Recent changes to this wiki. Not to be confused with my history.

Complete source to the wiki is available on GitLab:

git clone http://gitlab.com/anarcat/anarc.at.git
zfs: example rescue encrypted operation
diff --git a/software/zfs.md b/software/zfs.md
index 53d7680f..4c8aaf6e 100644
--- a/software/zfs.md
+++ b/software/zfs.md
@@ -163,6 +163,10 @@ with:
 
     zpool import -l -a
 
+For rescue operations, that would be the right incantation:
+
+    zpool import -l -a -R /mnt
+
 ## Deprecated: zfsutil
 
 This is another way to use an alternate mountpoint, although I'm less

printer rec
diff --git a/hardware/printer.md b/hardware/printer.md
index d180855b..34153f38 100644
--- a/hardware/printer.md
+++ b/hardware/printer.md
@@ -37,6 +37,7 @@
    laser-like price for ink jet printers... the Epson printers that do
    it do have a hefty upfront cost, and they still seem to suffer from
    "drying out" problems when not in use
+ * [use Brother or Epson](https://hachyderm.io/@jbcrawford/112018421075831627)
 
 # Options
 

negative qotom review
diff --git a/hardware/margaret.md b/hardware/margaret.md
index c87087bd..2cd2c452 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -292,6 +292,8 @@ model](https://fr.aliexpress.com/item/1005004093716962.html) for 233$. Go figure
 of the [Qotom Q20332G9-S10](https://www.qotom.net/product/RouterPC_Q20331G9S10.html) (4x2.5G 4xSFP+ 10G). I was also
 recommended [this 4x2.5G router](https://www.aliexpress.com/item/1005004360072281.html). 
 
+They have been [negatively reviewed on OpenWRT forums](https://forum.openwrt.org/t/recommendations-for-a-gigabit-bridge-possibly-with-sfp/177592/13).
+
 ## Turris
 
 The Turris Omnia is the device that was used as a core router before

update network map
diff --git "a/services/r\303\251seau.mdwn" "b/services/r\303\251seau.mdwn"
index 025f91fd..bce398a5 100644
--- "a/services/r\303\251seau.mdwn"
+++ "b/services/r\303\251seau.mdwn"
@@ -55,7 +55,29 @@ another DNS server.
 The key question is whether two DNS servers need to be provided,
 because that configuration would obviously more involved.
 
-# Plan du réseau
+# Plans réseau
+
+## 2024-...
+
+![Plan du réseau][2024]
+
+  [2024]: plan-2024.svg "IP addresses specified if present, otherwise model number detailed."
+
+The network is setup generally like this:
+
+ 1. internet (TekSavvy, business line)
+ 2. bonder (TekSavvy owned PC that does some magic to get a static IP
+    address and, optionally, redundancy)
+ 3. router ([[hardware/margaret]])
+ 4. switch to which is connected:
+    * wifi access point with PoE ([[hardware/svetlana]])
+    * office wifi access point connected over fibre because of the
+      long, outdoors link ([[hardware/octavia]])
+    * ATA (Cisco SPA-112 VoIP adapter)
+    * main server [[hardware/server/marcos]]
+    * home cinema ([[hardware/ursula]])
+
+## 2015-2022
 
 ![Plan du réseau][1]
 
diff --git "a/services/r\303\251seau/plan-2024.svg" "b/services/r\303\251seau/plan-2024.svg"
new file mode 100644
index 00000000..c0c7c392
--- /dev/null
+++ "b/services/r\303\251seau/plan-2024.svg"
@@ -0,0 +1,1540 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="17cm"
+   height="22cm"
+   viewBox="330 1 324 439"
+   version="1.1"
+   id="svg682"
+   sodipodi:docname="plan-2024.svg"
+   inkscape:version="1.2.2 (b0a8486541, 2022-12-01)"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <defs
+     id="defs686" />
+  <sodipodi:namedview
+     id="namedview684"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:showpageshadow="2"
+     inkscape:pageopacity="0.0"
+     inkscape:pagecheckerboard="0"
+     inkscape:deskcolor="#d1d1d1"
+     inkscape:document-units="cm"
+     showgrid="false"
+     inkscape:zoom="0.75647728"
+     inkscape:cx="705.90355"
+     inkscape:cy="470.60237"
+     inkscape:window-width="1502"
+     inkscape:window-height="974"
+     inkscape:window-x="0"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1"
+     inkscape:current-layer="Arrière-plan" />
+  <g
+     id="Background" />
+  <g
+     id="Arrière-plan">
+    <g
+       id="g183"
+       transform="matrix(0.99999483,0,0,1.1667581,0.00257886,-17.830284)">
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 584.709,165.832 -0.067,-2.917 -0.235,-2.918 -0.437,-2.865 -0.605,-2.866 -0.807,-2.917 -0.907,-2.815 -1.143,-2.764 -1.277,-2.712 -1.378,-2.712 -1.613,-2.559 -1.714,-2.559 -1.883,-2.405 -2.05,-2.405 -2.151,-2.252 -2.285,-2.201 -2.454,-2.047 -2.52,-1.996 -2.622,-1.842 -2.756,-1.74 -2.857,-1.587 -2.958,-1.535 -3.058,-1.279 -3.058,-1.28 -3.193,-1.074 -3.261,-0.973 -3.26,-0.819 -3.327,-0.665 -3.361,-0.46 -3.395,-0.41 -3.428,-0.205 -3.428,-0.102 v 0 l -3.395,0.102 -3.461,0.205 -3.361,0.41 -3.361,0.46 -3.361,0.665 -3.26,0.819 -3.261,0.973 -3.159,1.074 -3.126,1.28 -2.991,1.279 -2.958,1.535 -2.823,1.587 -2.789,1.74 -2.622,1.842 -2.554,1.996 -2.454,2.047 -2.285,2.201 -2.151,2.252 -2.05,2.405 -1.883,2.405 -1.714,2.559 -1.579,2.559 -1.446,2.712 -1.21,2.712 -1.142,2.764 -0.941,2.815 -0.807,2.917 -0.538,2.866 -0.437,2.865 -0.302,2.918 -0.034,2.917 v 0 l 0.034,2.968 0.302,2.917 0.437,2.917 0.538,2.866 0.807,2.866 0.941,2.814 1.142,2.764 1.21,2.763 1.446,2.662 1.579,2.558 1.714,2.559 1.883,2.457 2.05,2.354 2.151,2.252 2.285,2.2 2.454,2.098 2.554,1.894 2.622,1.945 2.789,1.74 2.823,1.586 2.958,1.433 2.991,1.382 3.126,1.228 3.159,1.075 3.261,0.972 3.26,0.819 3.361,0.614 3.361,0.512 3.361,0.46 3.461,0.154 3.395,0.051 v 0 l 3.428,-0.051 3.428,-0.154 3.395,-0.46 3.361,-0.512 3.327,-0.614 3.26,-0.819 3.261,-0.972 3.193,-1.075 3.058,-1.228 3.058,-1.382 2.958,-1.433 2.857,-1.586 2.756,-1.74 2.622,-1.945 2.52,-1.894 2.454,-2.098 2.285,-2.2 2.151,-2.252 2.05,-2.354 1.883,-2.457 1.714,-2.559 1.613,-2.558 1.378,-2.662 1.277,-2.763 1.143,-2.764 0.907,-2.814 0.807,-2.866 0.605,-2.866 0.437,-2.917 0.235,-2.917 z"
+         id="path133" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 478.94,196.23 -0.068,-2.917 -0.235,-2.917 -0.269,-2.866 -0.47,-2.917 -0.605,-2.866 -0.74,-2.814 -0.874,-2.764 -0.941,-2.712 -1.075,-2.712 -1.21,-2.559 -1.311,-2.559 -1.445,-2.405 -1.613,-2.406 -1.647,-2.251 -1.748,-2.201 -1.882,-2.047 -1.882,-1.996 -2.084,-1.842 -2.084,-1.74 -2.218,-1.536 -2.218,-1.586 -2.319,-1.382 -2.42,-1.177 -2.42,-1.075 -2.487,-0.972 -2.521,-0.819 -2.554,-0.665 -2.588,-0.461 -2.555,-0.409 -2.621,-0.256 -2.622,-0.051 v 0 l -2.621,0.051 -2.622,0.256 -2.622,0.409 -2.554,0.461 -2.588,0.665 -2.521,0.819 -2.453,0.972 -2.42,1.075 -2.386,1.177 -2.319,1.382 -2.286,1.586 -2.151,1.536 -2.151,1.74 -2.016,1.842 -1.916,1.996 -1.882,2.047 -1.748,2.201 -1.681,2.251 -1.579,2.406 -1.412,2.405 -1.344,2.559 -1.177,2.559 -1.109,2.712 -0.974,2.712 -0.841,2.764 -0.739,2.814 -0.605,2.866 -0.437,2.917 -0.336,2.866 -0.202,2.917 -0.067,2.917 v 0 l 0.067,2.969 0.202,2.917 0.336,2.917 0.437,2.866 0.605,2.865 0.739,2.815 0.841,2.764 0.974,2.712 1.109,2.712 1.177,2.559 1.344,2.559 1.412,2.405 1.579,2.406 1.681,2.251 1.748,2.201 1.882,2.047 1.916,1.945 2.016,1.842 2.151,1.842 2.151,1.587 2.286,1.433 2.319,1.433 2.386,1.177 2.42,1.074 2.453,0.973 2.521,0.767 2.588,0.666 2.554,0.512 2.622,0.46 2.622,0.154 2.621,0.051 v 0 l 2.622,-0.051 2.621,-0.154 2.555,-0.46 2.588,-0.512 2.554,-0.666 2.521,-0.767 2.487,-0.973 2.42,-1.074 2.42,-1.177 2.319,-1.433 2.218,-1.433 2.218,-1.587 2.084,-1.842 2.084,-1.842 1.882,-1.945 1.882,-2.047 1.748,-2.201 1.647,-2.251 1.613,-2.406 1.445,-2.405 1.311,-2.559 1.21,-2.559 1.075,-2.712 0.941,-2.712 0.874,-2.764 0.74,-2.815 0.605,-2.865 0.47,-2.866 0.269,-2.917 0.235,-2.917 z"
+         id="path135" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 413.703,255.339 -0.034,-2.405 -0.1,-2.406 -0.236,-2.405 -0.302,-2.354 -0.437,-2.252 -0.504,-2.354 -0.538,-2.303 -0.639,-2.2 -0.739,-2.201 -0.84,-2.098 -0.908,-1.996 -0.974,-2.047 -1.042,-1.945 -1.109,-1.893 -1.21,-1.74 -1.244,-1.638 -1.277,-1.689 -1.345,-1.484 -1.445,-1.433 -1.479,-1.33 -1.512,-1.177 -1.58,-1.126 -1.579,-0.973 -1.647,-0.87 -1.681,-0.818 -1.68,-0.615 -1.714,-0.614 -1.782,-0.358 -1.747,-0.307 -1.714,-0.154 -1.782,-0.102 v 0 l -1.781,0.102 -1.781,0.154 -1.748,0.307 -1.714,0.358 -1.748,0.614 -1.714,0.615 -1.647,0.818 -1.613,0.87 -1.647,0.973 -1.58,1.126 -1.512,1.177 -1.479,1.33 -1.411,1.433 -1.378,1.484 -1.278,1.689 -1.243,1.638 -1.177,1.74 -1.142,1.893 -1.042,1.945 -0.975,2.047 -0.907,1.996 -0.773,2.098 -0.74,2.201 -0.638,2.2 -0.605,2.303 -0.504,2.354 -0.37,2.252 -0.303,2.354 -0.269,2.405 -0.134,2.406 v 2.405 0 2.303 l 0.134,2.405 0.269,2.354 0.303,2.355 0.37,2.405 0.504,2.252 0.605,2.251 0.638,2.252 0.74,2.201 0.773,2.098 0.907,2.047 0.975,1.996 1.042,1.945 1.142,1.842 1.177,1.74 1.243,1.689 1.278,1.689 1.378,1.432 1.411,1.433 1.479,1.331 1.512,1.228 1.58,1.126 1.647,0.972 1.613,0.87 1.647,0.768 1.714,0.665 1.748,0.563 1.714,0.461 1.748,0.256 1.781,0.153 1.781,0.103 v 0 l 1.782,-0.103 1.714,-0.153 1.747,-0.256 1.782,-0.461 1.714,-0.563 1.68,-0.665 1.681,-0.768 1.647,-0.87 1.579,-0.972 1.58,-1.126 1.512,-1.228 1.479,-1.331 1.445,-1.433 1.345,-1.432 1.277,-1.689 1.244,-1.689 1.21,-1.74 1.109,-1.842 1.042,-1.945 0.974,-1.996 0.908,-2.047 0.84,-2.098 0.739,-2.201 0.639,-2.252 0.538,-2.251 0.504,-2.252 0.437,-2.405 0.302,-2.355 0.236,-2.354 0.1,-2.405 z"
+         id="path137" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 469.966,300.835 -0.034,-2.61 -0.235,-2.559 -0.37,-2.61 -0.437,-2.559 -0.605,-2.507 -0.706,-2.508 -0.907,-2.457 -0.941,-2.405 -1.143,-2.252 -1.21,-2.354 -1.378,-2.251 -1.445,-2.099 -1.546,-2.098 -1.681,-2.098 -1.781,-1.894 -1.882,-1.842 -1.983,-1.689 -2.084,-1.689 -2.117,-1.484 -2.218,-1.484 -2.32,-1.279 -2.352,-1.229 -2.42,-1.074 -2.454,-0.973 -2.52,-0.818 -2.588,-0.666 -2.555,-0.614 -2.621,-0.512 -2.622,-0.307 -2.655,-0.204 -2.689,-0.052 v 0 l -2.655,0.052 -2.621,0.204 -2.689,0.307 -2.588,0.512 -2.622,0.614 -2.52,0.666 -2.521,0.818 -2.487,0.973 -2.42,1.074 -2.319,1.229 -2.319,1.279 -2.219,1.484 -2.151,1.484 -2.05,1.689 -1.983,1.689 -1.882,1.842 -1.781,1.894 -1.681,2.098 -1.579,2.098 -1.446,2.099 -1.378,2.251 -1.243,2.354 -1.076,2.252 -0.974,2.405 -0.908,2.457 -0.739,2.508 -0.538,2.507 -0.504,2.559 -0.336,2.61 -0.202,2.559 -0.067,2.61 v 0 l 0.067,2.559 0.202,2.61 0.336,2.558 0.504,2.559 0.538,2.508 0.739,2.508 0.908,2.507 0.974,2.406 1.076,2.302 1.243,2.252 1.378,2.252 1.446,2.149 1.579,2.15 1.681,2.047 1.781,1.893 1.882,1.792 1.983,1.74 2.05,1.637 2.151,1.535 2.219,1.485 2.319,1.279 2.319,1.228 2.42,1.024 2.487,0.972 2.521,0.819 2.52,0.716 2.622,0.666 2.588,0.46 2.689,0.307 2.621,0.205 h 2.655 v 0 h 2.689 l 2.655,-0.205 2.622,-0.307 2.621,-0.46 2.555,-0.666 2.588,-0.716 2.52,-0.819 2.454,-0.972 2.42,-1.024 2.352,-1.228 2.32,-1.279 2.218,-1.485 2.117,-1.535 2.084,-1.637 1.983,-1.74 1.882,-1.792 1.781,-1.893 1.681,-2.047 1.546,-2.15 1.445,-2.149 1.378,-2.252 1.21,-2.252 1.143,-2.302 0.941,-2.406 0.907,-2.507 0.706,-2.508 0.605,-2.508 0.437,-2.559 0.37,-2.558 0.235,-2.61 z"
+         id="path139" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 595.969,327.293 -0.135,-3.122 -0.269,-3.121 -0.537,-3.02 -0.706,-3.019 -0.874,-3.02 -1.076,-2.917 -1.277,-2.866 -1.479,-2.917 -1.68,-2.814 -1.815,-2.713 -2.05,-2.61 -2.151,-2.559 -2.353,-2.507 -2.487,-2.405 -2.722,-2.303 -2.756,-2.15 -2.958,-2.098 -3.092,-1.945 -3.16,-1.791 -3.36,-1.689 -3.395,-1.586 -3.529,-1.382 -3.596,-1.331 -3.731,-1.125 -3.731,-1.024 -3.831,-0.819 -3.832,-0.716 -3.966,-0.512 -3.865,-0.358 -3.999,-0.307 h -3.966 v 0 h -3.966 l -3.966,0.307 -3.933,0.358 -3.898,0.512 -3.899,0.716 -3.798,0.819 -3.764,1.024 -3.664,1.125 -3.663,1.331 -3.462,1.382 -3.462,1.586 -3.293,1.689 -3.193,1.791 -3.059,1.945 -2.958,2.098 -2.823,2.15 -2.655,2.303 -2.487,2.405 -2.386,2.507 -2.185,2.559 -2.017,2.61 -1.781,2.713 -1.68,2.814 -1.479,2.917 -1.277,2.866 -1.109,2.917 -0.874,3.02 -0.74,3.019 -0.504,3.02 -0.302,3.121 -0.101,3.122 v 0 l 0.101,2.968 0.302,3.122 0.504,3.019 0.74,3.071 0.874,3.019 1.109,2.917 1.277,2.866 1.479,2.917 1.68,2.815 1.781,2.712 2.017,2.61 2.185,2.662 2.386,2.405 2.487,2.405 2.655,2.252 2.823,2.252 2.958,2.047 3.059,1.944 3.193,1.792 3.293,1.74 3.462,1.484 3.462,1.433 3.663,1.279 3.664,1.126 3.764,1.075 3.798,0.767 3.899,0.717 3.898,0.563 3.933,0.358 3.966,0.307 h 3.966 v 0 h 3.966 l 3.999,-0.307 3.865,-0.358 3.966,-0.563 3.832,-0.717 3.831,-0.767 3.731,-1.075 3.731,-1.126 3.596,-1.279 3.529,-1.433 3.395,-1.484 3.36,-1.74 3.16,-1.792 3.092,-1.944 2.958,-2.047 2.756,-2.252 2.722,-2.252 2.487,-2.405 2.353,-2.405 2.151,-2.662 2.05,-2.61 1.815,-2.712 1.68,-2.815 1.479,-2.917 1.277,-2.866 1.076,-2.917 0.874,-3.019 0.706,-3.071 0.537,-3.019 0.269,-3.122 z"
+         id="path141" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 639.46,187.223 -0.034,-2.251 -0.202,-2.355 -0.369,-2.302 -0.404,-2.252 -0.605,-2.201 -0.672,-2.252 -0.84,-2.2 -0.975,-2.15 -1.042,-2.047 -1.142,-2.098 -1.311,-1.996 -1.412,-1.944 -1.479,-1.792 -1.646,-1.842 -1.681,-1.689 -1.849,-1.586 -1.882,-1.638 -1.949,-1.433 -2.084,-1.33 -2.117,-1.28 -2.151,-1.177 -2.286,-1.075 -2.319,-0.972 -2.352,-0.87 -2.42,-0.768 -2.42,-0.511 -2.487,-0.614 -2.488,-0.41 -2.554,-0.256 -2.521,-0.153 -2.554,-0.103 v 0 l -2.588,0.103 -2.521,0.153 -2.554,0.256 -2.487,0.41 -2.454,0.614 -2.453,0.511 -2.386,0.768 -2.387,0.87 -2.319,0.972 -2.285,1.075 -2.185,1.177 -2.084,1.28 -2.083,1.33 -1.95,1.433 -1.882,1.638 -1.815,1.586 -1.714,1.689 -1.647,1.842 -1.479,1.792 -1.378,1.944 -1.344,1.996 -1.143,2.098 -1.042,2.047 -0.974,2.15 -0.841,2.2 -0.672,2.252 -0.571,2.201 -0.471,2.252 -0.302,2.302 -0.168,2.355 -0.101,2.251 v 0 l 0.101,2.303 0.168,2.303 0.302,2.252 0.471,2.303 0.571,2.252 0.672,2.2 0.841,2.201 0.974,2.149 1.042,2.15 1.143,1.996 1.344,1.944 1.378,1.996 1.479,1.842 1.647,1.74 1.714,1.74 1.815,1.638 1.882,1.535 1.95,1.433 2.083,1.433 2.084,1.28 2.185,1.126 2.285,1.125 2.319,0.922 2.387,0.818 2.386,0.819 2.453,0.614 2.454,0.512 2.487,0.461 2.554,0.204 2.521,0.256 h 2.588 v 0 h 2.554 l 2.521,-0.256 2.554,-0.204 2.488,-0.461 2.487,-0.512 2.42,-0.614 2.42,-0.819 2.352,-0.818 2.319,-0.922 2.286,-1.125 2.151,-1.126 2.117,-1.28 2.084,-1.433 1.949,-1.433 1.882,-1.535 1.849,-1.638 1.681,-1.74 1.646,-1.74 1.479,-1.842 1.412,-1.996 1.311,-1.944 1.142,-1.996 1.042,-2.15 0.975,-2.149 0.84,-2.201 0.672,-2.2 0.605,-2.252 0.404,-2.303 0.369,-2.252 0.202,-2.303 z"
+         id="path143" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 653.71,245.718 -0.101,-2.303 -0.134,-2.303 -0.336,-2.252 -0.437,-2.251 -0.605,-2.303 -0.672,-2.15 -0.807,-2.252 -0.975,-2.098 -1.042,-2.149 -1.142,-1.996 -1.311,-2.047 -1.412,-1.894 -1.445,-1.791 -1.647,-1.893 -1.68,-1.638 -1.748,-1.689 -1.882,-1.535 -2.017,-1.433 -1.983,-1.382 -2.117,-1.279 -2.151,-1.177 -2.252,-1.075 -2.285,-0.921 -2.353,-0.87 -2.42,-0.768 -2.42,-0.614 -2.453,-0.512 -2.521,-0.46 -2.487,-0.205 -2.521,-0.154 -2.521,-0.102 v 0 l -2.554,0.102 -2.487,0.154 -2.521,0.205 -2.453,0.46 -2.454,0.512 -2.453,0.614 -2.387,0.768 -2.319,0.87 -2.319,0.921 -2.252,1.075 -2.151,1.177 -2.117,1.279 -2.05,1.382 -1.916,1.433 -1.882,1.535 -1.849,1.689 -1.68,1.638 -1.58,1.893 -1.445,1.791 -1.412,1.894 -1.277,2.047 -1.21,1.996 -1.042,2.149 -0.907,2.098 -0.84,2.252 -0.74,2.15 -0.538,2.303 -0.437,2.251 -0.336,2.252 -0.201,2.303 -0.034,2.303 v 0 l 0.034,2.303 0.201,2.354 0.336,2.252 0.437,2.251 0.538,2.252 0.74,2.201 0.84,2.252 0.907,2.098 1.042,2.047 1.21,2.098 1.277,1.945 1.412,1.945 1.445,1.842 1.58,1.791 1.68,1.74 1.849,1.586 1.882,1.587 1.916,1.433 2.05,1.33 2.117,1.28 2.151,1.177 2.252,1.075 2.319,0.972 2.319,0.921 2.387,0.768 2.453,0.512 2.454,0.614 2.453,0.358 2.521,0.307 2.487,0.154 2.554,0.051 v 0 l 2.521,-0.051 2.521,-0.154 2.487,-0.307 2.521,-0.358 2.453,-0.614 2.42,-0.512 2.42,-0.768 2.353,-0.921 2.285,-0.972 2.252,-1.075 2.151,-1.177 2.117,-1.28 1.983,-1.33 2.017,-1.433 1.882,-1.587 1.748,-1.586 1.68,-1.74 1.647,-1.791 1.445,-1.842 1.412,-1.945 1.311,-1.945 1.142,-2.098 1.042,-2.047 0.975,-2.098 0.807,-2.252 0.672,-2.201 0.605,-2.252 0.437,-2.251 0.336,-2.252 0.134,-2.354 z"
+         id="path145" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 643.963,294.08 -0.067,-3.736 -0.202,-3.839 -0.268,-3.684 -0.437,-3.787 -0.572,-3.685 -0.706,-3.633 -0.806,-3.583 -0.975,-3.531 -1.042,-3.429 -1.109,-3.377 -1.277,-3.276 -1.412,-3.122 -1.478,-3.07 -1.614,-2.917 -1.68,-2.815 -1.748,-2.712 -1.882,-2.559 -1.916,-2.303 -2.05,-2.252 -2.084,-2.047 -2.151,-1.944 -2.184,-1.74 -2.286,-1.638 -2.319,-1.433 -2.42,-1.228 -2.386,-0.973 -2.487,-0.921 -2.454,-0.665 -2.453,-0.461 -2.487,-0.307 -2.521,-0.051 v 0 l -2.521,0.051 -2.487,0.307 -2.521,0.461 -2.453,0.665 -2.42,0.921 -2.454,0.973 -2.352,1.228 -2.319,1.433 -2.286,1.638 -2.252,1.74 -2.151,1.944 -2.084,2.047 -1.983,2.252 -1.983,2.303 -1.848,2.559 -1.781,2.712 -1.681,2.815 -1.58,2.917 -1.512,3.07 -1.344,3.122 -1.278,3.276 -1.176,3.377 -1.042,3.429 -0.907,3.531 -0.807,3.583 -0.706,3.633 -0.571,3.685 -0.437,3.787 -0.336,3.684 -0.202,3.839 -0.067,3.736 v 0 l 0.067,3.787 0.202,3.838 0.336,3.685 0.437,3.735 0.571,3.787 0.706,3.583 0.807,3.531 0.907,3.582 1.042,3.378 1.176,3.378 1.278,3.326 1.344,3.122 1.512,3.019 1.58,2.968 1.681,2.815 1.781,2.661 1.848,2.559 1.983,2.405 1.983,2.201 2.084,2.098 2.151,1.894 2.252,1.791 2.286,1.586 2.319,1.433 2.352,1.177 2.454,1.075 2.42,0.819 2.453,0.665 2.521,0.461 2.487,0.307 2.521,0.153 v 0 l 2.521,-0.153 2.487,-0.307 2.453,-0.461 2.454,-0.665 2.487,-0.819 2.386,-1.075 2.42,-1.177 2.319,-1.433 2.286,-1.586 2.184,-1.791 2.151,-1.894 2.084,-2.098 2.05,-2.201 1.916,-2.405 1.882,-2.559 1.748,-2.661 1.68,-2.815 1.614,-2.968 1.478,-3.019 1.412,-3.122 1.277,-3.326 1.109,-3.378 1.042,-3.378 0.975,-3.582 0.806,-3.531 0.706,-3.583 0.572,-3.787 0.437,-3.735 0.268,-3.685 0.202,-3.838 z"
+         id="path147" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 601.212,249.096 -0.135,-3.839 -0.403,-3.684 -0.639,-3.839 -0.873,-3.684 -1.143,-3.685 -1.412,-3.685 -1.647,-3.582 -1.915,-3.531 -2.084,-3.429 -2.353,-3.326 -2.621,-3.327 -2.79,-3.173 -3.025,-2.968 -3.226,-2.968 -3.429,-2.866 -3.562,-2.661 -3.798,-2.508 -3.966,-2.405 -4.067,-2.252 -4.268,-2.098 -4.403,-1.894 -4.504,-1.791 -4.604,-1.586 -4.706,-1.382 -4.84,-1.177 -4.907,-1.075 -4.94,-0.819 -5.008,-0.665 -5.042,-0.563 -5.075,-0.256 -5.142,-0.102 v 0 l -5.075,0.102 -5.075,0.256 -5.042,0.563 -5.041,0.665 -4.941,0.819 -4.907,1.075 -4.806,1.177 -4.705,1.382 -4.672,1.586 -4.437,1.791 -4.402,1.894 -4.302,2.098 -4.101,2.252 -3.899,2.405 -3.831,2.508 -3.596,2.661 -3.361,2.866 -3.26,2.968 -3.025,2.968 -2.756,3.173 -2.622,3.327 -2.319,3.326 -2.117,3.429 -1.95,3.531 -1.613,3.582 -1.378,3.685 -1.21,3.685 -0.874,3.684 -0.638,3.839 -0.404,3.684 -0.101,3.839 v 0 l 0.101,3.735 0.404,3.787 0.638,3.736 0.874,3.787 1.21,3.685 1.378,3.634 1.613,3.531 1.95,3.582 2.117,3.48 2.319,3.327 2.622,3.224 2.756,3.173 3.025,3.07 3.26,2.917 3.361,2.815 3.596,2.712 3.831,2.559 3.899,2.405 4.101,2.252 4.302,1.996 4.402,1.996 4.437,1.689 4.672,1.586 4.705,1.433 4.806,1.228 4.907,1.024 4.941,0.87 5.041,0.665 5.042,0.461 5.075,0.358 5.075,0.051 v 0 l 5.142,-0.051 5.075,-0.358 5.042,-0.461 5.008,-0.665 4.94,-0.87 4.907,-1.024 4.84,-1.228 4.706,-1.433 4.604,-1.586 4.504,-1.689 4.403,-1.996 4.268,-1.996 4.067,-2.252 3.966,-2.405 3.798,-2.559 3.562,-2.712 3.429,-2.815 3.226,-2.917 3.025,-3.07 2.79,-3.173 2.621,-3.224 2.353,-3.327 2.084,-3.48 1.915,-3.582 1.647,-3.531 1.412,-3.634 1.143,-3.685 0.873,-3.787 0.639,-3.736 0.403,-3.787 z"
+         id="path149" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 517.994,165.32 66.514,-12.897 -0.841,-2.814 -1.041,-2.866 -1.143,-2.815 -1.378,-2.712 -1.479,-2.61 -1.68,-2.661 -1.748,-2.508 -2.017,-2.405 -2.05,-2.354 -2.218,-2.252 -2.387,-2.15 -2.487,-1.995 -2.621,-1.945 -2.723,-1.894 -2.823,-1.689 -2.924,-1.535 -2.958,-1.535 -3.125,-1.28 -3.16,-1.177 -3.192,-1.074 -3.328,-0.921 -3.327,-0.717 -3.361,-0.665 -3.395,-0.461 -3.428,-0.307 -3.462,-0.153 h -3.428 l -3.462,0.153 -3.462,0.205 -3.361,0.409 -3.394,0.666 -3.361,0.665 -3.327,0.921 -3.261,0.972 -3.159,1.126 -3.092,1.28 -3.058,1.433 -2.958,1.484 -2.79,1.689 -2.756,1.791 -2.655,1.893 -2.521,1.996 -2.386,2.15 -2.252,2.251 -2.151,2.303 -2.016,2.405 -1.883,2.508 -1.714,2.559 -1.478,2.712 -1.446,2.61 -1.243,2.815 -1.042,2.764 -0.874,2.865 -0.739,2.866 z"
+         id="path151" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 584.508,152.321 -0.874,-2.866 -1.008,-2.815 -1.177,-2.814 -1.344,-2.661 -1.546,-2.662 -1.647,-2.61 -1.781,-2.507 -2.017,-2.406 -2.084,-2.302 -2.151,-2.252 -2.42,-2.252 -2.42,-1.996 -2.655,-1.945 -2.722,-1.791 -2.79,-1.791 -2.924,-1.535 -2.991,-1.433 -3.126,-1.331 -3.159,-1.126 -3.159,-1.074 -3.328,-0.921 -3.361,-0.717 -3.361,-0.665 -3.394,-0.461 -3.395,-0.307 -3.495,-0.153 h -3.429 l -3.428,0.153 -3.428,0.205 -3.428,0.409 -3.361,0.666 -3.361,0.614 -3.294,0.87 -3.226,1.074 -3.227,1.126 -3.058,1.28 -3.059,1.433 -2.924,1.484 -2.857,1.637 -2.722,1.843 -2.655,1.893 -2.521,1.945 -2.386,2.149 -2.286,2.201 -2.151,2.354 -2.016,2.405 -1.815,2.457 -1.748,2.661 -1.512,2.559 -1.412,2.712 -1.21,2.712 -1.109,2.815 -0.874,2.866 -0.706,2.866"
+         id="path153" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 427.55,195.667 33.543,-44.779 -2.084,-1.842 -2.185,-1.74 -2.218,-1.536 -2.285,-1.535 -2.319,-1.33 -2.42,-1.229 -2.488,-1.023 -2.453,-0.973 -2.588,-0.767 -2.554,-0.665 -2.622,-0.461 -2.621,-0.358 -2.622,-0.205 h -2.622 l -2.655,0.102 -2.621,0.307 -2.622,0.359 -2.588,0.563 -2.554,0.716 -2.521,0.819 -2.521,0.972 -2.419,1.126 -2.42,1.28 -2.319,1.381 -2.252,1.536 -2.151,1.688 -2.151,1.792 -2.017,1.842 -1.916,2.047 -1.882,2.098 -1.748,2.252 -1.613,2.252 -1.546,2.456 -1.411,2.457 -1.345,2.558 -1.176,2.662 -1.109,2.712 -0.941,2.712 -0.841,2.815 -0.672,2.866 -0.538,2.866 -0.47,2.968 -0.336,2.968 -0.135,2.917 -0.067,2.917 0.101,2.969 0.202,3.019 0.403,2.866 z"
+         id="path155" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 460.925,150.735 -2.084,-1.843 -2.118,-1.689 -2.218,-1.586 -2.319,-1.433 -2.386,-1.382 -2.386,-1.177 -2.454,-1.075 -2.521,-0.921 -2.52,-0.716 -2.622,-0.665 -2.588,-0.461 -2.588,-0.358 -2.621,-0.205 h -2.689 l -2.555,0.102 -2.621,0.307 -2.689,0.359 -2.554,0.614 -2.521,0.665 -2.588,0.921 -2.453,0.921 -2.42,1.177 -2.387,1.28 -2.352,1.382 -2.252,1.535 -2.151,1.689 -2.084,1.74 -2.017,1.944 -1.983,1.945 -1.781,2.201 -1.781,2.149 -1.647,2.354 -1.512,2.354 -1.446,2.457 -1.277,2.61 -1.176,2.661 -1.109,2.712 -0.975,2.713 -0.807,2.866 -0.672,2.763 -0.605,2.917 -0.403,2.968 -0.336,2.917 -0.135,2.917 -0.067,2.969 0.168,2.917 0.202,2.968 0.336,2.968"
+         id="path157" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 418.207,300.272 -53.978,-1.587 v 2.713 l 0.101,2.559 0.269,2.712 0.437,2.559 0.504,2.61 0.639,2.661 0.84,2.456 0.874,2.508 1.109,2.457 1.176,2.354 1.244,2.405 1.479,2.252 1.479,2.2 1.68,2.099 1.714,2.047 1.849,1.944 1.983,1.791 2.016,1.74 2.118,1.74 2.218,1.485 2.285,1.432 2.387,1.382 2.42,1.126 2.419,1.126 2.555,0.972 2.588,0.819 2.621,0.665 2.656,0.615 2.655,0.46 2.688,0.307 2.723,0.154 h 2.756 l 2.655,-0.103 2.722,-0.204 2.689,-0.307 2.655,-0.461 2.689,-0.665 2.554,-0.768 2.622,-0.819 2.454,-1.074 2.487,-1.024 2.42,-1.279 2.285,-1.382 2.319,-1.484 2.118,-1.587 2.117,-1.637 z"
+         id="path159" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 364.297,298.685 -0.101,2.61 0.202,2.662 0.201,2.61 0.437,2.661 0.504,2.559 0.672,2.61 0.807,2.558 0.941,2.508 1.042,2.405 1.109,2.406 1.311,2.303 1.378,2.303 1.58,2.149 1.613,2.201 1.748,1.944 1.814,1.945 1.95,1.893 2.016,1.74 2.118,1.638 2.218,1.535 2.286,1.433 2.319,1.331 2.42,1.228 2.52,1.126 2.487,0.87 2.555,0.819 2.621,0.767 2.689,0.512 2.655,0.563 2.655,0.205 2.723,0.256 h 2.722 2.689 l 2.689,-0.256 2.689,-0.358 2.655,-0.461 2.688,-0.614 2.555,-0.717 2.621,-0.87 2.487,-1.023 2.42,-1.126 2.42,-1.228 2.319,-1.331 2.319,-1.433 2.185,-1.586 2.05,-1.638"
+         id="path161" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 589.952,186.149 47.491,14.79 0.807,-2.201 0.605,-2.201 0.571,-2.251 0.336,-2.303 0.336,-2.303 0.067,-2.303 v -2.354 l -0.067,-2.252 -0.269,-2.303 -0.369,-2.303 -0.538,-2.252 -0.639,-2.251 -0.739,-2.15 -0.874,-2.2 -1.008,-2.099 -1.143,-2.098 -1.277,-2.047 -1.311,-1.945 -1.445,-1.893 -1.546,-1.791 -1.647,-1.843 -1.815,-1.637 -1.815,-1.587 -1.983,-1.484 -1.983,-1.433 -2.084,-1.279 -2.151,-1.28 -2.252,-1.126 -2.285,-1.023 -2.353,-0.921 -2.42,-0.768 -2.386,-0.665 -2.521,-0.614 -2.487,-0.461 -2.52,-0.358 -2.555,-0.154 -2.521,-0.153 h -2.52 l -2.555,0.153 -2.554,0.205 -2.487,0.358 -2.521,0.461 -2.487,0.563 -2.453,0.716 z"
+         id="path163" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 633.074,209.28 4.335,-8.239 0.807,-2.149 0.639,-2.252 0.504,-2.252 0.403,-2.303 0.269,-2.303 0.101,-2.252 0.033,-2.405 -0.1,-2.252 -0.236,-2.303 -0.369,-2.303 -0.538,-2.251 -0.639,-2.252 -0.706,-2.201 -0.873,-2.098 -1.042,-2.2 -1.143,-2.099 -1.176,-2.047 -1.378,-1.944 -1.446,-1.894 -1.546,-1.842 -1.646,-1.74 -1.748,-1.638 -1.849,-1.638 -1.915,-1.535 -2.051,-1.382 -2.083,-1.33 -2.152,-1.228 -2.251,-1.024 -2.286,-1.075 -2.319,-0.972 -2.386,-0.819 -2.454,-0.665 -2.42,-0.614 -2.487,-0.461 -2.52,-0.307 -2.555,-0.205 -2.554,-0.153 h -2.588 l -2.521,0.153 -2.554,0.205 -2.521,0.307 -2.487,0.461 -2.454,0.563 -2.453,0.716"
+         id="path165" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 596.708,246.281 53.473,18.73 1.076,-2.456 0.874,-2.405 0.806,-2.559 0.639,-2.559 0.437,-2.559 0.302,-2.559 0.101,-2.661 v -2.61 l -0.202,-2.61 -0.302,-2.559 -0.538,-2.61 -0.639,-2.507 -0.84,-2.508 -0.907,-2.508 -1.143,-2.405 -1.277,-2.303 -1.378,-2.354 -1.58,-2.303 -1.68,-2.149 z"
+         id="path167" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 643.392,273.507 6.722,-8.393 1.008,-2.406 1.009,-2.558 0.773,-2.508 0.638,-2.61 0.437,-2.559 0.336,-2.559 0.135,-2.661 -0.034,-2.61 -0.202,-2.661 -0.369,-2.559 -0.471,-2.559 -0.639,-2.558 -0.84,-2.559 -0.941,-2.508 -1.176,-2.456 -1.244,-2.303 -1.479,-2.354 -1.512,-2.252 -1.714,-2.15 -10.755,-8.444"
+         id="path169" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 594.456,295.717 -16.872,71.084 2.487,1.126 2.521,1.024 2.521,0.767 2.621,0.614 2.555,0.461 2.554,0.205 h 2.655 l 2.588,-0.205 2.554,-0.307 2.588,-0.614 2.521,-0.768 2.521,-0.87 2.487,-1.126 2.453,-1.381 2.353,-1.485 2.353,-1.688 2.285,-1.843 2.218,-2.047 2.152,-2.098 2.05,-2.405 1.949,-2.508 1.882,-2.61 1.815,-2.815 1.714,-2.917 1.546,-3.019 1.479,-3.173 1.412,-3.224 1.243,-3.378 1.109,-3.377 1.042,-3.532 0.874,-3.633 0.807,-3.685 0.638,-3.685 0.538,-3.787 0.336,-3.735 0.303,-3.839 0.067,-3.838 v -3.838 l -0.134,-3.838 -0.269,-3.839 -0.404,-3.787 -0.504,-3.736 -0.672,-3.684 z"
+         id="path171" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 577.719,366.852 2.52,1.229 2.487,0.972 2.555,0.819 2.554,0.512 2.622,0.409 2.554,0.205 2.588,0.102 2.588,-0.307 2.621,-0.307 2.555,-0.614 2.52,-0.768 2.521,-0.972 2.487,-1.126 2.42,-1.331 2.42,-1.535 2.319,-1.638 2.252,-1.791 2.185,-2.047 2.151,-2.252 2.05,-2.354 1.949,-2.559 1.882,-2.61 1.815,-2.712 1.681,-2.968 1.613,-3.071 1.412,-3.07 1.411,-3.327 1.244,-3.377 1.109,-3.378 1.008,-3.531 0.908,-3.685 0.806,-3.633 0.605,-3.736 0.538,-3.736 0.403,-3.736 0.236,-3.838 0.067,-3.838 v -3.839 l -0.168,-3.838 -0.235,-3.838 -0.437,-3.787 -0.572,-3.736 -0.571,-3.685"
+         id="path173" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 380.698,255.339 -2.554,-48.259 -1.882,0.256 -1.782,0.307 -1.882,0.511 -1.815,0.615 -1.781,0.716 -1.748,0.921 -1.714,0.87 -1.68,1.177 -1.681,1.126 -1.579,1.28 -1.546,1.433 -1.479,1.484 -1.445,1.586 -1.311,1.74 -1.311,1.74 -1.21,1.842 -1.143,1.945 -1.042,2.047 -1.042,2.047 -0.907,2.201 -0.773,2.252 -0.739,2.251 -0.706,2.252 -0.538,2.354 -0.437,2.406 -0.403,2.405 -0.303,2.456 -0.134,2.508 -0.101,2.405 v 2.457 l 0.101,2.405 0.201,2.508 0.303,2.405 0.336,2.405 0.504,2.405 0.538,2.355 0.672,2.303 0.74,2.251 0.84,2.201 0.907,2.2 1.042,1.996 1.042,2.047 1.176,1.945 1.244,1.842 1.277,1.792 1.378,1.637 1.445,1.587 1.479,1.535 1.58,1.382 1.546,1.279 1.68,1.177 z"
+         id="path175" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 378.144,207.08 -1.781,0.256 -1.849,0.307 -1.815,0.511 -1.748,0.563 -1.781,0.717 -1.748,0.768 -1.68,0.972 -1.647,1.023 -1.647,1.126 -1.512,1.28 -1.58,1.381 -1.445,1.433 -1.412,1.536 -1.344,1.688 -1.345,1.74 -1.176,1.74 -1.176,1.945 -1.042,1.945 -1.008,2.047 -0.874,2.098 -0.841,2.15 -0.806,2.149 -0.672,2.252 -0.605,2.303 -0.504,2.354 -0.37,2.354 -0.37,2.405 -0.202,2.405 -0.134,2.406 v 2.405 2.405 l 0.202,2.406 0.201,2.405 0.303,2.405 0.437,2.354 0.437,2.303 0.605,2.252 0.739,2.354 0.739,2.201 0.841,2.098 0.941,2.098 0.974,2.047 1.042,1.945 1.143,1.893 1.244,1.792 1.31,1.74 1.345,1.637 1.445,1.536 1.412,1.484 1.546,1.33 1.579,1.229 1.614,1.177"
+         id="path177" />
+      <path
+         style="fill:#b6c7c9;fill-opacity:1;stroke:none"
+         fill-rule="evenodd"
+         d="m 516.851,332.82 -76.495,5.578 0.504,2.815 0.638,2.866 0.874,2.763 1.109,2.713 1.177,2.61 1.445,2.661 1.579,2.559 1.782,2.559 1.983,2.405 2.117,2.405 2.218,2.252 2.454,2.2 2.554,2.099 2.723,2.047 2.856,1.842 2.958,1.842 3.159,1.638 3.16,1.638 3.327,1.433 3.395,1.381 3.562,1.126 3.563,1.126 3.596,0.921 3.764,0.819 3.765,0.666 3.798,0.511 3.764,0.41 3.865,0.204 3.899,0.154 h 3.831 l 3.899,-0.205 3.832,-0.307 3.797,-0.46 3.765,-0.666 3.764,-0.716 3.63,-0.87 3.63,-1.075 3.529,-1.023 3.495,-1.28 3.361,-1.433 3.227,-1.535 3.159,-1.638 3.059,-1.791 2.924,-1.842 2.789,-1.945 2.588,-2.047 2.521,-2.149 2.319,-2.252 2.218,-2.354 2.05,-2.406 1.815,-2.405 1.681,-2.559 1.546,-2.661 1.311,-2.61 z"
+         id="path179" />
+      <path
+         style="fill:none;stroke:#6c8f93;stroke-width:0.02;stroke-opacity:1"
+         d="m 440.423,338.501 0.437,2.763 0.672,2.815 0.84,2.763 1.109,2.713 1.244,2.712 1.378,2.559 1.613,2.559 1.748,2.559 1.983,2.405 2.117,2.405 2.218,2.252 2.454,2.2 2.621,2.099 2.656,2.047 2.856,1.842 2.958,1.842 3.159,1.638 3.16,1.587 3.327,1.484 3.395,1.381 3.495,1.126 3.563,1.126 3.63,0.921 3.764,0.819 3.731,0.666 3.797,0.46 3.798,0.461 3.832,0.204 3.865,0.154 3.865,-0.051 3.832,-0.154 3.831,-0.409 3.865,-0.358 3.765,-0.666 3.697,-0.767 3.697,-0.819 3.596,-0.973 3.529,-1.125 3.462,-1.28 3.327,-1.433 3.294,-1.535 3.159,-1.587 3.025,-1.688 2.924,-1.894 2.756,-1.945 2.689,-2.047 2.487,-2.251 2.353,-2.201 2.218,-2.354 1.983,-2.303 1.882,-2.559 1.681,-2.507 1.478,-2.61 1.378,-2.662"
+         id="path181" />

