
-spell that out clearly. 
+Those last two commands (`nix-channel` and `nix-env`) were hard to
+figure out, which is kind of amazing because you'd think a tutorial on
+Nix would feature something like this prominently. But [three](https://zero-to-nix.com/start/install/)
+[different](https://nix.dev/manual/nix/2.24/quick-start) [tutorials](https://nix.dev/tutorials/) failed to bring me up to that basic
+setup, even the `README.Debian` didn't spell that out clearly.
 
 The tutorials all show me how to *develop* packages for Nix, not
 plainly how to *install* Nix software. This is presumably because "I'm
 doing it wrong": you shouldn't just "install a package", you should
 setup an environment declaratively and tell it what you want to do.
 
-But here's the thing: I didn't *want* to do the right thing. I just
-wanted to install harper, and docs failed to bring me to that basic
-hello world. Here's what one of the tutorials suggests as a first
-step:
+But here's the thing: I didn't *want* to "do the right thing". I just
+wanted to install Harper, and documentation failed to bring me to that
+basic "hello world" stage. Here's what one of the tutorials suggests
+as a first step, for example:
 
     curl -L https://nixos.org/nix/install | sh
     nix-shell --packages cowsay lolcat
@@ -116,20 +122,24 @@ step:
 
 ... which, when you follow through, leaves you with almost precisely
 nothing left installed (apart from Nix itself, setup with a nasty
-"curl pipe bash".
+"curl pipe bash". So while that works in testing Nix, you're not much
+better off than when you started.
 
 ## Rolling back everything
 
 Now that I have stopped using Harper, I don't need Nix anymore, which
 I'm sure my Nix friends will be sad to read about. Don't worry, I have
-notes now, and can try again! But still, I wanted to clear things out,
-so I did this, as root:
+notes now, and can try again! 
+
+But still, I wanted to clear things out, so I did this, as root:
 
     deluser anarcat nix-users
     apt purge nix-bin
     rm -rf /nix ~/.nix*
 
-## Side note on Nix dramas
+I *think* this cleared things out, but I'm not actually sure.
+
+# Side note on Nix drama
 
 This blurb wouldn't be complete without a mention that the Nix
 community has been somewhat tainted by the behavior of its founder. I
@@ -138,23 +148,25 @@ and made a [followup article about spinoffs and forks](https://lwn.net/Articles/
 reading as well.
 
 I did want to say that everyone I have been in contact with in the Nix
-community was absolutely fantastic and I am just really sad that the
-behavior of a single individual can pollute a community in such a
-way. 
+community was absolutely fantastic. So I am really sad that the
+behavior of a single individual can pollute a community in such a way.
 
 As a leader, if you have all but one responsability, it's to behave
 properly for people around you. It's actually really, really hard to
 do that, because yes, it means you need to act differently than others
-and no, you just don't get to be upset at others like normal, because
-you're in a position of authority. It's a lesson I'm still learning
-myself, to be fair. But at least I don't work with arms manufacturers

(Diff truncated)

diff --git a/contact.mdwn b/contact.mdwn
index 58dc8460..f12c172b 100644
--- a/contact.mdwn
+++ b/contact.mdwn
@@ -44,6 +44,6 @@ available on key servers and the [Web Key Discover protocol](https://keyserver.m
 Blog articles accept comments through Mastodon, so moderation policies
 of that space (including your home server and mine) apply there.
 
-If you found an error on the le site, you can [report it here](https://gitlab.com/anarcat/anarc.at/-/issues/new).
+If you found an error on the site, you can [report it here](https://gitlab.com/anarcat/anarc.at/-/issues/new).
 
 </div>

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
index 8ee41304..74791a02 100644
--- a/blog/2025-03-06-nix.md
+++ b/blog/2025-03-06-nix.md
@@ -1,32 +1,163 @@
-comlicated learning curve
+[[!meta title="Nix Notes"]]
 
-apt install nix-bin
+# Meta
 
-adduser anarcat nix-users
+So I've been trying to post more to this blog, in case you haven't
+noticed and one of the things that entails is to just dump over the
+fence a bunch of draft notes. In this specific case, I had a set of
+rough notes about [NixOS][] and particularly [Nix, the package
+manager][].
 
-re-login
+In this case, you will even be able to see the very birth of an
+article, what it looks like before it becomes the prose that it is
+now, by looking at the [Git history of this file](https://gitlab.com/anarcat/anarc.at/-/blob/main/blog/2025-03-06-nix.md?ref_type=heads), particularly its
+[birth](https://gitlab.com/anarcat/anarc.at/-/blob/83ff51e4f06764a464b85664146e8fefedd08efe/blog/2025-03-06-nix.md), which shows how primitive an article can be, I guess. I
+have a couple of those left, and it would be pretty easy to publish
+them as is, but I feel I'd be doing others (and myself! I write for my
+own documentation too after all) a disservice by not going the extra
+mile on those.
 
-nix-env --install harper
+# Nix
 
+A couple friends are real fans of Nix. Just like I [work with Puppet a
+lot](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/puppet), they deploy and maintain servers (if not fleets of servers)
+with NixOS and its declarative package management system. Essentially,
+they use it as a configuration management system, which is pretty
+awesome.
 
+That, however, is a bit too high of a bar for me. I rarely try new
+operating systems these days: I'm a Debian developer and it takes most
+of my time to keep that functional. I'm not going to go around messing
+with other systems as I know that would inevitably get me dragged down
+into contributing into yet another free software project. I'm mature
+now and know where to draw the line. Right?
 
-[nixpkgs](https://github.com/nixos/nixpkgs) is the [largest number of packages (98k) according to repology](https://repology.org/repositories/statistics/total), with
-[85.5% of packages up to date](https://repology.org/repositories/statistics/pnewest) (compared to 38000 in Debian
-unstable, or 71466 if you count binary packages, and 69.5% up to date)
+So I'm just testing Nix, the package manager, on Debian. And what
+triggered this is that I learned from my friend that [nixpkgs](https://github.com/nixos/nixpkgs) is
+the [largest package repository](https://repology.org/repositories/statistics/total), a mind-boggling 100,000 at the
+time of writing (with [88% of packages up to date](https://repology.org/repositories/statistics/pnewest)), compared to
+around 40,000 in Debian (or 72,000 if you count binary packages, with
+72% up to date). I naively thought Debian was the largest, perhaps
+competing with Arch, and was wrong: Arch is larger than Debian too.
 
-docs:
+What brought me there is I wanted to run [Harper](https://writewithharper.com/), a neat and fast
+spell-checker written in Rust. The logic behind using Nix instead of
+just downloading the source and running it myself is that I'm doing
+this thing where I delegate the work of supply-chain integrity
+checking to a distributor, a bit like you trust Debian developers like
+myself to package things for you in a sane way. I know this widens the
+attack surface to a third party as well of course, but the rationale
+is that I shift cryptographic verification to another stack than just
+"TLS + GitHub" (although that is somewhat still involved). Anyways.
 
-- https://nix.dev/
-- https://zero-to-nix.com/
-- https://nix.dev/manual/nix/2.24/quick-start
+I have since then [stopped using Harper for various reasons](https://gitlab.com/anarcat/emacs-d/-/commit/093318283240b428b6ff2b8fdd565a82161ae03a) and
+also wrapped up my Nix experiment, but felt it worthwhile to jot down
+some observations on the project.
 
-[harper package](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ha/harper/package.nix)
+Overall, Nix is hard to get into, with a complicated learning curve. I
+have found the documentation to be a bit confusing, since there are
+many ways to do certain things. I particularly tripped on "flakes"
+and, frankly, incomprehensible error reporting.
 
+It didn't help that I tried to run nixpkgs on Debian which is
+technically possible, but you can tell that I'm not supposed to be
+doing this.
 
-https://lix.systems/
+# Nix on Debian primer
 
-purging
+So here's how I got started. First I installed the [nix binary package](https://tracker.debian.org/pkg/nix):
 
-deluser anarcat nix-users
+    apt install nix-bin
 
-rm -rf /nix ~/.nix*
+Then I had to add myself to the right group and logout/log back in to
+get the rights to deploy Nix packages:
+
+    adduser anarcat nix-users
+
+That wasn't easy to find, but is mentioned in the [README.Debian](https://sources.debian.org/src/nix/2.24.12%2Bdfsg-1/debian/nix-bin.README.Debian/)
+that's shipped with the Debian package.
+
+Then, I didn't write this down, but the `README.Debian` file above
+mentions that, I *think* i added a "channel" like this:
+
+    nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs
+    nix-channel --update
+
+And installed the [Harper package](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ha/harper/package.nix) with:
+
+    nix-env --install harper
+
+At this point, `harper` was installed in a ... profile? i think? I had
+to add `~/.nix-profile/bin` (a symlink to
+`/nix/store/sympqw0zyybxqzz6fzhv03lyivqqrq92-harper-0.10.0/bin`) to my
+`$PATH` environment for this to actually work.
+
+## Side notes on documentation
+
+The last two steps were *hard* to figure out, which is kind of amazing
+because you'd think a tutorial on Nix would feature something like
+this prominently. But [three](https://zero-to-nix.com/start/install/) [different](https://nix.dev/manual/nix/2.24/quick-start) [tutorials](https://nix.dev/tutorials/) failed
+to bring me up to that basic setup, even the `README.Debian` didn't
+spell that out clearly. 
+
+The tutorials all show me how to *develop* packages for Nix, not
+plainly how to *install* Nix software. This is presumably because "I'm
+doing it wrong": you shouldn't just "install a package", you should
+setup an environment declaratively and tell it what you want to do.
+
+But here's the thing: I didn't *want* to do the right thing. I just
+wanted to install harper, and docs failed to bring me to that basic
+hello world. Here's what one of the tutorials suggests as a first
+step:
+
+    curl -L https://nixos.org/nix/install | sh
+    nix-shell --packages cowsay lolcat
+    nix-collect-garbage
+
+... which, when you follow through, leaves you with almost precisely
+nothing left installed (apart from Nix itself, setup with a nasty
+"curl pipe bash".
+
+## Rolling back everything
+
+Now that I have stopped using Harper, I don't need Nix anymore, which
+I'm sure my Nix friends will be sad to read about. Don't worry, I have
+notes now, and can try again! But still, I wanted to clear things out,
+so I did this, as root:
+
+    deluser anarcat nix-users
+    apt purge nix-bin
+    rm -rf /nix ~/.nix*
+
+## Side note on Nix dramas
+
+This blurb wouldn't be complete without a mention that the Nix
+community has been somewhat tainted by the behavior of its founder. I
+won't bother you too much with this; [LWN covered it well in 2024](https://lwn.net/Articles/970824/),
+and made a [followup article about spinoffs and forks](https://lwn.net/Articles/981124/) that's worth
+reading as well.
+
+I did want to say that everyone I have been in contact with in the Nix
+community was absolutely fantastic and I am just really sad that the
+behavior of a single individual can pollute a community in such a
+way. 
+
+As a leader, if you have all but one responsability, it's to behave
+properly for people around you. It's actually really, really hard to
+do that, because yes, it means you need to act differently than others
+and no, you just don't get to be upset at others like normal, because
+you're in a position of authority. It's a lesson I'm still learning
+myself, to be fair. But at least I don't work with arms manufacturers
+or, if I would, I would be sure as hell to accept the nick (or nix?)
+on the chin when people would get upset, and try to make amends.
+
+So long live to the Nix folks, I hope the community recovers from that
+dark moment, so far it seems like it will.
+
+And thanks for letting me test Harper!
+
+[Nix, the package manager]: https://en.wikipedia.org/wiki/Nix_(package_manager)
+
+[NixOS]: https://en.wikipedia.org/wiki/NixOS
+
+[[!tag debian-planet debian packaging review python-planet]]

diff --git a/blog/2025-03-06-nix.md b/blog/2025-03-06-nix.md
new file mode 100644
index 00000000..8ee41304
--- /dev/null
+++ b/blog/2025-03-06-nix.md
@@ -0,0 +1,32 @@
+comlicated learning curve
+
+apt install nix-bin
+
+adduser anarcat nix-users
+
+re-login
+
+nix-env --install harper
+
+
+
+[nixpkgs](https://github.com/nixos/nixpkgs) is the [largest number of packages (98k) according to repology](https://repology.org/repositories/statistics/total), with
+[85.5% of packages up to date](https://repology.org/repositories/statistics/pnewest) (compared to 38000 in Debian
+unstable, or 71466 if you count binary packages, and 69.5% up to date)
+
+docs:
+
+- https://nix.dev/
+- https://zero-to-nix.com/
+- https://nix.dev/manual/nix/2.24/quick-start
+
+[harper package](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ha/harper/package.nix)
+
+
+https://lix.systems/
+
+purging
+
+deluser anarcat nix-users
+
+rm -rf /nix ~/.nix*

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 8ccb1a24..26e300c0 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -49,6 +49,73 @@ less, and it's still really pretty. The V3 is kind of nice because you
 can reprogram the LED, although it's really complicated how you do
 that. I made caps lock red and scroll lock green.
 
+## Nuphy
+
+[Nuphy](https://nuphy.com/) has interesting mechanical keyboards, with a special focus on the
+sound and design of the keyboards.
+
+They have QMK-compatible firmware and pretty designs, with slim and
+TKL keyboards.
+
+### Short review
+
+I have found a second hand Air75 at some Amazon overflow thing here,
+and it is *really* nice. It's really slim, I (surprisingly) like the
+short travel and the sound is exquisite, even with red switches. It's
+nice to have the combo Bluetooth / USB-C setup, and there's even a
+"2.4GHz transmitter" in there for non-BT operation, but somehow the
+adapter for that was missing from the case.
+
+Two major downsides:
+
+- it's a bit on the heavy side, which would otherwise make this an
+  incredible travel keyboard
+- the TKL layout is a bit too narrow for me, i can't get used to the
+  vertical pgup/pgdown pad
+
+I have also heard first-hand reports of a full USB controller failure
+and a failure of support to provide proper followup, so that's a bit
+concerning.
+
+I have looked at [upgrading the firmware](https://nuphy.com/pages/qmk-firmwares) and it says that "Dongle
+and firmware updates required for this release", which means I need to
+flash the "RF firmware" and the "dongle firmware", and I'm not sure
+what those are.
+
+Apparently the "RF firmware" is flashed [from a phone](https://nuphy.com/pages/instructions-on-flashing-the-rf-firmwares) (?!) so you
+need to install [this Bluetooth app](https://play.google.com/store/apps/details?id=no.nordicsemi.android.mcp) to do a "Device Firmware
+Update" (DFU) and while some of Nordic Semi apps are free software,
+that particular one [seems like docs-only](https://github.com/NordicSemiconductor/Android-nRF-Connect). There *might* be other
+ways to do DFUs with free software (see [this adafruit thing](https://learn.adafruit.com/introducing-adafruit-ble-bluetooth-low-energy-friend/dfu-on-android-4-dot-3-plus) for
+example) but wow this is getting complicated.
+
+The "dongle firmware" update is totally opaque: it seems it can only
+be done from Windows or Mac.
+
+So while in theory the keyboard has a QMK-compatible firmware, in
+practice the published firmware doesn't actually come with source code
+which is likely a GPL violation, as [qmk_firmware](https://github.com/qmk/qmk_firmware) is GPL. Someone
+is [keeping track of the various third-party firmwares](https://github.com/zhogov/nuphy-state-of-qmk-firmware).
+
+The whole point of this was to try to get a scroll lock key to work. I
+haven't figured it out.
+
+### Other reviews
+
+rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136) and outlined:
+
+ * [Halo75 v2](https://nuphy.com/collections/keyboards/products/halo75-v2-qmk-via-wireless-custom-mechanical-keyboard): "[Best Mid-Range Mechanical Keyboard](https://www.rtings.com/keyboard/reviews/best/mechanical)" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/air75-v2-air60-v2-air96-v2))
+ * [Gem 80](https://nuphy.com/collections/keyboards/products/gem80): "[Best TKL Keyboard For Enthusiasts](https://www.rtings.com/keyboard/reviews/best/tkl)" and "Best
+ modular mechanical keyboard" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/gem80))
+ * [Air75 v2](https://nuphy.com/collections/keyboards/products/air75-v2): "[Best Low-Profile Keyboard](https://www.rtings.com/keyboard/reviews/best/low-profile)", "[Best Mid-Range
+   Wireless Keyboard](https://www.rtings.com/keyboard/reviews/best/by-type/wireless)", "[Best Office Keyboard Without A
+   Numpad](https://www.rtings.com/keyboard/reviews/best/work)", "[Best Mid-Range Keyboard For Programming](https://www.rtings.com/keyboard/reviews/best/by-usage/programming)" ([full
+   review](https://www.rtings.com/keyboard/reviews/nuphy/air75-v2-air60-v2-air96-v2))
+ * [Halo96](https://nuphy.com/collections/keyboards/products/halo96): "[Best Upper Mid-Range Keyboard For Typing](https://www.rtings.com/keyboard/reviews/best/by-usage/writers)" and
+   "[Best Mid-Range RGB Keyboard](https://www.rtings.com/keyboard/reviews/best/rgb#recommendation_313370)" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/halo96-halo65-halo75)), replaced by
+   the Halo96 v2 and Halo75 v2
+ * [Field75](https://nuphy.com/collections/keyboards/products/field75): not best in anything ([full review](https://www.rtings.com/keyboard/reviews/nuphy/field75))
+
 # Requirements
 
 ## Layout
@@ -376,46 +443,6 @@ feedback, trackballs.
 This is a pretty TKL keyboard, the [Multics](https://vortexgear.store/en-ca/products/multix?variant=43056025993379). Not sure about the Fn
 key on the right though.
 
-## Nuphy
-
-[Nuphy](https://nuphy.com/) has interesting mechanical keyboards, with a special focus on the
-sound and design of the keyboards.
-
-They have QMK-compatible firmware and pretty designs, with slim and
-TKL keyboards.
-
-I have found a second hand Air75 at some Amazon overflow thing here,
-and it is *really* nice. It's really slim, I (surprisingly) like the
-short travel and the sound is exquisite, even with red switches. It's
-nice to have the combo Bluetooth / USB-C setup, and there's even a
-"2.4GHz transmitter" in there for non-BT operation, but somehow the
-adapter for that was missing from the case.
-
-Two major downsides:
-
-- it's a bit on the heavy side, which would otherwise make this an
-  incredible travel keyboard
-- the TKL layout is a bit too narrow for me, i can't get used to the
-  vertical pgup/pgdown pad
-
-I have also heard first-hand reports of a full USB controller failure
-and a failure of support to provide proper followup, so that's a bit
-concerning.
-
-rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136) and outlined:
-
- * [Halo75 v2](https://nuphy.com/collections/keyboards/products/halo75-v2-qmk-via-wireless-custom-mechanical-keyboard): "[Best Mid-Range Mechanical Keyboard](https://www.rtings.com/keyboard/reviews/best/mechanical)" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/air75-v2-air60-v2-air96-v2))
- * [Gem 80](https://nuphy.com/collections/keyboards/products/gem80): "[Best TKL Keyboard For Enthusiasts](https://www.rtings.com/keyboard/reviews/best/tkl)" and "Best
- modular mechanical keyboard" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/gem80))
- * [Air75 v2](https://nuphy.com/collections/keyboards/products/air75-v2): "[Best Low-Profile Keyboard](https://www.rtings.com/keyboard/reviews/best/low-profile)", "[Best Mid-Range
-   Wireless Keyboard](https://www.rtings.com/keyboard/reviews/best/by-type/wireless)", "[Best Office Keyboard Without A
-   Numpad](https://www.rtings.com/keyboard/reviews/best/work)", "[Best Mid-Range Keyboard For Programming](https://www.rtings.com/keyboard/reviews/best/by-usage/programming)" ([full
-   review](https://www.rtings.com/keyboard/reviews/nuphy/air75-v2-air60-v2-air96-v2))
- * [Halo96](https://nuphy.com/collections/keyboards/products/halo96): "[Best Upper Mid-Range Keyboard For Typing](https://www.rtings.com/keyboard/reviews/best/by-usage/writers)" and
-   "[Best Mid-Range RGB Keyboard](https://www.rtings.com/keyboard/reviews/best/rgb#recommendation_313370)" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/halo96-halo65-halo75)), replaced by
-   the Halo96 v2 and Halo75 v2
- * [Field75](https://nuphy.com/collections/keyboards/products/field75): not best in anything ([full review](https://www.rtings.com/keyboard/reviews/nuphy/field75))
-
 ## Divinikey
 
 A friend built a [Neo80 keyboard](https://divinikey.com/collections/neo80-keyboard-kit-and-components/products/qwertykeys-neo80-case) by buying a PCB presoldered with

diff --git a/software/desktop.mdwn b/software/desktop.mdwn
index 5cdce2f3..4ebc914a 100644
--- a/software/desktop.mdwn
+++ b/software/desktop.mdwn
@@ -6,8 +6,8 @@ behind all this an more in [[history]] (2012).
 
 # Current setup
 
-I'm now using [[wayland]] with Sway, see the [[wayland]] page for the
-full documentation of the transition away from [[x11]].
+I'm now (2022) using [[wayland]] with Sway, see the [[wayland]] page
+for the full documentation of the transition away from [[x11]].
 
 See also the documentation specific to [[firefox]].
 

diff --git a/software/desktop.mdwn b/software/desktop.mdwn
index a8802c73..5cdce2f3 100644
--- a/software/desktop.mdwn
+++ b/software/desktop.mdwn
@@ -1,4 +1,6 @@
-This page documents, in a spirit of sharing known recipes, my current and older desktop setups. You can also read a narrative of the history behind all this an more in [[history]].
+This page documents, in a spirit of sharing known recipes, my current
+and older desktop setups. You can also read a narrative of the history
+behind all this an more in [[history]] (2012).
 
 [[!toc levels=2]]
 
@@ -12,10 +14,21 @@ See also the documentation specific to [[firefox]].
 # Older setups
 
  * [[x11]] (using [[wayland]] now), which include:
-   * [[sawfish and rox]]
-   * [[gnome2]]
-   * [[wmii]] (using Sway, see [[wayland]])
-   * [[xmonad]] (using Sway, see [[wayland]])
-   * i3, see [[x11]] for the documentation on that
+   * twm, afterstep, blackbox/fluxbox/openbox, englightenment, fvwm
+     and GNOME 1 (time immemorial, probably turn of the millenium, and
+     apparently before 2005, afterstep itself is 1997-2008, according
+     to the [news section on the website](http://www.afterstep.org/news.php?show=old), GNOME 1 is 1997-2002,
+     twm is from 1987 and, amazingly, has seen a release in 2022)
+   * [[sawfish and rox]] (???-2005)
+   * [[gnome2]] (~2006? GNOME 2 itself is 2002-2011)
+   * [[wmii]] (2006-2010)
+   *  awesome (2010-2015)
+   * [[xmonad]] (2015-2019~)
+   * i3 (~2019-2022) see [[x11]] for the documentation on that
+
+# Other configurations
+
  * [[chromium]] (using [[firefox]] now)
  * the [[gnome3]] exception, when I don't want to get complicated
+ * I have also tested and used KDE from time to time
+ * [[emacs]] has its own page

diff --git a/software/desktop.mdwn b/software/desktop.mdwn
index 0902e228..a8802c73 100644
--- a/software/desktop.mdwn
+++ b/software/desktop.mdwn
@@ -9,69 +9,6 @@ full documentation of the transition away from [[x11]].
 
 See also the documentation specific to [[firefox]].
 