(Diff truncated)
that svg is a JPEG
diff --git "a/services/r\303\251seau/plan.jpg" "b/services/r\303\251seau/plan.jpg"
new file mode 100644
index 00000000..dab7ef3c
Binary files /dev/null and "b/services/r\303\251seau/plan.jpg" differ
diff --git "a/services/r\303\251seau/plan.svg" "b/services/r\303\251seau/plan.svg"
index dab7ef3c..7c1a1159 100644
Binary files "a/services/r\303\251seau/plan.svg" and "b/services/r\303\251seau/plan.svg" differ

plastik is retired
diff --git a/hardware/server/plastik.mdwn b/hardware/server/plastik.mdwn
index 54e2c77b..a11483f4 100644
--- a/hardware/server/plastik.mdwn
+++ b/hardware/server/plastik.mdwn
@@ -1,4 +1,4 @@
-Plastik est un point d'accès dans la maison. Il est configuré en
+Plastik était un point d'accès dans la maison. Il est configuré en
 bridge pour étendre le réseau wifi, mais doit être connecté par fil,
 dans un des ports LAN, afin de fonctionne (ie. il ne "mesh" pas avec
 les autres points d'accès).

add headings, document ente.io
diff --git a/blog/mobile-massive-gallery.md b/blog/mobile-massive-gallery.md
index f4e7ae49..fd343fb0 100644
--- a/blog/mobile-massive-gallery.md
+++ b/blog/mobile-massive-gallery.md
@@ -1,3 +1,4 @@
+## nextcloud
 
 docker-compose -f compose-nextcloud.yml up -d
 docker-compose -f compose-nextcloud.yml down -v
@@ -34,6 +35,8 @@ https://gitlab.com/steviehs/digipics might help in fixing the "albums"?
 possibly alternative by bohwaz https://github.com/kd2org/karadav/
 https://mamot.fr/@bohwaz/109890893734823557
 