-# The GNOME exception
-
-When I don't want to feel like an exotic little snowflake that spends
-hours needlessly configuring his desktop environment, I go back to the
-default, which is usually GNOME. I work with the following
-configuration:
-
- * 4 basic desktops, with Super-[1234] ("windows key") mapped to the 4
-   desktops (I used to have a 2x2 layout, but couldn't figure out how
-   to do this in GNOME 3)
- * install [impatience](https://extensions.gnome.org/extension/277/impatience/) to disable animations
- * other gnome tweaks:
-   * enable the Compose key (super-right)
-   * alternatetab (to *not* group alt-tab by app, make sure to
-     configure the plugin to show all workspaces)
-   * applications menu
-   * places status indicator
-   * workrave display
-   * focus follows mouse (slow, but works)
- * consider [material shell](https://material-shell.com/)
-
-I still have to figure out how to enable the nice shortcuts I have in
-my normal setup. In particular, I should bind the same keybindings to
-`rofi`. I found the [keyboard navigation manual](https://help.gnome.org/users/gnome-help/stable/keyboard-nav.html.en) very useful to get
-familiar with the platform.
-
-Finally, a big blocker is how to configure GPG agent so that it
-properly talks with my Yubikey, otherwise I can't talk to any SSH
-server. So far I figured out how to disable GNOME Keyring by doing
-this:
-
-    ( cat /etc/xdg/autostart/gnome-keyring-ssh.desktop ; echo Hidden=true ) > ~/.config/autostart/gnome-keyring-ssh.desktop
-
-It disables the gnome-keyring startup routine. Then GPG-agent starts
-supervised, but doesn't show up in the environment, so we
-fail. Apparently, the following shell snippet is supposed to fix that
-problem:
-
-    # Needed for GPG2 to bridge with ssh-agent
-    #export SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh
-    #unset SSH_AGENT_PID
-    if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
-        export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
-    fi
-
-    export GPG_TTY="$(tty)"
-
-    # So annoying to need to do this every time
-    gpg-connect-agent updatestartuptty /bye > /dev/null
-
-This is all so weird and broken and confusing that I found about ten
-different guides trying to tell people how to do this kind of stuff:
-
- * [John Hopkins university's McQueen Lab: Yubikey for SSH Authentication](https://occamy.chemistry.jhu.edu/references/pubsoft/YubikeySSH/index.php)
- * [karlgrz: 2 Factor Authentication GPG & SSH keys with pass and Yubikey NEO](https://karlgrz.com/2fa-gpg-ssh-keys-with-pass-and-yubikey-neo/)
- * [Chris's Digital Realm: My Perfect GnuPG / SSH Agent Setup](https://www.bootc.net/archives/2013/06/09/my-perfect-gnupg-ssh-agent-setup/)
- * [Simon Josefsson's blog: OpenPGP Smartcards and GNOME](https://blog.josefsson.org/2015/01/02/openpgp-smartcards-and-gnome/)
- * [Arch wiki: GNOME Keyring](https://wiki.archlinux.org/index.php/GNOME/Keyring#SSH_keys)
- * [lg's blog: YubiKey gpg/ssh: Great security but tricky install](https://lorgor.blogspot.com/2017/01/yubikey-gpgssh-great-security-but.html)
-
-Also: maybe try [PaperWM](https://github.com/paperwm/PaperWM) to get
-tiling into GNOME.
-
 # Older setups
 
  * [[x11]] (using [[wayland]] now), which include:
@@ -81,3 +18,4 @@ tiling into GNOME.
    * [[xmonad]] (using Sway, see [[wayland]])
    * i3, see [[x11]] for the documentation on that
  * [[chromium]] (using [[firefox]] now)
+ * the [[gnome3]] exception, when I don't want to get complicated
diff --git a/software/desktop/gnome3.md b/software/desktop/gnome3.md
new file mode 100644
index 00000000..1df0c0c1
--- /dev/null
+++ b/software/desktop/gnome3.md
@@ -0,0 +1,60 @@
+When I don't want to feel like an exotic little snowflake that spends
+hours needlessly configuring his desktop environment, I go back to the
+default, which is usually GNOME. I work with the following
+configuration:
+
+ * 4 basic desktops, with Super-[1234] ("windows key") mapped to the 4
+   desktops (I used to have a 2x2 layout, but couldn't figure out how
+   to do this in GNOME 3)
+ * install [impatience](https://extensions.gnome.org/extension/277/impatience/) to disable animations
+ * other gnome tweaks:
+   * enable the Compose key (super-right)
+   * alternatetab (to *not* group alt-tab by app, make sure to
+     configure the plugin to show all workspaces)
+   * applications menu
+   * places status indicator
+   * workrave display
+   * focus follows mouse (slow, but works)
+ * consider [material shell](https://material-shell.com/)
+
+I still have to figure out how to enable the nice shortcuts I have in
+my normal setup. In particular, I should bind the same keybindings to
+`rofi`. I found the [keyboard navigation manual](https://help.gnome.org/users/gnome-help/stable/keyboard-nav.html.en) very useful to get
+familiar with the platform.
+
+Finally, a big blocker is how to configure GPG agent so that it
+properly talks with my Yubikey, otherwise I can't talk to any SSH
+server. So far I figured out how to disable GNOME Keyring by doing
+this:
+
+    ( cat /etc/xdg/autostart/gnome-keyring-ssh.desktop ; echo Hidden=true ) > ~/.config/autostart/gnome-keyring-ssh.desktop
+
+It disables the gnome-keyring startup routine. Then GPG-agent starts
+supervised, but doesn't show up in the environment, so we
+fail. Apparently, the following shell snippet is supposed to fix that
+problem:
+
+    # Needed for GPG2 to bridge with ssh-agent
+    #export SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh
+    #unset SSH_AGENT_PID
+    if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
+        export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
+    fi
+
+    export GPG_TTY="$(tty)"
+
+    # So annoying to need to do this every time
+    gpg-connect-agent updatestartuptty /bye > /dev/null
+
+This is all so weird and broken and confusing that I found about ten
+different guides trying to tell people how to do this kind of stuff:
+
+ * [John Hopkins university's McQueen Lab: Yubikey for SSH Authentication](https://occamy.chemistry.jhu.edu/references/pubsoft/YubikeySSH/index.php)
+ * [karlgrz: 2 Factor Authentication GPG & SSH keys with pass and Yubikey NEO](https://karlgrz.com/2fa-gpg-ssh-keys-with-pass-and-yubikey-neo/)
+ * [Chris's Digital Realm: My Perfect GnuPG / SSH Agent Setup](https://www.bootc.net/archives/2013/06/09/my-perfect-gnupg-ssh-agent-setup/)
+ * [Simon Josefsson's blog: OpenPGP Smartcards and GNOME](https://blog.josefsson.org/2015/01/02/openpgp-smartcards-and-gnome/)
+ * [Arch wiki: GNOME Keyring](https://wiki.archlinux.org/index.php/GNOME/Keyring#SSH_keys)
+ * [lg's blog: YubiKey gpg/ssh: Great security but tricky install](https://lorgor.blogspot.com/2017/01/yubikey-gpgssh-great-security-but.html)
+
+Also: maybe try [PaperWM](https://github.com/paperwm/PaperWM) to get
+tiling into GNOME.

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index ee9e5d1a..12fc3707 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -143,6 +143,4 @@ use that stuff pretty regularly. I guess I could alias `command` to
 
 [[!tag debian-planet python-planet software review shell]]
 
-
-<!-- posted to the federation on 2025-03-03T10:56:36.141077 -->
-[[!mastodon "https://anarc.at/blog/2025-02-28-fish"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/114079876774333574"]]

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index 12fc3707..ee9e5d1a 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -143,4 +143,6 @@ use that stuff pretty regularly. I guess I could alias `command` to
 
 [[!tag debian-planet python-planet software review shell]]
 
-[[!mastodon "https://kolektiva.social/@Anarcat/114079876774333574"]]
+
+<!-- posted to the federation on 2025-03-03T10:56:36.141077 -->
+[[!mastodon "https://anarc.at/blog/2025-02-28-fish"]]
\ No newline at end of file

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index 1973d60d..12fc3707 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -9,12 +9,12 @@ might have used UNIX shells for longer that you have lived.
 
 I'm not sure I'll keep using fish, but so far it's the first shell
 that survived heavy use outside of `zsh(1)` (unless you count
-`tsch(1)`, but that was in another millenia).
+`tcsh(1)`, but that was in another millenia).
 
 My normal shell is `bash(1)`, and it's still the shell I used
 everywhere else than my laptop, as I haven't switched on all the
 servers I managed, although it [is available since August 2022](https://gitlab.torproject.org/tpo/tpa/team/-/issues/40854) on
-`torproject.org` servers.. I first got interested in fish because they
+`torproject.org` servers. I first got interested in fish because they
 [ported to Rust](https://fishshell.com/blog/rustport/), making it one of the rare shells out there
 written in a "safe" and modern programming language, released after an
 impressive ~2 year of work with [Fish 4.0](https://fishshell.com/blog/new-in-40/).

diff --git a/recette/tofu_general_tao.mdwn b/recette/tofu_general_tao.mdwn
index 0cb0cb34..a7809f91 100644
--- a/recette/tofu_general_tao.mdwn
+++ b/recette/tofu_general_tao.mdwn
@@ -1,12 +1,10 @@
-Tofu Général Tao
-================
+[[!meta title="Tofu Général Tao"]]
 
  * Portions: 4
  * Temps de préparation: 0:25
  * Source: [Ricardo](http://www.ricardocuisine.com/recettes/5675-tofu-general-tao)
 
-Ingredients
------------
+# Sauce
 
  * 60 ml (¼ tasse) de bouillon de poulet ou de légumes
  * 60 ml (¼ tasse) de cassonade
@@ -16,7 +14,7 @@ Ingredients
  * 5 ml (1 c. à thé) de fécule de maïs
  * 5 ml (1 c. à thé) de sambal oelek
 
-### Sauté
+# Sauté
 
  * 1 paquet de 454 g (1 lb) de tofu ferme, coupé en cubes et bien épongé (voir note)
  * 30 ml (2 c. à soupe) de fécule de maïs
@@ -26,23 +24,21 @@ Ingredients
  * 2 gousses d’ail, hachées finement
  * Sel et poivre
  
-### Accompagnements
+# Accompagnements
 
  * 1 brocoli coupé en bouquets, cuit à la vapeur
  * Riz cuit vapeur
- * Sélectionner tout Ajouter à ma liste d'épicerie
 
-Directions
-----------
+# Directions
 
-### Sauce
+## Sauce
 
 1. Dans un bol, mélanger tous les ingrédients. Réserver.
 
-### Sauté
+## Sauté
 
 2. Dans un grand bol, mélanger le tofu avec la fécule. Les secouer
-   pour en retirer l’excédent. Réserver sur une assiette.
+   pour en retirer l’excédent.
 
 3. Dans un wok, chauffer l’huile. Frire la moitié du tofu à la fois,
    jusqu’à ce qu’il soit légèrement doré. Saler et poivrer. Retirer le
@@ -50,7 +46,9 @@ Directions
    tapissée de papier absorbant.
 
 4. Dans le wok, faire revenir les oignons verts, le gingembre et l’ail
-   de 1 à 2 minutes. Ajouter de l’huile au besoin. Ajouter la sauce et
-   porter à ébullition en remuant. Ajouter le tofu et poursuivre la
-   cuisson en remuant pour le réchauffer et bien l’enrober de
-   sauce. Servir immédiatement sur du riz. Accompagner de brocoli.
+   de 1 à 2 minutes. Ajouter de l’huile au besoin. 
+   
+5. Ajouter la sauce et porter à ébullition en remuant. Ajouter le tofu
+   et poursuivre la cuisson en remuant pour le réchauffer et bien
+   l’enrober de sauce. Servir immédiatement sur du riz. Accompagner de
+   brocoli.

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index bd0cbcc1..1973d60d 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -142,3 +142,5 @@ use that stuff pretty regularly. I guess I could alias `command` to
 <kbd>alt .</kbd> doesn't *always* work the way i expect.
 
 [[!tag debian-planet python-planet software review shell]]
+
+[[!mastodon "https://kolektiva.social/@Anarcat/114079876774333574"]]

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
index 2a89d98e..bd0cbcc1 100644
--- a/blog/2025-02-28-fish.md
+++ b/blog/2025-02-28-fish.md
@@ -141,4 +141,4 @@ use that stuff pretty regularly. I guess I could alias `command` to
 
 <kbd>alt .</kbd> doesn't *always* work the way i expect.
 
-[[!tag draft]]
+[[!tag debian-planet python-planet software review shell]]

diff --git a/blog/2025-02-28-fish.md b/blog/2025-02-28-fish.md
new file mode 100644
index 00000000..2a89d98e
--- /dev/null
+++ b/blog/2025-02-28-fish.md
@@ -0,0 +1,144 @@
+[[!meta title="testing the fish shell"]]
+
+I have been testing fish for a couple months now (this file started on
+2025-01-03T23:52:15-0500 according to `stat(1)`), and those are my
+notes. I suspect people will have Opinions about my comments here. Do
+not comment unless you have some Constructive feedback to provide: I
+don't want to know if you think I am holding it Wrong. Consider that I
+might have used UNIX shells for longer that you have lived.
+
+I'm not sure I'll keep using fish, but so far it's the first shell
+that survived heavy use outside of `zsh(1)` (unless you count
+`tsch(1)`, but that was in another millenia).
+
+My normal shell is `bash(1)`, and it's still the shell I used
+everywhere else than my laptop, as I haven't switched on all the
+servers I managed, although it [is available since August 2022](https://gitlab.torproject.org/tpo/tpa/team/-/issues/40854) on
+`torproject.org` servers.. I first got interested in fish because they
+[ported to Rust](https://fishshell.com/blog/rustport/), making it one of the rare shells out there
+written in a "safe" and modern programming language, released after an
+impressive ~2 year of work with [Fish 4.0](https://fishshell.com/blog/new-in-40/).
+
+# Cool things
+
+Current directory gets shortened,
+`~/wikis/anarc.at/software/desktop/wayland` shows up as
+`~/w/a/s/d/wayland`
+
+Autocompletion rocks.
+
+Default prompt rocks. Doesn't seem vulnerable to command injection
+assaults, at least it doesn't trip on the [git-landmine](https://github.com/jwilk/git-landmine).
+
+It even includes pipe status output, which was a *huge pain* to
+implement in bash. Made me realized that if the last command succeeds,
+we don't see other failures, which is the case of my current prompt
+anyways! Signal reporting is better than my bash implementation too.
+
+So far the only modification I have made to the prompt is to add a
+`printf '\a'` to [output a bell](https://anarc.at/blog/2022-11-08-modern-bell-urgency/).
+
+By default, fish keeps a directory history (but separate from the
+`pushd` stack), that can be navigated with `cdh`, `prevd`, and
+`nextd`, `dirh` shows the history.
+
+# Less cool
+
+I feel there's visible latency in the prompt creation.
+
+POSIX-style functions (`foo() { true }`) are unsupported. Instead,
+fish uses whitespace-sensitive definitions like this:
+
+    function foo
+        true
+    end
+
+This means my (modest) collection of POSIX functions need to be ported
+to fish. Workaround: simple functions can be turned into aliases,
+which fish supports (but implements using functions).
+    
+EOF heredocs are considered to be "[minor syntactic sugar](https://fishshell.com/docs/current/fish_for_bash_users.html#heredocs)". I find
+them frigging useful.
+
+Process substitution is split on newlines, not whitespace. you need to
+pipe through `string split -n " "` to get the equivalent.
+
+`<(cmd)` doesn't exist: [they claim](https://fishshell.com/docs/current/fish_for_bash_users.html#process-substitution) you can use `cmd | foo -` as a
+replacement, but that's not correct: I used `<(cmd)` mostly where
+`foo` does *not* support `-` as a magic character to say 'read from
+stdin'.
+
+Documentation is... limited. It seems mostly geared [the web docs](https://fishshell.com/docs/current/index.html)
+which are... okay (but I couldn't find out about
+`~/.config/fish/conf.d` there!), but this is really inconvenient when
+you're trying to browse the manual pages. For example, fish thinks
+there's a `fish_prompt` manual page, according to its own completion
+mechanism, but `man(1)` cannot find that manual page. I can't find the
+manual for the [time command](https://fishshell.com/docs/current/cmds/time.html) (which is actually a keyword!)
+
+Fish renders multi-line commands with newlines. So if your terminal
+looks like this, say:
+
+    anarcat@angela:~> sq keyring merge torproject-keyring/lavamind-
+    95F341D746CF1FC8B05A0ED5D3F900749268E55E.gpg torproject-keyrin
+    g/weasel-E3ED482E44A53F5BBE585032D50F9EBC09E69937.gpg | wl-copy
+
+... but it's actually one line, when you copy-paste the above, in
+foot(1), it will show up *exactly* like this, newlines and all:
+
+    sq keyring merge torproject-keyring/lavamind-
+    95F341D746CF1FC8B05A0ED5D3F900749268E55E.gpg torproject-keyrin
+    g/weasel-E3ED482E44A53F5BBE585032D50F9EBC09E69937.gpg | wl-copy
+
+Whereas it should show up like this:
+
+    sq keyring merge torproject-keyring/lavamind-95F341D746CF1FC8B05A0ED5D3F900749268E55E.gpg torproject-keyring/weasel-E3ED482E44A53F5BBE585032D50F9EBC09E69937.gpg | wl-copy
+
+Note that this is an issue specific to foot(1), alacritty(1) and
+gnome-terminal(1) don't suffer from that issue.
+
+# Blockers
+
+`()` is like `$()`: it's process substitution, and not a
+subshell. This is really impractical: I use `( cd foo ; do_something)`
+all the time to avoid losing the current directory... I guess I'm
+supposed to use `pushd` for this, but ouch. This wouldn't be so bad if
+it was just for `cd` though. Clean constructs like this:
+
+    ( git grep -l '^#!/.*bin/python' ; fdfind .py ) | sort -u
+
+Turn into what i find rather horrible:
+
+    begin; git grep -l '^#!/.*bin/python' ; fdfind .py ; end | sort -ub
+
+It... *works*, but it goes back to "oh dear, now there's a new
+langage again". I only found out about this construct while trying:
+
+    { git grep -l '^#!/.*bin/python' ; fdfind .py } | sort -u 
+
+... which fails and suggests using `begin`/`end`, at which point: why
+not just support the curly braces?
+
+`FOO=bar` is not allowed. It's actually recognized syntax, but creates
+a warning. We're supposed to use `set foo bar` instead. This *really*
+feels like a needless divergence from standard.
+
+Aliases are... peculiar. Typical constructs like `alias mv="\mv -i"`
+don't work because fish treats aliases as a function definition, and
+`\` is not magical there. This can be worked around by specifying the
+full path to the command, with e.g. `alias mv="/bin/mv -i"`. Another
+problem is trying to override a built-in, which seems completely
+[impossible](https://github.com/fish-shell/fish-shell/issues/3000). In my case, I *like* the `time(1)` command the way it
+is, thank you very much, and fish provides no way to bypass that
+builtin. It *is* possible to call `time(1)` with `command time`, but
+it's not possible to replace the `command` keyword so that means a lot
+of typing.
+
+Again: you can't use `\` to bypass aliases. This is a huge annoyance
+for me. I would need to learn to type `command` in long form, and I
+use that stuff pretty regularly. I guess I could alias `command` to
+`c` or something, but this is one of those huge muscle memory challenges.
+
+<kbd>alt .</kbd> doesn't *always* work the way i expect.
+
+[[!tag draft]]

diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index ac9b151d..1df943e0 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -1701,6 +1701,98 @@ In my power tests (see [[powerstat-wayland]]), the Ethernet card seems
 to use about 1.6W of power idle, without link, in the above "quirky"
 configuration where the card is functional but without autosuspend.
 
+## SSD expansion card
+
+I'm having reliability problems with the SSD expansion card. I've seen
+it completely hang and require a full reboot (even after yanking it
+out) for the kernel to recover (which, granted, sounds like a Linux
+kernel issue to me, but still...)
+
+I've also had slow transfer speeds, like 100-200KiB/s
+range. *Normally* that thing should be Really Fast. I can't find the
+original specs anymore on their main website, but the [internet
+archive provides](https://web.archive.org/web/20220924191928/https://frame.work/products/storage-expansion-card?v=FRACCFBZ0A):
+
+> With a USB 3.2 Gen 2 interface, the 1TB card exceeds 1000 MB/s read
+> and write speeds, while the 250GB card reaches 1000 MB/s read and
+> 375 MB/s write speeds.
+
+The "[2nd gen](https://frame.work/ca/en/products/storage-expansion-card-2nd-gen?v=FRACCFBZ0AR)" is supposedly:
+
+> With a USB 3.2 Gen 2 interface, both the 1TB (2nd Gen) and 250GB
+> (2nd Gen) cards reach 1000 MB/s read and 800 MB/s write speeds.
+
+Just now, for example, I transfered a couple of files (say a couple
+gigabytes) and transfer rates dropped down to 23 KiB/s in Git annex.
+
+I've filed a support request
+(`2bdd1269e014f42ee9639c547a60d781959786a98780cc050b4d4a562043aa8b@frame.work`)
+that led to a 21 message exchange which showed me Framework support
+doesn't quite have their scripts right. I was asked, in succession:
+
+1. basic questions like "when did it start?", "OS / BIOS version",
+   "make a video", "photo of the module with QR code", "try plugging
+   it elsewhere"
+2. try Ubuntu or Fedora and reset the BIOS
+3. try upgrading the UEFI firmware
+4. disconnect all cards, connect the storage card, and reboot in the
+   BIOS, take a picture
+5. try *all of your cards on all ports* (~48 tests in my case), I said
+   nope, try another storage card
+6. escalated my request
+7. try another large file, [replace the thermal pad](https://guides.frame.work/Guide/1TB+Expansion+Card+Throttling/105?lang=en), i asked to
+   clarify if they were refusing to repair the device and I had to do
+   it myself, no answer (i mean I *can*!)
+8. escalated my ticket (again)
+9. run a bunch of shell commands to extract info and dump it in a
+   tarball
+10. escalated my ticket (again, again)
+11. more questions: trying other slots, uptime, gnome-disks benchmarks
+    (which i didn't know about, but unfortunately didn't work for me)
+
+The magic command is:
+
+```
+cd ~/
+mkdir ~/framework
+journalctl > ~/framework/journal.log
+cp ~/.local/share/xorg/Xorg.0.log ~/framework/Xorg.0.log 2> /dev/null
+sudo dmidecode > ~/framework/demidecode
+sudo lspci -vv > ~/framework/lscpi.log
+sudo lsusb -vv > ~/framework/lsusb.log
+uname -a > ~/framework/uname.log
+cp /etc/os-release ~/framework/os-release
+lsblk -f > ~/framework/lsblk.log
+df -h > ~/framework/df.log
+cp /etc/fstab ~/framework/fstab.log
+tar czf framework-log.tgz ~/framework/*
+rm ~/framework/*
+rmdir ~/framework
+```
+
+Phew. I don't do hardware tech support but it *seems* to me this could
+have been shortened a bit, with a baked in checklist like:
+
+ 1. provide basic details like BIOS version number, a photo of the
+    module, when the problem started, which operating system you're
+    using, which laptop revision, etc
+ 2. reset the BIOS to defaults
+ 3. upgrade to the latest BIOS
+ 4. disconnect all cards except the affected one, reboot in the BIOS
+    to confirm it is detected
+ 5. try to reproduce with another storage device
+ 6. try in Fedora or Ubuntu
+
+Batching those in a *single* email would have sped up things both for
+me and them quite significantly. The above 10 queries took place in an
+exchange of 21 emails spanning 6 full days, and is still unsolved, 10
+days later.
+
+Update, 2025-02-28: seems like the issue is particularly affecting a
+single port, which Framework support says might be caused by the port
+and not the storage card. This could also explain issues I've had with
+the [SD card reader](https://community.frame.work/t/sd-card-reader-failure/60790) and the [USB-A port](https://community.frame.work/t/solved-usb-a-expansion-card-stops-working-until-unplugged/26579/14) for the longest time.
+
 ## Proprietary firmware blobs
 
 The framework does need proprietary firmware to operate. Specifically:

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index 04ae60cd..15695774 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -471,6 +471,11 @@ ships packages for Windows and MacOS. There are third-party
 derivatives as well including a [web version](https://qalculator.xyz/) and an [Android
 app](https://f-droid.org/en/packages/com.jherkenhoff.qalculate/).
 