+## photoprism
+
 https://www.photoprism.app/
 
 lack of mobile app
@@ -89,6 +92,7 @@ rescan --force
 INFO[2023-02-20T17:54:11Z] indexed 82,692 files in 1h10m28.674348629s   
 ```
 
+## others
 
 https://arstechnica.com/gadgets/2021/06/the-big-alternatives-to-google-photos-showdown/
 
@@ -105,6 +109,8 @@ https://github.com/LibrePhotos/librephotos [mobile apps](https://docs.librephoto
 [piwigo](https://github.com/Piwigo/) has a [mobile app](https://github.com/Piwigo/Piwigo-Android) but is struggling to keep it up to
 date.
 
+## photochiotte
+
 [PhotoChiotte](https://gitlab.com/LaDaubePhotoChiotte/photochiotte) has an awful name but seems like a clever
 solution. All the logic is inside the mobile app and the server is a
 "dumb" web server with pregenerated thumbnails. It could be a great
@@ -135,4 +141,45 @@ consider tls client certs.
 
 update: https://apps.nextcloud.com/apps/memories seems to do what we need
 
+## ente
+
+[ente](https://ente.io/) just (March 2024) just open-sourced their server and it's
+interesting: a relatively generic API (Go + PostgreSQL) server backed
+by MinIO object storage backends. They're mostly a business that wants
+to host your data, but now it's also clearly an option.
+
+Desktop app is Electron (appimage, [not on Flathub](https://flathub.org/en-GB/apps/search?q=ente)), but they have
+a decent web app as well. Trick is we have a large collection that
+would cost somewhere between 13$ (500GB) and 30$/mth (2TB) to host on
+their servers, so that might be impractical for us, even cost-wise.
+
+Best would be if they would have some sort of CLI sync that would
+allow us to sync a local copy, but then maybe that's exactly the
+mentality we need to switch away from: just don't keep everything
+locally and sync as needed.
+
+Unclear how the mobile app works, but it does have a very exciting
+"free up device space" button that probably removes files that were
+already uploaded remotely. This would *really* help with the
+phone-to-archive workflow.
+
+I haven't tried submitting the stack to the entirety of my collection
+just yet, as I only tested the 1GB free trial. It looks pretty fast
+though, and the interface feels snappier than Photoprism's,
+*especially* since there's a native app for the phone.
+
+Still, this would mean a *major* shift (away from git-annex,
+specifically) for photo management, towards object storage
+(basically), fully encrypted (which means keys are suddenly a huge
+concern). Not sure.
+
+I like the simple design (one golang app + postgresql) especially when
+compared to Immich (2 microservices in Typescript/Dart, Redis,
+PostgreSQL).
+
+## immich
+
+complicated, lots of microservices, unsure if i want to embark on
+testing again.
+
 [[!tag draft]]

another imap sync tool
diff --git a/blog/2021-11-21-mbsync-vs-offlineimap.md b/blog/2021-11-21-mbsync-vs-offlineimap.md
index b7f5c044..d4b29a30 100644
--- a/blog/2021-11-21-mbsync-vs-offlineimap.md
+++ b/blog/2021-11-21-mbsync-vs-offlineimap.md
@@ -1048,6 +1048,7 @@ Those are all the options I have considered, in alphabetical order
    server, and written in C
  * [getmail](https://pyropus.ca./software/getmail/): fetchmail replacement, IMAP/POP3 support, supports
    incremental runs, classification rules, Python
+ * [imapsync](https://imapsync.lamiral.info/): one-way only, has another [list of alternatives](https://imapsync.lamiral.info/S/external.shtml)
  * [interimap](https://guilhem.org/interimap/): syncs two IMAP servers, [apparently faster](https://guilhem.org/interimap/benchmark.html) than
    `doveadm` and `offlineimap`, but requires running an IMAP server
    locally, Perl

move router alternatives in the main router page
This way it will be easier to find
diff --git a/hardware/margaret.md b/hardware/margaret.md
index f06743cb..c87087bd 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -276,4 +276,54 @@ network in case of a hardware failure. Two options are possible:
    `profile::router` Puppet class
  * use any darn PC with two network cards with the above
 
+# Alternatives
+
+In the [[service/wifi]] replacement project, I evaluated a bunch of
+options for core router replacement.
+
+## Qotom
+
+Qotom might be cheaper, and the [Q190G4U S01](https://qotom.net/product/35.html) is about as simple as
+it gets, but it means buying on [Amazon.com](https://www.amazon.com/Q190G4U-S01-Celeron-Processor-onboard-Fanless/dp/B072FQQVLQ) which refuses to ship
+to Canada for this product, or [Aliexpress](https://fr.aliexpress.com/i/32919359402.html?gatewayAdapt=glo2fra) (280$, so not actually
+cheaper). Problem with Qotom is their model line is utterly confusing,
+for example I found the above on their site, but Aliexpress has [this
+model](https://fr.aliexpress.com/item/1005004093716962.html) for 233$. Go figure. Serve the home has a [good review](https://www.servethehome.com/the-everything-fanless-home-server-firewall-router-and-nas-appliance-qotom-qnap-teamgroup/)
+of the [Qotom Q20332G9-S10](https://www.qotom.net/product/RouterPC_Q20331G9S10.html) (4x2.5G 4xSFP+ 10G). I was also
+recommended [this 4x2.5G router](https://www.aliexpress.com/item/1005004360072281.html). 
+
+## Turris
+
+The Turris Omnia is the device that was used as a core router before
+([[octavia]]), so getting a *second* device might have made sense
+here. Unfortunately, they were too [hard to find](https://forum.turris.cz/t/turris-omnia-availability/19478), (e.g. [B/O at
+Amazon](https://www.amazon.com/Turris-hi-Performance-printserver-Virtual-Dual-core/dp/B07XCKK146)). 
+
+Turris are saying they will publish a new "entreprise-ready" board
+soon, in the meantime [Discomp has some in stock and should ship
+internationally](https://www.discomp.cz/turris-omnia-2020-rtrom01-fcc-silver_d94042.html) for 262.95EUR or 390$CAD, quite reasonable,
+actually...
+
+## Others
+
+If we fail to get an Omnia, we need to [find a OpenWRT-supported SFP
+router](https://openwrt.org/toh/views/toh_sfp_ports). The [MicroTik hAP ac](https://mikrotik.com/product/RB962UiGS-5HacT2HnT) maybe? [Nope](https://forum.openwrt.org/t/mikrotik-hap-ac-tftp-kernel-image-booting-fixed-sfp-fixed-poe-in-fixed-poe-out-fixed-slow-switch-not-fixed/134302/34). Other options:
+
+ * SuperMicro has a series they call "IoT", e.g. [2 gbit 2SFP Xeon
+   SATA PCIe](https://www.supermicro.com/en/products/system/iot/mini-itx/sys-e200-12d-4c), a bit overkill, and not enough ports to act as a
+   switch
+ * Protectli has interesting series, e.g. [4x2.5gbit switch + wifi](https://ca.protectli.com/product/fw4c/)
+   and coreboot, but no SFP
+ * Qotom has a [4xSFP+ 5x2.5gbit beast](https://www.qotom.net/product/RouterPC_Q20331G9S10.html), but no wifi
+
+One option is to move the Omnia to the office and replace the core
+router with something beefier, and add a new AP downstairs.
+
+Another Omnia replacement is the replacement [Sophos series](https://www.sophos.com/en-us/products/unified-threat-management/tech-specs), which
+we were [recommended](https://forum.openwrt.org/t/recommendations-for-a-gigabit-bridge-possibly-with-sfp/177592/8?u=anarcat) the Sophos 105w Rev 3 and so on. It's
+surprisingly similar to the Omnia...
+
+[This 2021 review](https://homenetworkguy.com/review/opnsense-hardware-recommendations/) also includes Protectli and Qotom products,
+among others.
+
 [[!tag node]]
diff --git a/services/wifi.mdwn b/services/wifi.mdwn
index 7969d362..cc641dc0 100644
--- a/services/wifi.mdwn
+++ b/services/wifi.mdwn
@@ -290,29 +290,9 @@ how the [10GBASE-LX4](https://en.wikipedia.org/wiki/10_Gigabit_Ethernet#10GBASE-
  * four 1" PVC elbows: 4×[4.42$ at HD](https://www.homedepot.ca/product/carlon-schedule-40-grey-pvc-90-degree-1-in-elbow/1000410488) (17.68$)
  * safety tape, 200'×3": [11.98$ at HD](https://www.homedepot.ca/product/empire-3-inch-x-200-ft-danger-tape-in-red/1000836124)
  * SFP LC SMF module: [14$ at FS](https://www.fs.com/products/75335.html?attribute=1464&id=561932) and [19$ at FS](https://www.fs.com/products/75336.html) (33$)
- * wifi router: the Turris Omnia is [hard to find](https://forum.turris.cz/t/turris-omnia-availability/19478),
-   (e.g. [B/O at Amazon](https://www.amazon.com/Turris-hi-Performance-printserver-Virtual-Dual-core/dp/B07XCKK146)), they are saying they will publish a new
-   "entreprise-ready" board soon, in the meantime [Discomp has some in
-   stock and should ship internationally](https://www.discomp.cz/turris-omnia-2020-rtrom01-fcc-silver_d94042.html) for 262.95EUR or 390$CAD,
-   quite reasonable
+ * wifi router
  * total: 296.30 + about 400$ for a new router
 
-If we fail to get an Omnia, we need to [find a OpenWRT-supported SFP
-router](https://openwrt.org/toh/views/toh_sfp_ports). The [MicroTik hAP ac](https://mikrotik.com/product/RB962UiGS-5HacT2HnT) maybe? [Nope](https://forum.openwrt.org/t/mikrotik-hap-ac-tftp-kernel-image-booting-fixed-sfp-fixed-poe-in-fixed-poe-out-fixed-slow-switch-not-fixed/134302/34). Other options:
-
- * SuperMicro has a series they call "IoT", e.g. [2 gbit 2SFP Xeon
-   SATA PCIe](https://www.supermicro.com/en/products/system/iot/mini-itx/sys-e200-12d-4c), a bit overkill, not enough ports for a switch
- * Protectli has interesting series, e.g. [4x2.5gbit switch + wifi](https://ca.protectli.com/product/fw4c/)
-   and coreboot, but no SFP
- * Qotom has a [4xSFP+ 5x2.5gbit beast](https://www.qotom.net/product/RouterPC_Q20331G9S10.html), but no wifi
-
-One option is to move the Omnia to the office and replace the core
-router with something beefier, and add a new AP downstairs.
-
-Another Omnia replacement is the replacement [Sophos series](https://www.sophos.com/en-us/products/unified-threat-management/tech-specs), which
-we were [recommended](https://forum.openwrt.org/t/recommendations-for-a-gigabit-bridge-possibly-with-sfp/177592/8?u=anarcat) the Sophos 105w Rev 3 and so on. It's
-surprisingly similar to the Omnia...
-
 ### copper build
 
 The SFP/fiber requirement complicates significantly that setup so we
@@ -397,16 +377,6 @@ Notes:
  * [[hardware/rosa]] can serve as a replacement for the omnia if we
    don't want to get another U6
 
-Qotom might be cheaper, and the [Q190G4U S01](https://qotom.net/product/35.html) is about as simple as
-it gets, but it means buying on [Amazon.com](https://www.amazon.com/Q190G4U-S01-Celeron-Processor-onboard-Fanless/dp/B072FQQVLQ) which refuses to ship
-to Canada for this product, or [Aliexpress](https://fr.aliexpress.com/i/32919359402.html?gatewayAdapt=glo2fra) (280$, so not actually
-cheaper). Problem with Qotom is their model line is utterly confusing,
-for example I found the above on their site, but Aliexpress has [this
-model](https://fr.aliexpress.com/item/1005004093716962.html) for 233$. Go figure. Serve the home has a [good review](https://www.servethehome.com/the-everything-fanless-home-server-firewall-router-and-nas-appliance-qotom-qnap-teamgroup/)
-of the [Qotom Q20332G9-S10](https://www.qotom.net/product/RouterPC_Q20331G9S10.html) (4x2.5G 4xSFP+ 10G). I was also
-recommended [this 4x2.5G router](https://www.aliexpress.com/item/1005004360072281.html). [This 2021 review](https://homenetworkguy.com/review/opnsense-hardware-recommendations/) also
-includes Protectli and Qotom products, among others.
-
 Another build could be done with the Turris Mox:
 
  * MOX start, [101.49EUR](https://www.discomp.cz/turris-mox-start_d90848.html)

more hardware examples
diff --git a/services/wifi.mdwn b/services/wifi.mdwn
index 503fdb56..7969d362 100644
--- a/services/wifi.mdwn
+++ b/services/wifi.mdwn
@@ -402,7 +402,10 @@ it gets, but it means buying on [Amazon.com](https://www.amazon.com/Q190G4U-S01-
 to Canada for this product, or [Aliexpress](https://fr.aliexpress.com/i/32919359402.html?gatewayAdapt=glo2fra) (280$, so not actually
 cheaper). Problem with Qotom is their model line is utterly confusing,
 for example I found the above on their site, but Aliexpress has [this
-model](https://fr.aliexpress.com/item/1005004093716962.html) for 233$. Go figure.
+model](https://fr.aliexpress.com/item/1005004093716962.html) for 233$. Go figure. Serve the home has a [good review](https://www.servethehome.com/the-everything-fanless-home-server-firewall-router-and-nas-appliance-qotom-qnap-teamgroup/)
+of the [Qotom Q20332G9-S10](https://www.qotom.net/product/RouterPC_Q20331G9S10.html) (4x2.5G 4xSFP+ 10G). I was also
+recommended [this 4x2.5G router](https://www.aliexpress.com/item/1005004360072281.html). [This 2021 review](https://homenetworkguy.com/review/opnsense-hardware-recommendations/) also
+includes Protectli and Qotom products, among others.
 
 Another build could be done with the Turris Mox:
 

more matrix bots
diff --git a/blog/2022-06-17-matrix-notes.md b/blog/2022-06-17-matrix-notes.md
index 015d53de..a2483dad 100644
--- a/blog/2022-06-17-matrix-notes.md
+++ b/blog/2022-06-17-matrix-notes.md
@@ -847,8 +847,6 @@ there's still a good variety:
  * [maubot](https://github.com/maubot/maubot): generic bot with tons of usual plugins like sed, dice,
    karma, xkcd, echo, rss, reminder, translate, react, exec,
    gitlab/github webhook receivers, weather, etc
- * [opsdroid](https://github.com/opsdroid/opsdroid): framework to implement "chat ops" in Matrix,
-   connects with Matrix, GitHub, GitLab, Shell commands, Slack, etc
  * [matrix-nio](https://github.com/poljar/matrix-nio): another framework, used to build [lots more
    bots](https://matrix-nio.readthedocs.io/en/latest/examples.html) like:
    * [hemppa](https://github.com/vranki/hemppa): generic bot with various functionality like weather,
@@ -859,6 +857,12 @@ there's still a good variety:
    * [podbot](https://github.com/interfect/podbot): play podcast episodes from AntennaPod
    * [cody](https://gitlab.com/carlbordum/matrix-cody): Python, Ruby, Javascript REPL
    * [eno](https://github.com/8go/matrix-eno-bot): generic bot, "personal assistant"
+   * [ChatGPT](https://github.com/h1ddenpr0cess20/infinigpt-matrix) and [Ollama](https://github.com/h1ddenpr0cess20/ollamarama-matrix) AI chat bots
+   * [reminder bot](https://github.com/anoadragon453/matrix-reminder-bot)
+   * [opsdroid](https://github.com/opsdroid/opsdroid): framework to implement "chat ops" in Matrix,
+     connects with Matrix, GitHub, GitLab, Shell commands, Slack, etc
+   * [commander](https://github.com/8go/matrix-commander): CLI interface
+   * [full list](https://matrix-nio.readthedocs.io/en/latest/examples.html#projects-built-with-nio)
  * [mjolnir](https://github.com/matrix-org/mjolnir): moderation bot
  * [hookshot](https://github.com/Half-Shot/matrix-hookshot): bridge with GitLab/GitHub
  * [matrix-monitor-bot](https://github.com/turt2live/matrix-monitor-bot): latency monitor

gtklock entered debian
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 1dd63967..5b4eb0cc 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -809,7 +809,7 @@ as xss-lock and xsecurelock.
 That, unfortunately, does *not* include the fancy "hacks" provided by
 xscreensaver, and that is [unlikely to be implemented upstream][].
 
-Other alternatives include [gtklock][] ([RFP](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052418)) and [waylock][] (zig), which
+Other alternatives include [gtklock][] ([in Debian](https://tracker.debian.org/pkg/gtklock)) and [waylock][] (zig), which
 do not solve that problem either.
 
 It looks like [swaylock-plugin][], a swaylock fork, which at least

more death notes i found
diff --git a/blog/on-dying.mdwn b/blog/on-dying.mdwn
index 61be211f..78f677ec 100644
--- a/blog/on-dying.mdwn
+++ b/blog/on-dying.mdwn
@@ -210,5 +210,23 @@ As #RobertJordan writes: "Ages come and pass, leaving memories that become legen
 
 https://daniel.haxx.se/blog/2024/02/07/contingency-planning-for-me-and-curl/
 
+# archiveteam
+
+a million ways to die on the web https://wiki.archiveteam.org/index.php/A_Million_Ways_to_Die_on_the_Web
+
+# vim death
+
+https://groups.google.com/g/vim_dev/c/dq9Wu5jqVTw
+
+https://getyourshittogether.org/
+
+
+"death book": https://www.bogleheads.org/forum/viewtopic.php?t=119346
+
+"sealed notary": https://news.ycombinator.com/item?id=37076703
+
+https://longnow.org/ideas/digital-avatars-and-our-refusal-to-die/
+
+
 [[!tag draft]]
 

add curl note, mark as draft
diff --git a/blog/on-dying.mdwn b/blog/on-dying.mdwn
index ce502367..61be211f 100644
--- a/blog/on-dying.mdwn
+++ b/blog/on-dying.mdwn
@@ -205,3 +205,10 @@ As #RobertJordan writes: "Ages come and pass, leaving memories that become legen
 
 @jgoerzen our seemingly infinite capacity at storage is, in other words, at odds with our capacity at telling what really matters, and what should really be kept around forever
 
+
+# curl plans
+
+https://daniel.haxx.se/blog/2024/02/07/contingency-planning-for-me-and-curl/
+
+[[!tag draft]]
+

link to noctua's fan list
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 01388297..42bf28e8 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -126,7 +126,7 @@ spec'd at 45dB. That fan is a weird construction that has a 92x25mm
 fan inside an enclosure that directs the airflow, see [FAN-0076L4](https://store.supermicro.com/us_en/92mm-fan-0076l4.html)
 for the detailed specs. I asked Supermicro if they had a better
 replacement fan, and so far they just keep pointing me at that fan. So
-I asked Noctua if their fans would fit.
+I asked Noctua if [their fans](https://noctua.at/en/products/fan) would fit.
 
 ## 2020 Replacement
 

chase URL for case specs
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 660cc192..01388297 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -32,7 +32,7 @@ particulier [[services/mail]] et [[services/backup]].
 
 The server is also backed by a UPS, a [APC 1500VA BX1500m](https://www.apc.com/ca/en/product/BX1500M/apc-back-ups-1500-compact-tower-1500va-120v-avr-lcd-10-nema-outlets-5-surge/).
 
-[CSE-733TQ-500B]: https://www.supermicro.com/en/products/chassis/tower/733/SC733TQ-500B
+[CSE-733TQ-500B]: https://www.supermicro.com/en/products/archive/chassis/SC733TQ-500B
 [300$]: http://www.atic.ca/index.php?page=details&psku=63796
 [ASUS PRIME X470-PRO]: https://www.asus.com/us/Motherboards/PRIME-X470-PRO/
 [187$]: http://www.atic.ca/index.php?page=details&psku=196101

case fan was the problem, oops
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 1e62ca2d..660cc192 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -120,6 +120,14 @@ I have also considered:
    MemoryExpress, more expensive ([75$ at amazon](https://www.amazon.ca/dp/B00TBHYYFK), [NH-D9L is
    70$](https://www.amazon.ca/Noctua-NH-D9L-Premium-Cooler-NF-A9/dp/B00QCEWTAW))
 
+Update: I ordered the NH-D9L and installed it and immediately realized
+the problem was actually not the CPU fan, but the board fan, which is
+spec'd at 45dB. That fan is a weird construction that has a 92x25mm
+fan inside an enclosure that directs the airflow, see [FAN-0076L4](https://store.supermicro.com/us_en/92mm-fan-0076l4.html)
+for the detailed specs. I asked Supermicro if they had a better
+replacement fan, and so far they just keep pointing me at that fan. So
+I asked Noctua if their fans would fit.
+
 ## 2020 Replacement
 
 In 2020, hardware for marcos was swapped out into a new box.

switched octavia's uplink to a SFP
diff --git a/hardware/octavia.mdwn b/hardware/octavia.mdwn
index c07427aa..6a1f6490 100644
--- a/hardware/octavia.mdwn
+++ b/hardware/octavia.mdwn
@@ -44,6 +44,32 @@ needs to be known: it's currently hardcoded in DHCP but should be also
 visible in the router's DHCP leases. Automated upgrades should still
 be operational.
 
+## SFP configuration
+
+The SFP is not active by default. I found, [buried in some upgrade
+notes](https://docs.turris.cz/geek/tos3-migration/#turris-omnia-specifics) that:
+
+> Turris OS 5.0+ no longer supports switching between SFP and metallic in runtime. Switch is performed on boot for that boot-loader update is required. This is not yet available and so you have to switch between SFP and metallic manually. To do so you can run following command:
+> 
+>     ln -sf armada-385-turris-omnia-sfp.dtb /boot/dtb
+> 
+> To switch to metallic you just have to use phy instead of sfp in this command. Initial switch is performed as part of migration so you have to care about this only if you plan to switch between SFP and metallic WAN.
+
+So at first I couldn't make the SFP port work at all: link wouldn't
+even come up. But after running the above command and a reboot, the
+link came back up and it even fetched an IP address from upstream on
+the WAN port.
+
+Unfortunately, that's not what I wanted: I had to bridge the port with
+the `br-lan` bridge so that it keeps acting as a wireless bridge.
+
+[This section explains a bit more how that works](https://docs.turris.cz/hw/omnia/omnia/#network-interfaces): the WAN and SFP
+ports are not actually connected to the "switch-on-chip" at all and
+instead to the SoC which means packets will necessarily go through the
+CPU, which may impact performance. I might be interesting to compare
+the Omnia performance between the SFP port or a LAN port behind a
+media converter.
+
 Configuration of the Omnia router
 =================================
 

matrix clients updates
diff --git a/blog/2022-06-17-matrix-notes.md b/blog/2022-06-17-matrix-notes.md
index bf0a2f5e..015d53de 100644
--- a/blog/2022-06-17-matrix-notes.md
+++ b/blog/2022-06-17-matrix-notes.md
@@ -799,12 +799,18 @@ Matrix](https://matrix.org/clients-matrix/) (confusing right?) to try to figure
 and, even after selecting `Linux` as a filter, the chart is just too
 wide to figure out anything. So I tried those, kind of randomly:
 
- * [FluffyChat](https://fluffychat.im/) (Dart, Flutter not in Debian, [Flatpak](https://flathub.org/apps/im.fluffychat.Fluffychat), solid Android,
-   iOS app)
- * [Fractal](https://gitlab.gnome.org/GNOME/fractal) (Rust, [not in Debian](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900928))
+ * [FluffyChat](https://fluffychat.im/) (Dart, Flutter not in Debian, [Flatpak](https://flathub.org/apps/im.fluffychat.Fluffychat), solid
+   on Android, also on iOS, works well on desktop too, [segfaults on
+   calling](https://github.com/flathub/im.fluffychat.Fluffychat/issues/107), calls don't work on F-Droid)
+ * [Cinny](https://cinny.in/) (Javascript/Typescript, electron-based, not in Debian,
+   interesting, "Slack-like" interface, failed to login to Salsa
+   because of no 2FA)
+ * [Fractal](https://gitlab.gnome.org/GNOME/fractal) (Rust, [not in Debian](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900928), no support for spaces)
  * [Mirage](https://github.com/mirukana/mirage) (not in Debian, inactive upstream since 2021, forked
    into [Moment](https://mx-moment.xyz/))
- * [Nheko](https://github.com/Nheko-Reborn/nheko) (C++, Python, Qt) [![Debian Unstable package](https://repology.org/badge/version-for-repo/debian_unstable/nheko.svg)](https://repology.org/project/nheko/versions)
+ * [Nheko](https://github.com/Nheko-Reborn/nheko) (C++, Python, Qt) [![Debian Unstable
+   package](https://repology.org/badge/version-for-repo/debian_unstable/nheko.svg)](https://repology.org/project/nheko/versions),
+   not as good as Fluffy
  * [Quaternion](https://github.com/quotient-im/Quaternion) (C++, Qt) [![Debian Unstable package](https://repology.org/badge/version-for-repo/debian_unstable/quaternion.svg)](https://repology.org/project/quaternion/versions)
 
 Unfortunately, I lost my notes on those, I don't actually remember
@@ -826,6 +832,9 @@ Matrix. It does not support large multimedia rooms, for example:
 [Jitsi was used for FOSDEM](https://matrix.org/blog/2022/02/07/hosting-fosdem-2022-on-matrix/) instead of the native videoconferencing
 system.
 
+Update: I'm now (2024) using FluffyChat on desktop (through Flatpak)
+and Android (through F-Droid).
+
 ## Bots
 
 This falls a little aside the "usability" section, but I didn't know

eicat update
diff --git a/blog/2020-05-28-isp-upgrade.mdwn b/blog/2020-05-28-isp-upgrade.mdwn
index 4555f684..83562a09 100644
--- a/blog/2020-05-28-isp-upgrade.mdwn
+++ b/blog/2020-05-28-isp-upgrade.mdwn
@@ -245,7 +245,7 @@ So I shopped around for options again:
    latency. possibility of ADSL fallback as well, for an extra 70$/mth
    on a 1-year contract, ~55$/mth on a 3-year contract
  * [EIcat](http://www.eicat.ca/products.py/internet?type=Business) is, amazingly, still in business, and some contact there
-   responded to a ping, but nothing heard in days now
+   responded to a ping, still trying to figure out pricing and conditions
  * Bell charges [32$/mth for a static IP](https://business.bell.ca/shop/small-business/internet/addons/static-ip) and they don't want my
    business anyway
  * Videotron is [35$/mth](https://videotron.com/en/business/business-internet/static-ip-addresses), interestingly you can get a /29 for

update on my isp search
diff --git a/blog/2020-05-28-isp-upgrade.mdwn b/blog/2020-05-28-isp-upgrade.mdwn
index c9a87a2a..4555f684 100644
--- a/blog/2020-05-28-isp-upgrade.mdwn
+++ b/blog/2020-05-28-isp-upgrade.mdwn
@@ -239,7 +239,11 @@ So I shopped around for options again:
 
  * TekSavvy is 85$/mth for 120mbps, before the static IP, so not
    cheap, but maybe should be reconsidered. they did *try* to do IPv6
-   at least.
+   at least. update: have a business package, 108$/mth for a 250/50 on
+   a 12-month contract, 100$ installation fee, 21$/mth extra for a /29
+   (6 usable IPs), so actually cheaper than Oricom. asked about
+   latency. possibility of ADSL fallback as well, for an extra 70$/mth
+   on a 1-year contract, ~55$/mth on a 3-year contract
  * [EIcat](http://www.eicat.ca/products.py/internet?type=Business) is, amazingly, still in business, and some contact there
    responded to a ping, but nothing heard in days now
  * Bell charges [32$/mth for a static IP](https://business.bell.ca/shop/small-business/internet/addons/static-ip) and they don't want my
@@ -250,6 +254,11 @@ So I shopped around for options again:
 )
  * Cogeco might be as well, but the sales rep burst out laughing when
    I mentioned I was in Montreal, so I guess that's a nope as well
+ * Oricom is 130$+tx/mth for 250/50 all included, needs NEQ, but could
+   accept US business
+ * b2b2c is 99$+tx/mth for 100/30, 400/50 for 129$. were dithery about
+   email hosting ("maybe it will work, but won't change IP if it