+# Updates
+
+Colin Watson liked this blog post and was inspired to [write his own
+hacks](https://www.chiark.greenend.org.uk/~cjwatson/blog/qalculate-time-hacks.html), similar to what's here, but with extras, check it out!
+
 [[!tag debian-planet python-planet software review math]]
 
 [[!mastodon "https://kolektiva.social/@Anarcat/113971985775192655"]]

diff --git a/software/zfs.md b/software/zfs.md
index 68afc10f..83e625d8 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -108,6 +108,9 @@ with standard LUKS instead of ZFS encryption:
     documentation](https://www.truenas.com/docs/references/draidprimer/) doesn't recommend dRAID except in special
     circumstances.
 
+    [This guide](https://calomel.org/zfs_raid_speed_capacity.html) talks more about the different RAID types and
+    compares performance.
+
  5. Make an actual filesystem:
  
         zfs create -o mountpoint=/srv-zfs tank/srv

diff --git a/blog.mdwn b/blog.mdwn
index ea26f0b6..df76e9b4 100644
--- a/blog.mdwn
+++ b/blog.mdwn
@@ -97,6 +97,22 @@ more socially acceptable and less politically controversial.
 <!-- add it. yes, this is kind of silly. -->
 
 <!-- end copy-paste -->
+## 2025
+
+[[!inline pages="
+(
+  page(blog/*)
+  or tagged(blog)
+)
+and creation_year(2025)
+and !blog/*/*
+and !link(foo)
+and !tagged(draft)
+and !tagged(redirection)"
+archive=yes
+quick=yes
+]]
+
 ## 2024
 
 [[!inline pages="

diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 9706a905..a38c1afb 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -53,14 +53,10 @@ See [[services/backup]] for backup and drive replacement procedures.
 
 ## 2025 disk growth
 
-Added 2x8TiB drives.
-
-Issue with temperature warnings.
-
-Switched to ZFS for the new array because LVM was refusing to add a
-new RAID-1 array to the VG because of different block size (old disks
-are 512 logical / 4096 physical, new disks are 4k/4k). The actual
-error from `vgextend` was:
+Switched to ZFS on 2025-02-10 to add two new 8TiB drives because LVM
+was refusing to add a new RAID-1 array to the VG because of different
+block size (old disks are 512 logical / 4096 physical, new disks are
+4k/4k). The actual error from `vgextend` was:
 
 ```
 Devices have inconsistent logical block sizes (512 and 4096).
@@ -75,6 +71,31 @@ encryption.
 
 The `rsync` took 2d9 h40m, or 57h40m. Resync took 1h5m.
 
+Interestingly, zstd compression didn't give us any significant gain in
+disk capacity:
+
+```
+root@marcos:/home/anarcat# df   /mnt /srv
+Sys. de fichiers       blocs de 1K    Utilisé Disponible Uti% Monté sur
+/dev/mapper/vg_hdd-srv  7512681384 7276294760  161208316  98% /mnt
+tank/srv                7667172736 7240802944  426369792  95% /srv
+```
+
+But you'll note that the ZFS dataset gives us more room than ext4, for
+some reason:
+
+```
+root@marcos:/home/anarcat# df -h  /mnt /srv
+Sys. de fichiers       Taille Utilisé Dispo Uti% Monté sur
+/dev/mapper/vg_hdd-srv   7,0T    6,8T  154G  98% /mnt
+tank/srv                 7,2T    6,8T  407G  95% /srv
+```
+
+... 250GiGB! Note sure where that's coming from, but the capacity is larger.
+
+The old disk array wasn't yet added to the ZFS pool: for that the
+drives need to be reformatted, encrypted, and re-added to the pool.
+
 ## 2024 Fan replacement
 
 From the 2020 replacement, the server has always been away, either in
diff --git a/software/zfs.md b/software/zfs.md
index c67b324f..68afc10f 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -72,6 +72,42 @@ with standard LUKS instead of ZFS encryption:
             tank \
             mirror /dev/mapper/crypt_dev_sde1 /dev/mapper/crypt_dev_sdd1
 
+    That creatures a "mirror" pool with the two drives, which is
+    essentially a RAID-1 mirror. You could also do a RAID-Z pool, if
+    you have an odd number of drives, which is sort of like a RAID-5
+    array, except you have a flexible number of spares:
+    
+        zpool create \
+            -o ashift=12 \
+            -O acltype=posixacl -O xattr=sa -O dnodesize=auto \
+            -O compression=zstd \
+            -O relatime=on \
+            -O canmount=off \
+            -O mountpoint=none \
+            -f \
+            tank \
+            raidz sda1 sdb1 sdc1
+
+    To calculate the tradeoff, you can compute the final size of the
+    array with the formula `(N-P)*X`, where N is the number of drives,
+    P is the parity, and X is the size. 
+    
+    As a rule of thumb, with 1 spare, it's like RAID-5. Note that
+    RAID-Z cannot be resized, so in the above, you will be stuck with
+    3 drives in that array forever. It *can* be grown in *size* by
+    replacing the drives with bigger ones progressively, that said.
+    
+    Jim Salter [recommends mirrors instead of RAID-Z](https://jrs-s.net/2015/02/06/zfs-you-should-use-mirror-vdevs-not-raidz/), but the
+    [rsync.net people recommend RAID-Z3 with 12-15 drives joined in
+    3-4 vdev pools](https://news.ycombinator.com/item?id=25360013) (which would make ~20-36PiB arrays with 8TiB
+    drives, by the way). Note that this means *three* spares in a
+    12-15 drive array, or a 20-25% ratio.
+    
+    [dRAID](https://openzfs.github.io/openzfs-docs/Basic%20Concepts/dRAID%20Howto.html) is similar, except resilvering is faster, as the spare
+    is distributed among all the devices. The [TrueNAS
+    documentation](https://www.truenas.com/docs/references/draidprimer/) doesn't recommend dRAID except in special
+    circumstances.
+
  5. Make an actual filesystem:
  
         zfs create -o mountpoint=/srv-zfs tank/srv
@@ -211,6 +247,83 @@ IO statistics, every second:
 
     zpool iostat 1
 
+
+# Extending a pool
+
+Say you have a pool that's mirrored between two encrypted drives:
+
+```
+root@marcos:/home/anarcat# zpool status 
+  pool: tank
+ state: ONLINE
+  scan: scrub repaired 0B in 1 days 12:16:25 with 0 errors on Mon Feb 10 12:41:24 2025
+config:
+
+        NAME                STATE     READ WRITE CKSUM
+        tank                ONLINE       0     0     0
+          mirror-0          ONLINE       0     0     0
+            crypt_dev_sdb1  ONLINE       0     0     0
+            crypt_dev_sdc1  ONLINE       0     0     0
+```
+
+You want to grow this array with two more mirrored drives. 
+
+ 1. First, partition the drives:
+
+        for disk in /dev/sde /dev/sdd ; do
+          parted -s $disk mklabel gpt &&
+          parted -s $disk -a optimal mkpart primary 0% 100%
+        done
+
+ 2. Setup full disk encryption:
+ 
+        for disk in sde1 sdd1 ; do
+            cryptsetup luksFormat /dev/$disk
+            cryptsetup luksOpen /dev/$disk crypt_dev_$disk
+            echo crypt_dev_$disk UUID=$(lsblk -n -o UUID /dev/$disk | head -1) none luks,discard | tee -a /etc/crypttab &&
+        done
+
+    Use a `--keyfile` to avoid typing, while retaining the backup
+    recovery password:
+
+        for disk in sde1 sdd1 ; do
+            cryptsetup luksFormat /dev/$disk &&
+            cryptsetup luksOpen /dev/$disk crypt_dev_$disk &&
+            mkdir -p -m 0 /etc/luks &&
+            ( umask 077 && dd if=/dev/random bs=64 count=128 of=/etc/luks/crypt_dev_$disk ) &&
+            cryptsetup luksAddKey /dev/$disk /etc/luks/crypt_dev_$disk &&
+            echo crypt_dev_$disk UUID=$(lsblk -n -o UUID /dev/$disk | head -1) /etc/luks/crypt_dev_$disk luks,discard | tee -a /etc/crypttab
+        done
+
+    The above will ask you for the encryption key *four* times, but
+    will not require typing it on boot *while* simultaneously allowing
+    recovery without the key file.
+
+ 3. add the drives as a mirror vdev to the pool:
+
+        root@marcos:/home/anarcat# zpool add -n tank mirror /dev/sdb2 /dev/sdd2
+        would update 'tank' to the following configuration:
+        
+                tank
+                  mirror-0
+                    crypt_dev_sdb1
+                    crypt_dev_sdc1
+                  mirror
+                    sdb2
+                    sdd2
+
+    Notice how we use `-n` to simulate the result here. This adds another
+    mirror, essentially turning the pool in a RAID-10 mirror. See also
+    the notes about RAID-Z and dRAID in the pool creation above. 
+    
+    Note that this is likely *not* the right time to change the pool
+    layout: if you have a mirror layout, keep a mirror layout. If you
+    have a RAID-Z layout, keep that layout as well, just make a new
+    RAID-Z vdev instead.
+
+Note that you `zpool add`, you do *not* `zpool attach`: that would add
+a spare to a mirror, effectively.
+
 # Mounts
 
 ## Mounting

diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index e6cfbe87..9706a905 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -73,6 +73,8 @@ The [[software/zfs]] page has the goods on how the pool was created,
 with a normal LUKS encryption under it to avoid trouble with ZFS
 encryption.
 
+The `rsync` took 2d9 h40m, or 57h40m. Resync took 1h5m.
+
 ## 2024 Fan replacement
 
 From the 2020 replacement, the server has always been away, either in

diff --git a/software/zfs.md b/software/zfs.md
index e66a38dd..c67b324f 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -226,7 +226,7 @@ Note that it will mount the device in its pre-defined `mountpoint`
 property. In the above, it was `/boot`. If you want to change its
 mountpoint, it can be done on the fly with:
 
-    zfs set -o mountpoint=/mnt/boot bpool/ROOT/debian
+    zfs set mountpoint=/mnt/boot bpool/ROOT/debian
 
 If the dataset is already mounted, it will be *moved* to that new
 location immediately. Note that the parent pool's `altroot` property

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index 3012b1bd..04ae60cd 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -152,6 +152,10 @@ It has been 256 days since the exchange rates last were updated.
 Do you wish to update the exchange rates now? y
 ```
 
+As a [reader pointed out](https://en.osm.town/@mdione/113979012459360601), you can [set the refresh rate for
+currencies](https://qalculate.github.io/manual/qalculate-units.html#qalculate-currency), as [some countries](https://en.wikipedia.org/wiki/Economy_of_Argentina) will require way more frequent
+exchange rates.
+
 The graphical version has a little graphical indicator that, when you
 mouse over, tells you where the rate comes from.
 

diff --git a/blog/2025-02-09-one-failed-year.md b/blog/2025-02-09-one-failed-year.md
index 8392191b..44411c38 100644
--- a/blog/2025-02-09-one-failed-year.md
+++ b/blog/2025-02-09-one-failed-year.md
@@ -216,7 +216,28 @@ I will, of course, still read comments sent by email or IRC or social
 media, but please, be kind.
 
 You can also, of course, follow the latest changes on the [TPA
-wiki](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/). 
+wiki](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/). If you want to catch up with the last year, some of the
+"novellas" I wrote include:
+
+- [TPA-RFC-33: Monitoring](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-33-monitoring): Nagios to Prometheus conversion, see
+  also the extensive [Prometheus documentation](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/prometheus) we wrote
+- [TPA-RFC-45: email architecture](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-45-mail-architecture): draft of long-term email
+  services at `torproject.org`
+- [TPA-RFC-62: TPA password manager](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-62-tpa-password-manager): switch to password-store
+- [TPA-RFC-63: storage server budget](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-63-storage-server-budget): buy a new backup storage
+  server (5k$ + 100$/mth)
+- [TPA-RFC-65: PostgreSQL backups](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-65-postgresql-backups): switching from legacy to
+  pgBackRest for database backups
+- [TPA-RFC-68: Idle canary servers](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-68-idle-canary-servers): provision test servers that
+  sit idle to monitor infrastructure and stage deployments
+- [TPA-RFC-71: Emergency email deployments, phase B](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-71-emergency-email-deployments-round-2): deploy a new
+  sender-rewriting mail forwarder, migrate mailing lists off the
+  legacy server to a new machine, migrate the remaining Schleuder list
+  to the Tails server, upgrade eugeni.
+- [TPA-RFC-76: Puppet merge request workflow](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-76-puppet-merge-request-workflow): how to mirror our
+  private Puppet repo to GitLab safely
+- [TPA-RFC-79: General merge request workflows](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-79-general-merge-request-workflows): how to use merge
+  requests, assignees, reviewers, draft and threads on GitLab projects
 
 (Well, no, you can't actually follow changes on a GitLab wiki. But we
 have a [wiki-replica git repository](https://gitlab.torproject.org/tpo/tpa/wiki-replica/) where you can see the [latest

diff --git a/blog/2025-02-09-one-failed-year.md b/blog/2025-02-09-one-failed-year.md
index a04eba86..8392191b 100644
--- a/blog/2025-02-09-one-failed-year.md
+++ b/blog/2025-02-09-one-failed-year.md
@@ -15,7 +15,9 @@ analysis... Then I said, and I quote:
 > but things hold up pretty well for what we throw at it, and it's worth
 > sharing that with the world...
 
-What a pile of bollocks.
+What a load of bollocks.
+
+[[!toc]]
 
 # A bad year for this blog
 
@@ -33,7 +35,7 @@ I did write about my work though, detailing the [migration from
 Gitolite to GitLab we completed that year](https://anarc.at/blog/2024-05-01-gitolite-gitlab-migration/). But after August, total
 radio silence until now.
 
-# Lots of drafts
+# Loads of drafts
 
 It's not that I have nothing to say: I have no less than *five* drafts
 in my working tree here, not counting three *actual* drafts recorded
@@ -63,9 +65,9 @@ Another part of me wants to make those things *just right*. The
 links, far from being useful for anyone else than me, and even
 then.
 
-The `on-dying` article, in particular, is becoming my
-nemesis. I've been wanting to write that article for over 6 years now,
-I think. It's just too hard.
+The `on-dying` article, in particular, is becoming my nemesis. I've
+been wanting to write that article for over 6 years now, I think. It's
+just too hard.
 
 # Writing elsewhere
 
@@ -86,8 +88,8 @@ anarcat@angela:help.torproject.org$ git shortlog --numbered --summary --group="f
     17	groente
 ```
 
-... but that's a bit unfair, since I've been there forever. Here's the
-last year:
+... but that's a bit unfair, since I've been there half a
+decade. Here's the last year:
 
 ```
 anarcat@angela:help.torproject.org$ git shortlog --since=2024-01-01 --numbered --summary --group="format:%al" | head -10
@@ -103,8 +105,9 @@ anarcat@angela:help.torproject.org$ git shortlog --since=2024-01-01 --numbered -
      4	stephen.swift
 ```
 
-Still kind of massive! But to truly get a sense of the amount I wrote
-in there, we should count the number of lines:
+So I still write the most commits! But to truly get a sense of the
+amount I wrote in there, we should count actual changes. Here it is by
+number of lines (from [commandlinefu.com](https://www.commandlinefu.com/commands/view/3889/prints-per-line-contribution-per-author-for-a-git-repository)):
 
 ```
 anarcat@angela:help.torproject.org$ git ls-files | xargs -n1 git blame --line-porcelain | sed -n 's/^author //p' | sort -f | uniq -ic | sort -nr | head -10
@@ -140,11 +143,31 @@ anarcat@angela:help.torproject.org$ find [d-s]* -type f -mtime -365 | xargs -n1
 ```
 
 Pretty good! 75k lines. But those are the files that were modified in
-the last year. If we go a little more nuts, we find that I wrote
-126116 words in that wiki, only in the last year. I also *deleted* 37k
-words, so the final total is more like 89k words, but still: that's
-about *forty* (40!) articles of the average size (~2k) I wrote in
-2022.
+the last year. If we go a [little more nuts](https://gitlab.com/anarcat/scripts/-/blob/1a754448170387db4d70dad22d30a99b00ac58fc/git-count-words-range.py), we find that:
+
+```
+anarcat@angela:help.torproject.org$ $ git-count-words-range.py  | sort -k6 -nr | head -10
+parsing commits for words changes from command: git log '--since=1 year ago' '--format=%H %al'
+anarcat 126116 - 36932 = 89184
+zen 31774 - 5749 = 26025
+groente 9732 - 607 = 9125
+lelutin 10768 - 2578 = 8190
+jerome 6236 - 2586 = 3650
+gaba 3164 - 491 = 2673
+stephen.swift 2443 - 673 = 1770
+kez 1034 - 74 = 960
+micah 772 - 250 = 522
+weasel 410 - 0 = 410
+```
+
+I wrote 126,116 words in that wiki, only in the last year. I also
+*deleted* 37k words, so the final total is more like 89k words, but
+still: that's about *forty* (40!) articles of the average size (~2k) I
+wrote in 2022.
+
+(And yes, I did go nuts and write a new log parser, essentially from
+scratch, to figure out those word diffs. I did get the courage only
+after asking GPT-4o for an example first, I must admit.)
 
 Let's celebrate that again: I wrote 90 thousand words in that wiki
 in 2024. [According to Wikipedia](https://en.wikipedia.org/wiki/Book#Fiction), a "novella" is 17,500 to 40,000
@@ -201,5 +224,4 @@ commits](https://gitlab.torproject.org/tpo/tpa/wiki-replica/-/commits/master), a
 
 See you there!
 
-[[!tag draft]]
-
+[[!tag debian-planet python-planet gloating meta stats]]

diff --git a/blog/2025-02-09-one-failed-year.md b/blog/2025-02-09-one-failed-year.md
index 7c152504..a04eba86 100644
--- a/blog/2025-02-09-one-failed-year.md
+++ b/blog/2025-02-09-one-failed-year.md
@@ -202,3 +202,4 @@ commits](https://gitlab.torproject.org/tpo/tpa/wiki-replica/-/commits/master), a
 See you there!
 
 [[!tag draft]]
+

diff --git a/blog/2025-02-09-one-failed-year.md b/blog/2025-02-09-one-failed-year.md
index ddbf4883..7c152504 100644
--- a/blog/2025-02-09-one-failed-year.md
+++ b/blog/2025-02-09-one-failed-year.md
@@ -201,4 +201,4 @@ commits](https://gitlab.torproject.org/tpo/tpa/wiki-replica/-/commits/master), a
 
 See you there!
 
-[[!tag debian-planet python-planet gloating meta stats]]
+[[!tag draft]]

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index 440f1836..3012b1bd 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -96,7 +96,7 @@ you count the number of possibilities in each entry (say, `[a-z]` is
 26 possibilities, "one word in a 8k dictionary" is 8000), extract the
 base-2 logarithm, multiplied by the number of entries.
 
-For example, an alphanumeric 14-character password is:
+For example, an alphabetic 14-character password is:
 
 ```
 > log2(26*2)*14
@@ -104,8 +104,8 @@ For example, an alphanumeric 14-character password is:
   log₂(26 × 2) × 14 ≈ 79.81
 ```
 
-... 80 bits of entropy. To get the equivalent in a diceware password
-with a 8000 word dictionary, you would need:
+... 80 bits of entropy. To get the equivalent in a [Diceware](https://en.wikipedia.org/wiki/Diceware)
+password with a 8000 word dictionary, you would need:
 
 ```
 > log2(8k)*x = 80
diff --git a/blog/2025-02-09-one-failed-year.md b/blog/2025-02-09-one-failed-year.md
new file mode 100644
index 00000000..ddbf4883
--- /dev/null
+++ b/blog/2025-02-09-one-failed-year.md
@@ -0,0 +1,204 @@
+[[!meta title="A slow blogging year"]]
+
+Well, 2024 will be remembered, won't it? I guess 2025 already wants to
+make its mark too, but let's not worry about that right now, and
+instead let's talk about me.
+
+A [[little over a year ago|2024-01-08-one-more-year]], I was gloating
+over how I had such a great blogging year in 2022, and was considering
+2023 to be average, then went on to gather more stats and traffic
+analysis... Then I said, and I quote:
+
+> I hope to write more next year. I've been thinking about a few posts I
+> could write for work, about how things work behind the scenes at Tor,
+> that could be informative for many people. We run a rather old setup,
+> but things hold up pretty well for what we throw at it, and it's worth
+> sharing that with the world...
+
+What a pile of bollocks.
+
+# A bad year for this blog
+
+2024 was the second worst year ever in my blogging history, tied with
+2009 at a measly 6 posts for the year:
+
+```
+anarcat@angela:anarc.at$ curl -sSL https://anarc.at/blog/ | grep 'href="\./' | grep -o 20[0-9][0-9] | sort | uniq -c | sort -nr | grep -v 2025 | tail -3
+      6 2024
+      6 2009
+      3 2014
+```
+
+I did write about my work though, detailing the [migration from
+Gitolite to GitLab we completed that year](https://anarc.at/blog/2024-05-01-gitolite-gitlab-migration/). But after August, total
+radio silence until now.
+
+# Lots of drafts
+
+It's not that I have nothing to say: I have no less than *five* drafts
+in my working tree here, not counting three *actual* drafts recorded
+in the Git repository here:
+
+```
+anarcat@angela:anarc.at$ git s blog
+## main...origin/main
+?? blog/bell-bot.md
+?? blog/fish.md
+?? blog/kensington.md
+?? blog/nixos.md
+?? blog/tmux.md
+anarcat@angela:anarc.at$ git grep -l '\!tag draft'
+blog/mobile-massive-gallery.md
+blog/on-dying.mdwn
+blog/secrets-recovery.md
+```
+
+I just don't have time to wrap those things up. I think part of me is
+disgusted by seeing my work [stolen by large corporations](https://arstechnica.com/tech-policy/2025/02/meta-torrented-over-81-7tb-of-pirated-books-to-train-ai-authors-say/) to build
+proprietary large language models while my [idols](https://en.wikipedia.org/wiki/Aaron_Swartz) have been pushed
+to suicide for trying to share science with the world.
+
+Another part of me wants to make those things *just right*. The
+"tagged drafts" above are nothing more than a huge pile of chaotic
+links, far from being useful for anyone else than me, and even
+then.
+
+The `on-dying` article, in particular, is becoming my
+nemesis. I've been wanting to write that article for over 6 years now,
+I think. It's just too hard.
+
+# Writing elsewhere
+
+There's also the fact that I write for work already. A lot. Here are
+the top-10 contributors to our team's wiki:
+
+```
+anarcat@angela:help.torproject.org$ git shortlog --numbered --summary --group="format:%al" | head -10
+  4272	anarcat
+   423	jerome
+   117	zen
+   116	lelutin
+   104	peter
+    58	kez
+    45	irl
+    43	hiro
+    18	gaba
+    17	groente
+```
+
+... but that's a bit unfair, since I've been there forever. Here's the
+last year:
+
+```
+anarcat@angela:help.torproject.org$ git shortlog --since=2024-01-01 --numbered --summary --group="format:%al" | head -10
+   827	anarcat
+   117	zen
+   116	lelutin
+    91	jerome
+    17	groente
+    10	gaba
+     8	micah
+     7	kez
+     5	jnewsome
+     4	stephen.swift
+```
+
+Still kind of massive! But to truly get a sense of the amount I wrote
+in there, we should count the number of lines:
+
+```
+anarcat@angela:help.torproject.org$ git ls-files | xargs -n1 git blame --line-porcelain | sed -n 's/^author //p' | sort -f | uniq -ic | sort -nr | head -10
+  99046 Antoine Beaupré
+   6900 Zen Fu
+   4784 Jérôme Charaoui
+   1446 Gabriel Filion
+   1146 Jerome Charaoui
+    837 groente
+    705 kez
+    569 Gaba
+    381 Matt Traudt
+    237 Stephen Swift
+```
+
+That, of course, is the entire history of the git repo, again. We
+should take only the last year into account, and probably ignore the
+`tails` directory, as sneaky Zen Fu imported the entire docs from
+another wiki there...
+
+```
+anarcat@angela:help.torproject.org$ find [d-s]* -type f -mtime -365 | xargs -n1 git blame --line-porcelain 2>/dev/null | sed -n 's/^author //p' | sort -f | uniq -ic | sort -nr | head -10
+  75037 Antoine Beaupré
+   2932 Jérôme Charaoui
+   1442 Gabriel Filion
+   1400 Zen Fu
+    929 Jerome Charaoui
+    837 groente
+    702 kez
+    569 Gaba
+    381 Matt Traudt
+    237 Stephen Swift
+```
+
+Pretty good! 75k lines. But those are the files that were modified in
+the last year. If we go a little more nuts, we find that I wrote
+126116 words in that wiki, only in the last year. I also *deleted* 37k
+words, so the final total is more like 89k words, but still: that's
+about *forty* (40!) articles of the average size (~2k) I wrote in
+2022.
+
+Let's celebrate that again: I wrote 90 thousand words in that wiki
+in 2024. [According to Wikipedia](https://en.wikipedia.org/wiki/Book#Fiction), a "novella" is 17,500 to 40,000
+words, which would mean I wrote about a novella and a novel, in the
+past year.
+
+But interestingly, if I look at the [repository analytics](https://gitlab.torproject.org/tpo/tpa/wiki-replica/-/graphs/master?ref_type=heads). I
+certainly didn't write *that* much more in the past year. So that
+alone cannot explain the lull in my production here.
+
+# Arguments
+
+Another part of me is just tired of the bickering and arguing on the
+internet. I have at least two articles in there that I suspect is
+going to get me a lot of push-back (NixOS and Fish). I know how to
+deal with this: you need to write well, consider the controversy,
+spell it out, and defuse things before they happen. But that's hard
+work and, frankly, I don't really care that much about what people
+think anymore.
+
+I'm not writing here to convince people. I have stop evangelizing a
+long time ago. Now, I'm more into documenting, and teaching. And,
+while teaching, there's a two-way interaction: when you give out a

(Diff truncated)

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index 9e402b1e..440f1836 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -446,12 +446,15 @@ Qalculate can:
 I have a hard time finding things it *cannot* do. When I get there, I
 typically need to resort to programming code in Python, use a
 spreadsheet, and others will turn to more complete engines like
-[Maple](https://en.wikipedia.org/wiki/Maple_(software)), [Mathematica](https://en.wikipedia.org/wiki/Wolfram_Mathematica) or [R](https://en.wikipedia.org/wiki/R_(programming_language)).
+[Maple][], [Mathematica](https://en.wikipedia.org/wiki/Wolfram_Mathematica) or [R][].
 