+   doesn't"), asked about contract length)
 
 So the short list right now is TSI, Oricom, b2b2c (they answered a
 ping, amazingly).

typo
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index 6cf18ac8..1e62ca2d 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -106,7 +106,7 @@ compatibility chart but my case isn't there. The closest is the
 
 Interestingly though, it marks the 158mm [U12S](https://noctua.at/en/nh-u12s) as "insufficient
 clearance" while the [C14S](https://noctua.at/en/nh-c14s), at 115-142mm supposedly fits. Its fan
-([NF-A14-PWM](https://noctua.at/en/nf-a14-pwm)) is less interesting for me:, it's much noisier at
+([NF-A14-PWM](https://noctua.at/en/nf-a14-pwm)) is less interesting for me: it's much noisier at
 24.6db(A).
 
 I have also considered:

seek a new fan
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index c80c377f..6cf18ac8 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -22,7 +22,7 @@ particulier [[services/mail]] et [[services/backup]].
 
  * Case: [CSE-733TQ-500B][] ([300$][]), incl. 80+ bronze 500W PSU,
    4x3.5" hotswap bays, 2x5.25" bays, 1x3.5" bay, 7" (4U) x 20.9" x
-   16.8" (WxDxL), 17Kg ([manual](https://www.supermicro.com/manuals/chassis/Mid-tower/SC733.pdf))
+   16.8" or 178 x 531 x 427mm (WxDxL), 17Kg ([manual](https://www.supermicro.com/manuals/chassis/Mid-tower/SC733.pdf))
  * Motherboard: [ASUS PRIME X470-PRO][]: [187$][] (AM4/PGA 1331 ATX
    12"x9.6" 6 SATA Intel® I211-AT chipset, [detailed specs][])
  * Memory: Kingston KSM26ED8/16ME (16GB RAM): [114$][]
@@ -50,7 +50,76 @@ are kept only for historical reference, as the machine was rebuilt
 with new hardware in 2020.
 
 See [[services/backup]] for backup and drive replacement procedures.
- 
+
+## 2024 Fan replacement
+
+From the 2020 replacement, the server has always been away, either in
+a basement or a closet, and its noisy stock fan didn't really
+matter. But now it's moved inside the office and damn that thing is
+noisy. It's noisy when *idle* and sounds like a hair drier when it
+spins up. So, it's got to go.
+
+I've heard good things from friends about [Noctua](https://noctua.at), so let's go
+with that. My previous "gold standard" was the stock Intel fan that
+came with the [[v1]], which, according to this [old review](https://silentpcreview.com/lga775-low-profile-heatsink-roundup/) ranges
+from 14 to 26dBa in noise.
+
+Noctua seems to be Amazon sellouts, but they have products at
+memoryexpress.com and NewEgg, so I guess I'll try Memory Express
+now. Out of [their Noctua selection](https://www.memoryexpress.com/Category/CoolingCPU?FilterID=26b78891-590d-2259-fa23-6e925f4e75eb&Sort=Price), their cheapest fan
+[compatible with my CPU](https://ncc.noctua.at/cpus/model/AMD-Ryzen-5-2600X-1010) is the [NH-D9L](https://noctua.at/en/nh-d9l/) if I read all of this
+right, at 80$ + tax + 13$ purolator shipping. The [specification](https://noctua.at/en/nh-d9l/specification)
+on that is:
+
+ * dimensions: 110 x 95 x 95 mm (531 g)
+ * NSPR*: 88
+ * kit:
+   * NF-A9 PWM premium fan
+   * NA-RC7 Low-Noise Adaptor (L.N.A.)
+   * NT-H1 high-grade thermal compound
+   * SecuFirm2™ Mounting Kit
+   * Fan-clips for second NF-A9
+   * Noctua Metal Case-Badge
+ * fan ([Noctua NF-A9 PWM](https://noctua.at/en/products/fan/nf-a9-pwm.html)):
+   * 400-2000RPM
+   * max noise: 22.8db(A)
+   * stops at 0% PWN
+
+There's a big asterisk with Noctua which is that they don't follow the
+TDP (Thermal Design Power) rating and instead have their own NSPR
+([Noctua Standard Performance Rating](https://noctua.at/en/noctua-standardised-performance-rating)). So who knows what that "88"
+stands for. In their compatibility table, it's rated as "low
+turbo/overclocking headroom", which is fine by me: I haven't done
+"overclocking" in decades at this point.
+
+The sink is also [compatible with the board](https://ncc.noctua.at/motherboards/model/ASUS-Prime-X470-Pro-4796), apparently, so
+presumably I don't need to worry about pins, voltage, or actually
+knowing WTF I am doing, in general, which is reassuring but probably
+wrong.
+
+The other concern is fitting the fan in the case. There's a case
+compatibility chart but my case isn't there. The closest is the
+[Supermicro-SuperChassis-743T-500B-1842](https://ncc.noctua.at/cases/model/Supermicro-SuperChassis-743T-500B-1842) but that one is 25.5" x
+17.8" x 7" while mine is 7" (4U) x 20.9" x 16.8". But really, both are
+7" where it matters, which is 168mm, which is plenty of room for a
+110mm fan.
+
+Interestingly though, it marks the 158mm [U12S](https://noctua.at/en/nh-u12s) as "insufficient
+clearance" while the [C14S](https://noctua.at/en/nh-c14s), at 115-142mm supposedly fits. Its fan
+([NF-A14-PWM](https://noctua.at/en/nf-a14-pwm)) is less interesting for me:, it's much noisier at
+24.6db(A).
+
+I have also considered:
+
+ * [NH-U12S](https://noctua.at/en/nh-u12s/specification): 22.4db(A), slightly quieter, but much bigger, marked
+   as not fitting in the Supermicro (158mm)
+ * [NH-D12L](https://noctua.at/en/nh-d12l/specification): 22.6dB(A) but much larger dissipation power (148 vs
+   88 for the D9L), not available at MemoryExpress, more expensive
+   ([115$ at amazon](https://www.amazon.ca/dp/B09TB5KJ5V), [newegg](https://www.newegg.ca/p/13C-0005-002A0))
+ * [NH-U9S](https://noctua.at/en/nh-u9s/): 22.8dB(A), slightly more powerful, not at
+   MemoryExpress, more expensive ([75$ at amazon](https://www.amazon.ca/dp/B00TBHYYFK), [NH-D9L is
+   70$](https://www.amazon.ca/Noctua-NH-D9L-Premium-Cooler-NF-A9/dp/B00QCEWTAW))
+
 ## 2020 Replacement
 
 In 2020, hardware for marcos was swapped out into a new box.

automatic federated post of hardware/server/roadkiller.mdwn
Command: ['/usr/bin/feed2exec', '-v', 'fetch']
Plugin file: /usr/lib/python3/dist-packages/feed2exec/plugins/ikiwikitoot.py
Source directory: /home/w-anarcat/source
Running on: marcos
diff --git a/hardware/server/roadkiller.mdwn b/hardware/server/roadkiller.mdwn
index aca78551..a93e69a1 100644
--- a/hardware/server/roadkiller.mdwn
+++ b/hardware/server/roadkiller.mdwn
@@ -547,3 +547,7 @@ Not sure what the fate of this device will be: I'll bring it to the
 [[contact me|contact]] if you can't show up and want this thing.
 
 [[!tag node blog debian-planet python-planet freebsd hardware]]
+
+
+<!-- posted to the federation on 2024-01-29T23:21:49.993438 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/111842984579540748"]]
\ No newline at end of file

try to bump soekris up in the list
diff --git a/hardware/server/roadkiller.mdwn b/hardware/server/roadkiller.mdwn
index ce348ed8..aca78551 100644
--- a/hardware/server/roadkiller.mdwn
+++ b/hardware/server/roadkiller.mdwn
@@ -1,4 +1,5 @@
 [[!meta title="router archeology: the Soekris net5001"]]
+[[!meta date="2024-01-29T23:20:48-0500"]]
 
 Roadkiller was a Soekris net5501 router I used as my main gateway
 between 2010 and 2016 (for [[services/réseau]] and

remove empty tag
diff --git a/tag/planet.mdwn b/tag/planet.mdwn
deleted file mode 100644
index 0b62d6c4..00000000
--- a/tag/planet.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-[[!meta title="pages tagged planet"]]
-
-[[!inline pages="tagged(planet)" actions="no" archive="yes"
-feedshow=10]]

fix tag
diff --git a/hardware/server/roadkiller.mdwn b/hardware/server/roadkiller.mdwn
index 34c897a1..ce348ed8 100644
--- a/hardware/server/roadkiller.mdwn
+++ b/hardware/server/roadkiller.mdwn
@@ -545,4 +545,4 @@ Not sure what the fate of this device will be: I'll bring it to the
 [next Montreal Debian & Stuff](https://agendadulibre.qc.ca/events/2431) to see if anyone's interested,
 [[contact me|contact]] if you can't show up and want this thing.
 
-[[!tag node blog debian-planet python planet freebsd hardware]]
+[[!tag node blog debian-planet python-planet freebsd hardware]]

creating tag page tag/planet
diff --git a/tag/planet.mdwn b/tag/planet.mdwn
new file mode 100644
index 00000000..0b62d6c4
--- /dev/null
+++ b/tag/planet.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged planet"]]
+
+[[!inline pages="tagged(planet)" actions="no" archive="yes"
+feedshow=10]]

new blog post about an artifact i found
diff --git a/hardware/server/roadkiller.mdwn b/hardware/server/roadkiller.mdwn
index fdc22a71..34c897a1 100644
--- a/hardware/server/roadkiller.mdwn
+++ b/hardware/server/roadkiller.mdwn
@@ -1,11 +1,15 @@
-Roadkiller was the Soekris net5501 router I used as my main gateway
-between 2010 and 2016 ([[services/réseau]] et [[services/téléphone]]).
+[[!meta title="router archeology: the Soekris net5001"]]
 
-Il a été mis à jour à FreeBSD 8.4-p12 (2014-06-06) et `pkgng`. Il
-n'est plus en service depuis l'installation de [[hardware/octavia]].
+Roadkiller was a Soekris net5501 router I used as my main gateway
+between 2010 and 2016 (for [[services/réseau]] and
+[[services/téléphone]]).
 
-10 ans plus tard (2024-01-24), le routeur a été démarré et il semble
-encore fonctionnel!
+It was upgraded to FreeBSD 8.4-p12 (2014-06-06) and `pkgng`. It was
+retired in favor of [[hardware/octavia]] around 2016.
+
+Roughly 10 years later (2024-01-24), I found it in a drawer and, to my
+surprised, it booted. After wrangling with a [RS-232 USB adapter](https://en.wikipedia.org/wiki/USB-to-serial_adapter),
+a [null modem cable](https://en.wikipedia.org/wiki/Null_modem), and bit rates, I even logged in:
 
     comBIOS ver. 1.33  20070103  Copyright (C) 2000-2007 Soekris Engineering.
 
@@ -159,14 +163,17 @@ The last log rotation is from 2016:
     [root@roadkiller /var/log]# stat /var/log/wtmp      
     65 61783 -rw-r--r-- 1 root wheel 208219 1056 "Nov  1 05:00:01 2016" "Jan 18 22:29:16 2017" "Jan 18 22:29:16 2017" "Nov  1 05:00:01 2016" 16384 4 0 /var/log/wtmp
 
-Interestingly, we switched between eicat and teksavvy on December
+Interestingly, I switched between eicat and teksavvy on December
 11th. Which year? Who knows!
 
     Dec 11 16:38:40 roadkiller mpd: [eicatL0] LCP: authorization successful
     Dec 11 16:41:15 roadkiller mpd: [teksavvyL0] LCP: authorization successful
 
-Maybe 2015, because the log dates from 2017, and the last entry is
-from November of the year after the above:
+Never realized those good old logs had a "oh dear forgot the year"
+issue (that's something like Y2K except just "Y", I guess).
+
+That was probably 2015, because the log dates from 2017, and the last
+entry is from November of the year after the above:
 
     [root@roadkiller /var/log]# stat mpd.log 
     65 47113 -rw-r--r-- 1 root wheel 193008 71939195 "Jan 18 22:39:18 2017" "Jan 18 22:39:59 2017" "Jan 18 22:39:59 2017" "Apr  2 10:41:37 2013" 16384 140640 0 mpd.log
@@ -181,7 +188,7 @@ years*, which I find utterly amazing.
 
 Another amazing thing is that there's tuptime installed on that
 server! That is a software I *thought* I discovered later and then
-sponsored in Debian, but turns out I was already using it then!
+[sponsored in Debian](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638422), but turns out I was already using it then!
 
     [root@roadkiller /var]# tuptime 
     System startups:        19   since   21:20:16 11/07/15
@@ -275,12 +282,14 @@ actually 2024-01-24 at ~12:00 local:
     This machine is doomed to be replaced with the new omnia router, Indiegogo
     campaign should ship in april 2016: http://igg.me/at/turris-omnia/x
 
-(I really like the motd I left myself there. In theory, I guess this
+(I really like the `motd` I left myself there. In theory, I guess this
 could just start connecting to the internet again if I still had the
-same PPPoE/ADSL link I had almost a decade ago; obviously, I do not.)
+same PPPoE/ADSL link I had almost a decade ago; obviously, I [[do
+not|blog/2020-05-28-isp-upgrade]].)
 
 Not sure how the system figured the 2017 time: the onboard clock
-itself believes we're in 1980, so clearly the battery has failed:
+itself believes we're in 1980, so clearly the [CMOS battery](https://en.wikipedia.org/wiki/CMOS_battery) has
+(understandably) failed:
 
     > ?
     comBIOS Monitor Commands
@@ -500,8 +509,8 @@ ISP... back in 2003!
 
 Fascinating.
 
-I suspect the hard drive might be failing as I saw two new files
-created in /var that I didn't remember seeing before:
+I suspect the ([IDE](https://en.wikipedia.org/wiki/Integrated_Drive_Electronics)!) hard drive might be failing as I saw two new
+files created in `/var` that I didn't remember seeing before:
 
     -rw-r--r--   1 root    wheel        0 Jan 18 22:55 3@T3
     -rw-r--r--   1 root    wheel        0 Jan 18 22:55 DY5
@@ -523,4 +532,17 @@ So I shutdown the machine, possibly for the last time:
     The operating system has halted.
     Please press any key to reboot.
 
-[[!tag node]]
+I'll finally note this was the last [FreeBSD](https://en.wikipedia.org/wiki/FreeBSD) server I personally
+operated. I also used FreeBSD to setup the core routers at
+[Koumbit](https://koumbit.org) but those were [replaced with Debian recently](https://koumbitstatus.net/incident/377) as
+well.
+
+Thanks Soekris, that was some sturdy hardware. Hopefully this new
+[[Protectli router|hardware/margaret]] will live up to that "decade
+plus" challenge.
+
+Not sure what the fate of this device will be: I'll bring it to the
+[next Montreal Debian & Stuff](https://agendadulibre.qc.ca/events/2431) to see if anyone's interested,
+[[contact me|contact]] if you can't show up and want this thing.
+
+[[!tag node blog debian-planet python planet freebsd hardware]]

isp upgrade status
diff --git a/blog/2020-05-28-isp-upgrade.mdwn b/blog/2020-05-28-isp-upgrade.mdwn
index 5e4a441d..c9a87a2a 100644
--- a/blog/2020-05-28-isp-upgrade.mdwn
+++ b/blog/2020-05-28-isp-upgrade.mdwn
@@ -208,6 +208,8 @@ I have *not* contacted those providers:
 
 ## Updates
 
+### 2023-07-24
+
 I had a nightmare time trying to convince bell to give me their sweet
 3gbps symmetric fiber link for 60$ / mth. I spent hours on the phone
 being bounced back between incompetence and hilarity, and eventually
@@ -219,4 +221,45 @@ probably won't allow me to host the server there, but I have to get
 *something* moving, and I've heard you get notified when fiber does
 land, so I have hope.
 
+### 2024-01-29
+
+Again, I'm confronted with this problem. Oricom is having trouble
+porting my IP address to a new subscriber: they want me to register a
+new account, and for that they need a provincial business number (a
+"NEQ"), which is another [40$/year fee](https://www.quebec.ca/entreprises-et-travailleurs-autonomes/demarrer-entreprise/immatriculer-constituer-entreprise/immatriculer-constituer-entreprise-formes-juridiques/personne-physique-entreprise-individuelle). Which means they only
+accept business registered in the province, which seems ludicrous to
+me.
+
+Compared to [others who live in the countryside](https://stgraber.org/2023/10/18/setting-up-a-new-house/), my situation is
+ridiculous. My fine colleague is getting symmetric 3gbps *and* a
+redundant 100mbps link far out of the city, and I can't get *any*
+fiber here. It's amazing.
+
+So I shopped around for options again:
+
+ * TekSavvy is 85$/mth for 120mbps, before the static IP, so not
+   cheap, but maybe should be reconsidered. they did *try* to do IPv6
+   at least.
+ * [EIcat](http://www.eicat.ca/products.py/internet?type=Business) is, amazingly, still in business, and some contact there
+   responded to a ping, but nothing heard in days now
+ * Bell charges [32$/mth for a static IP](https://business.bell.ca/shop/small-business/internet/addons/static-ip) and they don't want my
+   business anyway
+ * Videotron is [35$/mth](https://videotron.com/en/business/business-internet/static-ip-addresses), interestingly you can get a /29 for
+   80$/mth too
+ * Rogers might be interesting, but are [unavailable in my region](https://www.rogers.com/business/internet-services/dedicated
+)
+ * Cogeco might be as well, but the sales rep burst out laughing when
+   I mentioned I was in Montreal, so I guess that's a nope as well
+
+So the short list right now is TSI, Oricom, b2b2c (they answered a
+ping, amazingly).
+
+In fact, according to [this search site](https://www.whistleout.ca/Internet/Canada/Quebec) there are exactly zero
+ISPs that provide static IPs in Quebec
+
+I posted two threads on DSL reports ([1](https://www.dslreports.com/forum/r33823478-adresse-IP-statique-pour-un-serveur-Montr-al), [2](https://www.dslreports.com/forum/r33823498-server-with-static-IP-in-montreal)) and the answer
+was basically to get a proxy service, which I have considered, but I
+refuse to admit defeat. I *still* think we should be able to host a
+server at home, and that the internet should be more symmetric.
+
 [[!tag debian-planet internet neutrality québec sysadmin diy montreal]]

add fiber stuff to core router section
diff --git a/services/wifi.mdwn b/services/wifi.mdwn
index 538b7dea..503fdb56 100644
--- a/services/wifi.mdwn
+++ b/services/wifi.mdwn
@@ -381,8 +381,12 @@ So, BOM:
    * alternative: GS1900-48 *without* PoE (we keep the injector),
      [210$USD at B&H](https://www.bhphotovideo.com/c/product/1080481-REG/zyxel_gs_1900_series_gs1900_48.html)
    * alternative: GS1900-24 without PoE: [170$ at B&H](https://www.bhphotovideo.com/c/product/1166663-REG/zyxel_gs1900_24_gs1900_series_24_port_gbe.html)
- * [U6 Lite AP: 132$](https://ca.store.ui.com/ca/en/pro/products/u6-lite) (optional? maybe reuse the Mox?
-   [[hardware/atwood]])
+ * <del>[U6 Lite AP: 132$](https://ca.store.ui.com/ca/en/pro/products/u6-lite) (optional? maybe reuse the Mox?
+   [[hardware/atwood]]</del> using the Omnia
+ * simplex bidirectional SFP LC SMF module: [14$ at FS](https://www.fs.com/products/75335.html?attribute=1464&id=561932) and [19$ at
+   FS](https://www.fs.com/products/75336.html) (33$)
+ * SMF LC/LC cable LC UPC to LC UPC Simplex OS2 Single Mode [30m
+   98ft](https://www.fs.com/products/40439.html) (8.50$) ou [20m 66ft](https://www.fs.com/products/40440.html?attribute=986&id=1787390) (6.70$)
  * Total: 573$, 508$ for 24 port without PoE, 563$ for 48 ports
    without PoE, 705$ with extra AP
 

document some framework 16 reviews
diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index c32d9946..428eb6b7 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -90,6 +90,11 @@ pre-order. It's a larger laptop than the "13" (which the 11th, 12th
 and 13th gen all fit into) with 6 expansion ports, hotswappable
 keyboard mods and a hotswappable GPU.
 
+Reviews:
+
+ * [Ars Technica](https://arstechnica.com/gadgets/2024/01/review-frameworks-laptop-16-is-unique-laudable-fascinating-and-flawed/): "unique, laudable, fascinating, and flawed"
+ * [Upstream's review index](https://frame.work/ca/en/blog/framework-laptop-16-reviews-are-live)
+
 ## GPD pocket
 
 native ubuntu

another day, another framework mod
diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index ceb63b59..c74a4452 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -2025,6 +2025,7 @@ USB-C|blog/2023-02-10-usb-c]]. I'm considering a Dell
  * [tablet mod](https://www.instructables.com/Framework-Tablet-Assembly-Manual/) (kind of clunky, but works!)
  * [gaming handheld mod](https://www.youtube.com/watch?v=zd6WtTUf-30) (!!!)
  * [cyberdeck](https://github.com/BenMakesEverything/cyberdeck/), [video](https://www.youtube.com/watch?v=qzEd50uzdF0)
+ * [Framedeck](https://community.frame.work/t/my-open-source-framework-powered-handheld/43151), [video part 1](https://www.youtube.com/watch?v=XlbybcZxy6A&t=4s), [part 2](https://www.youtube.com/watch?v=zO6Jn7tTwc8), [GitHub](https://github.com/redglitch2/FrameDeck)
  * [keyboard mod](https://www.tindie.com/products/crimier/framework-input-cover-controller/) (i.e. turn the Framework keyboard, touch pad,
    fingerprint reader and power buttons into a "normal" USB keyboard
    and hub)

reflection working
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 3259ad9a..f06743cb 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -153,7 +153,7 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
  1. puppet bootstrap ✅
  1. systemd-networkd ✅
  1. dump fw rules on belleville ✅ and omnia ✅
- 1. firewall with nftables (forwarding and NAT) ✅ missing a few
+ 1. firewall with nftables (forwarding and NAT) ✅
  1. DHCP assignments and configuration (dnsmasq) ✅
  1. recursive DNS (dnsmasq) ✅
  1. bufferbloat tests ✅
@@ -162,7 +162,7 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
  1. re-do bufferbloat tests ✅
  1. micah backup move ✅
  1. forward tests ✅
- 1. reflection
+ 1. reflection ✅ ([upstream discussion](https://github.com/voxpupuli/puppet-nftables/issues/236))
  1. APU move
  1. marcos move
  1. monitoring: octavia (collectd + prometheus?) and margaret

notes about dark modes
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index 4167801f..931de629 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -70,8 +70,10 @@ I am testing those and they might make it to the top list once I'm happy:
    Discard is also [recommended](https://support.mozilla.org/en-US/kb/add-on-badges)
  * [Clean URLs](https://docs.clearurls.xyz/) (no deb, [source](https://github.com/ClearURLs/Addon)) - remove garbage in URLs
  * [Dark Background and Light Text](https://addons.mozilla.org/en-GB/firefox/addon/dark-background-light-text/) (no deb, [source](https://github.com/m-khvoinitsky/dark-background-light-text-extension)) - Mozilla
-   also recommends [Midnight Lizard](https://addons.mozilla.org/addon/midnight-lizard-quantum/) for Android, and I also tested
-   [dark reader](https://addons.mozilla.org/addon/darkreader/)
+   also recommends [Midnight Lizard](https://addons.mozilla.org/addon/midnight-lizard-quantum/) for Android which I couldn't
+   figure out how to disable by default (and only enable on some
+   sites), and I also tested [dark reader](https://addons.mozilla.org/addon/darkreader/), which seem a bit
+   overkill.
  * [display anchors](https://addons.mozilla.org/en-US/firefox/addon/display-_anchors/) (no deb, [source](https://github.com/Rob--W/display-anchors))
  * [Greasemonkey](https://addons.mozilla.org/firefox/addon/greasemonkey/) (no deb, [source](https://github.com/greasemonkey/greasemonkey/)) - mostly for [this one hack
    for Nextcloud Calendar to show UTC times alongside local](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/nextcloud#showing-utc-times-in-weekly-calendar-view)

finalize bufferbloat tests
diff --git a/hardware/margaret.md b/hardware/margaret.md
index dc344f19..3259ad9a 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -159,9 +159,10 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
  1. bufferbloat tests ✅
  1. swap omnia and router ✅ (see [[octavia]] for part of that
     procedure)
- 1. re-do bufferbloat tests
- 1. reflexion and forward tests
- 1. micah backup move
+ 1. re-do bufferbloat tests ✅
+ 1. micah backup move ✅
+ 1. forward tests ✅
+ 1. reflection
  1. APU move
  1. marcos move
  1. monitoring: octavia (collectd + prometheus?) and margaret
@@ -227,25 +228,42 @@ Installing it on the pristine router yields:
 
 And that doesn't include `netperf`.
 
-## octavia bufferbloat tests
-
-CF reports:
-
- * Bandwidth: 133mbps/22.2mbps
- * Latency: 20.5ms (loaded: 34.5ms/53.5ms)
- * Jitter: 4.32ms (loaded: 17.9ms/11.2ms)
- * 0% packet loss
- * [[full CSV|speed-results-1706020222.csv]]
-
-## with margaret in front
-
-CF reports:
-
- * Bandwidth: 131mbps/61.2mbps
- * Latency: 21ms (loaded: 40.5ms/56.5ms)
- * Jitter: 2.58ms (loaded: 14.4ms/5.53ms)
- * 0% packet loss
- * [[full CSV|speed-results-1706020410.csv]]
+## bufferbloat tests
+
+Tests were performed on <https://speed.cloudflare.com/> using Firefox
+ESR 115.6 on Debian bookworm around 2024-01-23 and -24, with too many
+tabs opened (so possibly interference).
+
+| Test             | Down | Up   | Latency | Loaded    | Jitter | Loaded    | Notes                                                    |
+|------------------|------|------|---------|-----------|--------|-----------|----------------------------------------------------------|
+| octavia          | 133  | 22.2 | 20.5    | 34.5/53.5 | 4.32   | 17.9/11.2 | old setup [CSV](speed-results-1706020222.csv)            |
+| margaret-staging | 131  | 61.2 | 21      | 40.5/56.5 | 2.58   | 14.4/5.53 | margaret as a client [CSV](speed-results-1706020410.csv) |
+| margaret-prod    | 131  | 33.7 | 20.0    | 42.5/72.0 | 3.37   | 12.8/4.32 | margaret as a router [CSV](speed-results-1706154403.csv) |
+| margaret-direct  | 132  | 22.1 | 20.0    | 42.5/26.5 | 3.63   | 14.1/5.79 | same, no switch [CSV](speed-results-1706154972.csv)      |
+| direct-2.5g      | 131  | 21.7 | 21.0    | 39.5/26.0 | 3.74   | 12.8/19.3 | same, framework card [CSV](speed-results-1706155380.csv) |
+
+All tests reported 0% packet loss. Down/Up is bandwidth in megabit per
+second. Latency/Loaded/Jitter is in milliseconds. "Loaded" is the
+column to the left when downloading/uploading (e.g. first one is the
+latency, in millisecond, when downloading / uploading content).
+
+Observations:
+
+ * ingress bandwidth is steady at 131-133 mbps
+ * egress bandwidth is strangely variable, spike at 61mbps
+   particularly odd
+ * latency stable at 20-21ms, within 1ms of each other
+ * ingress load is +20ms buffer bloat, possibly +5ms with margaret
+ * egress is much more variable, +30ms on octavia, first test +50ms
+   but direct tests are only +6ms
+ * ISP package is 120/20, so bandwidth is +10% more than spec
+
+Theories:
+
+ * switch is crap and possibly introduces +50ms buffer bloat on upload
+ * cable modem introduces +15-20ms buffer bloat on download
+ * margaret *reduces* egress buffer bloat down to 6ms
+ * margaret *increases* ingress bloat by +5-7ms
 
 # Disaster recovery procedures
 
diff --git a/hardware/margaret/speed-results-1706154403.csv b/hardware/margaret/speed-results-1706154403.csv
new file mode 100644
index 00000000..c7a67f42
--- /dev/null
+++ b/hardware/margaret/speed-results-1706154403.csv
@@ -0,0 +1,47 @@
+time,direction,bytes,latency,bps,duration,serverTime,responseSize,loadedLatencies
+1706154357567,download,100000,20.000139000000004,20236929.67666937,40.000139000000004,70.999861,101185,
+1706154360734,download,100000,21.000045999999998,16864650.504709933,48.000046,72.999954,101188,
+1706154360901,download,100000,20.00013,17598732.87314623,46.00013,60.99987,101193,20.000048
+1706154361053,download,100000,20.000055000000003,32379128.76591671,25.000055000000003,82.999945,101185,
+1706154361186,download,100000,19.000109000000002,32379698.824513122,25.000109000000002,63.999891,101187,
+1706154361286,download,100000,21.999964,29981669.605189107,26.999964,62.000036,101188,
+1706154361419,download,100000,21.00013,31133690.485393725,26.00013,60.99987,101185,17.000151000000002
+1706154361535,download,100000,27.999964,24531663.125450682,32.999964,62.000036,101193,
+1706154361632,download,100000,19.000078000000002,32379098.97721119,25.000078000000002,56.999922,101185,
+1706154361744,download,100000,20.000024999999994,31136277.75357909,26.000024999999994,75.999975,101193,
+1706154361959,download,1000000,19.000023,97699875.0354009,82.000023,98.999977,1001424,
+1706154362175,download,1000000,23.000011,97700669.82064186,82.000011,111.999989,1001432,32.999861
+1706154362368,download,1000000,20.000004000000004,101414475.87774806,79.000004,78.999996,1001468,
+1706154362527,download,1000000,19.999972999999997,101408237.19015701,78.999973,72.000027,1001406,
+1706154362695,download,1000000,21.000096999999997,98904375.38611837,81.000097,76.999903,1001408,28.000048
+1706154362849,download,1000000,18.999943000000002,102708690.44096608,77.999943,65.000057,1001409,
+1706154363047,download,1000000,20.000136999999995,101408836.79733366,79.000137,93.999863,1001414,
+1706154363210,download,1000000,21.999994,98905686.33869281,80.999994,69.000006,1001420,20.000069000000003
+1706154363376,upload,100000,49.000012999999996,5826086.956521737,138,88.999987,948,
+1706154363478,upload,100000,23.999996000000003,11485714.285714284,70,46.000004,950,20.000056999999998
+1706154363593,upload,100000,30.000275000000002,8645161.29032258,93,62.999725,959,
+1706154363688,upload,100000,26.999975,10578947.368421052,76,49.000025,957,
+1706154363803,upload,100000,27.999975,10441558.44155844,77,49.000025,959,
+1706154363899,upload,100000,29.999851,10864864.864864863,74,44.000149,967,
+1706154364028,upload,100000,29.99991,7243243.243243242,111,81.00009,958,27.000085999999996
+1706154364112,upload,100000,27.000017,11485714.285714284,70,42.999983,957,
+1706154375412,upload,1000000,40.00012400000003,19142857.14285714,420,379.999876,950,24.000109000000002
+1706154375832,upload,1000000,29.000186999999983,20099999.999999996,400,370.999813,956,51.000048
+1706154376249,upload,1000000,28.999887,20829015.544041447,386,357.000113,949,76.000141
+1706154376661,upload,1000000,30.000084000000015,20458015.26717557,393,362.999916,951,
+1706154377076,upload,1000000,0.01,84631578.94736841,95,361.000061,947,32.999903
+1706154377490,upload,1000000,0.01,59999999.99999999,134,369.999886,955,74.9998
+1706154378195,download,10000000,20.000109000000002,130767610.69661838,612.000109,63.999891,10003724,64.99999600000001
+1706154378911,download,10000000,24.000159999999994,129708660.04313515,617.00016,67.99984,10003783,32.999996 48.00012
+1706154379630,download,10000000,27.000004000000004,129080644.32851197,620.000004,78.999996,10003750,48.99987
+1706154380328,download,10000000,19.000036,130768319.10513157,612.000036,62.999964,10003777,47.999985
+1706154381047,download,10000000,19.999931000000004,130768119.31862782,611.9999310000001,78.000069,10003760,23.999985000000002
+1706154381755,download,10000000,21.000045999999998,130554822.17696276,613.000046,72.999954,10003764,28.000012999999996 47.000069
+1706154385490,upload,10000000,38.00001299999985,22167080.231596358,3627,3588.999987,954,23.999996000000003 61.000254 46.000027 43.999975 48.999975 55.000162 49.999900999999994
+1706154389175,upload,10000000,24.00004600000011,22351959.966638863,3597,3572.999954,961,19.999996000000003 61.999996 58.000214 64.000254 63.999933 67.000038 69.999924
+1706154392860,upload,10000000,30.000109000000066,22370617.696160264,3594,3563.999891,955,72.000069 82.000069 73.999943 59.000109 64.99983 70.999924 72.000265
+1706154396556,upload,10000000,28.000015000000076,22370617.696160264,3594,3565.999985,957,74.000202 75.999922 77.000038 77.000013 76.00009 83.000193 78.00018299999999
+1706154398188,download,25000000,19.000067,133284598.98063417,1501.000067,69.999933,25007524,23.999966 59.000111 56.999922
+1706154399819,download,25000000,20.000139000000004,131792646.69355871,1518.000139,70.999861,25007657,20.000183 43.00009 40.000235
+1706154401464,download,25000000,18.000212000000005,133107643.2343178,1503.000212,71.999788,25007602,28.999924 42.999975 48.999975 41.000141
+1706154403132,download,25000000,20.000136999999995,131101351.27071747,1526.000137,93.999863,25007585,49.000088000000005 40.999882 42.000048
\ No newline at end of file
diff --git a/hardware/margaret/speed-results-1706154972.csv b/hardware/margaret/speed-results-1706154972.csv
new file mode 100644
index 00000000..b61371b8
--- /dev/null
+++ b/hardware/margaret/speed-results-1706154972.csv
@@ -0,0 +1,47 @@
+time,direction,bytes,latency,bps,duration,serverTime,responseSize,loadedLatencies
+1706154918172,download,100000,21.999880000000005,15871566.756627662,50.999880000000005,74.00012,101181,
+1706154920788,download,100000,22.000202,31134219.64952426,26.000202,61.999798,101187,27.999943000000002 23.000265 26.000056999999998 26.999756000000005 21.000078000000002
+1706154920933,download,100000,20.000067,32380073.221403766,25.000067,69.999933,101188,27.000069000000003
+1706154921066,download,100000,27.000067,25297447.033470273,32.000067,69.999933,101190,
+1706154921197,download,100000,19.000012999999996,32380783.161992762,25.000012999999996,88.999987,101190,20.000059
+1706154921324,download,100000,31.000067,23129327.152430877,35.000067,69.999933,101191,
+1706154921457,download,100000,17.999920000000003,35197339.81683414,22.999920000000003,91.00008,101192,24.999903000000003
+1706154921566,download,100000,18.999900999999994,32379328.22213977,24.999900999999994,71.000099,101185,
+1706154921662,download,100000,20.000006,32380792.228609867,25.000006,55.999994,101190,20.999912000000002
+1706154921768,download,100000,22.000109000000002,29979434.52746802,27.000109000000002,63.999891,101181,36.00012 27.999924 34.00014899999999 25.999890999999998 20.00009 20.999893 20.000183 18.000027000000003 24.000036 21.000099 28.000017 25.999861000000003 25.000203999999997 22.000067 28.000038000000004 25.000076000000007 26.000120000000003 26.999924 21.000256 24.000048 35.000162 57.000111 19.000152999999997 64.999924 22.999966 55.999945 21.000099 57.000038 34.999872 53.000183 39.000162 35.999996 34.000017 81.99999600000001 71.00010900000001 17.000067 24.999921999999998 24.999954000000002 29.00009 25.000202 40.000172 37.999945 27.999975 18.000027000000003 23.999924 29.000067 35.000069 16.000027000000003 29.999924 29.000120000000003 24.000048 31.999872000000003 25.000183 28.999944999999997 28.000069000000003 26.999882 20.000059 28.000141 29.000110999999997 27.000078000000002 27.000110999999997 23.000017 32.000038 52.999924 55.000023 48.999994 56.999975 41.999954 30.000263000000004 40.00009 35.000235 25.000118 28.000162000000003 44.999985 23.999912000000002 17.999964 19.000275000000002 19.000214 21.000078000000002 19.000036 20.000027000000003 19.999954000000002 19.000109000000002 21.000017
+1706154922159,download,1000000,22.00007099999999,92083694.96617998,87.00007099999999,273.999929,1001411,21.00009
+1706154922341,download,1000000,21.000118,101409468.78079347,79.000118,73.999882,1001420,
+1706154922511,download,1000000,18.000045999999998,104043470.31169306,77.000046,72.999954,1001419,
+1706154922679,download,1000000,24.999943000000002,95373017.09835683,83.999943,65.000057,1001416,24.000048
+1706154922881,download,1000000,20.000118,71529353.21014573,112.000118,73.999882,1001412,
+1706154923049,download,1000000,19.000024999999994,101411005.8825931,79.000025,75.999975,1001434,
+1706154923217,download,1000000,20.999880000000005,100142050.21307531,79.99988,74.00012,1001419,30.999924
+1706154923377,download,1000000,21.99987,98907022.9371973,80.99987,64.00013,1001432,
+1706154923529,upload,100000,40.999859,6813559.322033898,118,77.000141,958,
+1706154923676,upload,100000,29.000076000000007,7376146.7889908245,109,79.999924,952,21.000148999999993
+1706154923808,upload,100000,43.000088000000005,7309090.909090908,110,66.999912,947,
+1706154923922,upload,100000,29.999944999999997,11166666.666666666,72,42.000055,961,
+1706154924066,upload,100000,26.000118,8039999.999999998,100,73.999882,961,
+1706154924194,upload,100000,27.000056999999998,9241379.310344826,87,59.999943,954,18.000120000000003
+1706154924297,upload,100000,29.000038000000004,11652173.913043475,69,39.999962,950,
+1706154924397,upload,100000,28.000110999999997,11652173.913043475,69,40.999889,950,
+1706154938402,upload,1000000,42.999792000000014,18917647.058823526,425,382.000208,952,27.000141
+1706154938826,upload,1000000,28.000270999999998,20775193.79844961,387,358.999729,962,22.000027000000003
+1706154939379,upload,1000000,42.000117999999986,16374745.417515274,491,448.999882,966,28.000110999999997
+1706154939795,upload,1000000,29.000031999999976,20721649.484536078,388,358.999968,958,52.999819
+1706154940257,upload,1000000,23.999990000000025,20668380.46272493,389,365.00001,956,78.000057
+1706154940680,upload,1000000,37.999866,20201005.025125626,398,360.000134,951,
+1706154941439,download,10000000,24.99995,129498172.28949615,617.99995,98.00005,10003733,59.999914 52.999903
+1706154942167,download,10000000,25.999807000000004,129289345.64272004,618.999807,73.000193,10003760,36.000141
+1706154942912,download,10000000,28.000148999999993,128459192.39097966,623.000149,80.999851,10003762,42.000162
+1706154943653,download,10000000,27.000045999999998,129080816.22948782,620.000046,72.999954,10003764,20.000017 42.000109
+1706154944376,download,10000000,21.999827999999994,130342512.0829187,613.999828,70.000172,10003785,40.000111
+1706154945118,download,10000000,19.000036,130768005.37965982,612.000036,62.999964,10003753,44.00012
+1706154948983,upload,10000000,40.000223000000005,21589688.506981734,3724,3683.999777,958,64.00017199999999 93.000057 54.000036 23.000078000000002 21.00013 27.000069000000003 16.999924
+1706154952732,upload,10000000,40.000136999999995,22124380.847550906,3634,3593.999863,955,21.000006 35.000059 25.999966 21.000235000000004 24.000006 27.00013 33.999849 17.000110999999997
+1706154956481,upload,10000000,28.999989999999798,22063666.300768383,3644,3615.00001,956,21.000141 28.000015000000005 23.000006 29.999996000000003 22.999966 28.000017 35.00013
+1706154960236,upload,10000000,23.999920000000202,22240663.900414933,3615,3591.00008,953,26.000244000000002 27.00009 23.000152999999997 30.999975 30.000017 25.000027000000003 30.00009
+1706154961902,download,25000000,19.000139000000004,133107835.99335381,1503.000139,70.999861,25007637,27.00009 48.999903 57.000179
+1706154963613,download,25000000,21.000200000000007,133019280.18360637,1504.0002,84.9998,25007628,68.999975 49.00009 48.999975
+1706154965296,download,25000000,25.999877999999995,131966796.89970264,1515.999878,97.000122,25007706,27.000059 51.000162 42.000256
+1706154966976,download,25000000,19.000041999999993,133107823.29306151,1503.000042,118.999958,25007633,18.999996000000003 43.000069 36.999900999999994
\ No newline at end of file
diff --git a/hardware/margaret/speed-results-1706155380.csv b/hardware/margaret/speed-results-1706155380.csv
new file mode 100644
index 00000000..557f7378
--- /dev/null
+++ b/hardware/margaret/speed-results-1706155380.csv
@@ -0,0 +1,47 @@
+time,direction,bytes,latency,bps,duration,serverTime,responseSize,loadedLatencies
+1706155010643,download,100000,20.000180999999998,16519938.97736827,49.000181,64.999819,101185,
+1706155013412,download,100000,22.000116000000006,29981797.11524202,27.000116000000006,96.999884,101189,28.999924 22.999994 20.999964 22.000017 23.000253999999998
+1706155013542,download,100000,21.999992000000006,29982527.402230334,26.999992000000006,92.000008,101191,17.000141
+1706155013640,download,100000,22.999964,29981373.308497746,26.999964,62.000036,101187,20.000015000000005
+1706155013743,download,100000,20.999921999999998,32381541.030408017,24.999921999999998,68.000078,101192,

(Diff truncated)
notes about universal adapters
diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index 95fa6818..744c78c0 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -258,7 +258,7 @@ the Framework laptop.
 
 The design is also a little gimmicky: it has a more "plasticky"
 feeling than the power station, and some parts are hard to take
-out. For example, there's a Micro-USB to USB-C adapter that I almost
+out. For example, there's a Micro-USB to USB-C adapter that I <del>almost</del>
 broke trying to figure out how to pry it out of there.
 
 It's also a bit annoying to have all those adapters dangling around
@@ -288,11 +288,18 @@ Specifications:
 The funny thing with this is there's so much stuff crammed in there
 that the manual doesn't even mention all of it. For example, the
 specifications mention a LED and an SD card reader somewhere in there,
-and I haven't found those yet, and they're not in the manual.
+and I haven't found those yet, and they're not in the manual. (Update:
+turns out that was an error on the website, which they since then
+corrected.)
 
 This and the [[MASA power bank|hardware/battery#TOFU]] were ordered
 together and took over a *month* to ship.
 
+For a universal adapter, I found one at a corner store that is simply
+a ~1m jack with USB-C on one end, and micro-USB, Lightning, and USB-C
+on the other end, that was cheap and Just Works. It's a every day
+carry at this point.
+
 ### Ugreen
 
 So I was recommended the Ugreen chargers, but unfortunately it seems

look at USB charger sizes
diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index 3f961033..95fa6818 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -85,6 +85,29 @@ The spec here is at least 65W USB-C with international plugs.
   interesting gear nevertheless)
 * StarLabs have a [65W USB-C charger](https://ca.starlabs.systems/collections/power-cables/products/65w-gan-usb-c-power-adapter) with detachable plugs
 
+### Size comparison
+
+| Device   | Width | Height | Depth | Volume | Grams | Watts |
+|----------|-------|--------|-------|--------|-------|-------|
+| Sharge   | 59    | 77     | 29    | 132    | 220   | 100   |
+| TOFU     | 82    | 82     | 28    | 188    | 201   | 45    |
+| Ugreen   | 65    | 65*    | 33    | 139    | 340   | 65    |
+| Oneworld | 54    | 67     | 53    | 192    | 178.2 | 65    |
+| ZMI      | 70.6  | 70.6   | 29.5  | 147    | ???   | 65    |
+| BUDI     | 45*   | 97     | 25*   | 109*   | 167*  | 65    |
+
+Dimensions are in millimeters, volume in cubic centimeters.
+
+Summary: the BUDI is the smallest, both in terms of depth, width,
+volume, and grams (but not height), but beats the next ones (TOFU,
+Sharge, ZMI all within 1.5mm of each other) by only 4mm for depth, so
+maybe not worth it? Interestingly, it's not much lighter than the
+travel-friendly Oneworld.
+
+The Sharge is my current "left in my bag" driver, even though it's
+heavier than the TOFU, because the latter is a little too bulky (one
+of the largest by volume).
+
 ### Sharge
 
 I also bought [this
@@ -284,6 +307,9 @@ spam."
 The Support button on their website does exactly fuckall, so I guess
 that's it for Ugreen.
 
+- dimension: 2.56 x 2.56 x 1.28 inches
+- weight: 12 ounces
+
 ### Volta
 
 Volta has been a little more helpful and clarified it's possible to
@@ -316,14 +342,31 @@ plenty of ports.
 
 A good choice.
 
+- Dimensions: W 54 x L 53x H 67.0 mm / W 2.13 x L 2.09 x H 2.64 inch
+- Weight: 178.2 g / 6.29 oz
+
 ### ZMI
 
 [ZMI](https://www.zmifi.com/) has interesting products like [this 65W international travel
 adapter](https://www.zmifi.com/en/product/2/171.html). They have more battery packs though, see
 [[hardware/battery#zmi]] for more.
 
+ * 70.6mm x 70.6mm x 29.5mm
+ * no weight spec
+
 Untested.
 
+### BUDI
+
+The [BUDI 65W USB-C charger](https://www.amazon.com/Foldable-Ultra-Thin-Portable-Wall-Mounted-Microsoft/dp/B0B3GFD142) is interesting, [suggested on
+reddit](https://old.reddit.com/r/UsbCHardware/comments/161t5d4/absolutely_smallest_usbc_charger/), because it's *really* thin.
+
+ * Size: 4.21 x 3.82 x 1.77 inches
+ * Weight: 5.9 ounces
+
+It's not small enough to beat the Sharge as a daily driver, but if I
+find it too bulky / heavy, maybe I'll indulge.
+
 ## USB Docks
 
 Specification: 

yolo margaret
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 282aad03..dc344f19 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -164,7 +164,7 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
  1. micah backup move
  1. APU move
  1. marcos move
- 1. monitoring
+ 1. monitoring: octavia (collectd + prometheus?) and margaret
  1. mail relay
 
 # Tests to run
@@ -197,7 +197,7 @@ noticed during later use.
 
 [Webbloatscore]: https://www.webbloatscore.com
 
-## flent bufferbloat tests
+## failed flent bufferbloat tests
 
 OpenWRT has [this guide to configure SQM to fight bufferbloat](https://wiki.openwrt.org/doc/howto/sqm).
 

update hardware history with lots of changes since 2020
diff --git a/hardware/history.mdwn b/hardware/history.mdwn
index 37c6e0b6..ada547af 100644
--- a/hardware/history.mdwn
+++ b/hardware/history.mdwn
@@ -48,7 +48,7 @@ Here's the detailed history:
   * lenny: AMD Athlon 1.1GHz 200GB disk, 1GB ram, workstation (debian lenny)
   * mumia: Pentium M 1GHz 40GB disk, 1GB ram, laptop (Debian lenny)
 * 2010: HP Mini 10 ([[many problems|blog/2010-03-18-hp-mini-10-netbook-doom]])
-* 2011-...: custom server ([[server/marcos]]), merge of marvin and
+* 2011-2020: custom server ([[server/marcos]]), merge of marvin and
   lenny, backups of marvin archived in two disks (~120GB)
 * 2012-2017: mesh experiments with [[server/plastik]], [[server/roadkiller]]
 * 2011-2018: [[laptop/thinkpad-x120e]] (angela, 600$, 4GB RAM (2x2GB),
@@ -56,20 +56,25 @@ Here's the detailed history:
   2015|blog/2015-09-28-fun-with-batteries]], debian wheezy, jessie,
   then stretch. cause of death: screen cracked)
 * 2016-...: [[octavia]] (Turris Omnia router, [[server/roadkiller]] replacement)
-* 2017-...: Intel NUC desktop (curie, 750$, 16GB, Intel i3-6100U
+* 2017-2023: Intel NUC desktop (curie, 750$, 16GB, Intel i3-6100U
   2.3Ghz 4 threads, M.2 500GB disk,
   [installation report](https://wiki.debian.org/InstallingDebianOn/Intel/NUC6i3SYH#preview),
   debian stretch)
 * 2017?-2018: [[server/mafalda]] (Raspbery Pi, print server moved to
   [[server/plastik]])
-* (2012-2017) 2018-...: [[server/plastik]] (wifi router and print
+* (2012-2017) 2018-2020?: [[server/plastik]] (wifi router and print
   server in the office)
 * 2018: Thinkpad x201 (temporary angela, 0$ from micah, i5 m520, 8GB
   RAM (2x4GB), physically worn out: keys falling off, disk slot broken, drive
   taken from old angela the x120e, running stretch, 128GB Crucial M4 SSD)
-* 2018-...: Thinkad x220 (new [[angela]], 150$ refurb from Encan Depot,
+* 2018-2023: Thinkad x220 (new [[angela]], 150$ refurb from Encan Depot,
   8GB ram, running stretch, 512GB SSD)
 * 2019-...: Vero 4k+ ([[ursula]], home cinema service replacing a part of
   marcos, which is moved to the basement)
-* 2020-...: TP-Link AC1750 router ([[emma]]), may become
-  "standard" for cheap, not-quite-gigabit, wireless bridges
+* 2020-...: [[server/marcos]] hardware replacement, OS installed in 2010
+* 2020-2022: TP-Link AC1750 router ([[emma]]), wireless bridge
+* 2023-...: [[Framework 12|hardware/laptop/framework-12th-gen]] laptop
+  (new [[angela]])
+* 2023-...: Ubiquiti [Unifi AP 6 lite](https://store.ui.com/collections/unifi-network-access-points/products/unifi-ap-6-lite) wifi bridge ([[svetlana]])
+* 2024-...: Protectli router ([[margaret]]), Omnia router
+  ([[octavia]]) downgraded to wifi bridge

idea for router's disaster recovery
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 7bf6fc81..282aad03 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -247,4 +247,15 @@ CF reports:
  * 0% packet loss
  * [[full CSV|speed-results-1706020410.csv]]
 
+# Disaster recovery procedures
+
+We do not have an exact replica of the ProtectLI to recover the
+network in case of a hardware failure. Two options are possible:
+
+ * deploy the Omnia, rolling back to a previous snapshot from before
+   ~2024-01-23
+ * deploy `dal-rescue-02`, reinstalling it from scratch with the
+   `profile::router` Puppet class
+ * use any darn PC with two network cards with the above
+
 [[!tag node]]

downgrade octavia to a wifi bridge
The rationale is that it's going to go to the office, with a
SFP/optical link, as it's the only router I have with that
capability. A bit overkill, but it's a reliable box I can trust.
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 88fc6fac..7bf6fc81 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -157,7 +157,8 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
  1. DHCP assignments and configuration (dnsmasq) ✅
  1. recursive DNS (dnsmasq) ✅
  1. bufferbloat tests ✅
- 1. swap omnia and router
+ 1. swap omnia and router ✅ (see [[octavia]] for part of that
+    procedure)
  1. re-do bufferbloat tests
  1. reflexion and forward tests
  1. micah backup move
diff --git a/hardware/octavia.mdwn b/hardware/octavia.mdwn
index 4c688509..c07427aa 100644
--- a/hardware/octavia.mdwn
+++ b/hardware/octavia.mdwn
@@ -15,6 +15,34 @@ of race, sex, power".
 >
 > -- Octavia Butler
 
+Important note: this router is now a **wifi bridge** and most of the
+documentation below is not applicable anymore. It was replaced with
+[[margaret]].
+
+# Bridge mode
+
+To switch the router to bridge mode, I figured I would start from a
+clean state so I tried a "factory reset", but this brings me to the
+old Turris 3.x version, from which it is hard or impossible to upgrade
+anymore. At least I couldn't get through the install wizard and I
+would get weird errors when trying to update packages.
+
+I also tried to flash the firmware with [this procedure](https://docs.turris.cz/hw/omnia/rescue-modes/#re-flash-router), but that
+also led me to the old TurrisOS 3.x.
+
+I eventually reverted back to an earlier snapshot and made the
+following changes:
+
+ 1. removed a bunch of packages
+ 2. disabled the DHCP server on LAN
+ 3. turned LAN into a DHCP client
+ 4. assigned the MAC to an address on margaret
+ 5. connected it to the switch
+
+The management interface is still available on the LAN IP, but it
+needs to be known: it's currently hardcoded in DHCP but should be also
+visible in the router's DHCP leases. Automated upgrades should still
+be operational.
 
 Configuration of the Omnia router
 =================================

fizz ISP update
diff --git a/blog/2020-05-28-isp-upgrade.mdwn b/blog/2020-05-28-isp-upgrade.mdwn
index 77102343..5e4a441d 100644
--- a/blog/2020-05-28-isp-upgrade.mdwn
+++ b/blog/2020-05-28-isp-upgrade.mdwn
@@ -63,39 +63,11 @@ services, including business service if necessary:
  * [TSI](https://teksavvy.com) - `sales@teksavvy.com`
  * <del>[Ebox](https://ebox.ca) - `sales@ebox.ca`</del> [bought by Bell][] (!?)
  * [Beanfield/Openface](https://www.beanfield.com/residential/)
- * [oxio](https://oxio.ca) - `bonjour@oxio.ca`, added ~2 years later
+ * [oxio](https://oxio.ca) - `bonjour@oxio.ca`, added ~2 years later,
+   sold to Cogeco
 
 [bought by Bell]: https://www.ledevoir.com/economie/679263/bell-achete-son-rival-en-services-internet-ebox
 
-I have *not* contacted those providers:
-
- * Bell Canada: i have sworn, two decades ago, never to do business
-   with that company ever again. They have a near-monopoly on almost
-   all telcos in Canada and I want to give them as little money as
-   possible.
-
-   Update: ironically, I'm now considering Bell again, possibly
-   breaking my vow. It's quite unfortunate, but they are the only ones
-   offering fiber in the neighborhood and while they probably won't
-   allow me to run a server or anything, they have cut-throat prices
-   currently. Their [package page](https://www.bell.ca/Bell_Internet/Internet_access) actually varies by location, but
-   on the phone (1-866-558-0708 is the magic, undocumented number to
-   call, don't try their online chat, it's useless) they can qualify
-   your line (apparently) within 24-48h and call you back.
-
-   Prices were quoted as 3gbps symmetric at 65$/mth (normally
-   80$/mth), then 1, 1.5 or 2.5gbps at 60$/mth.
-
-   Update 2: turns out I don't have to break my vow after all. They
-   were *supposed* to call me back and (of course) didn't. When I
-   called back, they told me the line couldn't be qualified, so it
-   seems like Bell insists on offering crap old copper in a central
-   Montreal area in 2023.
-
- * Videotron: I know for a fact they do not allow servers on their
-   network, and their [IPv6 has been in beta](https://support.videotron.com/residential/internet/monitor-usage/ipv6) [for so long](http://web.archive.org/web/20110713003117/http://soutien.videotron.com/residentiel/internet/ipv6) it
-   has become somewhat of a joke now
-
 I might have forgotten some, let me know if you're in the area and
 have a good recommendation. I'll update this post with findings as
 they come in.
@@ -198,6 +170,42 @@ a look as well:
 
 Those have not been reviewed by myself in any shape or form.
 
+## Discarded
+
+ * Fizz seem like a cheap option! 400/50 for 60$/mth, ports *may* be
+   open, according to [this post](https://forum.fizz.ca/fr/discussion/comment/4174931/#Comment_4174931), [unclear](https://forum.fizz.ca/fr/discussion/2277426/serveur-prive-avec-fizz-internet), but a chat with
+   tech support clearly states they do not have a "business" class, no
+   static IP address
+
+I have *not* contacted those providers:
+
+ * Bell Canada: i have sworn, two decades ago, never to do business
+   with that company ever again. They have a near-monopoly on almost
+   all telcos in Canada and I want to give them as little money as
+   possible.
+
+   Update: ironically, I'm now considering Bell again, possibly
+   breaking my vow. It's quite unfortunate, but they are the only ones
+   offering fiber in the neighborhood and while they probably won't
+   allow me to run a server or anything, they have cut-throat prices
+   currently. Their [package page](https://www.bell.ca/Bell_Internet/Internet_access) actually varies by location, but