 But for daily use, Qalculate is just fantastic.
 
 And it's pink! Use it!
 
+[Maple]: https://en.wikipedia.org/wiki/Maple_(software)
+[R]: https://en.wikipedia.org/wiki/R_(programming_language)
+
 # Further reading and installation
 
 This is just scratching the surface, the [fine manual](https://qalculate.github.io/manual/) has more

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index dcc58cef..9e402b1e 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -465,3 +465,5 @@ derivatives as well including a [web version](https://qalculator.xyz/) and an [A
 app](https://f-droid.org/en/packages/com.jherkenhoff.qalculate/).
 
 [[!tag debian-planet python-planet software review math]]
+
+[[!mastodon "https://kolektiva.social/@Anarcat/113971985775192655"]]

diff --git a/blog/2024-01-08-one-more-year.md b/blog/2024-01-08-one-more-year.md
index 3f43bacb..e6826bcd 100644
--- a/blog/2024-01-08-one-more-year.md
+++ b/blog/2024-01-08-one-more-year.md
@@ -19,8 +19,7 @@ The other thing that happened is that the one-liner I used to collect
 stats was broken (it counted folders and other unrelated files) and
 wildly overestimated 2022! Turns out I didn't write *that* much then:
 
-    anarc.at$ ls blog | grep '^[0-9][0-9][0-9][0-9].*.md' | se
-    d s/-.*// | sort | uniq -c  | sort -n -k2
+    anarc.at$ ls blog | grep '^[0-9][0-9][0-9][0-9].*.md' | sed s/-.*// | sort | uniq -c  | sort -n -k2
          57 2005
          43 2006
          20 2007
@@ -213,4 +212,4 @@ coming 2024 year...
 
 
 <!-- posted to the federation on 2024-01-09T15:38:17.848871 -->
-[[!mastodon "https://kolektiva.social/@Anarcat/111727915674900043"]]
\ No newline at end of file
+[[!mastodon "https://kolektiva.social/@Anarcat/111727915674900043"]]

diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 42bf28e8..e6cfbe87 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -51,6 +51,28 @@ with new hardware in 2020.
 
 See [[services/backup]] for backup and drive replacement procedures.
 
+## 2025 disk growth
+
+Added 2x8TiB drives.
+
+Issue with temperature warnings.
+
+Switched to ZFS for the new array because LVM was refusing to add a
+new RAID-1 array to the VG because of different block size (old disks
+are 512 logical / 4096 physical, new disks are 4k/4k). The actual
+error from `vgextend` was:
+
+```
+Devices have inconsistent logical block sizes (512 and 4096).
+```
+
+There is apparently the solution of using `allow_mixed_block_sizes`
+but that seemed [really unsafe](https://unix.stackexchange.com/a/676537/30227)).
+
+The [[software/zfs]] page has the goods on how the pool was created,
+with a normal LUKS encryption under it to avoid trouble with ZFS
+encryption.
+
 ## 2024 Fan replacement
 
 From the 2020 replacement, the server has always been away, either in
diff --git a/software/zfs.md b/software/zfs.md
index 76ea279f..e66a38dd 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -12,6 +12,94 @@ instead.
  * [[Migration of a workstation to ZFS|blog/2022-11-17-zfs-migration]]
  * [[New server installation|hardware/tubman]]
 
+## New pool creation
+
+The above instructions are "full ZFS" setups, with even the root and
+boot partitions under ZFS, which is a little ... involved. A simpler
+setup is to use a normal install for the root and boot partitions, but
+ZFS for, say, `/srv`.
+
+Here we're assuming you're setting up a simple two-disk array, or
+"pool" in ZFS parlance, made of `/dev/sde` and `/dev/sdd`, encrypted
+with standard LUKS instead of ZFS encryption:
+
+ 1. Install requirements
+ 
+        apt install zfs-dkms zfsutils-linux
+        modprobe zfs
+
+ 2. Partition the disks:
+
+        for disk in /dev/sde /dev/sdd ; do
+          parted -s $disk mklabel gpt &&
+          parted -s $disk -a optimal mkpart primary 0% 100%
+        done
+
+ 3. Setup full disk encryption:
+ 
+        for disk in sde1 sdd1 ; do
+            cryptsetup luksFormat /dev/$disk
+            cryptsetup luksOpen /dev/$disk crypt_dev_$disk
+            echo crypt_dev_$disk UUID=$(lsblk -n -o UUID /dev/$disk | head -1) none luks,discard | tee -a /etc/crypttab &&
+        done
+
+    Use a `--keyfile` to avoid typing, while retaining the backup
+    recovery password:
+
+        for disk in sde1 sdd1 ; do
+            cryptsetup luksFormat /dev/$disk &&
+            cryptsetup luksOpen /dev/$disk crypt_dev_$disk &&
+            mkdir -p -m 0 /etc/luks &&
+            ( umask 077 && dd if=/dev/random bs=64 count=128 of=/etc/luks/crypt_dev_$disk ) &&
+            cryptsetup luksAddKey /dev/$disk /etc/luks/crypt_dev_$disk &&
+            echo crypt_dev_$disk UUID=$(lsblk -n -o UUID /dev/$disk | head -1) /etc/luks/crypt_dev_$disk luks,discard | tee -a /etc/crypttab
+        done
+
+    The above will ask you for the encryption key *four* times, but
+    will not require typing it on boot *while* simultaneously allowing
+    recovery without the key file.
+
+ 4. Create the pool:
+ 
+        zpool create \
+            -o ashift=12 \
+            -O acltype=posixacl -O xattr=sa -O dnodesize=auto \
+            -O compression=zstd \
+            -O relatime=on \
+            -O canmount=off \
+            -O mountpoint=none \
+            -f \
+            tank \
+            mirror /dev/mapper/crypt_dev_sde1 /dev/mapper/crypt_dev_sdd1
+
+ 5. Make an actual filesystem:
+ 
+        zfs create -o mountpoint=/srv-zfs tank/srv
+
+This should result in the following:
+
+```
+root@marcos:/etc/luks# zpool status
+  pool: tank
+ state: ONLINE
+config:
+
+        NAME                STATE     READ WRITE CKSUM
+        tank                ONLINE       0     0     0
+          mirror-0          ONLINE       0     0     0
+            crypt_dev_sdb1  ONLINE       0     0     0
+            crypt_dev_sdc1  ONLINE       0     0     0
+
+errors: No known data errors
+root@marcos:/etc/luks# zfs list
+NAME   USED  AVAIL     REFER  MOUNTPOINT
+tank   432K  7.14T       96K  none
+root@marcos:/etc/luks# zfs list
+NAME       USED  AVAIL     REFER  MOUNTPOINT
+tank       600K  7.14T       96K  none
+tank/srv    96K  7.14T       96K  /srv-zfs
+```
+
 ## Issues
 
 ### Swap

diff --git a/tag/math.mdwn b/tag/math.mdwn
new file mode 100644
index 00000000..f2c20b7b
--- /dev/null
+++ b/tag/math.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged math"]]
+
+[[!inline pages="tagged(math)" actions="no" archive="yes"
+feedshow=10]]

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
index 6d29f4f9..dcc58cef 100644
--- a/blog/2025-02-08-qalculate-hacks.md
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -1,10 +1,13 @@
+[[!meta title="Qalculate hacks"]]
+
 This is going to be a controversial statement because some people are
 absolute nerds about this, but, I need to say it.
 
 [Qalculate](https://qalculate.github.io/) is the best calculator that has ever been made.
 
 I am not going to try to convince you of this, I just wanted to put
-out my bias out there before writing down those notes.
+out my bias out there before writing down those notes. I am a total
+fan.
 
 This page will collect my notes of cool hacks I do with
 Qalculate. Most examples are copy-pasted from the command-line
@@ -13,6 +16,8 @@ it's slightly better at displaying complex formulas. Discoverability
 is obviously also better for the cornucopia of features this fantastic
 application ships.
 
+[[!toc levels=3]]
+
 # Qalc commandline primer
 
 On Debian, Qalculate's CLI interface can be installed with:
@@ -458,3 +463,5 @@ Qalculate is packaged for [over 30 Linux distributions](https://repology.org/pro
 ships packages for Windows and MacOS. There are third-party
 derivatives as well including a [web version](https://qalculator.xyz/) and an [Android
 app](https://f-droid.org/en/packages/com.jherkenhoff.qalculate/).
+
+[[!tag debian-planet python-planet software review math]]

diff --git a/blog/2025-02-08-qalculate-hacks.md b/blog/2025-02-08-qalculate-hacks.md
new file mode 100644
index 00000000..6d29f4f9
--- /dev/null
+++ b/blog/2025-02-08-qalculate-hacks.md
@@ -0,0 +1,460 @@
+This is going to be a controversial statement because some people are
+absolute nerds about this, but, I need to say it.
+
+[Qalculate](https://qalculate.github.io/) is the best calculator that has ever been made.
+
+I am not going to try to convince you of this, I just wanted to put
+out my bias out there before writing down those notes.
+
+This page will collect my notes of cool hacks I do with
+Qalculate. Most examples are copy-pasted from the command-line
+interface (`qalc(1)`), but I typically use the graphical interface as
+it's slightly better at displaying complex formulas. Discoverability
+is obviously also better for the cornucopia of features this fantastic
+application ships.
+
+# Qalc commandline primer
+
+On Debian, Qalculate's CLI interface can be installed with:
+
+    apt install qalc
+
+Then you start it with the `qalc` command, and end up on a prompt:
+
+```
+anarcat@angela:~$ qalc
+> 
+```
+
+Then it's a normal calculator:
+
+```
+anarcat@angela:~$ qalc
+> 1+1
+
+  1 + 1 = 2
+
+> 1/7
+
+  1 / 7 ≈ 0.1429
+
+> pi
+
+  pi ≈ 3.142
+
+> 
+```
+
+There's a bunch of variables to control display, approximation, and so
+on:
+
+```
+> set precision 6
+> 1/7
+
+  1 / 7 ≈ 0.142857
+> set precision 20
+> pi
+
+  pi ≈ 3.1415926535897932385
+```
+
+When I need more, I typically browse around the menus. One big issue I
+have with Qalculate is there are a *lot* of menus and features. I had
+to fiddle quite a bit to figure out that `set precision` command
+above. I might add more examples here as I find them.
+
+# Bandwidth estimates
+
+I often use the data units to estimate bandwidths. For example, here's
+what 1 megabit per second is over a month ("about 300 GiB"):
+
+```
+> 1 megabit/s * 30 day to gibibyte 
+
+  (1 megabit/second) × (30 days) ≈ 301.7 GiB
+```
+
+Or, "how long will it take to download X", in this case, 1GiB over a
+100 mbps link:
+
+```
+> 1GiB/(100 megabit/s)
+
+  (1 gibibyte) / (100 megabits/second) ≈ 1 min + 25.90 s
+```
+
+# Password entropy
+
+To calculate how much entropy (in bits) a given password structure,
+you count the number of possibilities in each entry (say, `[a-z]` is
+26 possibilities, "one word in a 8k dictionary" is 8000), extract the
+base-2 logarithm, multiplied by the number of entries.
+
+For example, an alphanumeric 14-character password is:
+
+```
+> log2(26*2)*14
+
+  log₂(26 × 2) × 14 ≈ 79.81
+```
+
+... 80 bits of entropy. To get the equivalent in a diceware password
+with a 8000 word dictionary, you would need:
+
+```
+> log2(8k)*x = 80
+
+  (log₂(8 × 000) × x) = 80 ≈
+
+  x ≈ 6.170
+```
+
+... about 6 words, which gives you:
+
+```
+> log2(8k)*6
+
+  log₂(8 × 1000) × 6 ≈ 77.79
+```
+
+78 bits of entropy.
+
+# Exchange rates
+
+You can convert between currencies!
+
+```
+> 1 EUR to USD
+
+  1 EUR ≈ 1.038 USD
+```
+
+Even fake ones!
+
+```
+> 1 BTC to USD
+
+  1 BTC ≈ 96712 USD
+```
+
+This relies on a database pulled form the internet (typically the
+[central european bank rates](https://www.ecb.europa.eu/stats/eurofxref/eurofxref-daily.xml), see [the source](https://github.com/Qalculate/libqalculate/blob/4acd56ce0c2703af80d6a8857c963d4400f2091f/libqalculate/Calculator-definitions.cc#L3950-L3966)). It will prompt
+you if it's too old:
+
+```
+It has been 256 days since the exchange rates last were updated.
+Do you wish to update the exchange rates now? y
+```
+
+The graphical version has a little graphical indicator that, when you
+mouse over, tells you where the rate comes from.
+
+# Other conversions
+
+Here are other neat conversions extracted from my history
+
+```
+> teaspoon to ml
+
+  teaspoon = 5 mL
+
+> tablespoon to ml
+
+  tablespoon = 15 mL
+
+> 1 cup to ml 
+
+  1 cup ≈ 236.6 mL
+
+> 6 L/100km to mpg
+
+  (6 liters) / (100 kilometers) ≈ 39.20 mpg
+
+> 100 kph to mph
+
+  100 kph ≈ 62.14 mph
+
+> (108km - 72km) / 110km/h
+
+  ((108 kilometers) − (72 kilometers)) / (110 kilometers/hour) ≈
+  19 min + 38.18 s
+```
+
+# Completion time estimates
+
+This is a more involved example I often do.
+
+## Background
+
+Say you have started a long running copy job and you don't have the
+luxury of having a pipe you can insert pv(1) into to get a nice
+progress bar. For example, `rsync` or `cp -R` can have that problem
+(but not `tar`!).
+

(Diff truncated)

diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index 6d4c789e..50813067 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -399,6 +399,14 @@ it's worth giving them a try again, with the understanding it will
 
 Why can't we have nice things?
 
+## Pilet
+
+Raspi-based modular tablet: <https://soulscircuit.com/>
+
+crowdfunding: <https://www.kickstarter.com/projects/soulscircuit/pilet-opensource-modular-portable-mini-computer/>
+
+a bit too small (7").
+
 ## Star Labs
 
 https://ca.starlabs.systems/pages/starlite

diff --git a/hardware.mdwn b/hardware.mdwn
index 6ccc9bac..800f2c1d 100644
--- a/hardware.mdwn
+++ b/hardware.mdwn
@@ -18,6 +18,18 @@ Research
 
 Voir aussi mon [[historique|history]].
 
+Testing
+=========
+
+Ideas on how to test new hardware:
+
+- <https://blog.liw.fi/posts/2024/laptop-checklist/>
+- <https://wiki.debian.org/MycomputerbrandTemplate>
+- <https://wiki.debian.org/InstallingDebianOn/ComputerTemplate>
+- <https://feeding.cloud.geek.nz/posts/usual-server-setup/>
+- <https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/new-machine>
+- <https://stressant.readthedocs.io/>
+
 Toutes les pages
 ================
 

diff --git a/blog/2017-02-18-passwords-entropy.mdwn b/blog/2017-02-18-passwords-entropy.mdwn
index e3a3cef2..e2cb41ad 100644
--- a/blog/2017-02-18-passwords-entropy.mdwn
+++ b/blog/2017-02-18-passwords-entropy.mdwn
@@ -366,5 +366,6 @@ Possible updates:
  * [Tom's Hardware: Google Launches AI Supercomputer Powered by Nvidia
    H100 GPUs](https://www.tomshardware.com/news/google-a3-supercomputer-h100-googleio), "26 exaFlops"
  * [Nvidia: Grace Hopper superchip](https://www.nvidia.com/en-us/data-center/grace-hopper-superchip/)
+ * [Apple's password formats](https://rmondello.com/2024/10/07/apple-passwords-generated-strong-password-format/)
 
 [[!tag debian-planet debian passwords lwn geek security crypto]]

diff --git a/blog/2005-11-23-comment-la-tunisie-censure-linternet.mdwn b/blog/2005-11-23-comment-la-tunisie-censure-linternet.mdwn
index e3d12535..7ef7b0f4 100644
--- a/blog/2005-11-23-comment-la-tunisie-censure-linternet.mdwn
+++ b/blog/2005-11-23-comment-la-tunisie-censure-linternet.mdwn
@@ -14,7 +14,7 @@ Donc, voilà pour le contexte politique. Le but de ce billet étant plus de dét
 
 Quand on est branché en Tunisie, la première chose que l'on remarque, évidemment, c'est que tous le traffic réseau passe par une agence gouvernementale:
 
-<code>
+```
 anarcat@ubuntu:~$ tracepath koumbit.net
  1:  192.168.2.3 (192.168.2.3)                              0.294ms pmtu 1500
  1:  . (192.168.2.1)                                        1.716ms 
@@ -35,11 +35,11 @@ anarcat@ubuntu:~$ tracepath koumbit.net
 16:  bgp-mtl-sora-gt.iweb.ca (66.38.187.202)              asymm 15 328.976ms 
 17:  pop.koumbit.org (209.172.32.46)                      asymm 14 343.124ms reached
       Resume: pmtu 1400 hops 17 back 14 
-</code>
+```
 
 On voit que les [hops](http://en.wikipedia.org/wiki/Hop_%28telecommunications%29) (en) 3 à 6 sont dans le bloc d'[IP](http://fr.wikipedia.org/wiki/Adresse_IP) 193.95.0.0/17, qui appartient à une agence gouvernementale:
 
-<code>
+```
 % Information related to '193.95.0.0 - 193.95.127.255'
 
 inetnum:      193.95.0.0 - 193.95.127.255
@@ -95,19 +95,19 @@ descr:        RIPE  LIR  for ISP's and Networks in Tunisia  -tn.ati-
 origin:       AS2609
 mnt-by:       ATI-MNT
 source:       RIPE # Filtered
-</code>
+```
 
 Le [DNS](http://fr.wikipedia.org/wiki/DNS) ne semble pas être trafiqué comme pour la [grande muraille de feu chinoise](http://en.wikipedia.org/wiki/Internet_censorship_in_China) (en):
 
-<code>
+```
 anarcat@ubuntu:~$ ping rsf.org
 PING rsf.org (80.67.162.3) 56(84) bytes of data.
 64 bytes from rsf.org (80.67.162.3): icmp_seq=1 ttl=49 time=258 ms
-</code>
+```
 
 Mais essayer de se connecter sur le port 80 sur rsf.org nous donne:
 
-<code>
+```
 anarcat@ubuntu:~$ telnet rsf.org 80
 Trying 80.67.162.3...
 Connected to rsf.org.
@@ -120,7 +120,7 @@ Date: Sat, 19 Nov 2005 01:32:53 GMT
 Content-Length: 1876
 Content-Type: text/html
 Server: NetCache appliance (NetApp/6.0.1)
-</code>
+```
 
 La page elle-même est une page d'erreur classique de [IIS](http://www.microsoft.com/WindowsServer2003/iis/default.mspx).  En faisant un ''reverse lookup'' de l'addresse, on trouve que c'est un serveur [AlternC](http://alternc.org/), [zola.netaktiv.com](http://zola.netaktiv.com/). On peut accéder à cette page correctement, ce n'est donc pas une restriction par IP, ce qui est un peu faible, si vous me demandez mon avis...
 
@@ -133,4 +133,4 @@ Références:
 * Les commanditaires du SMSI: [Genève](http://www.itu.int/wsis/funding/contributors1-fr.html), [Tunis](http://www.itu.int/wsis/funding/contributors2-fr.html). Notez que le [UIT](http://www.itu.int/) (un organisme de l'[ONU](http://un.org/)), a [plusieurs partenaires privés](http://www.itu.int/partners/partners.html), dont Microsoft. Voici [les jolis logos des partenaires](http://www.smsitunis2005.org/plateforme/detail.php?id=467) qui échappent à l'indexage de google..
 * Le [Comité d'organisation de haut niveau](http://www.itu.int/wsis/basic/list-hlsoc-fr.html) du SMSI. Notez bien la présence de l'infâme [Banque Mondiale](http://www.worldbank.org/) et de l'[OMC](http://www.wto.org/).
 
-[[!tag "vraie vie" "politique" "nouvelles" "monde" "geek" "censure" "vraie vie" "politique" "nouvelles" "monde" "geek" "censure" "vraie vie" "politique" "nouvelles" "monde" "geek" "censure"]]
\ No newline at end of file
+[[!tag "vraie vie" "politique" "nouvelles" "monde" "geek" "censure" "vraie vie" "politique" "nouvelles" "monde" "geek" "censure" "vraie vie" "politique" "nouvelles" "monde" "geek" "censure"]]

diff --git a/blog/on-dying.mdwn b/blog/on-dying.mdwn
index feeb9a02..064e9cc7 100644
--- a/blog/on-dying.mdwn
+++ b/blog/on-dying.mdwn
@@ -229,6 +229,12 @@ https://getyourshittogether.org/
 
 https://longnow.org/ideas/digital-avatars-and-our-refusal-to-die/
 
+# other advice
 
-[[!tag draft]]
+have someone responsible for taking all your electronics away,
+especially vintage/collection stuff, see a1584df8-55b5-4aa7-a991-55fc1f0f5e64@debian.org
+
+take care of reassigning copyright, see id:3c73defb03d3dc44df52aefa1655edf9@debian.org
 
+
+[[!tag draft]]

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index cbd6b561..b1da0ac0 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -785,14 +785,18 @@ Alternatives:
    `tracker-miner-fs-3.service` which I masked here to save I/O and
    battery, shows nothing even when enabled
  * [gwenview][]: KDE viewer, in Debian
- * [koko][]: KDE viewer, not in Debian?
+ * [koko][]: KDE viewer, in Debian
  * [imv][]: x11/wayland viewer, scriptable, [possible security issues
    and limited format support][], in Debian
+ * [loupe][]: Glib, Rust, nice basic viewer, no gallery, default
+   viewer in GNOME 45
  * [mvi][]: mpv-based image viewer
  * nomacs: basically abandoned upstream (no release since 2020), has
    an [unpatched][] [CVE-2020-23884][] since July 2020, does [bad
    vendoring][], and is in bad shape in Debian (4 minor releases
    behind).
+ * [oculante][]: Rust, not in Debian, flatpak, weird gaps around full
+   screen, built-in (custom) file browser has nice image previews
  * [pix][]: KDE/mobile viewer, large gap between images, confusing
    interface, seems designed for mobile, translates poorly on desktop,
    not in Debian, not to be confused with the [X-apps pix][]
@@ -805,11 +809,21 @@ Alternatives:
  * [qimgv][]: grid view, "fast", themes, shortcuts, copy/move images,
    basic editing (crop/rotate/resize), scripting, video support, in
    Debian
+ * [qview][]: C++, nice simple viewer, "fast" (not so much), no in
+   Debian, flatpak
  * [swayimg][]: overlay, in Debian
  * [tiny image finder][]: grid viewer, looks promising but Flatpak
    failed to render any image
  * [vimiv][]: vim-like keybindings, not in Debian
 
+Note that further tests have possibly shown a significant rendering
+pipeline issue that makes images look blurry in *all* image viewers
+except rare cases, see [this comment](https://todo.sr.ht/~whynothugo/shotman/11#event-404628) for a discussion. That was
+filed as a [bug against Sway in Debian](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093671) for now. There was also a
+[bug filed against grim for this](https://todo.sr.ht/~emersion/grim/98) and a [feature request in
+shotman](https://todo.sr.ht/~whynothugo/shotman/11), but of which seem to be misplaced: the screenshots are
+actually sharp, the problem is the image viewers!
+
 See also [this list][], [this X11 list][] and [that list][] for other
 list of image viewers, not necessarily ported to Wayland.
 
@@ -819,6 +833,7 @@ list of image viewers, not necessarily ported to Wayland.
 [koko]: https://invent.kde.org/graphics/koko
 [imv]: https://sr.ht/~exec64/imv/
 [possible security issues and limited format support]: https://lwn.net/Articles/908579/
+[loupe]: https://gitlab.gnome.org/GNOME/loupe
 [mvi]: https://github.com/occivink/mpv-image-viewer
 [pix]: https://invent.kde.org/maui/pix
 [swayimg]: https://github.com/artemsen/swayimg
@@ -835,6 +850,8 @@ list of image viewers, not necessarily ported to Wayland.
 [GNOME Photos]: https://wiki.gnome.org/Apps/Photos
 [X-apps pix]: https://github.com/linuxmint/pix/
 [qimgv]: https://github.com/easymodo/qimgv
+[oculante]: https://github.com/woelper/oculante
+[qview]: https://interversehq.com/qview/
 
 ## Media player: mpv, gmpc / sublime
 
@@ -932,10 +949,9 @@ geeqie), one key feature is that it must support the "copy image to
 clipboard" (not the path! the actual full image!) functionality,
 typically to paste to GitHub/GitLab issues, or Signal.
 
-Another problem I'm suffering from right now is that *all* tools
-supporting Wayland don't seem to properly support fractional
-scaling. In the case of grim, it means the [screenshot is
-blurry](https://todo.sr.ht/~emersion/grim/98). shotman has similar issues, but has [apparently a fix](https://todo.sr.ht/~whynothugo/shotman/11).
+I've also started testing [shotman](https://shotman.whynothugo.nl/) (part of Debian Trixie) which
+outlined that I might have an issue with fractional display and image
+viewers, see the geeqie discussion above.
 
 [maim]: https://github.com/naelstrof/maim
 [slop]: https://tracker.debian.org/pkg/slop

diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index 12a074cd..d84ab2c2 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -547,10 +547,49 @@ I'm using the USB-C docks built-in my [[hardware/monitor]]s, two [Dell
 U2723QE][]. The first monitor's USB ports are completely full, so I
 daisy-chained to the second monitor and, amazingly, that all works
 over a single USB-C cable. The only annoyance is that USB-C cable is
-rather short, so it's not as neatly tucked in as it should ne.
+rather short, so it's not as neatly tucked in as it should be.
 
 [Dell U2723QE]: https://www.dell.com/en-ca/shop/cty/apd/210-bdpf
 
+Here's what it looks like according to [cyme](https://github.com/tuna-f1sh/cyme).
+
+```
+anarcat@angela:~> cyme --headings --tree --mask-serials=hide                                                                      (main)
+  PPath         Name               HostController                        HostDevice                 
+● 1-0   xHCI Host Controller Linux 6.12.6-amd64 xhci-hcd Alder Lake-P Thunderbolt 4 USB Controller  
+
+  PPath         Name               HostController                        HostDevice                 
+● 2-0   xHCI Host Controller Linux 6.12.6-amd64 xhci-hcd Alder Lake-P Thunderbolt 4 USB Controller  
+
+  PPath         Name               HostController                        HostDevice                 
+● 3-0   xHCI Host Controller Linux 6.12.6-amd64 xhci-hcd Alder Lake PCH USB 3.2 xHCI Host Controller
+├──  I  #   VID    PID               Name                      Serial          Driver
+├──○    3 0x8087 0x0032 AX210 Bluetooth               -                       usb   
+├──○   38 0x0bda 0x5634 Laptop Camera                 ************            usb   
+├──○   68 0x27c6 0x609c Goodix Fingerprint USB Device *********************** usb   
+└──○   69 0x0bda 0x5483 4-Port USB 2.0 Hub            -                       usb   
+   ├──  I  #   VID    PID            Name           Serial Driver
+   ├──○   70 0x047d 0x1020 Kensington Expert Mouse -      usb   
+   ├──○   71 0x0bda 0x1100 USB2.0 HID              -      usb   
+   ├──○   72 0x0bda 0x5483 4-Port USB 2.0 Hub      -      usb   
+   │  ├──  I  #   VID    PID          Name           Serial        Driver      
+   │  ├──○   75 0x0bda 0x8153 USB 10/100/1000 LAN ********** r8152-cfgselector
+   │  └──○   78 0x0d8c 0x002b Antlion USB adapter ********   usb              
+   ├──○   73 0x0c45 0x7692 USB Keyboard            -      usb   
+   └──○   74 0x0424 0x4206 USB4206 Smart Hub       -      usb   
+      ├──  I  #   VID    PID          Name            Serial     Driver
+      ├──○   76 0x0424 0x4216 USB4216 Smart Hub   -             usb   
+      │  ├──  I  #   VID    PID          Name           Serial        Driver      
+      │  ├──○   80 0x0bda 0x8153 USB 10/100/1000 LAN ********** r8152-cfgselector
+      │  └──○   81 0x0424 0x7240 USB2 Controller Hub -          usb              
+      ├──○   77 0x0424 0x7260 USB2 Controller Hub -             usb   
+      ├──○   79 0x056a 0x0374 Intuos S            ************* usb   
+      └──○   86 0x1050 0x0406 YubiKey FIDO+CCID   -             usb   
+
+  PPath         Name               HostController                        HostDevice                 
+● 4-0   xHCI Host Controller Linux 6.12.6-amd64 xhci-hcd Alder Lake PCH USB 3.2 xHCI Host Controller
+```
+
 ## Power banks
 
 This has been spun out in another page, see [[hardware/battery]].
diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index 6d7f2b7c..ac9b151d 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -656,6 +656,10 @@ The expansion ports *do* take up some power, even when idle. See the
 [power management](#power-management) section below, and particularly the [power usage
 tests](#detailed-power-usage-tests) for details.
 
+I ended up setting up my laptop hooking up to a pair of 4k monitors
+over a single USB-C cable, and everything works. It's awesome. See [[this blog
+post|blog/2023-02-10-usb-c]]
+
 ## USB-C charging
 
 One thing that is really a game changer for me is USB-C charging. It's
@@ -2026,7 +2030,7 @@ long road trip across the continental US.
 
 Note: I ended up buying a Cable Matters hub, and that didn't work so
 well, see this [[entire blog post about
-USB-C|blog/2023-02-10-usb-c]]. I'm considering a Dell
+USB-C|blog/2023-02-10-usb-c]]. I'm using a Dell
 [[hardware/monitor]] instead now.
 
 ## Mods

diff --git a/services/upgrades/trixie.md b/services/upgrades/trixie.md
index 7f4187c1..9881bda5 100644
--- a/services/upgrades/trixie.md
+++ b/services/upgrades/trixie.md
@@ -155,8 +155,10 @@ can log back in over a serial console or virtual terminal.
         apt purge apt-forktracer &&
         echo purging removed packages &&
         apt purge '~c' && apt autopurge &&
-        apt purge $(deborphan --guess-dummy) &&
-        while deborphan -n | grep -q . ; do apt purge $(deborphan -n); done &&
+        echo try a deborphan replacement &&
+        apt-mark auto '~i !~M (~slibs|~soldlibs|~sintrospection)' &&
+        apt-mark auto $(apt search 'apt search 'transition(|n)($|ing|al|ary| package| purposes)' | grep '^[^ ].*\[installed' | sed 's,/.*,,') &&
+        apt-mark auto $(apt search dummy | grep '^[^ ].*\[installed' | sed 's,/.*,,')) &&
         apt autopurge &&
         echo review obsolete and odd packages &&
         apt purge '?obsolete' && apt autopurge &&
@@ -230,9 +232,9 @@ for a more up to date list.
 
 TODO
 
-- deborphan! ouch! [1065310](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065310)
+- deborphan! ouch! see below
 - cpufrequtils, presumably replaced by cpupowerutils, but not in
-  debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073079)
+  Debian ([1073079](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073079))
 
 See also the [noteworthy obsolete packages](https://www.debian.org/releases/testing/release-notes/issues.en.html#noteworthy-obsolete-packages) list.
 
@@ -252,6 +254,82 @@ See also the official list of [known issues](https://www.debian.org/releases/tes
 - `nomacs` (needs an [update to latest upstream](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076763))
 - `raysession` (broken by a [FTBFS in a dependency](https://bugs.debian.org/1075409))
 
+### deborphan retirement
+
+The venerable `deborphan` package has been removed ([1065310](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065310))!
+That's a bit of a surprise, and kind of a big concern, because we were
+using it in our upgrade procedure, to cleanup things after
+upgrades. It's also part of the [official upgrade procedures](https://www.debian.org/releases/testing/release-notes/upgrading.en.html#obsolete-packages), or
+at least it [was in bookworm](https://www.debian.org/releases/testing/release-notes/upgrading.en.html#transitional-dummy-packages):
+
+> The package descriptions for transitional dummy packages usually
+> indicate their purpose. However, they are not uniform; in
+> particular, some "dummy" packages are designed to be kept installed,
+> in order to pull in a full software suite, or track the current
+> latest version of some program. You might also find deborphan with
+> the --guess-* options (e.g. --guess-dummy) useful to detect
+> transitional dummy packages on your system.
+
+So what do we use `deborphan` for? We were calling it like this:
+
+        apt purge $(deborphan --guess-dummy) &&
+        while deborphan -n | grep -q . ; do apt purge $(deborphan -n); done &&
+
+This, essentially, was doing two things:
+
+ 1. **remove "dummy" packages**: this was looking for the string
+    `dummy` in the `Description:` field, or the regex
+    `transition(|n)($|ing|al|ary| package| purposes)` (see
+    [pkg_info.c](https://sources.debian.org/src/deborphan/1.7.35/src/pkginfo.c/#L75-L88)) when the `--guess-dummy` option is passed
+
+ 2. **remove "obsolete" packages**: this is the primary function of
+    deborphan, which, according to the manual page, is:
+
+    > `deborphan` finds packages that have no packages depending on them.
+    > The default operation is to search within the `libs`, `oldlibs` and
+    > `introspection` sections to hunt down unused libraries.
+
+    Basically, this looks for leaf packages in the specified
+    sections. All sections can be checked with `--all` or packages can
+    be included based on their name with heuristics hardcoded in the
+    source code through commandline flags (e.g. `--guess-python` looks
+    for packages like `^python[[:digit:].]*-` or `--guess-perl` witll
+    do `^lib.*-perl$`) but we were not using those.
+
+    What we *were* doing is disabling the "nice mode" with `-n`
+    (which, in long form, is confusingly called `--nice-mode`  even
+    though it *disables* the nice mode). This stops considering
+    `Suggests` or `Recommends` in the list of dependencies for
+    packages that can be removed.
+
+To work around the removal, we used `apt-mark` to take care of the
+packages in libs/oldlibs:
+
+    apt-mark auto '~i !~M (~slibs|~soldlibs|~sintrospection)'
+
+Then we use the `apt search` interface, even though it warns us about
+the API, because we need to match for installed packages, which is not
+included in the `apt-cache` output. We look for packages matching a
+the "dummy" patterns and mark those as "auto" as well:
+
+    apt-mark auto $(apt search 'apt search 'transition(|n)($|ing|al|ary| package| purposes)' | grep '^[^ ].*\[installed' | sed 's,/.*,,') &&
+    apt-mark auto $(apt search dummy | grep '^[^ ].*\[installed' | sed 's,/.*,,')) &&
+
+Then we let the autopurge get rid of those packages automatically.
+
+One bit we're missing from the previous incantation is the recursive
+aspect. We were looping over `deborphan -n` until it was empty, and
+were often picking up more than one items in the chain. I'm not sure
+how to fix that without turning this into an even uglier shell
+pipeline.
+
+Note that this doesn't cover "obsolete" packages in the sense of
+"packages that are not in Debian anymore". This used to be done with
+`apt-forktracer`, and we're now relying on the `?obsolete` pattern
+from apt. We're also doing this horror:
+
+    apt list "?narrow(?installed, ?not(?codename($(lsb_release -c -s | tail -1))))" &&
+
 ### Webcam sharing stopped working in Firefox
 
 Webcam isn't detected properly in Firefox. It works in guvcview and

diff --git a/services/upgrades/trixie.md b/services/upgrades/trixie.md
index 9572fee5..7f4187c1 100644
--- a/services/upgrades/trixie.md
+++ b/services/upgrades/trixie.md
@@ -154,8 +154,7 @@ can log back in over a serial console or virtual terminal.
         apt-mark manual bind9-dnsutils &&
         apt purge apt-forktracer &&
         echo purging removed packages &&
-        apt purge $(dpkg -l | awk '/^rc/ { print $2 }') &&
-        apt autopurge &&
+        apt purge '~c' && apt autopurge &&
         apt purge $(deborphan --guess-dummy) &&
         while deborphan -n | grep -q . ; do apt purge $(deborphan -n); done &&
         apt autopurge &&

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 7bdbb884..30256e6d 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -4,23 +4,23 @@
 
 ### Marinade
 
-- 1 tasse de jus de pommes 
-- 1/4 de tasse de moutarde de Dijon
-- 2 c. à table d’huile d’olive
-- 1/4 de tasse de cassonade
-- 2 c. à table de miel liquide
-- 2 c. à table de romarin frais haché
+- 1 tasse (250mL) de jus de pommes
+- 1/4 de tasse (62.5mL) de moutarde de Dijon
+- 2 c. à table (30mL)d’huile d’olive
+- 1/4 de tasse (62.5mL) de cassonade
+- 2 c. à table (30mL) de miel liquide
+- 2 c. à table (30mL) de romarin frais haché
 - 4 gousses d’ail hachées finement
-- 1 c. à thé de poivre noir du moulin
-- 1 c. à thé de graines de moutarde
-- 1 livre de tofu en gros cubes
+- 1 c. à thé (5mL) de poivre noir du moulin
+- 1 c. à thé (5mL) de graines de moutarde
+- 1 livre (254g) de tofu taillés en cubes de 1 pouce
 
 ### Sauce
 
-- 1 c. à table d’échalotes hachées
-- 3 c. à table de porto
-- 2 c. à table de vinaigre balsamique
-- 1/4 de tasse d’huile d’olive
+- 1/4 de tasse (62.5mL) d’huile d’olive
+- 2 échalotes hachées
+- 3 c. à table (45mL) de porto
+- 2 c. à table (30mL) de vinaigre balsamique
 - romarin frais
 - sel
 

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index b6ff0eb7..cbd6b561 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -932,6 +932,11 @@ geeqie), one key feature is that it must support the "copy image to
 clipboard" (not the path! the actual full image!) functionality,
 typically to paste to GitHub/GitLab issues, or Signal.
 
+Another problem I'm suffering from right now is that *all* tools
+supporting Wayland don't seem to properly support fractional
+scaling. In the case of grim, it means the [screenshot is
+blurry](https://todo.sr.ht/~emersion/grim/98). shotman has similar issues, but has [apparently a fix](https://todo.sr.ht/~whynothugo/shotman/11).
+
 [maim]: https://github.com/naelstrof/maim
 [slop]: https://tracker.debian.org/pkg/slop
 [grim]: https://sr.ht/~emersion/grim/

diff --git a/software/desktop/wayland/sync.sh b/software/desktop/wayland/sync.sh
index 45f3f023..b6f055e1 100644
--- a/software/desktop/wayland/sync.sh
+++ b/software/desktop/wayland/sync.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-for dir in sway foot fuzzel mako waybar swayidle swaylock swaync; do
+for dir in sway foot fuzzel mako waybar swayidle swaylock; do
     rsync -a ~/.config/$dir/ config/$dir/
 done
 

diff --git a/software/desktop/wayland/config/waybar/config b/software/desktop/wayland/config/waybar/config
index da4557d0..c4febdc1 100644
--- a/software/desktop/wayland/config/waybar/config
+++ b/software/desktop/wayland/config/waybar/config
@@ -33,7 +33,7 @@
     },
     "sway/language": {
         "format": " {shortDescription}",
-        "on-click": "swaymsg input type:keyboard xkb_switch_layout next",
+        "on-click": "exec swaymsg input type:keyboard xkb_switch_layout next",
     },
     "sway/window": {
        "rewrite": {
@@ -76,6 +76,8 @@
         "tooltip-format-disconnected": "MPD (disconnected)"
     },
     "idle_inhibitor": {
+        "tooltip-format-activated": "lock screen inhibited",
+        "tooltip-format-deactivated": "lock screen active",
         "format": "{icon}",
         "format-icons": {
             "activated": "",
@@ -92,29 +94,49 @@
         "on-click-right": "exec foot --hold ncal -C -y",
         "on-click-middle": "exec foot ikhal",
         "interval": 1,
+        "tooltip-format": "<tt><small>{calendar}</small></tt>",
+        "calendar": {
+            "mode"          : "year",
+            "mode-mon-col"  : 3,
+            "weeks-pos": "left",
+            "format": {
+                "months":     "<span color='#ff8700'><b>{}</b></span>",
+                "days":       "<span color='#fce8c3'><b>{}</b></span>",
+                "weeks":      "<span color='#68a8e4'><b>W{}</b></span>",
+                "weekdays":   "<span color='#fed06e'><b>{}</b></span>",
+                "today":      "<span color='#ef2f27'><b><u>{}</u></b></span>"
+            },
+        },
     },
     "clock#utc": {
-        "timezone": "UTC",
         "format": " {:%H:%M %Z}",
         "on-click": "exec foot --hold undertime --table --format simple --no-time-details",
+        "tooltip-format": "{tz_list}",
+        "timezones": [
+            "Etc/UTC",
+            "US/Pacific",
+            "America/Sao_Paulo",
+            "US/Eastern",
+            "Europe/Amsterdam",
+        ],
     },
     // has been split in 0.9.23
     // https://github.com/Alexays/Waybar/pull/2114
     "cpu": {
         "format": "{usage:3}% {avg_frequency:4}GHz ",
         "tooltip": false,
-        "on-click": "foot -e htop",
+        "on-click": "exec foot -e htop",
         "interval": 1,
     },
     "memory": {
-        "on-click": "foot -e btop",
+        "on-click": "exec foot -e btop",
         "format": "{}% "
     },
     "temperature": {
         // "thermal-zone": 2,
         // "hwmon-path": "/sys/class/hwmon/hwmon2/temp1_input",
         "critical-threshold": 80,
-        "on-click": "psensor",
+        "on-click": "exec psensor",
         // "format-critical": "{icon} {temperatureC}°C",
         "format": "{icon} {temperatureC}°C",
         "format-icons": ["","", "", "", ""]
@@ -130,7 +152,7 @@
             "warning": 30,
             "critical": 15
         },
-        "on-click": "gnome-power-statistics",
+        "on-click": "exec gnome-power-statistics",
         "format": "{icon} {capacity}%",
         "format-charging": "{capacity}% ",
         "format-plugged": "{capacity}% ",
@@ -144,7 +166,7 @@
     },
     // missing "hide-if-zero" from py3status
     "network": {
-        "on-click": "foot -e sudo iftop",
+        "on-click": "exec foot -e sudo iftop",
         "format": "{ifname} ↓{bandwidthDownBytes:>} ↑{bandwidthUpBytes:>} ",
         "format-disconnected": "Disconnected ⚠",
     },
@@ -172,14 +194,16 @@
     },
     "systemd-failed-units": {
         "format": "{nr_failed} failed units",
+        "hide-on-ok": true,
+        "on-click": "exec foot --hold systemd-summarize-failed",
     },
     "wireplumber": {
         "format": "{icon} {volume}%",
         "format-muted": "",
-        "on-click": "pavucontrol",
-        "on-click-right": "qpwgraph",
+        "on-click": "exec pavucontrol",
+        "on-click-right": "exec qpwgraph",
         "max-volume": 150,
-        "scroll-step": 0.2,
+        "scroll-step": 0.5,
         "format-icons": ["", ""]
     },
     "custom/dnd": {
@@ -188,10 +212,13 @@
         "format": "{}{icon}",
         "format-icons": {
             "default": "",
-            "dnd": ""
+            "do-not-disturb": ""
         },
-        "on-click": "makoctl mode | grep 'do-not-disturb' && makoctl mode -r do-not-disturb || makoctl mode -a do-not-disturb; pkill -RTMIN+11 waybar",
-        "exec": "printf '{\"alt\":\"%s\",\"tooltip\":\"mode: %s\"}' $(makoctl mode | grep -q 'do-not-disturb' && echo dnd || echo default) $(makoctl mode | tail -1)",
+        // this hack is from https://github.com/manjaro-sway/desktop-settings/pull/121
+        "on-click": "makoctl mode -t 'do-not-disturb' > /dev/null; pkill -RTMIN+11 waybar",
+        "on-click-middle": "exec foot -hold mako-waybar-history",
+        "on-click-right": "makoctl dismiss --all ; pkill -RTMIN+11 waybar",
+        "exec": "mako-waybar-output",
         "signal": 11
     },
     "custom/notification": {
diff --git a/software/desktop/wayland/config/waybar/style.css b/software/desktop/wayland/config/waybar/style.css
index 18736745..f920fc02 100644
--- a/software/desktop/wayland/config/waybar/style.css
+++ b/software/desktop/wayland/config/waybar/style.css
@@ -160,3 +160,9 @@ label:focus {
 #privacy-item.audio-out {
     background-color: @green;
 }
+#custom-dnd.active {
+    color: @orange;
+}
+#custom-dnd.do-not-disturb {
+    background-color: @yellow;
+}

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index e925979b..b6ff0eb7 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -250,6 +250,13 @@ I eventually fixed this by switching from [py3status][] to
 [waybar][], which was another yak horde shaving session, but
 ultimately, it worked.
 