+   on the phone (1-866-558-0708 is the magic, undocumented number to
+   call, don't try their online chat, it's useless) they can qualify
+   your line (apparently) within 24-48h and call you back.
+
+   Prices were quoted as 3gbps symmetric at 65$/mth (normally
+   80$/mth), then 1, 1.5 or 2.5gbps at 60$/mth.
+
+   Update 2: turns out I don't have to break my vow after all. They
+   were *supposed* to call me back and (of course) didn't. When I
+   called back, they told me the line couldn't be qualified, so it
+   seems like Bell insists on offering crap old copper in a central
+   Montreal area in 2023.
+
+ * Videotron: I know for a fact they do not allow servers on their
+   network, and their [IPv6 has been in beta](https://support.videotron.com/residential/internet/monitor-usage/ipv6) [for so long](http://web.archive.org/web/20110713003117/http://soutien.videotron.com/residentiel/internet/ipv6) it
+   has become somewhat of a joke now
+
 ## Updates
 
 I had a nightmare time trying to convince bell to give me their sweet

soekris router archeology
diff --git a/hardware/server/roadkiller.mdwn b/hardware/server/roadkiller.mdwn
index 7b5065ca..fdc22a71 100644
--- a/hardware/server/roadkiller.mdwn
+++ b/hardware/server/roadkiller.mdwn
@@ -1,7 +1,526 @@
 Roadkiller was the Soekris net5501 router I used as my main gateway
-([[services/réseau]] et [[services/téléphone]]).
+between 2010 and 2016 ([[services/réseau]] et [[services/téléphone]]).
 
 Il a été mis à jour à FreeBSD 8.4-p12 (2014-06-06) et `pkgng`. Il
 n'est plus en service depuis l'installation de [[hardware/octavia]].
 
+10 ans plus tard (2024-01-24), le routeur a été démarré et il semble
+encore fonctionnel!
+
+    comBIOS ver. 1.33  20070103  Copyright (C) 2000-2007 Soekris Engineering.
+
+    net5501
+
+    0512 Mbyte Memory                        CPU Geode LX 500 Mhz 
+
+    Pri Mas  WDC WD800VE-00HDT0              LBA Xlt 1024-255-63  78 Gbyte
+
+    Slot   Vend Dev  ClassRev Cmd  Stat CL LT HT  Base1    Base2   Int 
+    -------------------------------------------------------------------
+    0:01:2 1022 2082 10100000 0006 0220 08 00 00 A0000000 00000000 10
+    0:06:0 1106 3053 02000096 0117 0210 08 40 00 0000E101 A0004000 11
+    0:07:0 1106 3053 02000096 0117 0210 08 40 00 0000E201 A0004100 05
+    0:08:0 1106 3053 02000096 0117 0210 08 40 00 0000E301 A0004200 09
+    0:09:0 1106 3053 02000096 0117 0210 08 40 00 0000E401 A0004300 12
+    0:20:0 1022 2090 06010003 0009 02A0 08 40 80 00006001 00006101 
+    0:20:2 1022 209A 01018001 0005 02A0 08 00 00 00000000 00000000 
+    0:21:0 1022 2094 0C031002 0006 0230 08 00 80 A0005000 00000000 15
+    0:21:1 1022 2095 0C032002 0006 0230 08 00 00 A0006000 00000000 15
+
+     4 Seconds to automatic boot.   Press Ctrl-P for entering Monitor.
+
+    �������������������������������������������
+     �                                         �
+     �                                         �      ______
+     �                                         �     |  ____| __ ___  ___ 
+     �          Welcome to FreeBSD!            �     | |__ | '__/ _ \/ _ \
+     �                                         �     |  __|| | |  __/  __/
+     �                                         �     | |   | | |    |    |
+     �  1. Boot FreeBSD [default]              �     |_|   |_|  \___|\___|
+     �  2. Boot FreeBSD with ACPI enabled      �      ____   _____ _____
+     �  3. Boot FreeBSD in Safe Mode           �     |  _ \ / ____|  __ \
+     �  4. Boot FreeBSD in single user mode    �     | |_) | (___ | |  | |
+     �  5. Boot FreeBSD with verbose logging   �     |  _ < \___ \| |  | |
+     �  6. Escape to loader prompt             �     | |_) |____) | |__| |
+     �  7. Reboot                              �     |     |      |      |
+     �                                         �     |____/|_____/|_____/
+     �                                         �
+     �                                         �
+     �                                         �
+     �  Select option, [Enter] for default     �
+     �  or [Space] to pause timer  5           �
+     �������������������������������������������
+
+
+    Copyright (c) 1992-2013 The FreeBSD Project.
+    Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
+            The Regents of the University of California. All rights reserved.
+    FreeBSD is a registered trademark of The FreeBSD Foundation.
+    FreeBSD 8.4-RELEASE-p12 #5: Fri Jun  6 02:43:23 EDT 2014
+        root@roadkiller.anarc.at:/usr/obj/usr/src/sys/ROADKILL i386
+    gcc version 4.2.2 20070831 prerelease [FreeBSD]
+    Timecounter "i8254" frequency 1193182 Hz quality 0
+    CPU: Geode(TM) Integrated Processor by AMD PCS (499.90-MHz 586-class CPU)
+      Origin = "AuthenticAMD"  Id = 0x5a2  Family = 5  Model = a  Stepping = 2
+      Features=0x88a93d<FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CLFLUSH,MMX>
+      AMD Features=0xc0400000<MMX+,3DNow!+,3DNow!>
+    real memory  = 536870912 (512 MB)
+    avail memory = 506445824 (482 MB)
+    kbd1 at kbdmux0
+    K6-family MTRR support enabled (2 registers)
+    ACPI Error: A valid RSDP was not found (20101013/tbxfroot-309)
+    ACPI: Table initialisation failed: AE_NOT_FOUND
+    ACPI: Try disabling either ACPI or apic support.
+    cryptosoft0: <software crypto> on motherboard
+    pcib0 pcibus 0 on motherboard
+    pci0: <PCI bus> on pcib0
+    Geode LX: Soekris net5501 comBIOS ver. 1.33 20070103 Copyright (C) 2000-2007
+    pci0: <encrypt/decrypt, entertainment crypto> at device 1.2 (no driver attached)
+    vr0: <VIA VT6105M Rhine III 10/100BaseTX> port 0xe100-0xe1ff mem 0xa0004000-0xa00040ff irq 11 at device 6.0 on pci0
+    vr0: Quirks: 0x2
+    vr0: Revision: 0x96
+    miibus0: <MII bus> on vr0
+    ukphy0: <Generic IEEE 802.3u media interface> PHY 1 on miibus0
+    ukphy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
+    vr0: Ethernet address: 00:00:24:cc:93:44
+    vr0: [ITHREAD]
+    vr1: <VIA VT6105M Rhine III 10/100BaseTX> port 0xe200-0xe2ff mem 0xa0004100-0xa00041ff irq 5 at device 7.0 on pci0
+    vr1: Quirks: 0x2
+    vr1: Revision: 0x96
+    miibus1: <MII bus> on vr1
+    ukphy1: <Generic IEEE 802.3u media interface> PHY 1 on miibus1
+    ukphy1:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
+    vr1: Ethernet address: 00:00:24:cc:93:45
+    vr1: [ITHREAD]
+    vr2: <VIA VT6105M Rhine III 10/100BaseTX> port 0xe300-0xe3ff mem 0xa0004200-0xa00042ff irq 9 at device 8.0 on pci0
+    vr2: Quirks: 0x2
+    vr2: Revision: 0x96
+    miibus2: <MII bus> on vr2
+    ukphy2: <Generic IEEE 802.3u media interface> PHY 1 on miibus2
+    ukphy2:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
+    vr2: Ethernet address: 00:00:24:cc:93:46
+    vr2: [ITHREAD]
+    vr3: <VIA VT6105M Rhine III 10/100BaseTX> port 0xe400-0xe4ff mem 0xa0004300-0xa00043ff irq 12 at device 9.0 on pci0
+    vr3: Quirks: 0x2
+    vr3: Revision: 0x96
+    miibus3: <MII bus> on vr3
+    ukphy3: <Generic IEEE 802.3u media interface> PHY 1 on miibus3
+    ukphy3:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
+    vr3: Ethernet address: 00:00:24:cc:93:47
+    vr3: [ITHREAD]
+    isab0: <PCI-ISA bridge> at device 20.0 on pci0
+    isa0: <ISA bus> on isab0
+    atapci0: <AMD CS5536 UDMA100 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xe000-0xe00f at device 20.2 on pci0
+    ata0: <ATA channel> at channel 0 on atapci0
+    ata0: [ITHREAD]
+    ata1: <ATA channel> at channel 1 on atapci0
+    ata1: [ITHREAD]
+    ohci0: <OHCI (generic) USB controller> mem 0xa0005000-0xa0005fff irq 15 at device 21.0 on pci0
+    ohci0: [ITHREAD]
+    usbus0 on ohci0
+    ehci0: <AMD CS5536 (Geode) USB 2.0 controller> mem 0xa0006000-0xa0006fff irq 15 at device 21.1 on pci0
+    ehci0: [ITHREAD]
+    usbus1: EHCI version 1.0
+    usbus1 on ehci0
+    cpu0 on motherboard
+    pmtimer0 on isa0
+    orm0: <ISA Option ROM> at iomem 0xc8000-0xd27ff pnpid ORM0000 on isa0
+    atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
+    atkbd0: <AT Keyboard> irq 1 on atkbdc0
+    kbd0 at atkbd0
+    atkbd0: [GIANT-LOCKED]
+    atkbd0: [ITHREAD]
+    atrtc0: <AT Real Time Clock> at port 0x70 irq 8 on isa0
+    ppc0: parallel port not found.
+    uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
+    uart0: [FILTER]
+    uart0: console (19200,n,8,1)
+    uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
+    uart1: [FILTER]
+    Timecounter "TSC" frequency 499903982 Hz quality 800
+    Timecounters tick every 1.000 msec
+    IPsec: Initialized Security Association Processing.
+    usbus0: 12Mbps Full Speed USB v1.0
+    usbus1: 480Mbps High Speed USB v2.0
+    ad0: 76319MB <WDC WD800VE-00HDT0 09.07D09> at ata0-master UDMA100 
+    ugen0.1: <AMD> at usbus0
+    uhub0: <AMD OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
+    ugen1.1: <AMD> at usbus1
+    uhub1: <AMD EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
+    GEOM: ad0s1: geometry does not match label (255h,63s != 16h,63s).
+    uhub0: 4 ports with 4 removable, self powered
+    Root mount waiting for: usbus1
+    Root mount waiting for: usbus1
+    uhub1: 4 ports with 4 removable, self powered
+    Trying to mount root from ufs:/dev/ad0s1a
+
+The last log rotation is from 2016:
+
+    [root@roadkiller /var/log]# stat /var/log/wtmp      
+    65 61783 -rw-r--r-- 1 root wheel 208219 1056 "Nov  1 05:00:01 2016" "Jan 18 22:29:16 2017" "Jan 18 22:29:16 2017" "Nov  1 05:00:01 2016" 16384 4 0 /var/log/wtmp
+
+Interestingly, we switched between eicat and teksavvy on December
+11th. Which year? Who knows!
+
+    Dec 11 16:38:40 roadkiller mpd: [eicatL0] LCP: authorization successful
+    Dec 11 16:41:15 roadkiller mpd: [teksavvyL0] LCP: authorization successful
+
+Maybe 2015, because the log dates from 2017, and the last entry is
+from November of the year after the above:
+
+    [root@roadkiller /var/log]# stat mpd.log 
+    65 47113 -rw-r--r-- 1 root wheel 193008 71939195 "Jan 18 22:39:18 2017" "Jan 18 22:39:59 2017" "Jan 18 22:39:59 2017" "Apr  2 10:41:37 2013" 16384 140640 0 mpd.log
+
+It looks like the system was installed in 2010:
+
+    [root@roadkiller /var/log]# stat /
+    63 2 drwxr-xr-x 21 root wheel 2120 512 "Jan 18 22:34:43 2017" "Jan 18 22:28:12 2017" "Jan 18 22:28:12 2017" "Jul 18 22:25:00 2010" 16384 4 0 /
+
+... so it lived for about 6 years, but still works after almost *14
+years*, which I find utterly amazing.
+
+Another amazing thing is that there's tuptime installed on that
+server! That is a software I *thought* I discovered later and then
+sponsored in Debian, but turns out I was already using it then!
+
+    [root@roadkiller /var]# tuptime 
+    System startups:        19   since   21:20:16 11/07/15
+    System shutdowns:       0 ok   -   18 bad
+    System uptime:          85.93 %   -   1 year, 11 days, 10 hours, 3 minutes and 36 seconds
+    System downtime:        14.07 %   -   61 days, 15 hours, 22 minutes and 45 seconds
+    System life:            1 year, 73 days, 1 hour, 26 minutes and 20 seconds
+
+    Largest uptime:         122 days, 9 hours, 17 minutes and 6 seconds   from   08:17:56 02/02/16
+    Shortest uptime:        5 minutes and 4 seconds   from   21:55:00 01/18/17

(Diff truncated)
bufferbloat tests, seem okay
diff --git a/hardware/margaret.md b/hardware/margaret.md
index b4679b44..88fc6fac 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -151,15 +151,20 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
 # Remaining work
 
  1. puppet bootstrap ✅
- 2. systemd-networkd ✅
- 3. dump fw rules on belleville ✅ and omnia ✅
- 4. firewall with nftables (forwarding and NAT) ✅ missing a few
- 5. DHCP assignments and configuration (dnsmasq) ✅
- 6. recursive DNS (dnsmasq) ✅
- 5. swap omnia and router
- 6. monitoring
- 7. bufferbloat tests
- 8. mail relay
+ 1. systemd-networkd ✅
+ 1. dump fw rules on belleville ✅ and omnia ✅
+ 1. firewall with nftables (forwarding and NAT) ✅ missing a few
+ 1. DHCP assignments and configuration (dnsmasq) ✅
+ 1. recursive DNS (dnsmasq) ✅
+ 1. bufferbloat tests ✅
+ 1. swap omnia and router
+ 1. re-do bufferbloat tests
+ 1. reflexion and forward tests
+ 1. micah backup move
+ 1. APU move
+ 1. marcos move
+ 1. monitoring
+ 1. mail relay
 
 # Tests to run
 
@@ -191,7 +196,7 @@ noticed during later use.
 
 [Webbloatscore]: https://www.webbloatscore.com
 
-## bufferbloat tests
+## flent bufferbloat tests
 
 OpenWRT has [this guide to configure SQM to fight bufferbloat](https://wiki.openwrt.org/doc/howto/sqm).
 
@@ -221,4 +226,24 @@ Installing it on the pristine router yields:
 
 And that doesn't include `netperf`.
 
+## octavia bufferbloat tests
+
+CF reports:
+
+ * Bandwidth: 133mbps/22.2mbps
+ * Latency: 20.5ms (loaded: 34.5ms/53.5ms)
+ * Jitter: 4.32ms (loaded: 17.9ms/11.2ms)
+ * 0% packet loss
+ * [[full CSV|speed-results-1706020222.csv]]
+
+## with margaret in front
+
+CF reports:
+
+ * Bandwidth: 131mbps/61.2mbps
+ * Latency: 21ms (loaded: 40.5ms/56.5ms)
+ * Jitter: 2.58ms (loaded: 14.4ms/5.53ms)
+ * 0% packet loss
+ * [[full CSV|speed-results-1706020410.csv]]
+
 [[!tag node]]
diff --git a/hardware/margaret/speed-results-1706020222.csv b/hardware/margaret/speed-results-1706020222.csv
new file mode 100644
index 00000000..64c73cb2
--- /dev/null
+++ b/hardware/margaret/speed-results-1706020222.csv
@@ -0,0 +1,47 @@
+time,direction,bytes,latency,bps,duration,serverTime,responseSize,loadedLatencies
+1706020149506,download,100000,28.000044000000003,14990358.156004464,54.000044,95.999956,101185,
+1706020153917,download,100000,19.999951999999993,32380542.17064098,24.999951999999993,75.000048,101189,
+1706020154065,download,100000,21.000148999999993,18825795.23154676,43.00014899999999,80.999851,101189,22.000244000000002
+1706020154185,download,100000,19.000220999999996,33729356.07551281,24.000220999999996,81.999779,101189,
+1706020154334,download,100000,21.99996,28910041.300059,27.99996,108.00004,101185,
+1706020154475,download,100000,25.999868000000006,26114433.777588982,30.999868000000006,87.000132,101193,
+1706020154580,download,100000,17.000056999999998,33730586.5565236,24.000056999999998,59.999943,101192,25.000212000000005
+1706020154701,download,100000,22.000139000000004,29982364.164865963,27.000139000000004,70.999861,101191,
+1706020154820,download,100000,21.000096999999997,31133114.618764695,26.000096999999997,76.999903,101183,
+1706020154934,download,100000,22.000253999999998,29979273.5283157,27.000253999999998,65.999746,101181,
+1706020155197,download,1000000,18.999992000000006,97699326.60481234,81.999992,92.000008,1001418,
+1706020155406,download,1000000,17.000128000000004,105418138.24313559,76.000128,83.999872,1001474,30.000235000000004
+1706020155608,download,1000000,20.000231,101410235.11690743,79.000231,91.999769,1001429,
+1706020155807,download,1000000,23.000212000000005,96522355.8706091,83.000212,71.999788,1001422,
+1706020156017,download,1000000,18.000052999999994,104042941.37304035,77.000053,105.999947,1001414,24.000109000000002
+1706020156240,download,1000000,20.000105000000005,101410396.85959911,79.000105,109.999895,1001429,
+1706020156429,download,1000000,20.999899,102709056.07198286,77.999899,94.000101,1001412,23.000048
+1706020156635,download,1000000,22.999992000000006,86144437.51780108,92.999992,92.000008,1001429,
+1706020156804,upload,100000,49.999868000000006,5868613.13868613,137,87.000132,951,
+1706020156988,upload,100000,30.000024999999994,7584905.660377357,106,75.999975,955,21.999877999999995
+1706020157083,upload,100000,30.000141,10307692.307692306,78,47.999859,952,
+1706020157177,upload,100000,30.000162000000003,10719999.999999998,75,44.999838,958,
+1706020157305,upload,100000,29.000096999999997,7584905.660377357,106,76.999903,948,
+1706020157397,upload,100000,23.999954000000002,10578947.368421052,76,52.000046,948,
+1706020157564,upload,100000,28.000165999999993,5289473.684210526,152,123.999834,956,26.999848999999998
+1706020157681,upload,100000,28.999954000000002,9925925.925925924,81,52.000046,949,
+1706020172747,upload,1000000,43.000226999999995,18654292.34338747,431,387.999773,959,19.999903000000003
+1706020173284,upload,1000000,35.999933,17253218.88412017,466,430.000067,951,16.000015000000005
+1706020173753,upload,1000000,30.999949000000015,19999999.999999996,402,371.000051,949,20.000118
+1706020174200,upload,1000000,27.999915999999985,19373493.97590361,415,387.000084,949,25.000120000000003
+1706020174645,upload,1000000,30.000135,20251889.16876574,397,366.999865,951,
+1706020175134,upload,1000000,27.999989000000028,19326923.076923076,416,388.000011,947,41.000202
+1706020175894,download,10000000,18.000052999999994,131196972.2074762,610.000053,105.999947,10003770,35.000151
+1706020176700,download,10000000,17.99995,130982609.73671111,610.99995,98.00005,10003796,27.000118
+1706020177429,download,10000000,18.000004000000004,130768195.22373728,612.000004,78.999996,10003767,21.000244000000002 34.000214
+1706020178186,download,10000000,19.000073999999998,130768310.98553102,612.000074,102.999926,10003777,63.00013
+1706020178928,download,10000000,20.000095,130554433.27459843,613.000095,99.999905,10003735,43.000139000000004
+1706020179676,download,10000000,30.000107,127843530.86380543,626.000107,86.999893,10003758,19.000118 43.999861
+1706020183430,upload,10000000,40.99997100000019,22112211.22112211,3636,3595.000029,948,19.000023000000056 44.00013 45.000181 50.000202 49.000193 51.999903
+1706020187257,upload,10000000,27.000191000000086,22320932.81510272,3602,3574.999809,953,55.000109 62.999776999999995 58.999943 61.000006 66.999943 73.000193 75.999903
+1706020191016,upload,10000000,29.00011399999994,22033433.817484237,3649,3619.999886,954,70.999859 77.000067 96.999975
+1706020194723,upload,10000000,27.99995200000012,22314737.718567856,3603,3575.000048,958,25.000275000000002
+1706020196396,download,25000000,20.000148999999993,133107739.29936583,1503.000149,80.999851,25007619,
+1706020198032,download,25000000,20.000212000000005,133196183.59681031,1502.000212,71.999788,25007587,
+1706020199667,download,25000000,19.000045999999998,133196555.17507221,1502.000046,72.999954,25007654,
+1706020201305,download,25000000,19.000096999999997,133196007.37682243,1502.000097,76.999903,25007552,
\ No newline at end of file
diff --git a/hardware/margaret/speed-results-1706020410.csv b/hardware/margaret/speed-results-1706020410.csv
new file mode 100644
index 00000000..cca4315e
--- /dev/null
+++ b/hardware/margaret/speed-results-1706020410.csv
@@ -0,0 +1,47 @@
+time,direction,bytes,latency,bps,duration,serverTime,responseSize,loadedLatencies
+1706020347396,download,100000,18.000036,17598247.097024012,46.000036,62.999964,101190,
+1706020350126,download,100000,19.000045999999998,33726935.35670724,24.000045999999998,72.999954,101181,33.9998 22.000162000000003 19.000017 21.000101 20.999933
+1706020350251,download,100000,27.000088000000005,17988053.712250516,45.000088000000005,66.999912,101183,20.000147
+1706020350404,download,100000,21.000159999999994,31138885.299167395,26.000159999999994,67.99984,101202,
+1706020350535,download,100000,29.000015000000005,22485323.964448348,36.000015000000005,65.999985,101184,26.000235000000004
+1706020350633,download,100000,19.000056999999998,32380406.172673926,25.000056999999998,59.999943,101189,
+1706020350753,download,100000,22.000036,27913068.79756977,29.000036,62.999964,101185,
+1706020350866,download,100000,20.000159999999994,32379952.76830229,25.000159999999994,67.99984,101188,20.00013
+1706020351015,download,100000,20.000147,32380929.600133955,25.000147,103.999853,101191,
+1706020351149,download,100000,23.999921999999998,27914281.97634463,28.999921999999998,68.000078,101189,19.000209999999996 0.01 28.000048 21.000069000000003 21.00009 30.999816999999993 20.000048 28.999986999999997 20.000203999999997 28.000162000000003 23.000027000000003 22.000099 25.999872000000003 24.000017 19.00009 21.999996000000003 21.000069000000003 19.000232999999994 24.000099 21.999933 28.000223 22.999851 26.999944999999997 23.999943000000002 24.000120000000003 28.000048 74.000006 69.99999600000001 51.000099 60.000006 50.000141 53.00012 41.99984 20.99987 47.000048 50.000109 25.999903000000003 59.00009 42.999931000000004 37.000036 37.000099 37.99984 46.999882 19.000099 47.000202 53.000181 36.000172 43.999933 48.00013 53.999908000000005 53.000027 55.000069 56.000141 57.000153 59.000078 65.999964 51.000172 65.000265 64.000118 70.00012000000001 52.000159999999994 57.000038 66.000036 49.000006 46.000078 47.999872 28.999966 46.999994 33.000183 43.000057 64.00012000000001 60.999786 45.000132 65.000025 57.000193 56.000162 32.999996 18.999912000000002 26.000038000000004 22.999933
+1706020351355,download,1000000,26.000116000000006,95372915.91359231,84.000116,96.999884,1001417,
+1706020351524,download,1000000,23.000045999999998,100141542.41861312,80.000046,72.999954,1001416,29.000056999999998
+1706020351701,download,1000000,28.000159999999994,92084336.39662273,87.00016,67.99984,1001419,
+1706020351855,download,1000000,19.000202,104045025.75201036,77.000202,61.999798,1001436,
+1706020352034,download,1000000,19.000096999999997,102708795.34931862,78.000097,76.999903,1001412,
+1706020352236,download,1000000,27.999941000000007,93154668.5595982,85.999941,88.000059,1001412,24.000036
+1706020352416,download,1000000,20.999888999999996,101411990.5915311,78.999889,84.000111,1001442,
+1706020352603,download,1000000,20.999931000000004,102709424.1916701,77.999931,78.000069,1001416,
+1706020352750,upload,100000,41.000305,7243243.243243242,111,69.999695,953,
+1706020352866,upload,100000,30.000172,9458823.529411763,85,54.999828,955,20.999975
+1706020353024,upload,100000,43.999912,7882352.94117647,102,58.000088,955,
+1706020353122,upload,100000,29.000038000000004,11652173.913043475,69,39.999962,952,
+1706020353263,upload,100000,30.000078000000002,9241379.310344826,87,56.999922,953,
+1706020353381,upload,100000,26.000162000000003,11323943.66197183,71,44.999838,957,
+1706020353480,upload,100000,28.000017,11323943.66197183,71,42.999983,956,19.000006
+1706020353580,upload,100000,27.000110999999997,11823529.411764704,68,40.999889,957,
+1706020379482,upload,1000000,43.999926000000016,18231292.5170068,441,397.000074,962,22.99984
+1706020379928,upload,1000000,30.000042000000008,20150375.93984962,399,368.999958,950,
+1706020380347,upload,1000000,0.01,93488372.09302326,86,355.000019,957,57.999924
+1706020380863,upload,1000000,41.000046,16441717.791411042,489,447.999954,947,20.000006
+1706020381289,upload,1000000,0.01,60909090.9090909,132,360.999823,950,69.00010900000001
+1706020381714,upload,1000000,0.01,61846153.84615384,130,364.000082,956,53.000069
+1706020382454,download,10000000,20.000076000000007,130554737.48424134,613.000076,79.999924,10003758,68.000286
+1706020383163,download,10000000,19.999943000000002,130768469.69575615,611.999943,65.000057,10003787,31.000012999999996
+1706020383885,download,10000000,19.000067,130768037.97147298,612.000067,69.999933,10003756,24.000203999999997 51.999924
+1706020384647,download,10000000,24.000109000000002,119626144.93385682,669.000109,63.999891,10003738,29.000099
+1706020385370,download,10000000,19.000096999999997,130554994.0231086,613.000097,76.999903,10003778,30.999985000000002
+1706020386087,download,10000000,20.999994,130554115.47035022,612.999994,69.000006,10003709,39.000069 54.000078
+1706020389859,upload,10000000,38.99990799999978,22069722.75597035,3643,3604.000092,948,29.000276999999997 56.999779 41.999975 34.00009 38.000088000000005 40.000265 45.000036
+1706020393584,upload,10000000,30.99995200000012,22296173.04492512,3606,3575.000048,960,19.000069000000003 49.000048 52.000027 54.999996 46.000027 51.00007600000001 49.999954
+1706020397295,upload,10000000,28.999879999999848,22314737.718567856,3603,3574.00012,957,52.000151 56.000001999999995 51.999954 58.000027 59.000057 60.000151 61.999851
+1706020401032,upload,10000000,30.000148999999965,22265300.47078371,3611,3580.999851,953,65.999954 69.99999600000001 63.000027 66.999975 56.999924 62.00009300000001
+1706020402792,download,25000000,19.999868000000006,126062639.3448446,1586.999868,87.000132,25007674,23.00009 30.00009 41.000204
+1706020404734,download,25000000,22.000076000000007,111953512.86599497,1787.000076,79.999924,25007617,25.000256 43.000017 43.999945 42.999849
+1706020406375,download,25000000,19.000263000000004,133196503.9742473,1502.000263,75.999737,25007648,54.999880000000005 66.000204 49.000048
+1706020408012,download,25000000,19.000232999999994,132843081.70488842,1506.000233,68.999767,25007714,40.000298 62.000256 28.000038000000004
\ No newline at end of file

progress
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 301ff842..b4679b44 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -150,12 +150,12 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
 
 # Remaining work
 
- 1. puppet bootstrap (./)
- 2. systemd-networkd (./)
- 3. dump fw rules on belleville (./) and omnia
- 4. firewall (nftables)
- 5. DHCP assignments and configuration (dnsmasq) (./) - missing omnia rules
- 6. recursive DNS (dnsmasq) (./) - missing DNSSEC
+ 1. puppet bootstrap ✅
+ 2. systemd-networkd ✅
+ 3. dump fw rules on belleville ✅ and omnia ✅
+ 4. firewall with nftables (forwarding and NAT) ✅ missing a few
+ 5. DHCP assignments and configuration (dnsmasq) ✅
+ 6. recursive DNS (dnsmasq) ✅
  5. swap omnia and router
  6. monitoring
  7. bufferbloat tests

router setup progress
diff --git a/hardware/margaret.md b/hardware/margaret.md
index 944473d7..301ff842 100644
--- a/hardware/margaret.md
+++ b/hardware/margaret.md
@@ -150,14 +150,16 @@ commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/co
 
 # Remaining work
 
- 1. puppet bootstrap
- 2. systemd-networkd
- 3. dump fw rules on omnia, office
- 4. firewall (nftables + puppet?)
- 4. DHCP assignments and configuration
+ 1. puppet bootstrap (./)
+ 2. systemd-networkd (./)
+ 3. dump fw rules on belleville (./) and omnia
+ 4. firewall (nftables)
+ 5. DHCP assignments and configuration (dnsmasq) (./) - missing omnia rules
+ 6. recursive DNS (dnsmasq) (./) - missing DNSSEC
  5. swap omnia and router
  6. monitoring
  7. bufferbloat tests
+ 8. mail relay
 
 # Tests to run
 

another compositor found
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index fa507f03..1dd63967 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -187,6 +187,7 @@ Other options include:
  * [river][]: Zig, stackable, tagging, not in Debian  ([1006593][])
  * [velox][]: inspired by xmonad and dwm, not in Debian
  * [vivarium][]: inspired by xmonad, not in Debian
+ * [wlmaker][]: inspired by Window Maker, not in Debian
 
 [Sway]: http://swaywm.org/
 [i3 window manager]: https://i3wm.org/
@@ -206,6 +207,7 @@ Other options include:
 [vivarium]: https://github.com/inclement/vivarium
 [hikari]: https://hikari.acmelabs.space/
 [1040971]: https://bugs.debian.org/1040971
+[wlmaker]: https://github.com/phkaeser/wlmaker
 
 ## Status bar: py3status → waybar
 

got a new monitor
diff --git a/hardware/monitor.mdwn b/hardware/monitor.mdwn
index 5f6ad11c..49fe9540 100644
--- a/hardware/monitor.mdwn
+++ b/hardware/monitor.mdwn
@@ -155,13 +155,12 @@ I somehow managed to collect a ridiculous pile of old monitors. Here's
 what works and doesn't, in descending order of (totally subjective)
 "quality":
 
-| Model                          | Resolution     | Size  | Contrast | Lat   | Connectors                                                    | Notes                        | Status    |
-|--------------------------------|----------------|-------|----------|-------|---------------------------------------------------------------|------------------------------|-----------|
-| [Dell U2723QE][]               | 3840x2160@60Hz | 27"   | 2000:1   | 5-8ms | HDMI DP DP-out 2xUSB-C up 90W 2xUSB-C 5x USB-A line-out RJ-45 | shiny                        | angela    |
-| [LG Flatron Wide L204WTX-SF][] | 1680x1050@60Hz | 20"   | 2000:1   | 5ms   | VGA DVI                                                       | looks great, one dead pixel  | angela |
-| [Acer P186HV][]                | 1366x768@60Hz  | 18.5" | 5000:1   | 5ms   | VGA                                                           | display looks dusty          | simon     |
-| [Dell 1704FPvt][]              | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | marcos    |
-| [Dell 1704FPvt][]              | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | curie     |
+| Model              | Resolution     | Size  | Contrast | Lat   | Connectors                                                    | Notes                        | Status |
+|--------------------|----------------|-------|----------|-------|---------------------------------------------------------------|------------------------------|--------|
+| 2x[Dell U2723QE][] | 3840x2160@60Hz | 27"   | 2000:1   | 5-8ms | HDMI DP DP-out 2xUSB-C up 90W 2xUSB-C 5x USB-A line-out RJ-45 | shiny                        | angela |
+| [Acer P186HV][]    | 1366x768@60Hz  | 18.5" | 5000:1   | 5ms   | VGA                                                           | display looks dusty          | simon  |
+| [Dell 1704FPvt][]  | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | marcos |
+| [Dell 1704FPvt][]  | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | curie  |
 
 A note on the Dell 1704FPvt monitors: they can't be used for
 desktops. Their design resolution is 1280x1024 which is a little low,
@@ -239,8 +238,9 @@ Those monitors have problems and will be scrapped eventually:
 | Model                          | Resolution     | Size | Contrast | Lat   | Connectors           | Notes                              | Status    |
 |--------------------------------|----------------|------|----------|-------|----------------------|------------------------------------|-----------|
 | [HP L2245wg][]                 | 1680x1050@60Hz | 22"  | 1000:1   | 5ms   | VGA DVI 2xUSB        | LCD TN Film, rotating, 45-65W      | simon     |
-| [Dell S2721QS][]               | 3840x2160@60Hz | 27"  | 1000:1   | 4-8ms | HDMI DP 1.2 line-out | returned                           | ex-angela    |
+| [Dell S2721QS][]               | 3840x2160@60Hz | 27"  | 1000:1   | 4-8ms | HDMI DP 1.2 line-out | returned                           | ex-angela |
 | [Dell 2208WFP][]               | 1680x1050@?Hz  | 22"  | 1000:1   | 5ms   | VGA DVI 2xUSB        | looks organge-y, 20$ from recyborg | ex-angela |
+| [LG Flatron Wide L204WTX-SF][] | 1680x1050@60Hz | 20"  | 2000:1   | 5ms   | VGA DVI              | looks great, one dead pixel        | ex-angela    |
 
 The HP was retired because it was getting finicky: it would "short"
 and blank out, get all "fuzzy" and weird. The new monitor (the [LG

another file monitoring tool
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index f4c924fe..0e8b768b 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -147,6 +147,18 @@ https://github.com/tinkershack/fluffy
  * used by `cargo watch`, [watchexec](https://github.com/watchexec/watchexec) ([RFP](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946546)), and Python's
    [watchfiles](https://watchfiles.helpmanual.io/) which features a [CLI tool](https://watchfiles.helpmanual.io/cli/)
 
+## peat
+
+<https://github.com/sjl/peat>
+
+ * 2012-2016
+ * Python
+ * GPL-3
+ * Not in Debian
+ * relatively short Python script
+ * runs a command when files changed, specified on stdin
+
+
 ## systemd .path units
 
 <https://www.freedesktop.org/software/systemd/man/systemd.path.html>

documentation on new router
diff --git a/hardware/margaret.md b/hardware/margaret.md
new file mode 100644
index 00000000..944473d7
--- /dev/null
+++ b/hardware/margaret.md
@@ -0,0 +1,222 @@
+Margaret is the name of my new core router in the home lab. It is
+named after:
+
+> [Margaret Elaine Hamilton](https://en.wikipedia.org/wiki/Margaret_Hamilton_(software_engineer)) (née Heafield; born August 17, 1936)
+> is an American computer scientist, systems engineer, and business
+> owner. She was director of the Software Engineering Division of the
+> MIT Instrumentation Laboratory, which developed on-board flight
+> software for NASA's Apollo program. She later founded two software
+> companies—Higher Order Software in 1976 and Hamilton Technologies in
+> 1986, both in Cambridge, Massachusetts.
+>
+> Hamilton has published more than 130 papers, proceedings, and
+> reports, about sixty projects, and six major programs. She invented
+> the term "software engineering". -- [Wikipedia](https://en.wikipedia.org/wiki/Margaret_Hamilton_(software_engineer))
+
+Hamilton wrote the software that landed men on the moon, yet no woman
+has yet to have that privilege.
+
+> I began to use the term 'software engineering' to distinguish it
+> from hardware and other kinds of engineering, yet treat each type of
+> engineering as part of the overall systems engineering process. --
+> Margaret Hamilton
+
+# Specifications
+
+The machine is currently implemented using a [Protectli FW2B](https://ca.protectli.com/product/fw2b/) with
+the following specifications:
+
+ * Processor: Intel J3060 (64 Bit, 1.6 GHz, Turbo 2.48 GHz, 2MB L2 Cache)
+ * Processor Cores: 2
+ * Network: 2x Intel 1G Ethernet, RJ-45
+ * Graphics: Intel Clear Video HD, 2x HDMI 1.4
+ * Audio: HDMI, 1x 3.5mm Audio Jack
+ * Memory: 1x SO-DIMM DDR3L-1600, 1.35v, 8GB (max)
+ * Storage: 1x mSATA (Protectli 64GB SSD)
+ * Optional Storage: 1x Internal SATA 3.0 (unused)
+ * 2x USB 3.0 Type A, 4x USB 2.0 Type A
+ * 2x HDMI
+ * 2x WiFi/LTE Antenna Mounting Holes
+ * 1x 12V DC Power Jack
+ * 1x Full Height mPCIe (USB/PCIe 2.0) for WiFi or LTE
+ * 1x USB 2.0 Header
+ * 1x CMOS Reset (2 pin)
+ * 1x CPU Fan Header (4 pin)
+ * 1x Front Panel Header (9 pin)
+ * BIOS: coreboot v4.9.0.3, SeaBIOS 0.4-0-g5137b91
+ * Indicators: 1x LED Power Button (Blue), 1x LED Power Indicator (Green), 1x LED Disk Activity Indicator (Red), 1x LED Disk Activity Indicator (Yellow)
+ * Power Usage: Max 16W
+ * Chassis: Fanless, Aluminum, Black, 4.5 x 4.3 x 1.5 in, 115 x 107.5 x 39 mm
+ * Mounting Options: Desktop, VESA Bracket, Optional 1RU Rack Mount
+ * Weight: 1.1 lbs, .50 Kg
+ * Operating Temperature: +14° - +122° F, -10° - +50° C
+ * Operating Humidity: 0 – 95% relative humidity, non-condensing
+ * Approvals: UL (Power Supply), FCC Part 15 Class B, CE, RoHS
+ * Country of Origin: Made in China, Assembled in USA
+
+It's basically a small black box with two network ports, 8GB of RAM,
+64GB of storage, and that's it.
+
+# Bootstrapping
+
+To boot from the USB stick, I stuck a cable in the serial console port
+with a DB9 to USB-A adapter, then booted the machine. I got served
+with the prompt, which looked like this after pressing <kbd>F11</kbd>:
+
+    SeaBIOS (version v1.0.4-0-g5137b91)
+    coreboot version v4.9.0.3
+    Press F11 key for boot menu
+    Select boot device:
+
+    1. AHCI/0: Protectli 64GB mSATA ATA-11 Hard-Disk (61057 MiBytes)
+
+That is: I didn't see the USB stick. Strangely, moving it to the
+*bottom* USB port then worked, after rebooting:
+
+    SeaBIOS (version v1.0.4-0-g5137b91)
+    coreboot version v4.9.0.3
+    Press F11 key for boot menu
+    Select boot device:
+
+    1. AHCI/0: Protectli 64GB mSATA ATA-11 Hard-Disk (61057 MiBytes)
+    2. USB MSC Drive Kingston DataTraveler 3.0
+
+    Booting from Hard Disk...
+
+    ISOLINUX 6.04 20200816 EHDD Copyright (C) 1994-2015 H. Peter Anvin et al
+
+But then I was stuck at that prompt. grml, or more exactly ISOLINUX,
+somehow didn't manage to display its terminal properly. I could see
+the cursor moving, but it would just display a blank screen.
+
+The [grml cheatcodes](https://grml.org/cheatcodes/) say you should
+just be able to type `serial` then <kbd>ENTER</kbd> but that didn't
+work in my tests. I had to type <kbd>TAB</kbd> then <kbd>SPACE</kbd>
+then `console=ttyS0,115200n8` to get the serial console to work.
+
+Obviously, the machine also ships with HDMI and USB, so I could have
+used a monitor instead, but I wanted to test the serial console... Not
+sure if this is a bug in the serial console or the (coreboot) BIOS.
+
+# Installation
+
+For installation, I'm reusing the installer I built for Tor, from the
+[fabric-tasks](https://gitlab.torproject.org/tpo/tpa/fabric-tasks) repository.
+
+I first configure the network over DHCP with:
+
+    netcardconfig
+
+that could have simply been:
+
+    killall dhclient ; dhclient -d eth0 &
+
+... as well.
+
+Then I set my SSH key:
+
+    cat > ~/.ssh/authorized_keys
+    service ssh restart
+
+... and dump the host keys for Fabric to use after:
+
+    for key in /etc/ssh/ssh_host_*_key; do
+        ssh-keygen -E md5 -l -f $key
+    done
+
+There's a bug in the installer that doesn't use the right format
+anymore, so we need to remove some colons, the magic incantation is
+now:
+
+    ./install -H root@192.168.0.221 \
+              --fingerprint b41e:db22:5576:2168:e694:bb59:6934:cad2 \
+              hetzner-robot \
+              --fqdn=margaret.torproject.org \
+              --fai-disk-config=installer/disk-config/single-disk-plaintext \
+              --package-list=installer/packages \
+              --post-scripts-dir=installer/post-scripts/ \
+              --ipv4-address 192.168.0.2 \
+              --ipv4-subnet 24 \
+              --ipv4-gateway 192.168.0.1
+
+The resulting SSH keys were:
+
+    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFAtMq1j+tznnC0Tlf3oYtlyY28yMELX7E0tVAyOHlvv+Wvr+1sGbHq3fHG+qBvzjcKZz+KJzqKlgfc+zfGl4d8= root@margaret
+    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILjhQGDtv+c8zOkdJe8OR5483QbZeA8jEaKS7PZKhnLS root@margaret
+    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCteIzijiRrq0P94WeZ8F0GS64u58zA+9Alpc9OfPbKST7oSjmml/u30bIJxDGuumVp9dbVqRcp54lK/DUHGBacJQdNy4kV0tacQbUr6F2LNXlZWgSafYoLaZdywi3hcTqjtNxl/j/8iIVp8xBk0dcXAOfaH9726dkaSZOUUBQoG6itsefW1kg0QIfVU5kNhvWkO9BSRvXjGNx/KmVzCK9vvRDrQsZSp41uRIJTS5sSd8UkT5/qsfbx3zyRMfqHZVAu50FV+P2IZVt3UN3Qxqys+oqmL6GB0GhT6kPAP65Ja2xPeexptjBE1ddOPi/YPKpM8NqrqlH8FGG/dIkTk4WqaT5kdD7j09GjUAD49HFtymxSy0JJZ4awTH9FE+mliOzqUqJJZub9cTtuICy4dxKcUFqpm3Wf5XtZl7YBIkJC/zEhE68JXXxxsRhUREECXL8/4ERLmTw2TnedoI5Pt58JUcVNoplo/pL27fx4OGF3bVFJZQSlLlmdNR/Xd+ElrXs= root@margaret
+
+This required a *lot* of changes to the installer, basically [all
+commits on January 21st](https://gitlab.torproject.org/tpo/tpa/fabric-tasks/-/commits/604a4000ea19ef4aa103ad991d53dfcf6ebac9c8) were for this project.
+
+# Remaining work
+
+ 1. puppet bootstrap
+ 2. systemd-networkd
+ 3. dump fw rules on omnia, office
+ 4. firewall (nftables + puppet?)
+ 4. DHCP assignments and configuration
+ 5. swap omnia and router
+ 6. monitoring
+ 7. bufferbloat tests
+
+# Tests to run
+
+From [[octavia]]:
+
+ 1. Web, on another host:
+
+        curl https://anarc.at/
+
+    If no shell access, try [Webbloatscore][] since it produces a
+    screenshot.
+
+ 2. DNS: local network should resolve locally, outside should show
+    CNAMEs
+
+        $ host shell.anarc.at
+        shell.anarc.at is an alias for marcos.anarc.at.
+        marcos.anarc.at has address 206.248.172.91
+
+ 3. SSH: test if we can reach the inside server from the outside of
+    the network (and not the router)
+
+        $ nc -v shell.anarc.at 22
+        Connection to shell.anarc.at 22 port [tcp/ssh] succeeded!
+        SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
+
+Other ports are assumed to be correctly configured unless otherwise
+noticed during later use.
+
+[Webbloatscore]: https://www.webbloatscore.com
+
+## bufferbloat tests
+
+OpenWRT has [this guide to configure SQM to fight bufferbloat](https://wiki.openwrt.org/doc/howto/sqm).

(Diff truncated)
sfwbar entered debian
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 33cc6d24..fa507f03 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -255,7 +255,7 @@ Other alternatives include:
  * [HybridBar](https://github.com/vars1ty/HybridBar) (yes, another)
  * [rootbar](https://hg.sr.ht/~scoopta/rootbar)
  * [sandbar](https://github.com/kolunmi/sandbar)
- * [sfwbar](https://github.com/LBCrion/sfwbar)
+ * [sfwbar](https://github.com/LBCrion/sfwbar) (now in Debian)
  * [yambar](https://codeberg.org/dnkl/yambar)
 
 ## Web browser: Firefox

more calibre alternatives
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index f67c7f5c..63e43524 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -297,6 +297,12 @@ provide, which is that it's also... a web server!
 
 See below for web-based collection browsers.
 
+Update: [citadel][] looks really promising, Rust backend with JS
+frontend. There's about 4 or 5 different frameworks in there so it
+will be hellish to package. A [Flatpak maybe](https://github.com/every-day-things/citadel/issues/5)? [Blog post](https://denhoff.ca/posts/replacing-calibre), [HN](https://news.ycombinator.com/item?id=38988019).
+
+[citadel]: https://github.com/every-day-things/citadel
+
 ## ebook web server
 
 Calibre can indeed also act as a web server, presenting your entire ebook
@@ -317,7 +323,7 @@ the database using SQLAlchemy. It does use calibre components to
 convert books but it might be an interesting alternative to the web
 interface shipped with Calibre.
 
-[AnthoLume][], [kavita][] (C#), [librum][] (dotnet), [readarr][] ("arr" stands for
+[AnthoLume][], [kavita][] (C#), [librum][] (dotnet), [storyteller][] [kiosk][], [readarr][] ("arr" stands for
 "aaargh C#/Windows again!") and [Ubooquity][] (... Java) are things as
 well, none of which are packaged in Debian. (What is it with e-book
 webservers being written in C#?!)
@@ -333,6 +339,8 @@ webservers being written in C#?!)
 [calibre-web]: https://github.com/janeczku/calibre-web
 [librum]: https://librumreader.com/
 [AnthoLume]: https://gitea.va.reichard.io/evan/AnthoLume
+[kiosk]: https://github.com/project-kiosk/kiosk
+[storyteller]: https://smoores.gitlab.io/storyteller/
 
 ### calibre webserver setup
 
@@ -514,8 +522,9 @@ usable to generate our own importer, as it can parse (and edit!)
 metadata from books.
 
 [Liber][] can also fetch metadata from Google books, but not
-interactively.
-   
+interactively. [Citadel][] also seems capable of getting (or at least
+editing) metadata.
+
 So I still use Calibre for importing books, but mostly rely on
 Koreader to browse the library, basically using the folder hierarchy
 with modification timestamps as a guide.

one more wnpp
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 0612ee94..33cc6d24 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -182,7 +182,7 @@ Other options include:
 
  * [dwl][]: tiling, minimalist, dwm for Wayland, not in Debian
  * [hikari][]: tiling/stacking, not in Debian
- * [Hyprland][]: tiling, fancy animations, not in Debian
+ * [Hyprland][]: tiling, fancy animations, not in Debian ([1040971][])
  * [Qtile][]: tiling, extensible, in Python, not in Debian ([1015267][])
  * [river][]: Zig, stackable, tagging, not in Debian  ([1006593][])
  * [velox][]: inspired by xmonad and dwm, not in Debian
@@ -205,6 +205,7 @@ Other options include:
 [velox]: https://github.com/michaelforney/velox
 [vivarium]: https://github.com/inclement/vivarium
 [hikari]: https://hikari.acmelabs.space/
+[1040971]: https://bugs.debian.org/1040971
 
 ## Status bar: py3status → waybar
 

fix link to hikari
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 50fd5efc..0612ee94 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -204,6 +204,7 @@ Other options include:
 [1006593]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006593
 [velox]: https://github.com/michaelforney/velox
 [vivarium]: https://github.com/inclement/vivarium
+[hikari]: https://hikari.acmelabs.space/
 
 ## Status bar: py3status → waybar
 

automatic federated post of blog/2024-01-08-one-more-year.md
Command: ['/usr/bin/feed2exec', '-v', 'fetch']
Plugin file: /usr/lib/python3/dist-packages/feed2exec/plugins/ikiwikitoot.py
Source directory: /home/w-anarcat/source
Running on: marcos
diff --git a/blog/2024-01-08-one-more-year.md b/blog/2024-01-08-one-more-year.md
index e395d42d..3f43bacb 100644
--- a/blog/2024-01-08-one-more-year.md
+++ b/blog/2024-01-08-one-more-year.md
@@ -210,3 +210,7 @@ So anyway, thanks for coming, faithful reader, and see you in the
 coming 2024 year...
 
 [[!tag debian-planet python-planet gloating meta stats]]
+
+
+<!-- posted to the federation on 2024-01-09T15:38:17.848871 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/111727915674900043"]]
\ No newline at end of file

sway refused sanity
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 541b9271..50fd5efc 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1163,9 +1163,13 @@ I have also configured those services, but that's somewhat optional:
 
 You will also need at least part of my [[sway config|config/sway/config]], which
 sends the systemd notification (because, no, Sway doesn't support any
-sort of readiness notification, that would be too easy). And you might
+sort of readiness notification, that would be too easy). (And they [do
+not want it](https://github.com/swaywm/sway/pull/7659), [nor does Debian want to carry a patch](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039857).) And you might
 like to see my [[swayidle config|config/swayidle/config]] while you're there.
 
+Update: see [my latest attempt at sway readiness notification](https://github.com/swaywm/sway/pull/7904) for
+the last hope.
+
 Finally, you need to hook this up somehow to the login manager. This
 is typically done with a desktop file, so drop
 [sway-session.desktop][] in `/usr/share/wayland-sessions` and
@@ -1278,7 +1282,6 @@ I think that's pretty neat.
 
  * TODO: consider this improved script: <https://github.com/xdbob/sway-services/blob/master/bin/sway-user-service>
  * TODO: move config into Puppet so it's in sync
- * TODO: maybe submit as a PR on the Debian package?
 
 [sway-setup]: https://github.com/gdamjan/sway-setup
 [submitted upstream]: https://github.com/swaywm/sway/pull/3486

possible scam with an expansion card
diff --git a/hardware/laptop/framework-12th-gen.md b/hardware/laptop/framework-12th-gen.md
index 90d4b836..ceb63b59 100644
--- a/hardware/laptop/framework-12th-gen.md
+++ b/hardware/laptop/framework-12th-gen.md
@@ -2054,7 +2054,8 @@ USB-C|blog/2023-02-10-usb-c]]. I'm considering a Dell
    internal USB-A port on top of the external one, two extra USB
    pinouts that can mount *another* mini-expansion card inside the
    expansion card, which in turn can be a MicroSD card reader, a USB-C
-   (USB2 only) port, a USB-UART debugging card, or a [QWIIC](https://www.sparkfun.com/qwiic)
+   (USB2 only) port, a USB-UART debugging card, or a [QWIIC](https://www.sparkfun.com/qwiic),
+   [concerns about this being a scam](https://community.frame.work/t/usb-a-ugment-usb-a-port-card-with-internal-dongle-port-and-addons/35735/15?u=anarcat)
    pinout, no 3D-printed shell yet
  * [spring-loaded expansion card](https://community.frame.work/t/spring-loaded-expansion-card/36013) (probably also a joke)
  * [RTL SDR](https://community.frame.work/t/rtl-sdr-expansion-card/37098)

fix tags
diff --git a/blog/2024-01-08-one-more-year.md b/blog/2024-01-08-one-more-year.md
index 29aa055d..e395d42d 100644
--- a/blog/2024-01-08-one-more-year.md
+++ b/blog/2024-01-08-one-more-year.md
@@ -209,4 +209,4 @@ sharing that with the world...
 So anyway, thanks for coming, faithful reader, and see you in the
 coming 2024 year...
 
-[[!tags gloating meta stats]]
+[[!tag debian-planet python-planet gloating meta stats]]

yearly blog stats
diff --git a/blog.mdwn b/blog.mdwn
index 8098ba11..ea26f0b6 100644
--- a/blog.mdwn
+++ b/blog.mdwn
@@ -29,6 +29,8 @@ trail=yes
 
 # Favoris
 
+ * [Framework 12th gen laptop review](https://anarc.at/hardware/laptop/framework-12th-gen) (2023)
+ * [How to nationalize the internet in Canada](https://anarc.at/blog/2022-08-26-nationalize-internet/) (2022)
  * [The Neo-Colonial Internet](https://anarc.at/blog/2021-10-23-neo-colonial-internet/) (2021)
  * [Remote presence tools for social distancing](https://anarc.at/blog/2020-03-15-remote-tools/) (2020)
  * [On free speech at Puri.sm and Mastodon](https://anarc.at/blog/2019-05-13-free-speech/) (2019)
@@ -95,6 +97,21 @@ more socially acceptable and less politically controversial.
 <!-- add it. yes, this is kind of silly. -->
 
 <!-- end copy-paste -->
+## 2024
+
+[[!inline pages="
+(
+  page(blog/*)
+  or tagged(blog)
+)
+and creation_year(2024)
+and !blog/*/*
+and !tagged(draft)
+and !tagged(redirection)"
+archive=yes
+quick=yes
+]]
+
 ## 2023
 
 [[!inline pages="
diff --git a/blog/2024-01-08-one-more-year.md b/blog/2024-01-08-one-more-year.md
new file mode 100644
index 00000000..29aa055d
--- /dev/null
+++ b/blog/2024-01-08-one-more-year.md
@@ -0,0 +1,212 @@
+[[!meta title="Last year on this blog"]]
+
+So this blog is now celebrating its 21st birthday (or 20 if you count
+from zero, or 18 if you want to be pedantic), and I figured I would do
+this yearly thing of reviewing how that went.
+
+# Number of posts
+
+2022 was the [[official 20th
+anniversary|blog/2023-01-07-bring-back-blogging]] in any case, and
+that was one of my best years on record, with 46 posts, surpassed only
+by the noisy 2005 (62) and matching 2006 (46). 2023, in comparison,
+was underwhelming: a feeble 11 posts! What happened!
+
+Well, I was busy with other things, mostly away from keyboard, that I
+will not bore you with here...
+
+The other thing that happened is that the one-liner I used to collect
+stats was broken (it counted folders and other unrelated files) and
+wildly overestimated 2022! Turns out I didn't write *that* much then:
+
+    anarc.at$ ls blog | grep '^[0-9][0-9][0-9][0-9].*.md' | se
+    d s/-.*// | sort | uniq -c  | sort -n -k2
+         57 2005
+         43 2006
+         20 2007
+         20 2008
+          7 2009
+         13 2010
+         16 2011
+         11 2012
+         13 2013
+          5 2014
+         13 2015
+         18 2016
+         29 2017
+         27 2018
+         17 2019
+         18 2020
+         14 2021
+         28 2022
+         10 2023
+          1 2024
+
+But even that is inaccurate because, in ikiwiki, I can tag any page as
+being featured on the blog. So we actually need to process the HTML
+itself because we don't have much better on hand without going through
+ikiwiki's internals:
+
+    anarcat@angela:anarc.at$ curl -sSL https://anarc.at/blog/ | grep 'href="\./' | grep -o 20[0-9][0-9] | sort | uniq -c 
+         56 2005
+         42 2006
+         19 2007
+         18 2008
+          6 2009
+         12 2010
+         15 2011
+         10 2012
+         11 2013
+          3 2014
+         15 2015
+         32 2016
+         50 2017
+         37 2018
+         19 2019
+         19 2020
+         15 2021
+         28 2022
+         13 2023
+
+Which puts the top 10 years at:
+
+    $ curl -sSL https://anarc.at/blog/ | grep 'href="\./' | grep -o 20[0-9][0-9] | sort | uniq -c  | sort -nr | head -10
+         56 2005
+         50 2017
+         42 2006
+         37 2018
+         32 2016
+         28 2022
+         19 2020
+         19 2019
+         19 2007
+         18 2008
+
+Anyway. 2023 is certainly not a glorious year in that regard, in any case.
+
+# Visitors
+
+In terms of visits, however, we had quite a few hits. According to
+[Goatcounter](https://github.com/arp242/goatcounter), I had 122 300 visits in 2023! 2022, in comparison,
+had 89 363, so that's quite a rise.
+
+## What you read
+
+I seem to have hit the Hacker News front page at least twice. I say
+"seem" because it's actually pretty hard to tell *what* the HN
+frontpage actually is on any given day. I had 22k visits on
+2023-03-13, in any case, and you [can't see me on the front that
+day](https://news.ycombinator.com/front?day=2023-03-13). We do see a post of mine [on 2023-09-02](https://news.ycombinator.com/front?day=2023-09-02), all the way down
+there, which seem to have generated another 10k visits.
+
+In any case, here were the most popular stories for you fine visitors:
+
+ * [[Framework 12th gen laptop
+   review|hardware/laptop/framework-12th-gen]]: 24k visits, which is
+   surprising for a 13k words article "without images", as some
+   critics have complained. 15k referred by Hacker News. Good
+   reference and time-consuming benchmarks, slowly bit-rotting.
+
+   That is, by far, my most popular article ever. A popular article in
+   2021 or 2022 was around 6k to 9k, so that's a big one. I suspect it
+   will keep getting traffic for a long while.
+
+ * [[Calibre replacement considerations|software/desktop/calibre]]:
+   15k visits, most of which without a referrer. Was actually an old
+   article, but I suspect HN brought it back to light. I keep updating