+sfwbar is an alternative. It behaves well and has a more GUI-like
+feel, at the cost of taking up more real estate. After two minutes the
+CPU usage was 1.49s vs 1.39s for waybar, in a preliminary test, but
+that's without any resource tracking, so it *seems* waybar is
+generally more efficient. plus sfwbar doesn't seem to [support urgency
+hints](https://github.com/LBCrion/sfwbar/issues/305).
+
 [py3status]: https://py3status.readthedocs.io/
 [waybar]: https://github.com/Alexays/Waybar/
 

diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index ff40898d..e925979b 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1031,17 +1031,24 @@ how many things you were using are tightly bound to X.
    figure out something that does, like feh, a random shuffle.
    [swaybg][] just loads a *single* image, duh. [oguri][] might be a
    solution, but unmaintained, [used here][], not in
-   Debian. [wallutils][] is another option, also not in
+   Debian. [waypaper](https://github.com/anufrievroman/waypaper), [wpaperd](https://github.com/danyspin97/wpaperd), [wallutils][] and [swww](https://github.com/LGFae/swww) ([ITP](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084753)) are other option, also not in
    Debian. [azote][] is now in Debian and seems like a good
-   alternative. For now I just don't have a wallpaper, the background
-   is a solid gray, which is better than Xorg's default (which is
-   whatever crap was left around a buffer by the previous collection
-   of programs, basically)
+   alternative. [hyprpaper](https://wiki.hyprland.org/Hypr-Ecosystem/hyprpaper/) is in Debian and works in Sway, but has
+   a clunky configuration file, with only one image at a time. In
+   theory, it can load other images through IPC, but that only works
+   through hypr's IPC mechanism. 
+   
+   For now I just don't have a wallpaper, the background is a solid
+   gray, which is better than Xorg's default (which is whatever crap
+   was left around a buffer by the previous collection of programs,
+   basically)
 
  * notifications: previously [dunst][] in some places, which works
    well in both Xorg and Wayland, not a blocker, [fnott][], [salut][]
    (not in Debian) possible alternatives: damjan [uses
-   mako][]. Eventually migrated to [sway-nc][].
+   mako][]. Eventually migrated to [sway-nc][], but found it too
+   complicated for my needs. Ended up with a simple mako-based setup
+   with inhibition.
 
  * notification area: I had trouble making `nm-applet` work. based on
    [this nm-applet.service][], I found that you need to pass `--indicator`.  In

diff --git a/software/desktop/wayland/config/foot/foot.ini b/software/desktop/wayland/config/foot/foot.ini
index 963cb868..db2d1c2a 100644
--- a/software/desktop/wayland/config/foot/foot.ini
+++ b/software/desktop/wayland/config/foot/foot.ini
@@ -1,5 +1,5 @@
 [main]
-font=Fira mono:size=12
+font=Commit mono:size=12
 # a symlink to the current theme, flipped with scripts.git's dark/light
 include=/home/anarcat/.config/foot/theme.ini
 #include=/usr/share/foot/themes/gruvbox-light
diff --git a/software/desktop/wayland/config/fuzzel/fuzzel.ini b/software/desktop/wayland/config/fuzzel/fuzzel.ini
index 8db340dc..870e7a1b 100644
--- a/software/desktop/wayland/config/fuzzel/fuzzel.ini
+++ b/software/desktop/wayland/config/fuzzel/fuzzel.ini
@@ -1,5 +1,5 @@
 [main]
-font=Fira mono:size=12
+font=Commit mono:size=12
 show-actions=yes
 width=80
 lines=24
diff --git a/software/desktop/wayland/config/mako/config b/software/desktop/wayland/config/mako/config
new file mode 100644
index 00000000..30ea26cf
--- /dev/null
+++ b/software/desktop/wayland/config/mako/config
@@ -0,0 +1,23 @@
+font=Commit mono
+
+# blue
+background-color=#2c78bf
+# while
+progress-color=#baa67f
+# foreground
+text-color=#fce8c3
+# blueb
+border-color=#68a8e4
+
+[mode=do-not-disturb]
+invisible=1
+
+[urgency=critical]
+# red
+background-color=#ef2f27
+border-color=#f75341
+
+[urgency=low]
+# green
+background-color=#519f50
+border-color=#98bc37
diff --git a/software/desktop/wayland/config/sway/config b/software/desktop/wayland/config/sway/config
index eefc2afc..b9376a13 100644
--- a/software/desktop/wayland/config/sway/config
+++ b/software/desktop/wayland/config/sway/config
@@ -30,7 +30,7 @@ set $mod Mod4
 # is used in the bar {} block below.
 # This font is widely installed, provides lots of unicode glyphs, right-to-left
 # text rendering and scalability on retina/hidpi displays (thanks to pango).
-font pango:Fira mono 10
+font pango:Commit mono 10
 # Before i3 v4.8, we used to recommend this one as the default:
 # font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
 # The font above is very space-efficient, that is, it looks good, sharp and
@@ -251,6 +251,7 @@ bindsym $mod+d exec systemd-run-wrap dmenu-bash-history
 bindsym $mod+F2 exec systemd-run-wrap dmenu-ssh.py
 # until mosh falls back to SSH (https://github.com/mobile-shell/mosh/issues/731)
 bindsym $mod+F3 exec systemd-run-wrap dmenu-ssh.py --ssh=mosh
+bindsym $mod+F4 exec systemd-run-wrap foot -e sudo -s
 bindsym $mod+g exec sway-window-menu
 bindsym $mod+p exec pass-dmenu
 bindsym $mod+Shift+p exec env TYPE_MODE=wtype pass-dmenu
@@ -284,13 +285,19 @@ bindsym --locked XF86MonBrightnessUp exec brightnessctl set 1%+
 for_window [app_id="qalculate"] floating enable
 for_window [app_id="Pavucontrol"] floating enable
 for_window [app_id="nm-connection-editor"] floating enable
-for_window [title="Picture-in-Picture"] floating enable
+for_window [title="Picture-in-Picture"] {
+  floating enable
+  sticky enable
+}
 # this is defined in ~/.config/systemd/user/wterminal.service which
 # starts (and restarts) a foot window with the "pop-up" title
 for_window [title="pop-up"] floating enable
 # more Vincent Bernat cargo-culting:
 # https://github.com/vincentbernat/i3wm-configuration/blob/master/config
 no_focus [window_type="splash"]
+for_window [app_id="pinentry-qt"] {
+	floating enable
+}
 
 # don't lock the screen when a window is in fullscreen
 for_window [class=".*"] inhibit_idle fullscreen
@@ -308,19 +315,40 @@ for_window [app_id=".*"] inhibit_idle fullscreen
 # ideally, of course, Firefox should just use the notification area
 # for this...
 #
-# this will:
+# this will just kill the damn window
+for_window [app_id="[fF]irefox(-esr)?" title="Firefox — Sharing Indicator"] {
+	kill
+}
+
+# workspace assignments
 #
-# set it floating (so it's not that absurdely big piece of shit)
-# make it sticky, so it's visible even if you switch workspaces
-# move it to my right monitor
-# move it to top left on that monitor
-# keep the window from stealing focus when starting
+# we restrict ourselves to startup things, and even that can be
+# relatively confusing, as for example new firefox windows will
+# *always* end up in workspace 3 here
 #
-# i would move it to top right, but that actually hides the window
-# unless we do some funky resolution vs window size calculations
-for_window [title="Firefox — Sharing Indicator"] floating enable, sticky enable, move to output right, move position 0 0
-no_focus [title="Firefox — Sharing Indicator"]
-
+# for that reason we don't assign terminals to WS 5 because we
+# sometimes bleed over 6, 7 and 8 and more...
+for_window [title="\*notmuch-hello\*"] {
+    move container to workspace 1
+}
+# xwayland
+for_window [class="Signal"] {
+    move container to workspace 2
+    fullscreen disable
+}
+for_window [app_id="Signal"] {
+    move container to workspace 2
+    fullscreen disable
+}
+for_window [app_id="[fF]irefox(-esr)?"] {
+    move container to workspace 3
+}
+#for_window [app_id="emacs"] {
+#    move container to workspace 4
+#}
+for_window [title="colortaillog"] {
+    move container to workspace 9
+}
 #exec --no-startup-id i3-load-layouts
 
 # color theme
@@ -403,7 +431,13 @@ include /etc/sway/config.d/*
 # properly startup. This is done with `systemd import-environment`,
 # it's unclear how that differs from the dbus command above.
 #
-# Finally, we notify systemd that sway is ready.
+# Finally, we notify systemd that sway is ready. That needs
+# NotifyAccess=all which is a problem, as any subprocess can now
+# notify systemd it's the main PID. Sway also refuses to fix this, see:
+# https://github.com/swaywm/sway/pull/7659
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039857
+#
+# latest attempt: https://github.com/swaywm/sway/pull/7904
 exec dbus-update-activation-environment --systemd XDG_CURRENT_DESKTOP=sway \
   && systemctl --user import-environment SWAYSOCK \
                                          DISPLAY \
@@ -411,11 +445,15 @@ exec dbus-update-activation-environment --systemd XDG_CURRENT_DESKTOP=sway \
                                          WAYLAND_DISPLAY \
                                          XCURSOR_SIZE \
                                          XCURSOR_THEME \
-  && true
+  && systemd-notify --ready
 exec_always systemctl --user reload kanshi
 
 seat seat0 xcursor_theme Posy_Cursor 24
 
+# set the background at startup, a systemd timer will run this
+# afterwards
+exec_always swaybgs
+
 # copied from keyboard-reconf
 # keyboard switch
 # ca,us - canadian, english keyboard
@@ -440,14 +478,9 @@ input * {
       tap_button_map lmr
 }
 
-# Framework built-in monitor
-#
-# default is to scale 2x, which is way too big. this (1.5x) still
-# looks sharp and works great.
-output "BOE 0x095F Unknown" scale 1.5
-output "Dell Inc. DELL U2723QE FN5C6P3" enable scale 2 position 1504 0 mode 3840x2160@59.997002Hz
-
+include ~/.config/sway/outputs
 # note that the above overlaps with the kanshi configuration, see ~/.config/kanshi/*
 #
 # also note that a sway reload will break the kanshi configuration, see:
 # https://todo.sr.ht/~emersion/kanshi/35
+include ~/.config/sway/workspaces
diff --git a/software/desktop/wayland/config/sway/outputs b/software/desktop/wayland/config/sway/outputs
new file mode 100644
index 00000000..4ae84293
--- /dev/null
+++ b/software/desktop/wayland/config/sway/outputs
@@ -0,0 +1,29 @@

(Diff truncated)

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index a09a0b7c..7bdbb884 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -2,7 +2,7 @@
 
 <span /><div class="nocount">
 
-# Marinade
+### Marinade
 
 - 1 tasse de jus de pommes 
 - 1/4 de tasse de moutarde de Dijon
@@ -15,7 +15,7 @@
 - 1 c. à thé de graines de moutarde
 - 1 livre de tofu en gros cubes
 
-# Sauce
+### Sauce
 
 - 1 c. à table d’échalotes hachées
 - 3 c. à table de porto

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 2e7a9ae1..a09a0b7c 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -24,8 +24,6 @@
 - romarin frais
 - sel
 
-# Directions
-
 Dans un bol, à l’aide d’un fouet, mélanger la marinade, puis ajouter
 le tofu. S'assurer que le tofu est couvert par la marinade. Couvrir le
 plat d’une pellicule de plastique.

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 3bcc8168..2e7a9ae1 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -27,18 +27,14 @@
 # Directions
 
 Dans un bol, à l’aide d’un fouet, mélanger la marinade, puis ajouter
-le tofu. S'assurer que le tofu est couvert par la marinade.
-
-Couvrir le plat d’une pellicule de plastique. 
+le tofu. S'assurer que le tofu est couvert par la marinade. Couvrir le
+plat d’une pellicule de plastique.
 
 Mariner au réfrigérateur au minimum 20 minutes ou jusqu’à 2 heures,
 voire 12-24h.
 
-Entre-temps, faire revenir les échalotes dans l'huile.
-
-Griller le tofu jusqu'à ce qu'il soit bien grillé, voire carbonisé,
-saler et poivrer.
-
-Déglacer avec le porto et vinaigre.
+Entre-temps, faire revenir les échalotes dans l'huile. Griller le tofu
+jusqu'à ce qu'il soit bien grillé, voire carbonisé, saler et poivrer.
 
-Tamiser la marinade, puis incorporer et réduire.
+Déglacer avec le porto et vinaigre. Tamiser la marinade, puis
+incorporer et réduire.

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 2be3c449..3bcc8168 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -41,6 +41,4 @@ saler et poivrer.
 
 Déglacer avec le porto et vinaigre.
 
-Tamiser la marinade.
-
-Ajouter et réduire la marinade. 
+Tamiser la marinade, puis incorporer et réduire.

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index b1b4a47d..2be3c449 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -2,9 +2,8 @@
 
 <span /><div class="nocount">
 
-# Ingredients
+# Marinade
 
-- 1 livre de tofu en gros cubes
 - 1 tasse de jus de pommes 
 - 1/4 de tasse de moutarde de Dijon
 - 2 c. à table d’huile d’olive
@@ -14,6 +13,7 @@
 - 4 gousses d’ail hachées finement
 - 1 c. à thé de poivre noir du moulin
 - 1 c. à thé de graines de moutarde
+- 1 livre de tofu en gros cubes
 
 # Sauce
 
@@ -26,12 +26,8 @@
 
 # Directions
 
-Dans un bol, à l’aide d’un fouet, mélanger le jus de pomme, la moutarde
-de Dijon, l’huile d’olive, la cassonade, le miel, l’ail, le romarin, le
-poivre et les graines de moutarde.
-
-Placer le tofu dans un plat en verre peu profond et couvrir avec la
-marinade, bien enrober.
+Dans un bol, à l’aide d’un fouet, mélanger la marinade, puis ajouter
+le tofu. S'assurer que le tofu est couvert par la marinade.
 
 Couvrir le plat d’une pellicule de plastique. 
 

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 83bf586a..b1b4a47d 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -2,7 +2,7 @@
 
 <span /><div class="nocount">
 
-## Ingredients
+# Ingredients
 
 - 1 livre de tofu en gros cubes
 - 1 tasse de jus de pommes 
@@ -15,7 +15,7 @@
 - 1 c. à thé de poivre noir du moulin
 - 1 c. à thé de graines de moutarde
 
-## Sauce
+# Sauce
 
 - 1 c. à table d’échalotes hachées
 - 3 c. à table de porto
@@ -24,7 +24,7 @@
 - romarin frais
 - sel
 
-## Directions
+# Directions
 
 Dans un bol, à l’aide d’un fouet, mélanger le jus de pomme, la moutarde
 de Dijon, l’huile d’olive, la cassonade, le miel, l’ail, le romarin, le

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index 7065cf6c..83bf586a 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -1,6 +1,6 @@
-<span /><div class="nocount">
+[[!meta title="Tofu au romarin et sauce au porto"]]
 
-# Tofu au romarin et sauce au porto 
+<span /><div class="nocount">
 
 ## Ingredients
 

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index e48b3e4f..7065cf6c 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -1,3 +1,5 @@
+<span /><div class="nocount">
+
 # Tofu au romarin et sauce au porto 
 
 ## Ingredients

diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
index d8a3d5dc..e48b3e4f 100644
--- a/recette/tofu-romarin-porto.md
+++ b/recette/tofu-romarin-porto.md
@@ -1,7 +1,3 @@
----
-geometry: margin=3cm
----
-
 # Tofu au romarin et sauce au porto 
 
 ## Ingredients
@@ -50,5 +46,3 @@ Déglacer avec le porto et vinaigre.
 Tamiser la marinade.
 
 Ajouter et réduire la marinade. 
-
-\pagebreak

diff --git a/services/upgrades/trixie.md b/services/upgrades/trixie.md
index 3d878c88..9572fee5 100644
--- a/services/upgrades/trixie.md
+++ b/services/upgrades/trixie.md
@@ -231,6 +231,10 @@ for a more up to date list.
 
 TODO
 
+- deborphan! ouch! [1065310](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065310)
+- cpufrequtils, presumably replaced by cpupowerutils, but not in
+  debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073079)
+
 See also the [noteworthy obsolete packages](https://www.debian.org/releases/testing/release-notes/issues.en.html#noteworthy-obsolete-packages) list.
 
 ## Other improvements

diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index a63f80ea..6d4c789e 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -362,6 +362,8 @@ available ([Supernote Nomad](https://supernote.com/products/supernote-nomad)) fo
 - pen is an extra 60-90$USD depending on model
 - 50-70$ extra for case
 
+Seems repairable, see [this teardown video from the company](https://www.youtube.com/watch?v=d2X0c3MprAM).
+
 # Tablets
 
 Tablets are basically like ebook-readers, except they use a normal,

diff --git a/hardware/radio.mdwn b/hardware/radio.mdwn
index e66679e9..669a1d3d 100644
--- a/hardware/radio.mdwn
+++ b/hardware/radio.mdwn
@@ -50,6 +50,12 @@ Stuff to buy next
 * [Call those guys?](http://www.paratonnerres.qc.ca/produits.html)
 * <del>J146/440 - dual band VHF/UHF antenna (2m-70cm) [40$ at radioworld](http://radioworld.ca/product_info.php?cPath=73_191_193&products_id=886)</del> /!\ backorder
 * <del>MFJ-260C - 300W dummy load  0-150Mhz dry [50$ at radiowrodl](http://radioworld.ca/product_info.php?products_id=8098)</del> built into the tuner now
+- [(tr)uSDX](https://dl2man.de/), example [portable kit](https://imgur.com/gallery/ultralightish-tr-usdx-sota-shack-box-kit-QPuv1d9)
+- [kv4p](https://www.kv4p.com/)
+- UV-K5, [custom firmware](https://github.com/nikant/kamilsss655-uv-k5-firmware-custom-nkk?tab=readme-ov-file), [also](https://whosmatt.github.io/uvmod/)
+- [QMX](https://qrp-labs.com/qmx.html)
+- [uBITX v6](https://www.hfsignals.com/index.php/ubitx-v6/)
+- [sBITX](https://www.sbitx.net/)
 
 There's a [great guide](https://www.tothewoods.net/Comms-Yaesu-817-818-Manpack-Mobile-QRP-Ham-Radio-Kit.php) on how to setup a mobile HF rig that I
 could reuse with my FT-100d. It seems I am missing:

diff --git a/recette/make.sh b/recette/make.sh
new file mode 100644
index 00000000..84b10496
--- /dev/null
+++ b/recette/make.sh
@@ -0,0 +1 @@
+pandoc tofu-romarin-porto.md -o tofu-romarin-porto.pdf  && open tofu-romarin-porto.pdf
diff --git a/recette/porc-romarin-porto.md b/recette/porc-romarin-porto.md
new file mode 100644
index 00000000..6c36601e
--- /dev/null
+++ b/recette/porc-romarin-porto.md
@@ -0,0 +1,101 @@
+---
+geometry: margin=3cm
+---
+
+# Filets de porc au romarin et sauce au porto 
+
+## Ingredients
+
+- 1 tasse de jus de pommes 
+- 1/4 de tasse de moutarde de Dijon
+- 2 c. à table d’huile d’olive
+- 1/4 de tasse de cassonade
+- 2 c. à table de miel liquide
+- 2 c. à table de romarin frais haché
+- 4 gousses d’ail hachées finement
+- 1 c. à thé de poivre noir du moulin
+- 1 c. à thé de graines de moutarde
+
+## Sauce
+
+- 1 c. à table d’échalotes hachées
+- 3 c. à table de porto
+- 2 c. à table de vinaigre balsamique
+- 1/4 de tasse d’huile d’olive
+- romarin frais
+- sel
+
+## Directions
+
+Dans un bol, à l’aide d’un fouet, mélanger le jus de pomme, la moutarde
+de Dijon, l’huile d’olive, la cassonade, le miel, l’ail, le romarin, le
+poivre et les graines de moutarde.
+
+Placer les filets de porc dans un plat en verre peu profond.
+
+Verser la marinade sur les filets de porc et les retourner pour bien
+les enrober.
+
+Couvrir le plat d’une pellicule de plastique. 
+
+Mariner au réfrigérateur au minimum 20 minutes ou jusqu’à 2 heures.
+
+Entre-temps, faire revenir les échalotes dans l'huile.
+
+Ajoutez le porto et vinaigre.
+
+Saler, poivrer et réserver après avoir chauffé.
+
+Ajouter la marinade. 
+
+Faire réduire. 
+
+Passer au tamis.
+
+Cuire à 350°F sur la grille du four ou de 12 à 16 minutes sur le BBQ.
+
+Après avoir mariné, couper les filets de porc en tranches d’un pouce.
+
+Ajouter le jus dans la sauce Porto. 
+
+Arroser de sauce.
+
+\pagebreak
+
+## Tofu addendum
+
+```
+Antoine Beaupré <anarcat@orangeseeds.org> (2024-01-07) (inbox sent)
+Date: Sun, 07 Jan 2024 16:07:25 -0500
+From: Antoine Beaupré <anarcat@orangeseeds.org>
+To: Nick Ackerley <ea610@ncf.ca>
+Subject: Re: Tofu
+
+On 2024-01-06 10:49:00, Nick Ackerley wrote:
+> Hi Antoine!
+>
+> Can you share your amazing not-pork-tofu recipe with me?
+>
+> Sad you weren't able to visit with Rachel et al., this time. Maybe next?
+
+It would have been great to hang out indeed! But I took a rain check and
+visited other friends up north, but really mostly alone, taking a break
+from the family has been kind of great, to be frank. :) Hopefully we can
+make this ride soon enough again, now that it seems the boys handle it
+much better!
+
+Here's the pork-based recipe, from my mom. Replace tofu with pork,
+obviously, but after the marinade, i kind of just wing it: if you can
+fry the tofu on a BBQ that's good, oven can be good as well, best would
+probably be an air frier. For heapmas, i just fried the green onions
+with oil, fried the tofu until it's almost charred, then deglazed with
+the port and vineager, then added all the marinade and reduced until it
+was yum yummy.
+
+-- 
+The odds are greatly against you being immensely smarter than everyone\
+else in the field. If your analysis says your terminal velocity is
+twice the speed of light, you may have invented warp drive, but the
+chances are a lot better that you've screwed up.
+- Akin's Laws of Spacecraft Design
+```
diff --git a/recette/tofu-romarin-porto.md b/recette/tofu-romarin-porto.md
new file mode 100644
index 00000000..d8a3d5dc
--- /dev/null
+++ b/recette/tofu-romarin-porto.md
@@ -0,0 +1,54 @@
+---
+geometry: margin=3cm
+---
+
+# Tofu au romarin et sauce au porto 
+
+## Ingredients
+
+- 1 livre de tofu en gros cubes
+- 1 tasse de jus de pommes 
+- 1/4 de tasse de moutarde de Dijon
+- 2 c. à table d’huile d’olive
+- 1/4 de tasse de cassonade
+- 2 c. à table de miel liquide
+- 2 c. à table de romarin frais haché
+- 4 gousses d’ail hachées finement
+- 1 c. à thé de poivre noir du moulin
+- 1 c. à thé de graines de moutarde
+
+## Sauce
+
+- 1 c. à table d’échalotes hachées
+- 3 c. à table de porto
+- 2 c. à table de vinaigre balsamique
+- 1/4 de tasse d’huile d’olive
+- romarin frais
+- sel
+
+## Directions
+
+Dans un bol, à l’aide d’un fouet, mélanger le jus de pomme, la moutarde
+de Dijon, l’huile d’olive, la cassonade, le miel, l’ail, le romarin, le
+poivre et les graines de moutarde.
+
+Placer le tofu dans un plat en verre peu profond et couvrir avec la
+marinade, bien enrober.
+
+Couvrir le plat d’une pellicule de plastique. 
+
+Mariner au réfrigérateur au minimum 20 minutes ou jusqu’à 2 heures,
+voire 12-24h.
+
+Entre-temps, faire revenir les échalotes dans l'huile.
+
+Griller le tofu jusqu'à ce qu'il soit bien grillé, voire carbonisé,
+saler et poivrer.
+
+Déglacer avec le porto et vinaigre.
+
+Tamiser la marinade.
+
+Ajouter et réduire la marinade. 
+
+\pagebreak
diff --git a/recette/tofu-romarin-porto.pdf b/recette/tofu-romarin-porto.pdf
new file mode 100644
index 00000000..f17a66b7
Binary files /dev/null and b/recette/tofu-romarin-porto.pdf differ

diff --git a/blog/2019-10-16-bus-factor.mdwn b/blog/2019-10-16-bus-factor.mdwn
index 409de6d2..af35c843 100644
--- a/blog/2019-10-16-bus-factor.mdwn
+++ b/blog/2019-10-16-bus-factor.mdwn
@@ -85,4 +85,60 @@ spaghetti code before it even has time to [get flooded over][].
 [Aegir]: https://www.aegirproject.org/
 [AlternC]: https://alternc.org/
 
+# Update: actual research exists
+
+Someone actually did [research this](https://www.scannedinavian.com/the-github-plugin-my-coworkers-asked-me-not-to-write.html). 
+
+The term they use is "truck factor". Their definition "relies on a
+coverage assumption: a system will face serious delays or will be
+likely discontinued if its current set of authors covers less than 50%
+of the current set of files in the system".
+
+It doesn't directly confirm or infirm my theory
+(`avg(bus_factor)==1`), but it certainly seems like 1 is the "[most
+common value](https://en.wikipedia.org/wiki/Mode_(statistics))". If I parse [their data](https://mclare.blog/_file/posts/the-bus-factor/results.4c687f4f.json), I end up with an
+average truck factor of 4.9, but this covers only 133 projects! 
+
+And what's worse, the [original paper](https://arxiv.org/pdf/1604.06766) (from which this project
+list is based on) selected based on most popular GitHub projects:
+
+> To select a target set of subjects, we follow a procedure similar to
+> other studies investigating GitHub [12]–[15]. First, we query the
+> programming languages with the largest number of repositories in
+> GitHub. [...] We then select the 100-top most popular repositories
+> within each target language. [...] Considering only the most popular
+> projects in a given language (S`), we remove the systems in the
+> first quartile (Q1) of the distribution of three metrics, namely
+> number of developers (nd), number of commits (nc), and number of
+> files (nf ). After filtering out subjects in Q1, we compute the
+> intersection of the remaining sets.
+
+So they explicitly target large projects with large numbers of
+developers:
+
+> [...] 133 subjects (T 2), which represent the most important systems per
+> language in GitHub, implemented by teams with a considerable number
+> of active developers and with a considerable number of files
+
+Note that their final list does not include foundational projects like
+OpenSSL, GCC, xz (!) but it does include others like git, Linux, or
+less. So their data is likely skewed towards larger, healthier
+projects than what actually matters.
+
+I would be curious, for example, to see this exercise ran against all
+of Debian `main` or [required](https://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities) packages, if we'd have to pick a
+subset. I suspect the bus factor for those would be *much* smaller,
+and maintain my original theory that it converges towards 1.
+
+I'll also note that the original paper concludes that:
+
+> We show that 87 systems (65%) have TF ≤ 2
+
+... which is *pretty close* (off by one!) to my original theory, which
+I should probably rephrase as "most projects have a bus factor of one"
+(the above paper says it's two).
+
+The new research also implies that the trend is getting worse, with
+the kernel moving from 57 to 12, for example.
+
 [[!tag debian-planet python-planet python software debian]]

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index df7466ca..969e0ede 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -57,7 +57,7 @@ Here's the list of packages I currently use.
 | puppet-mode | [0.4](https://stable.melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests |
 | rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None |
 | recentf | N/A | N/A| None |
-| ripgrep | [0.4.0](https://stable.melpa.org/#/ripgrep) | [2.3.0.post4](https://tracker.debian.org/elpa-rg)| Front-end for ripgrep, a command line search tool |
+| rg | [2.3.0](https://stable.melpa.org/#/rg) | [2.3.0.post4](https://tracker.debian.org/elpa-rg)| A search tool based on ripgrep |
 | shift-number | [0.1](https://stable.melpa.org/#/shift-number) | N/A| Increase/decrease the number at point |
 | smart-mode-line | [2.14](https://stable.melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line |
 | srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme |

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index 5a6f3fa3..df7466ca 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -57,7 +57,7 @@ Here's the list of packages I currently use.
 | puppet-mode | [0.4](https://stable.melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests |
 | rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None |
 | recentf | N/A | N/A| None |
-| ripgrep | [0.4.0](https://stable.melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool |
+| ripgrep | [0.4.0](https://stable.melpa.org/#/ripgrep) | [2.3.0.post4](https://tracker.debian.org/elpa-rg)| Front-end for ripgrep, a command line search tool |
 | shift-number | [0.1](https://stable.melpa.org/#/shift-number) | N/A| Increase/decrease the number at point |
 | smart-mode-line | [2.14](https://stable.melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line |
 | srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme |

diff --git a/blog/2024-08-15-why-trixie.md b/blog/2024-08-15-why-trixie.md
index 83befc1a..17aa8264 100644
--- a/blog/2024-08-15-why-trixie.md
+++ b/blog/2024-08-15-why-trixie.md
@@ -107,7 +107,7 @@ Those are packages that *are* in Debian stable (Bookworm) already, but
 that are somewhat lacking and could benefit from an upgrade.
 
 - [firmware-iwlwifi](https://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git): out of date, can install from unstable
-- [fuzzel][]: [log level noises][A],, paste support
+- [fuzzel][]: [log level noises][A], paste support
   and my [scripts](https://gitlab.com/anarcat/scripts/) in `~/bin` should be patched to use `--cache`
 - [foot][]: [log level noises][B], [quotes selection][], [keyboard
   selection mode](https://codeberg.org/dnkl/foot/issues/419)

diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index a82a7831..8ccb1a24 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -384,6 +384,24 @@ sound and design of the keyboards.
 They have QMK-compatible firmware and pretty designs, with slim and
 TKL keyboards.
 
+I have found a second hand Air75 at some Amazon overflow thing here,
+and it is *really* nice. It's really slim, I (surprisingly) like the
+short travel and the sound is exquisite, even with red switches. It's
+nice to have the combo Bluetooth / USB-C setup, and there's even a
+"2.4GHz transmitter" in there for non-BT operation, but somehow the
+adapter for that was missing from the case.
+
+Two major downsides:
+
+- it's a bit on the heavy side, which would otherwise make this an
+  incredible travel keyboard
+- the TKL layout is a bit too narrow for me, i can't get used to the
+  vertical pgup/pgdown pad
+
+I have also heard first-hand reports of a full USB controller failure
+and a failure of support to provide proper followup, so that's a bit
+concerning.
+
 rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136) and outlined:
 
  * [Halo75 v2](https://nuphy.com/collections/keyboards/products/halo75-v2-qmk-via-wireless-custom-mechanical-keyboard): "[Best Mid-Range Mechanical Keyboard](https://www.rtings.com/keyboard/reviews/best/mechanical)" ([full review](https://www.rtings.com/keyboard/reviews/nuphy/air75-v2-air60-v2-air96-v2))
@@ -398,6 +416,11 @@ rtings reviewed [five models](https://www.rtings.com/keyboard/tools/table/141136
    the Halo96 v2 and Halo75 v2
  * [Field75](https://nuphy.com/collections/keyboards/products/field75): not best in anything ([full review](https://www.rtings.com/keyboard/reviews/nuphy/field75))
 
+## Divinikey
+
+A friend built a [Neo80 keyboard](https://divinikey.com/collections/neo80-keyboard-kit-and-components/products/qwertykeys-neo80-case) by buying a PCB presoldered with
+Gazzew Boba U4 switches, and [earth tone keycaps](https://www.deskhero.ca/products/gmk-earth-tones-keycaps?variant=40347274805314) and likes it.
+
 # Mini / travel keyboards
 
 Those are useful for the media station or traveling on the road with a

diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index 9f2beaec..a63f80ea 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -99,7 +99,8 @@ also have a neat [community forum][]. They are based in China so
 products will ship from there.
 
 Update: they seem to actually have significant GPL-compliance issues,
-from what I've read on hacker news.
+from what I've read on hacker news. See also [this Linux Tech Tips
+forum post](https://linustechtips.com/topic/1331748-shortcircuit-showcases-boox-a-product-that-violates-gpl2/).
 
 [Onyx]: https://en.wikipedia.org/wiki/Onyx_Boox
 [community forum]: http://bbs.onyx-international.com/

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index f131f89b..5a6f3fa3 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -25,50 +25,50 @@ Here's the list of packages I currently use.
 
 | Package | Emacs | Debian | Description |
 | ------- | ----- | ------ | ----------- |
-| anzu | [20240929.201](https://melpa.org/#/anzu) | [0.67.post1](https://tracker.debian.org/elpa-anzu)| Show number of matches in mode-line while searching |
-| auto-dictionary | [20150410.1610](https://melpa.org/#/auto-dictionary) | [1.1.post1](https://tracker.debian.org/elpa-auto-dictionary)| Automatic dictionary switcher for flyspell |
-| cape | [20241211.1804](https://melpa.org/#/cape) | [#728729](https://bugs.debian.org/728729)| Completion At Point Extensions |
-| consult | [20241210.1313](https://melpa.org/#/consult) | [1.8.post1](https://tracker.debian.org/elpa-consult)| Consulting completing-read |
-| corfu | [20241208.2242](https://melpa.org/#/corfu) | [1.5.post1](https://tracker.debian.org/elpa-corfu)| COmpletion in Region FUnction |
-| crux | [20240401.1136](https://melpa.org/#/crux) | [#909337](https://bugs.debian.org/909337)| A Collection of Ridiculously Useful eXtensions |
+| anzu | [0.67](https://stable.melpa.org/#/anzu) | [0.67.post1](https://tracker.debian.org/elpa-anzu)| Show number of matches in mode-line while searching |
+| auto-dictionary | [1.1](https://stable.melpa.org/#/auto-dictionary) | [1.1.post1](https://tracker.debian.org/elpa-auto-dictionary)| Automatic dictionary switcher for flyspell |
+| cape | [1.7](https://stable.melpa.org/#/cape) | [#728729](https://bugs.debian.org/728729)| Completion At Point Extensions |
+| consult | [1.8](https://stable.melpa.org/#/consult) | [1.8.post1](https://tracker.debian.org/elpa-consult)| Consulting completing-read |
+| corfu | [1.5](https://stable.melpa.org/#/corfu) | [1.5.post1](https://tracker.debian.org/elpa-corfu)| COmpletion in Region FUnction |
+| crux | [0.5.0](https://stable.melpa.org/#/crux) | [#909337](https://bugs.debian.org/909337)| A Collection of Ridiculously Useful eXtensions |
 | dabbrev | N/A | N/A| None |
 | devdocs | [20241113.1341](https://melpa.org/#/devdocs) | N/A| Emacs viewer for DevDocs |
-| dimmer | [20220817.122](https://melpa.org/#/dimmer) | [0.4.2+repack20220817.a5b6975.3](https://tracker.debian.org/elpa-dimmer)| Visually highlight the selected buffer |
-| dockerfile-mode | [20240914.1549](https://melpa.org/#/dockerfile-mode) | [1.9.post3](https://tracker.debian.org/elpa-dockerfile-mode)| Major mode for editing Docker's Dockerfiles |
+| dimmer | [0.4.2](https://stable.melpa.org/#/dimmer) | [0.4.2+repack20220817.a5b6975.3](https://tracker.debian.org/elpa-dimmer)| Visually highlight the selected buffer |
+| dockerfile-mode | [1.9](https://stable.melpa.org/#/dockerfile-mode) | [1.9.post3](https://tracker.debian.org/elpa-dockerfile-mode)| Major mode for editing Docker's Dockerfiles |
 | eglot | N/A | [1.15.post3](https://tracker.debian.org/elpa-eglot)| None |
-| embark | [20241003.1953](https://melpa.org/#/embark) | [1.1.post2](https://tracker.debian.org/elpa-embark)| Conveniently act on minibuffer completions |
-| embark-consult | [20240919.1831](https://melpa.org/#/embark-consult) | N/A| Consult integration for Embark |
-| flycheck | [20241130.1502](https://melpa.org/#/flycheck) | [34.1.post2](https://tracker.debian.org/elpa-flycheck)| On-the-fly syntax checking |
+| embark | [1.1](https://stable.melpa.org/#/embark) | [1.1.post2](https://tracker.debian.org/elpa-embark)| Conveniently act on minibuffer completions |
+| embark-consult | [1.1](https://stable.melpa.org/#/embark-consult) | N/A| Consult integration for Embark |
+| flycheck | [34.1](https://stable.melpa.org/#/flycheck) | [34.1.post2](https://tracker.debian.org/elpa-flycheck)| On-the-fly syntax checking |
 | flymake | N/A | N/A| None |
-| format-all | [20241126.829](https://melpa.org/#/format-all) | [0.6.0.post2](https://tracker.debian.org/elpa-format-all)| Auto-format C, C++, JS, Python, Ruby and 50 other languages |
-| frames-only-mode | [20241201.1533](https://melpa.org/#/frames-only-mode) | N/A| Use frames instead of Emacs windows |
+| format-all | [0.6.0](https://stable.melpa.org/#/format-all) | [0.6.0.post2](https://tracker.debian.org/elpa-format-all)| Auto-format C, C++, JS, Python, Ruby and 50 other languages |
+| frames-only-mode | [1.0.0](https://stable.melpa.org/#/frames-only-mode) | N/A| Use frames instead of Emacs windows |
 | gnus-alias | [20230818.1830](https://melpa.org/#/gnus-alias) | N/A| An alternative to gnus-posting-styles |
-| go-mode | [20240620.1948](https://melpa.org/#/go-mode) | N/A| Major mode for the Go programming language |
-| gptel | [20241216.411](https://melpa.org/#/gptel) | N/A| Interact with ChatGPT or other LLMs |
-| hl-todo | [20240805.1444](https://melpa.org/#/hl-todo) | [3.8.1.post1](https://tracker.debian.org/elpa-hl-todo)| Highlight TODO and similar keywords |
+| go-mode | [1.6.0](https://stable.melpa.org/#/go-mode) | N/A| Major mode for the Go programming language |
+| gptel | [0.9.7](https://stable.melpa.org/#/gptel) | N/A| Interact with ChatGPT or other LLMs |
+| hl-todo | [3.8.1](https://stable.melpa.org/#/hl-todo) | [3.8.1.post1](https://tracker.debian.org/elpa-hl-todo)| Highlight TODO and similar keywords |
 | ledger | N/A | [4.0.0.post2](https://tracker.debian.org/elpa-ledger)| None |
-| magit | [20241209.933](https://melpa.org/#/magit) | [4.1.3.post1](https://tracker.debian.org/elpa-magit)| A Git porcelain inside Emacs |
-| marginalia | [20241124.1138](https://melpa.org/#/marginalia) | [1.7.post1](https://tracker.debian.org/elpa-marginalia)| Enrich existing commands with completion annotations |
-| markdown-mode | [20241117.1510](https://melpa.org/#/markdown-mode) | [2.6.post2](https://tracker.debian.org/elpa-markdown-mode)| Major mode for Markdown-formatted text |
-| multiple-cursors | [20241201.1841](https://melpa.org/#/multiple-cursors) | [#861127](https://bugs.debian.org/861127)| Multiple cursors for Emacs |
-| notmuch | [20240816.2039](https://melpa.org/#/notmuch) | [0.38.3.post3](https://tracker.debian.org/elpa-notmuch)| Run notmuch within emacs |
+| magit | [4.1.3](https://stable.melpa.org/#/magit) | [4.1.3.post1](https://tracker.debian.org/elpa-magit)| A Git porcelain inside Emacs |
+| marginalia | [1.7](https://stable.melpa.org/#/marginalia) | [1.7.post1](https://tracker.debian.org/elpa-marginalia)| Enrich existing commands with completion annotations |
+| markdown-mode | [2.6](https://stable.melpa.org/#/markdown-mode) | [2.6.post2](https://tracker.debian.org/elpa-markdown-mode)| Major mode for Markdown-formatted text |
+| multiple-cursors | [1.4.0](https://stable.melpa.org/#/multiple-cursors) | [#861127](https://bugs.debian.org/861127)| Multiple cursors for Emacs |
+| notmuch | [0.38.3](https://stable.melpa.org/#/notmuch) | [0.38.3.post3](https://tracker.debian.org/elpa-notmuch)| Run notmuch within emacs |
 | org | N/A | [9.7.16+dfsg.1](https://tracker.debian.org/elpa-org)| None |
-| pdf-tools | [20240429.407](https://melpa.org/#/pdf-tools) | [1.1.0.post3](https://tracker.debian.org/elpa-pdf-tools)| Support library for PDF documents |
-| puppet-mode | [20210305.645](https://melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests |
+| pdf-tools | [1.1.0](https://stable.melpa.org/#/pdf-tools) | [1.1.0.post3](https://tracker.debian.org/elpa-pdf-tools)| Support library for PDF documents |
+| puppet-mode | [0.4](https://stable.melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests |
 | rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None |
 | recentf | N/A | N/A| None |
-| ripgrep | [20220520.1410](https://melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool |
-| shift-number | [20170301.1459](https://melpa.org/#/shift-number) | N/A| Increase/decrease the number at point |
-| smart-mode-line | [20240924.2322](https://melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line |
+| ripgrep | [0.4.0](https://stable.melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool |
+| shift-number | [0.1](https://stable.melpa.org/#/shift-number) | N/A| Increase/decrease the number at point |
+| smart-mode-line | [2.14](https://stable.melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line |
 | srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme |
-| vertico | [20241208.2233](https://melpa.org/#/vertico) | [1.9.post1](https://tracker.debian.org/elpa-vertico)| VERTical Interactive COmpletion |
+| vertico | [1.9](https://stable.melpa.org/#/vertico) | [1.9.post1](https://tracker.debian.org/elpa-vertico)| VERTical Interactive COmpletion |
 | visual-fill-column-mode | N/A | N/A| None |
-| wc-mode | [20210418.47](https://melpa.org/#/wc-mode) | [1.4.post2](https://tracker.debian.org/elpa-wc-mode)| Running word count with goals (minor mode) |
-| which-key | [20240620.2145](https://melpa.org/#/which-key) | [3.6.0.post2](https://tracker.debian.org/elpa-which-key)| Display available keybindings in popup |
-| writegood-mode | [20220511.2109](https://melpa.org/#/writegood-mode) | [2.2.0.post3](https://tracker.debian.org/elpa-writegood-mode)| Polish up poor writing on the fly |
-| writeroom-mode | [20231103.931](https://melpa.org/#/writeroom-mode) | [3.11.post3](https://tracker.debian.org/elpa-writeroom-mode)| Minor mode for distraction-free writing |
-| ws-butler | [20241107.519](https://melpa.org/#/ws-butler) | [0.6.post5](https://tracker.debian.org/elpa-ws-butler)| Unobtrusively remove trailing whitespace |
-| yasnippet | [20241013.1557](https://melpa.org/#/yasnippet) | [0.14.0+git20230912.76e1eee6.2](https://tracker.debian.org/elpa-yasnippet)| Yet another snippet extension for Emacs |
+| wc-mode | [1.4.1](https://stable.melpa.org/#/wc-mode) | [1.4.post2](https://tracker.debian.org/elpa-wc-mode)| Running word count with goals (minor mode) |
+| which-key | [3.6.0](https://stable.melpa.org/#/which-key) | [3.6.0.post2](https://tracker.debian.org/elpa-which-key)| Display available keybindings in popup |
+| writegood-mode | [2.2.0](https://stable.melpa.org/#/writegood-mode) | [2.2.0.post3](https://tracker.debian.org/elpa-writegood-mode)| Polish up poor writing on the fly |
+| writeroom-mode | [3.11](https://stable.melpa.org/#/writeroom-mode) | [3.11.post3](https://tracker.debian.org/elpa-writeroom-mode)| Minor mode for distraction-free writing |
+| ws-butler | [0.7](https://stable.melpa.org/#/ws-butler) | [0.6.post5](https://tracker.debian.org/elpa-ws-butler)| Unobtrusively remove trailing whitespace |
+| yasnippet | [0.14.0](https://stable.melpa.org/#/yasnippet) | [0.14.0+git20230912.76e1eee6.2](https://tracker.debian.org/elpa-yasnippet)| Yet another snippet extension for Emacs |
 
 The above was automatically generated using [check-emacs-packages](https://gitlab.com/anarcat/scripts/blob/main/check-emacs-packages)
 with some manual modifications for packages on the main ELPA archive

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index e995c141..f131f89b 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -78,16 +78,3 @@ packages into the script, I used this mighty pipeline:
     check-emacs-packages $( ( grep '^(use-package' ~/.emacs.d/init.el | sed 's/.* //' ; \
     grep -A2 packages ~/.emacs.d/custom.el  | tail -1 | sed 's/[()]//g;s/ /\n/g' ) \
     | sort -u ) 2>/dev/null
-
-Some packages are edited by hand:
-
- * `dictionary-el` does not follow the emacs team naming convention
- * `ein` has a false positive in WNPP
- * `gnus-alias` is not in stable MELPA
- * `org-mode` is not on any archive?
- * `rainbow-mode` is in GNU ELPA, not MELPA
- * `vc` is part of Emacs even though I load it with use-package so it
-   is not listed here
-
-This might be part of an override file instead of having to hand-craft
-this...

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index d1c02f61..e995c141 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -23,52 +23,52 @@ those packages.
 
 Here's the list of packages I currently use.
 
-Package | Emacs | Debian | Description
-------- | ----- | ------ | -----------
-anzu | [20240929.201](https://melpa.org/#/anzu) | [0.67.post1](https://tracker.debian.org/elpa-anzu)| Show number of matches in mode-line while searching
-auto-dictionary | [20150410.1610](https://melpa.org/#/auto-dictionary) | [1.1.post1](https://tracker.debian.org/elpa-auto-dictionary)| Automatic dictionary switcher for flyspell
-cape | [20241211.1804](https://melpa.org/#/cape) | [#728729](https://bugs.debian.org/728729)| Completion At Point Extensions
-consult | [20241210.1313](https://melpa.org/#/consult) | [1.8.post1](https://tracker.debian.org/elpa-consult)| Consulting completing-read
-corfu | [20241208.2242](https://melpa.org/#/corfu) | [1.5.post1](https://tracker.debian.org/elpa-corfu)| COmpletion in Region FUnction
-crux | [20240401.1136](https://melpa.org/#/crux) | [#909337](https://bugs.debian.org/909337)| A Collection of Ridiculously Useful eXtensions
-dabbrev | N/A | N/A| None
-devdocs | [20241113.1341](https://melpa.org/#/devdocs) | N/A| Emacs viewer for DevDocs
-dimmer | [20220817.122](https://melpa.org/#/dimmer) | [0.4.2+repack20220817.a5b6975.3](https://tracker.debian.org/elpa-dimmer)| Visually highlight the selected buffer
-dockerfile-mode | [20240914.1549](https://melpa.org/#/dockerfile-mode) | [1.9.post3](https://tracker.debian.org/elpa-dockerfile-mode)| Major mode for editing Docker's Dockerfiles
-eglot | N/A | [1.15.post3](https://tracker.debian.org/elpa-eglot)| None
-embark | [20241003.1953](https://melpa.org/#/embark) | [1.1.post2](https://tracker.debian.org/elpa-embark)| Conveniently act on minibuffer completions
-embark-consult | [20240919.1831](https://melpa.org/#/embark-consult) | N/A| Consult integration for Embark
-flycheck | [20241130.1502](https://melpa.org/#/flycheck) | [34.1.post2](https://tracker.debian.org/elpa-flycheck)| On-the-fly syntax checking
-flymake | N/A | N/A| None
-format-all | [20241126.829](https://melpa.org/#/format-all) | [0.6.0.post2](https://tracker.debian.org/elpa-format-all)| Auto-format C, C++, JS, Python, Ruby and 50 other languages
-frames-only-mode | [20241201.1533](https://melpa.org/#/frames-only-mode) | N/A| Use frames instead of Emacs windows
-gnus-alias | [20230818.1830](https://melpa.org/#/gnus-alias) | N/A| An alternative to gnus-posting-styles
-go-mode | [20240620.1948](https://melpa.org/#/go-mode) | N/A| Major mode for the Go programming language
-gptel | [20241216.411](https://melpa.org/#/gptel) | N/A| Interact with ChatGPT or other LLMs
-hl-todo | [20240805.1444](https://melpa.org/#/hl-todo) | [3.8.1.post1](https://tracker.debian.org/elpa-hl-todo)| Highlight TODO and similar keywords
-ledger | N/A | [4.0.0.post2](https://tracker.debian.org/elpa-ledger)| None
-magit | [20241209.933](https://melpa.org/#/magit) | [4.1.3.post1](https://tracker.debian.org/elpa-magit)| A Git porcelain inside Emacs
-marginalia | [20241124.1138](https://melpa.org/#/marginalia) | [1.7.post1](https://tracker.debian.org/elpa-marginalia)| Enrich existing commands with completion annotations
-markdown-mode | [20241117.1510](https://melpa.org/#/markdown-mode) | [2.6.post2](https://tracker.debian.org/elpa-markdown-mode)| Major mode for Markdown-formatted text
-multiple-cursors | [20241201.1841](https://melpa.org/#/multiple-cursors) | [#861127](https://bugs.debian.org/861127)| Multiple cursors for Emacs
-notmuch | [20240816.2039](https://melpa.org/#/notmuch) | [0.38.3.post3](https://tracker.debian.org/elpa-notmuch)| Run notmuch within emacs
-org | N/A | [9.7.16+dfsg.1](https://tracker.debian.org/elpa-org)| None
-pdf-tools | [20240429.407](https://melpa.org/#/pdf-tools) | [1.1.0.post3](https://tracker.debian.org/elpa-pdf-tools)| Support library for PDF documents
-puppet-mode | [20210305.645](https://melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests
-rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None
-recentf | N/A | N/A| None
-ripgrep | [20220520.1410](https://melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool
-shift-number | [20170301.1459](https://melpa.org/#/shift-number) | N/A| Increase/decrease the number at point
-smart-mode-line | [20240924.2322](https://melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line
-srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme
-vertico | [20241208.2233](https://melpa.org/#/vertico) | [1.9.post1](https://tracker.debian.org/elpa-vertico)| VERTical Interactive COmpletion
-visual-fill-column-mode | N/A | N/A| None
-wc-mode | [20210418.47](https://melpa.org/#/wc-mode) | [1.4.post2](https://tracker.debian.org/elpa-wc-mode)| Running word count with goals (minor mode)
-which-key | [20240620.2145](https://melpa.org/#/which-key) | [3.6.0.post2](https://tracker.debian.org/elpa-which-key)| Display available keybindings in popup
-writegood-mode | [20220511.2109](https://melpa.org/#/writegood-mode) | [2.2.0.post3](https://tracker.debian.org/elpa-writegood-mode)| Polish up poor writing on the fly
-writeroom-mode | [20231103.931](https://melpa.org/#/writeroom-mode) | [3.11.post3](https://tracker.debian.org/elpa-writeroom-mode)| Minor mode for distraction-free writing
-ws-butler | [20241107.519](https://melpa.org/#/ws-butler) | [0.6.post5](https://tracker.debian.org/elpa-ws-butler)| Unobtrusively remove trailing whitespace
-yasnippet | [20241013.1557](https://melpa.org/#/yasnippet) | [0.14.0+git20230912.76e1eee6.2](https://tracker.debian.org/elpa-yasnippet)| Yet another snippet extension for Emacs
+| Package | Emacs | Debian | Description |
+| ------- | ----- | ------ | ----------- |
+| anzu | [20240929.201](https://melpa.org/#/anzu) | [0.67.post1](https://tracker.debian.org/elpa-anzu)| Show number of matches in mode-line while searching |
+| auto-dictionary | [20150410.1610](https://melpa.org/#/auto-dictionary) | [1.1.post1](https://tracker.debian.org/elpa-auto-dictionary)| Automatic dictionary switcher for flyspell |
+| cape | [20241211.1804](https://melpa.org/#/cape) | [#728729](https://bugs.debian.org/728729)| Completion At Point Extensions |
+| consult | [20241210.1313](https://melpa.org/#/consult) | [1.8.post1](https://tracker.debian.org/elpa-consult)| Consulting completing-read |
+| corfu | [20241208.2242](https://melpa.org/#/corfu) | [1.5.post1](https://tracker.debian.org/elpa-corfu)| COmpletion in Region FUnction |
+| crux | [20240401.1136](https://melpa.org/#/crux) | [#909337](https://bugs.debian.org/909337)| A Collection of Ridiculously Useful eXtensions |
+| dabbrev | N/A | N/A| None |
+| devdocs | [20241113.1341](https://melpa.org/#/devdocs) | N/A| Emacs viewer for DevDocs |
+| dimmer | [20220817.122](https://melpa.org/#/dimmer) | [0.4.2+repack20220817.a5b6975.3](https://tracker.debian.org/elpa-dimmer)| Visually highlight the selected buffer |
+| dockerfile-mode | [20240914.1549](https://melpa.org/#/dockerfile-mode) | [1.9.post3](https://tracker.debian.org/elpa-dockerfile-mode)| Major mode for editing Docker's Dockerfiles |
+| eglot | N/A | [1.15.post3](https://tracker.debian.org/elpa-eglot)| None |
+| embark | [20241003.1953](https://melpa.org/#/embark) | [1.1.post2](https://tracker.debian.org/elpa-embark)| Conveniently act on minibuffer completions |
+| embark-consult | [20240919.1831](https://melpa.org/#/embark-consult) | N/A| Consult integration for Embark |
+| flycheck | [20241130.1502](https://melpa.org/#/flycheck) | [34.1.post2](https://tracker.debian.org/elpa-flycheck)| On-the-fly syntax checking |
+| flymake | N/A | N/A| None |
+| format-all | [20241126.829](https://melpa.org/#/format-all) | [0.6.0.post2](https://tracker.debian.org/elpa-format-all)| Auto-format C, C++, JS, Python, Ruby and 50 other languages |
+| frames-only-mode | [20241201.1533](https://melpa.org/#/frames-only-mode) | N/A| Use frames instead of Emacs windows |
+| gnus-alias | [20230818.1830](https://melpa.org/#/gnus-alias) | N/A| An alternative to gnus-posting-styles |
+| go-mode | [20240620.1948](https://melpa.org/#/go-mode) | N/A| Major mode for the Go programming language |
+| gptel | [20241216.411](https://melpa.org/#/gptel) | N/A| Interact with ChatGPT or other LLMs |
+| hl-todo | [20240805.1444](https://melpa.org/#/hl-todo) | [3.8.1.post1](https://tracker.debian.org/elpa-hl-todo)| Highlight TODO and similar keywords |
+| ledger | N/A | [4.0.0.post2](https://tracker.debian.org/elpa-ledger)| None |
+| magit | [20241209.933](https://melpa.org/#/magit) | [4.1.3.post1](https://tracker.debian.org/elpa-magit)| A Git porcelain inside Emacs |
+| marginalia | [20241124.1138](https://melpa.org/#/marginalia) | [1.7.post1](https://tracker.debian.org/elpa-marginalia)| Enrich existing commands with completion annotations |
+| markdown-mode | [20241117.1510](https://melpa.org/#/markdown-mode) | [2.6.post2](https://tracker.debian.org/elpa-markdown-mode)| Major mode for Markdown-formatted text |
+| multiple-cursors | [20241201.1841](https://melpa.org/#/multiple-cursors) | [#861127](https://bugs.debian.org/861127)| Multiple cursors for Emacs |
+| notmuch | [20240816.2039](https://melpa.org/#/notmuch) | [0.38.3.post3](https://tracker.debian.org/elpa-notmuch)| Run notmuch within emacs |
+| org | N/A | [9.7.16+dfsg.1](https://tracker.debian.org/elpa-org)| None |
+| pdf-tools | [20240429.407](https://melpa.org/#/pdf-tools) | [1.1.0.post3](https://tracker.debian.org/elpa-pdf-tools)| Support library for PDF documents |
+| puppet-mode | [20210305.645](https://melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests |
+| rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None |
+| recentf | N/A | N/A| None |
+| ripgrep | [20220520.1410](https://melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool |
+| shift-number | [20170301.1459](https://melpa.org/#/shift-number) | N/A| Increase/decrease the number at point |
+| smart-mode-line | [20240924.2322](https://melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line |
+| srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme |
+| vertico | [20241208.2233](https://melpa.org/#/vertico) | [1.9.post1](https://tracker.debian.org/elpa-vertico)| VERTical Interactive COmpletion |
+| visual-fill-column-mode | N/A | N/A| None |
+| wc-mode | [20210418.47](https://melpa.org/#/wc-mode) | [1.4.post2](https://tracker.debian.org/elpa-wc-mode)| Running word count with goals (minor mode) |
+| which-key | [20240620.2145](https://melpa.org/#/which-key) | [3.6.0.post2](https://tracker.debian.org/elpa-which-key)| Display available keybindings in popup |
+| writegood-mode | [20220511.2109](https://melpa.org/#/writegood-mode) | [2.2.0.post3](https://tracker.debian.org/elpa-writegood-mode)| Polish up poor writing on the fly |
+| writeroom-mode | [20231103.931](https://melpa.org/#/writeroom-mode) | [3.11.post3](https://tracker.debian.org/elpa-writeroom-mode)| Minor mode for distraction-free writing |
+| ws-butler | [20241107.519](https://melpa.org/#/ws-butler) | [0.6.post5](https://tracker.debian.org/elpa-ws-butler)| Unobtrusively remove trailing whitespace |
+| yasnippet | [20241013.1557](https://melpa.org/#/yasnippet) | [0.14.0+git20230912.76e1eee6.2](https://tracker.debian.org/elpa-yasnippet)| Yet another snippet extension for Emacs |
 
 The above was automatically generated using [check-emacs-packages](https://gitlab.com/anarcat/scripts/blob/main/check-emacs-packages)
 with some manual modifications for packages on the main ELPA archive

diff --git a/software/desktop/emacs.mdwn b/software/desktop/emacs.mdwn
index 4c5f17c0..d1c02f61 100644
--- a/software/desktop/emacs.mdwn
+++ b/software/desktop/emacs.mdwn
@@ -25,40 +25,59 @@ Here's the list of packages I currently use.
 
 Package | Emacs | Debian | Description
 ------- | ----- | ------ | -----------
-anzu | [0.62](https://stable.melpa.org/#/anzu) | [0.62-2](https://tracker.debian.org/elpa-anzu) | Show number of matches in mode-line while searching
-atomic-chrome | [2.0.0](https://stable.melpa.org/#/atomic-chrome) | [#909336](http://bugs.debian.org/909336) | Edit Chrome text area with Emacs using Atomic Chrome
-auto-dictionary | [1.1](https://stable.melpa.org/#/auto-dictionary) | [1.1-1](https://tracker.debian.org/elpa-auto-dictionary) | automatic dictionary switcher for flyspell
-company | [0.9.6](https://stable.melpa.org/#/company) | [0.9.6-1](https://tracker.debian.org/elpa-company) | Modular text completion framework
-company-go | [20170907](https://stable.melpa.org/#/company-go) | [20170907-3](https://tracker.debian.org/elpa-company-go) | company-mode backend for Go (using gocode)
-crux | [0.3.0](https://stable.melpa.org/#/crux) | [#909337](http://bugs.debian.org/909337) | A Collection of Ridiculously Useful eXtensions
-dictionary | [1.10](https://stable.melpa.org/#/dictionary) | [1.10-3](https://tracker.debian.org/pkg/dictionary-el) | Client for rfc2229 dictionary servers
-ein | [0.14.1](https://stable.melpa.org/#/ein) | [None](https://bugs.debian.org/) | Emacs IPython Notebook
-elpy | [1.24.0](https://stable.melpa.org/#/elpy) | [1.24.0-1](https://tracker.debian.org/elpa-elpy) | Emacs Python Development Environment
-gnus-alias | [20150316.42](https://melpa.org/#/gnus-alias) | [None](https://bugs.debian.org/) | an alternative to gnus-posting-styles
-go-mode | [1.5.0](https://stable.melpa.org/#/go-mode) | [3:1.5.0-2](https://tracker.debian.org/elpa-go-mode) | Major mode for the Go programming language
-ledger | [20180826.243](https://melpa.org/#/ledger-mode) | [3.1.2~pre1+g3a00e1c+dfsg1-5](https://tracker.debian.org/elpa-ledger) | command-line double-entry accounting program (emacs interface)
-magit | [2.13.0](https://stable.melpa.org/#/magit) | [2.13.0-3](https://tracker.debian.org/elpa-magit) | A Git porcelain inside Emacs.
-markdown-mode | [2.3](https://stable.melpa.org/#/markdown-mode) | [2.3+154-1](https://tracker.debian.org/elpa-markdown-mode) | Major mode for Markdown-formatted text
-markdown-toc | [0.1.2](https://stable.melpa.org/#/markdown-toc) | [#861128](http://bugs.debian.org/861128) | A simple TOC generator for markdown file
-multiple-cursors | [1.4.0](https://stable.melpa.org/#/multiple-cursors) | [#861127](http://bugs.debian.org/861127) | Multiple cursors for Emacs.
-notmuch | [0.27](https://stable.melpa.org/#/notmuch) | [0.27-3](https://tracker.debian.org/elpa-notmuch) | run notmuch within emacs
-org | [None](https://github.com/melpa/melpa/blob/master/CONTRIBUTING.org) | [9.1.14+dfsg-3](https://tracker.debian.org/elpa-org) | Keep notes, maintain ToDo lists, and do project planning in emacs
-rainbow-mode | [1.0.1](https://elpa.gnu.org/packages/rainbow-mode.html) | [1.0.1-1](https://tracker.debian.org/elpa-rainbow-mode) | Colorize color names in buffers
-solarized-theme | [1.2.2](https://stable.melpa.org/#/solarized-theme) | [1.2.2-3](https://tracker.debian.org/elpa-solarized-theme) | The Solarized color theme, ported to Emacs.
-use-package | [2.3](https://stable.melpa.org/#/use-package) | [2.3+repack-2](https://tracker.debian.org/elpa-use-package) | A use-package declaration for simplifying your .emacs
-webpaste | [2.1.0](https://stable.melpa.org/#/webpaste) | [None](https://bugs.debian.org/) | Paste to pastebin-like services
-writegood-mode | [2.0.3](https://stable.melpa.org/#/writegood-mode) | [2.0.3-1](https://tracker.debian.org/elpa-writegood-mode) | Polish up poor writing on the fly
-writeroom-mode | [3.7](https://stable.melpa.org/#/writeroom-mode) | [#861124](http://bugs.debian.org/861124) | Minor mode for distraction-free writing
-yasnippet | [0.13.0](https://stable.melpa.org/#/yasnippet) | [0.13.0-2](https://tracker.debian.org/elpa-yasnippet) | Yet another snippet extension for Emacs.
+anzu | [20240929.201](https://melpa.org/#/anzu) | [0.67.post1](https://tracker.debian.org/elpa-anzu)| Show number of matches in mode-line while searching
+auto-dictionary | [20150410.1610](https://melpa.org/#/auto-dictionary) | [1.1.post1](https://tracker.debian.org/elpa-auto-dictionary)| Automatic dictionary switcher for flyspell
+cape | [20241211.1804](https://melpa.org/#/cape) | [#728729](https://bugs.debian.org/728729)| Completion At Point Extensions
+consult | [20241210.1313](https://melpa.org/#/consult) | [1.8.post1](https://tracker.debian.org/elpa-consult)| Consulting completing-read
+corfu | [20241208.2242](https://melpa.org/#/corfu) | [1.5.post1](https://tracker.debian.org/elpa-corfu)| COmpletion in Region FUnction
+crux | [20240401.1136](https://melpa.org/#/crux) | [#909337](https://bugs.debian.org/909337)| A Collection of Ridiculously Useful eXtensions
+dabbrev | N/A | N/A| None
+devdocs | [20241113.1341](https://melpa.org/#/devdocs) | N/A| Emacs viewer for DevDocs
+dimmer | [20220817.122](https://melpa.org/#/dimmer) | [0.4.2+repack20220817.a5b6975.3](https://tracker.debian.org/elpa-dimmer)| Visually highlight the selected buffer
+dockerfile-mode | [20240914.1549](https://melpa.org/#/dockerfile-mode) | [1.9.post3](https://tracker.debian.org/elpa-dockerfile-mode)| Major mode for editing Docker's Dockerfiles
+eglot | N/A | [1.15.post3](https://tracker.debian.org/elpa-eglot)| None
+embark | [20241003.1953](https://melpa.org/#/embark) | [1.1.post2](https://tracker.debian.org/elpa-embark)| Conveniently act on minibuffer completions
+embark-consult | [20240919.1831](https://melpa.org/#/embark-consult) | N/A| Consult integration for Embark
+flycheck | [20241130.1502](https://melpa.org/#/flycheck) | [34.1.post2](https://tracker.debian.org/elpa-flycheck)| On-the-fly syntax checking
+flymake | N/A | N/A| None
+format-all | [20241126.829](https://melpa.org/#/format-all) | [0.6.0.post2](https://tracker.debian.org/elpa-format-all)| Auto-format C, C++, JS, Python, Ruby and 50 other languages
+frames-only-mode | [20241201.1533](https://melpa.org/#/frames-only-mode) | N/A| Use frames instead of Emacs windows
+gnus-alias | [20230818.1830](https://melpa.org/#/gnus-alias) | N/A| An alternative to gnus-posting-styles
+go-mode | [20240620.1948](https://melpa.org/#/go-mode) | N/A| Major mode for the Go programming language
+gptel | [20241216.411](https://melpa.org/#/gptel) | N/A| Interact with ChatGPT or other LLMs
+hl-todo | [20240805.1444](https://melpa.org/#/hl-todo) | [3.8.1.post1](https://tracker.debian.org/elpa-hl-todo)| Highlight TODO and similar keywords
+ledger | N/A | [4.0.0.post2](https://tracker.debian.org/elpa-ledger)| None
+magit | [20241209.933](https://melpa.org/#/magit) | [4.1.3.post1](https://tracker.debian.org/elpa-magit)| A Git porcelain inside Emacs
+marginalia | [20241124.1138](https://melpa.org/#/marginalia) | [1.7.post1](https://tracker.debian.org/elpa-marginalia)| Enrich existing commands with completion annotations
+markdown-mode | [20241117.1510](https://melpa.org/#/markdown-mode) | [2.6.post2](https://tracker.debian.org/elpa-markdown-mode)| Major mode for Markdown-formatted text
+multiple-cursors | [20241201.1841](https://melpa.org/#/multiple-cursors) | [#861127](https://bugs.debian.org/861127)| Multiple cursors for Emacs
+notmuch | [20240816.2039](https://melpa.org/#/notmuch) | [0.38.3.post3](https://tracker.debian.org/elpa-notmuch)| Run notmuch within emacs
+org | N/A | [9.7.16+dfsg.1](https://tracker.debian.org/elpa-org)| None
+pdf-tools | [20240429.407](https://melpa.org/#/pdf-tools) | [1.1.0.post3](https://tracker.debian.org/elpa-pdf-tools)| Support library for PDF documents
+puppet-mode | [20210305.645](https://melpa.org/#/puppet-mode) | [0.4.post5](https://tracker.debian.org/elpa-puppet-mode)| Major mode for Puppet manifests
+rainbow-mode | N/A | [1.0.6.post2](https://tracker.debian.org/elpa-rainbow-mode)| None
+recentf | N/A | N/A| None
+ripgrep | [20220520.1410](https://melpa.org/#/ripgrep) | [#976297](https://bugs.debian.org/976297)| Front-end for ripgrep, a command line search tool
+shift-number | [20170301.1459](https://melpa.org/#/shift-number) | N/A| Increase/decrease the number at point
+smart-mode-line | [20240924.2322](https://melpa.org/#/smart-mode-line) | [2.14.post2](https://tracker.debian.org/elpa-smart-mode-line)| A color coded smart mode-line
+srcery-theme | [20240220.805](https://melpa.org/#/srcery-theme) | N/A| Dark color theme
+vertico | [20241208.2233](https://melpa.org/#/vertico) | [1.9.post1](https://tracker.debian.org/elpa-vertico)| VERTical Interactive COmpletion
+visual-fill-column-mode | N/A | N/A| None
+wc-mode | [20210418.47](https://melpa.org/#/wc-mode) | [1.4.post2](https://tracker.debian.org/elpa-wc-mode)| Running word count with goals (minor mode)
+which-key | [20240620.2145](https://melpa.org/#/which-key) | [3.6.0.post2](https://tracker.debian.org/elpa-which-key)| Display available keybindings in popup
+writegood-mode | [20220511.2109](https://melpa.org/#/writegood-mode) | [2.2.0.post3](https://tracker.debian.org/elpa-writegood-mode)| Polish up poor writing on the fly
+writeroom-mode | [20231103.931](https://melpa.org/#/writeroom-mode) | [3.11.post3](https://tracker.debian.org/elpa-writeroom-mode)| Minor mode for distraction-free writing
+ws-butler | [20241107.519](https://melpa.org/#/ws-butler) | [0.6.post5](https://tracker.debian.org/elpa-ws-butler)| Unobtrusively remove trailing whitespace
+yasnippet | [20241013.1557](https://melpa.org/#/yasnippet) | [0.14.0+git20230912.76e1eee6.2](https://tracker.debian.org/elpa-yasnippet)| Yet another snippet extension for Emacs
 
 The above was automatically generated using [check-emacs-packages](https://gitlab.com/anarcat/scripts/blob/main/check-emacs-packages)
 with some manual modifications for packages on the main ELPA archive
 (as opposed to MELPA, which is surprisingly rare). To feed the list of
 packages into the script, I used this mighty pipeline:
 
-    check-emacs-packages $( ( grep '^(use-package' ~/.emacs | sed 's/.* //' ; \
-    grep -A2 packages ~/.emacs-custom  | tail -1 | sed 's/[()]//g;s/ /\n/g' ) \
-    | sort -u )
+    check-emacs-packages $( ( grep '^(use-package' ~/.emacs.d/init.el | sed 's/.* //' ; \
+    grep -A2 packages ~/.emacs.d/custom.el  | tail -1 | sed 's/[()]//g;s/ /\n/g' ) \
+    | sort -u ) 2>/dev/null
 
 Some packages are edited by hand:
 

diff --git a/services/upgrades/bookworm.md b/services/upgrades/bookworm.md
index 335b2863..23e38d40 100644
--- a/services/upgrades/bookworm.md
+++ b/services/upgrades/bookworm.md
@@ -49,9 +49,9 @@ can log back in over a serial console or virtual terminal.
 
  1. Preparation:
 
-        echo reset to the default locale
+        echo reset to the default locale &&
         export LC_ALL=C.UTF-8 &&
-        echo install some dependencies
+        echo install some dependencies &&
         sudo apt install ttyrec screen debconf-utils deborphan apt-forktracer &&
         echo create ttyrec file with adequate permissions &&
         sudo touch /var/log/upgrade-bookworm.ttyrec &&