+   that wiki page regularly when I find new things, but I'm still
+   using Calibre to import ebooks.
+
+ * [[Hacking my Kobo Clara HD|hardware/tablet/kobo-clara-hd]]: is not
+   new but always gathering more and more hits, it had 1800 hits in
+   the first year, 4600 hits last year and now brought 6400 visitors
+   to the blog! Not directly related, but [this iFixit
+   battery replacement guide I wrote](https://www.ifixit.com/Guide/Kobo+Glo+HD+eReader+Battery+Replacement/143903) also seem to be quite popular
+
+Everything else was published before 2023. [Replacing Smokeping with
+Prometheus](https://anarc.at/blog/2020-06-04-replacing-smokeping-prometheus) is still around and [[Looking at Wayland terminal
+emulators|software/desktop/wayland]] makes an entry in the top five.
+
+## Where you've been
+
+People send less and less private information when they browse the
+web. The number of visitors without referrers was 41% in 2021, it rose
+to 44% in 2023. Most of the remaining traffic comes from Google, but
+Hacker News is now a significant chunk, almost as big as Google.
+
+In 2021, Google represented 23% of my traffic, in 2022, it was down to
+15% so 18% is actually a rise from last year, even if it seems much
+smaller than what I usually think of.
+
+| Ratio | Referrer              | Visits |
+|-------|-----------------------|--------|
+| 18%   | Google                | 22 098 |
+| 13%   | Hacker News           | 16 003 |
+| 2%    | duckduckgo.com        | 2 640  |
+| 1%    | community.frame.work  | 1 090  |
+| 1%    | missing.csail.mit.edu | 918    |
+
+Note that Facebook and Twitter do not appear at all in my referrers.
+
+## Where you are
+
+Unsurprisingly, most visits still come from the US:
+
+| Ratio | Country        | Visits |
+|-------|----------------|--------|
+| 26%   | United States  | 32 010 |
+| 14%   | France         | 17 046 |
+| 10%   | Germany        | 11 650 |

(Diff truncated)
more qrcode stuff
diff --git a/blog/secrets-recovery.md b/blog/secrets-recovery.md
index fd5afeb2..454baae3 100644
--- a/blog/secrets-recovery.md
+++ b/blog/secrets-recovery.md
@@ -50,3 +50,9 @@ https://sites.google.com/view/chewkeanho/guides/gnupg/delete-primary-key-master-
 
 17:53:28 <diederik> TIL you can specify a successor in GH account settings for when you die :-O
 qr-backup ITP https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021089
+
+
+https://github.com/cyphar/paperback
+
+
+to review: https://news.ycombinator.com/item?id=37534615

alternative calendar printers
diff --git a/communication/photo/calendrier-2019.mdwn b/communication/photo/calendrier-2019.mdwn
index 023b7a07..c4049684 100644
--- a/communication/photo/calendrier-2019.mdwn
+++ b/communication/photo/calendrier-2019.mdwn
@@ -565,6 +565,7 @@ Imprimeurs possibles:
  * Lozeau: 514-274-6577
  * Papeterie du plateau
  * CDN impression (Rosemont + St-Denis)
+ * [fournisseurs commerciaux](https://www.dpreview.com/articles/0542456797/how-to-plan-your-photobook)
 
 [Xerox Altalink C8045]: https://www.office.xerox.com/multifunction-printer/color-multifunction/altalink-c8000-series/enus.html
 [latex-cmyk]: https://tex.stackexchange.com/a/9973/33322

another ebook reader
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index fce528be..f67c7f5c 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -149,6 +149,7 @@ replace Calibre here:
  * Emacs (of course) supports ebooks through [nov.el][]
  * [fbreader][] also supports ePUBs, but is much slower than all those
    others, and turned proprietary so is unmaintained
+ * [flow][], webapp
  * [Foliate][] looks gorgeous and is built on top of the ePUB.js
    library, not in Debian, but [Flathub][flathub-foliate].
  * [GNOME Books][] is interesting, but relies on the GNOME search
@@ -209,6 +210,7 @@ See also the [pdf-viewer metapackage](https://packages.debian.org/sid/pdf-viewer
 [arianna]: https://apps.kde.org/arianna/
 [Peruse]: https://peruse.kde.org/
 [kavita]: https://github.com/Kareadita/Kavita
+[flow]: https://www.flowoss.com/
 
 ## ebook editor
 

yolo new sway configs
diff --git a/software/desktop/wayland/config/sway/config b/software/desktop/wayland/config/sway/config
index a1959cbc..eefc2afc 100644
--- a/software/desktop/wayland/config/sway/config
+++ b/software/desktop/wayland/config/sway/config
@@ -58,7 +58,7 @@ default_border pixel 1
 # we start it as a systemd unit on the fly otherwise podman takes over
 # the Main PID of the sway.service and container exits crash the whole
 # session
-bindsym $mod+Return exec systemd-run --user --collect foot
+bindsym $mod+Return exec systemd-run-wrap foot
 
 # kill focused window
 #bindsym $mod+Shift+q kill
@@ -179,7 +179,7 @@ bindsym $mod+i sticky toggle
 
 # all replaced by a dmenu-like single "power" menu
 # taken from https://faq.i3wm.org/question/1262/exiting-i3-without-mouse-click.1.html
-bindsym $mod+q exec systemd-run --user --collect sway-power-menu
+bindsym $mod+q exec systemd-run-wrap sway-power-menu
 
 # resize window (you can also use the mouse for that)
 mode "resize" {
@@ -214,7 +214,7 @@ bindsym $mod+Shift+minus move scratchpad
 bindsym $mod+minus scratchpad show
 
 # super-fast shortcuts of death everywhere
-bindsym $mod+y exec systemd-run --user --collect e
+bindsym $mod+y exec systemd-run-wrap e
 # should open the home directory with the preconfigured file
 # manager. now what *that* will be is mystery!
 #
@@ -230,27 +230,27 @@ bindsym $mod+y exec systemd-run --user --collect e
 #
 # $ xdg-mime query default inode/directory
 # Thunar.desktop
-bindsym $mod+u exec systemd-run --user --collect xdg-open .
+bindsym $mod+u exec systemd-run-wrap xdg-open .
 # alternative: dmenu-based file manager
-bindsym $mod+o exec systemd-run --user --collect dmenu-fm
+bindsym $mod+o exec systemd-run-wrap dmenu-fm
 
 # select a unicode symbol and type it, mnemonic is "emoji"
 bindsym $mod+m exec dmenu-unicode --type --category So
 # calculator
-bindsym $mod+c exec systemd-run --user --collect qalculate
+bindsym $mod+c exec systemd-run-wrap qalculate
 
 # quick access commands
 #
 # fuzzel doesn't work as well as rofi: plain fuzzel doesn't keep history
 # for arbitrary entries: https://codeberg.org/dnkl/fuzzel/issues/189
 # so we have this wrapper
-bindsym $mod+r exec systemd-run --user --collect dmenu-bash-history
+bindsym $mod+r exec systemd-run-wrap dmenu-bash-history
 # same with the traditional dmenu keybinding
-bindsym $mod+d exec systemd-run --user --collect dmenu-bash-history
+bindsym $mod+d exec systemd-run-wrap dmenu-bash-history
 # ... and that reuses history from rofi, but doesn't update it
-bindsym $mod+F2 exec systemd-run --user --collect dmenu-ssh.py
+bindsym $mod+F2 exec systemd-run-wrap dmenu-ssh.py
 # until mosh falls back to SSH (https://github.com/mobile-shell/mosh/issues/731)
-bindsym $mod+F3 exec systemd-run --user --collect dmenu-ssh.py --ssh=mosh
+bindsym $mod+F3 exec systemd-run-wrap dmenu-ssh.py --ssh=mosh
 bindsym $mod+g exec sway-window-menu
 bindsym $mod+p exec pass-dmenu
 bindsym $mod+Shift+p exec env TYPE_MODE=wtype pass-dmenu
@@ -258,9 +258,9 @@ bindsym $mod+Shift+p exec env TYPE_MODE=wtype pass-dmenu
 # screensaver panic button
 bindsym Pause exec swaylock
 # screenshot
-bindsym Print exec systemd-run --user --collect publish -S --select
-bindsym Shift+Print exec systemd-run --user --collect publish -S --select -t 7
-bindsym Control+Print exec systemd-run --user --collect publish -S
+bindsym Print exec systemd-run-wrap publish -S --select
+bindsym Shift+Print exec systemd-run-wrap publish -S --select -t 7
+bindsym Control+Print exec systemd-run-wrap publish -S
 # multimedia keys
 bindsym --locked XF86AudioMute exec wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
 # see also https://git.joeyh.name/index.cgi/joey/home.git/tree/bin/mic_mute
diff --git a/software/desktop/wayland/config/systemd/user/sway-session.target b/software/desktop/wayland/config/systemd/user/sway-session.target
index 30151b3c..ff53fcca 100644
--- a/software/desktop/wayland/config/systemd/user/sway-session.target
+++ b/software/desktop/wayland/config/systemd/user/sway-session.target
@@ -2,5 +2,6 @@
 Description=sway compositor session
 Documentation=man:systemd.special(7)
 BindsTo=graphical-session.target
-Wants=graphical-session-pre.target
+Wants=graphical-session-pre.target xdg-desktop-autostart.target
 After=graphical-session-pre.target
+Before=xdg-desktop-autostart.target
diff --git a/software/desktop/wayland/config/waybar/config b/software/desktop/wayland/config/waybar/config
index 3bae2668..1cd09ca5 100644
--- a/software/desktop/wayland/config/waybar/config
+++ b/software/desktop/wayland/config/waybar/config
@@ -2,6 +2,9 @@
     // this configuration uses Font Awesom v4 icons as much as
     // possible: https://fontawesome.com/v4/icons/
 
+    // TODO: privacy module, probably in 0.9.25
+    // https://github.com/Alexays/Waybar/pull/2612
+
     // "layer": "top", // Waybar at top layer
     // "position": "bottom", // Waybar position (top|bottom|left|right)
     // "height": 24, // Waybar height (to be removed for auto height)
@@ -10,7 +13,7 @@
     // Choose the order of the modules
     "modules-left": ["sway/workspaces", "sway/mode", "sway/scratchpad", "sway/window"],
     "modules-center": [],
-    "modules-right": ["cpu", "memory", "temperature", "network", "backlight", "battery", "battery#bat2", "sway/language", "clock", "custom/clock", "custom/notification", "tray"],
+    "modules-right": ["cpu", "memory", "temperature", "network",  "backlight", "battery", "battery#bat2", "sway/language", "clock", "custom/clock", "idle_inhibitor", "custom/notification", "tray"],
     // Modules configuration
     "keyboard-state": {
         "numlock": true,
@@ -83,6 +86,13 @@
             "deactivated": ""
         }
     },
+    "idle_inhibitor": {
+        "format": "{icon}",
+        "format-icons": {
+            "activated": "",
+            "deactivated": ""
+        }
+    },
     "tray": {
         // "icon-size": 21,
         "spacing": 10
@@ -112,6 +122,8 @@
         "interval": 5,
         "on-click": "exec foot --hold undertime --table",
     },
+    // has been split in 0.9.23
+    // https://github.com/Alexays/Waybar/pull/2114
     "cpu": {
         "format": "{usage:3}% {avg_frequency:4}GHz ",
         "tooltip": false,
@@ -175,10 +187,10 @@
       },
       "return-type": "json",
       "exec-if": "which swaync-client",
-      "exec": "swaync-client -swb",
-      "on-click": "swaync-client -t -sw",
-      "on-click-middle": "sway-client -d -sw",
-      "on-click-right": "swaync-client -C -sw",
+      "exec": "swaync-client --subscribe-waybar",
+      "on-click": "swaync-client --toggle-panel --skip-wait",
+      "on-click-middle": "swaync-client --toggle-dnd --skip-wait",
+      "on-click-right": "swaync-client --close-all --skip-wait",
       "escape": true
     }
 }

found satty
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 33b00b53..541b9271 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -857,6 +857,13 @@ involved calling xterm and xmessage for user interaction. Now,
 anyone freaks out, I already had to use GTK for proper clipboard
 support, so this isn't much of a stretch...)
 
+One thing I'm, missing is some review/annotation
+tool. [Satty](https://github.com/gabm/Satty) provides a nice minimal wrapper like that. For now,
+I'm using whatever default image viewer I have configured (currently
+geeqie), one key feature is that it must support the "copy image to
+clipboard" (not the path! the actual full image!) functionality,
+typically to paste to GitHub/GitLab issues, or Signal.
+
 [maim]: https://github.com/naelstrof/maim
 [slop]: https://tracker.debian.org/pkg/slop
 [grim]: https://sr.ht/~emersion/grim/

update dns status
diff --git a/services/dns.mdwn b/services/dns.mdwn
index 6e81d853..dfbd3461 100644
--- a/services/dns.mdwn
+++ b/services/dns.mdwn
@@ -117,6 +117,16 @@ présentement:
    plus chers, mais font aussi serveur DNS, namecheap a pas de .at et
    easyDNS est très cher pour le .at
 
+Situation actuelle:
+
+ * opensrs: test account created, hosted: `debian-policy.info`
+   (2025-10-15), not sure I want to keep, could be just for `anarc.at`
+ * mythic beasts: idem, to be closed, hosted: `alterne.ca` (2025-09-11)
+ * porkbun: secondary account, hosted: `orangeseeds.net`
+   `orangeseeds.org` (transfer started 2023-12-19)
+ * gandi: `reseaulibre.ca` (2024-04-28), `vichama.ca` (2024-05-17),
+   `anarc.at` (2024-09-06), `insomniaque.org` (2029-04-28)
+
 Convention de noms
 ==================
 

automatic federated post of blog/2023-12-18-rewrote-screentest.md
Command: ['/usr/bin/feed2exec', '-v', 'fetch']
Plugin file: /usr/lib/python3/dist-packages/feed2exec/plugins/ikiwikitoot.py
Source directory: /home/w-anarcat/source
Running on: marcos
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index 952c30c1..902b0c82 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -157,3 +157,7 @@ likely confirm what I've already known all along: that it's kind
 of a piece of crap and I need to get a proper one.
 
 [[!tag debian-planet debian software video python-planet python ]]
+
+
+<!-- posted to the federation on 2023-12-18T23:12:26.904959 -->
+[[!mastodon "https://kolektiva.social/@Anarcat/111605130638514337"]]
\ No newline at end of file

creating tag page tag/video
diff --git a/tag/video.mdwn b/tag/video.mdwn
new file mode 100644
index 00000000..f5f7c4d8
--- /dev/null
+++ b/tag/video.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged video"]]
+
+[[!inline pages="tagged(video)" actions="no" archive="yes"
+feedshow=10]]

publish blog post
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index 1c91e7a7..952c30c1 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -149,10 +149,11 @@ post; it would [not be the first time](https://anarc.at/blog/2022-03-02-procmail
 For now, the project lives along side the [rest of my scripts
 collection](https://gitlab.com/anarcat/scripts/) but if there's sufficient interest, I might move it to
 its own git repositories. Comments, feedback, contributions are as
-usual welcome.
+usual welcome. And naturally, if you know something better for this
+kind of stuff, I'm happy to learn more about your favorite tool!
 
 So now I have finally found something to test my projector, which will
 likely confirm what I've already known all along: that it's kind
 of a piece of crap and I need to get a proper one.
 
-[[!tag draft]]
+[[!tag debian-planet debian software video python-planet python ]]

add more direct link, fix heading
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index 6d1ee9cf..1c91e7a7 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -42,7 +42,7 @@ script](https://gitlab.com/anarcat/scripts/-/blob/9ad60d159ed77c411b8b5a4aa1bf5b
 parser and monitor geometry guessing, and thought "NOPE, THIS IS WHERE
 THE SHELL STOPS", and [rewrote the whole thing in Python](https://gitlab.com/anarcat/scripts/-/commit/704a2c238aeb4a81f05d43c1082c2933cecc99c5).
 
-Now, screentest lives as a ~400-line Python script, half of which is
+Now, screentest lives as a [~400-line Python script](https://gitlab.com/anarcat/scripts/-/blob/main/screentest?ref_type=heads), half of which is
 unit test data and command-line parsing.
 
 # Why screentest
@@ -118,7 +118,7 @@ gstreamer plugin](https://gstreamer.freedesktop.org/documentation/audiotestsrc/)
 the pattern name, in case you get lost and want to start with one of
 them again.
 
-## How this works
+# How this works
 
 Most of the work is done by gstreamer. The script merely generates a
 pipeline and calls [gst-launch](https://manpages.debian.org/gst-launch-1.0) to show the output. That both

add toc
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index 298ca285..6d1ee9cf 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -4,6 +4,8 @@ I have accidentally rewritten [screentest](https://tobix.github.io/screentest/),
 [X11](https://en.wikipedia.org/wiki/X_Window_System)/[GTK](https://en.wikipedia.org/wiki/GTK)2 program that I was previously using to, well, test
 screens.
 
+[[!toc]]
+
 # Screentest is dead
 
 It was [removed from Debian in May 2023](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035806) but had already missed two

add screenshots
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index 6a41f342..298ca285 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -17,9 +17,15 @@ So I had little hope to see this program back in Debian. The [git
 repository](https://github.com/TobiX/screentest) shows little activity, the last being two years
 ago. Interestingly, I do not *quite* remember what it was testing, but
 I do remember it to find dead pixels, confirm native resolution, and
-various pixel-peeping. Now, I think it's safe to assume this program
-is dead and buried, and anyways I'm running
-[[software/desktop/wayland]] now, surely there's something better?
+various pixel-peeping. Here's a screenshot of one of the screentest
+screens:
+
+![screentest screenshot showing a white-on-black checkered background,
+with some circles in the corners, shades of gray and colors in the middle](https://screenshots.debian.net/shrine/screenshot/11796/simage/large-9db1d1f20440339a8843eeb7fb3b8490.png)
+
+Now, I think it's safe to assume this program is dead and buried, and
+anyways I'm running [[software/desktop/wayland]] now, surely there's
+something better?
 
 Well, no. Of course not. Someone would know about it and tell me
 before I go on a random coding spree in a fit of
@@ -88,6 +94,10 @@ first in the list, but you can run only that test with:
 > before I get it right. I fully expect this post to have numerous
 > typos.)
 
+Here's an example of the SMPTE pattern from Wikipedia:
+
+![SMPTE color bars](https://upload.wikimedia.org/wikipedia/commons/6/66/SMPTE_Color_Bars.svg)
+
 For multi-monitor setups, `screentest` also supports specifying which
 output to use as a native resolution, with `--output`. Failing that,
 it will try to look at the outputs and use the first it will
@@ -134,8 +144,13 @@ crashing the namespace already used by the project, which is [now on
 GitHub](https://github.com/TobiX/screentest/). Who knows, it might come back to life after this blog
 post; it would [not be the first time](https://anarc.at/blog/2022-03-02-procmail-considered-harmful/#developing-story).
 
-Now, I have finally found something to test my projector, which will
-likely confirm what I've already known all along, and that it's kind
+For now, the project lives along side the [rest of my scripts
+collection](https://gitlab.com/anarcat/scripts/) but if there's sufficient interest, I might move it to
+its own git repositories. Comments, feedback, contributions are as
+usual welcome.
+
+So now I have finally found something to test my projector, which will
+likely confirm what I've already known all along: that it's kind
 of a piece of crap and I need to get a proper one.
 
 [[!tag draft]]

edits
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
index cea1a1dd..6a41f342 100644
--- a/blog/2023-12-18-rewrote-screentest.md
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -1,8 +1,8 @@
 [[!meta title="(Re)introducing screentest"]]
 
-I have accidentally rewritten [screentest](https://tobix.github.io/screentest/), a relatively old
+I have accidentally rewritten [screentest](https://tobix.github.io/screentest/), an old
 [X11](https://en.wikipedia.org/wiki/X_Window_System)/[GTK](https://en.wikipedia.org/wiki/GTK)2 program that I was previously using to, well, test
-screens. 
+screens.
 
 # Screentest is dead
 
@@ -14,7 +14,7 @@ critical bugs. The stated reason for removal was:
 > depends on gtk2, has a low popcon and no reverse dependencies.
 
 So I had little hope to see this program back in Debian. The [git
-repository](https://github.com/TobiX/screentest) shows very little activity, the last being two years
+repository](https://github.com/TobiX/screentest) shows little activity, the last being two years
 ago. Interestingly, I do not *quite* remember what it was testing, but
 I do remember it to find dead pixels, confirm native resolution, and
 various pixel-peeping. Now, I think it's safe to assume this program
@@ -35,7 +35,7 @@ parser and monitor geometry guessing, and thought "NOPE, THIS IS WHERE
 THE SHELL STOPS", and [rewrote the whole thing in Python](https://gitlab.com/anarcat/scripts/-/commit/704a2c238aeb4a81f05d43c1082c2933cecc99c5).
 
 Now, screentest lives as a ~400-line Python script, half of which is
-taken by unit test data and command-line parsing.
+unit test data and command-line parsing.
 
 # Why screentest
 
@@ -57,28 +57,28 @@ can lay down a list of use case:
 
 # What does screentest do?
 
-That is done through a set of "patterns" that are displayed on
-screen. The list of patterns is actually hardcoded in the script,
-copy-pasted from [this list](https://gstreamer.freedesktop.org/documentation/videotestsrc/index.html?gi-language=c#GstVideoTestSrcPattern) from the [videotestsrc gstreamer
-plugin](https://gstreamer.freedesktop.org/documentation/videotestsrc/), but you can pass any pattern supported by your gstreamer
-installation with `--patterns`. A list of patterns relevant to your
-installation is available with the `gst-inspect-1.0 videotestsrc`
-command.
+Screentest displays a series of "patterns" on screen. The list of
+patterns is actually hardcoded in the script, copy-pasted from [this
+list](https://gstreamer.freedesktop.org/documentation/videotestsrc/index.html?gi-language=c#GstVideoTestSrcPattern) from the [videotestsrc gstreamer plugin](https://gstreamer.freedesktop.org/documentation/videotestsrc/), but you can pass
+any pattern supported by your gstreamer installation with
+`--patterns`. A list of patterns relevant to your installation is
+available with the `gst-inspect-1.0 videotestsrc` command.
 
-By default, `screentest` cycles through all patterns. Each pattern
-runs indefinitely until closed, then the next pattern starts. 
+By default, `screentest` goes through all patterns. Each pattern runs
+indefinitely until the you close the window, then the next pattern
+starts.
 
-You can restrict to a subset, for example this would be a good test
-for dead pixels:
+You can restrict to a subset of patterns, for example this would be a
+good test for dead pixels:
 
     screentest --patterns black,white,red,green,blue
 
 This would be a good sharpness test:
 
-    screentest --patterns checkers-1,checkers-2,checkers-4,checkers-8,pinwheel,spokes
+    screentest --patterns pinwheel,spokes,checkers-1,checkers-2,checkers-4,checkers-8
 
 A good generic test is the classic [SMPTE color bars](https://en.wikipedia.org/wiki/SMPTE_color_bars) and is the
-first in the list, but can be called individually:
+first in the list, but you can run only that test with:
 
     screentest --patterns smpte
 
@@ -95,7 +95,7 @@ find. If it fails to find anything, you can specify a resolution with
 `--resolution WIDTHxHEIGHT`. 
 
 I have tried to make it go full screen by default, but stumbled a [bug
-in Sway](https://github.com/swaywm/sway/issues/2176) that crashes `gstreamer`. If your Wayland compositor
+in Sway](https://github.com/swaywm/sway/issues/2176) that crashes `gst-launch`. If your Wayland compositor
 supports it, you can possibly enable full screen with `--sink
 waylandsink fullscreen=true`. Otherwise it will create a new window
 that you will have to make fullscreen yourself.
@@ -113,26 +113,26 @@ pipeline and calls [gst-launch](https://manpages.debian.org/gst-launch-1.0) to s
 limits what it can do but also makes it much easier to use than
 figuring out `gst-launch`.
 
-I feel there *might* be some additional patterns that could be useful,
-but I feel those are better left to gstreamer. I, for example, am
-somewhat nostalgic of the [Philips circle pattern](https://en.wikipedia.org/wiki/Philips_circle_pattern) that used to
-play for TV stations that were off-air in my area. But that, in my
-opinion, could be coded as an addition to the gstreamer plugin than a
-separate thing.
+There *might* be some additional patterns that could be useful, but I
+think those are better left to gstreamer. I, for example, am somewhat
+nostalgic of the [Philips circle pattern](https://en.wikipedia.org/wiki/Philips_circle_pattern) that used to play for TV
+stations that were off-air in my area. But that, in my opinion, would
+be better added to the gstreamer plugin than into a separate thing.
 
-The script shows which command is being ran, so I also think it's a
-good introduction to gstreamer pipelines and how they can be used to
-do various things.
+The script shows which command is being ran, so it's a good
+introduction to gstreamer pipelines. Advanced users (and the video
+team) will possibly not need `screentest` and will design their own
+pipelines with their own tools.
 
 I've previously worked with `ffmpeg` pipelines (in another such
-procrastinated coding spree, [video-proxy-magic](https://gitlab.com/anarcat/video-proxy-magic)), and I must say
-gstreamer is much more intuitive, even though it *might* be slightly
-less powerful.
+procrastinated coding spree, [video-proxy-magic](https://gitlab.com/anarcat/video-proxy-magic)), and I found
+gstreamer more intuitive, even though it *might* be slightly less
+powerful.
 
 In retrospect, I should probably have picked a new name, to avoid
 crashing the namespace already used by the project, which is [now on
-GitHub](https://github.com/TobiX/screentest/) and, who knows, might come back to life after this blog
-post. It would [not be the first time](https://anarc.at/blog/2022-03-02-procmail-considered-harmful/#developing-story).
+GitHub](https://github.com/TobiX/screentest/). Who knows, it might come back to life after this blog
+post; it would [not be the first time](https://anarc.at/blog/2022-03-02-procmail-considered-harmful/#developing-story).
 
 Now, I have finally found something to test my projector, which will
 likely confirm what I've already known all along, and that it's kind

a new project
diff --git a/blog/2023-12-18-rewrote-screentest.md b/blog/2023-12-18-rewrote-screentest.md
new file mode 100644
index 00000000..cea1a1dd
--- /dev/null
+++ b/blog/2023-12-18-rewrote-screentest.md
@@ -0,0 +1,141 @@
+[[!meta title="(Re)introducing screentest"]]
+
+I have accidentally rewritten [screentest](https://tobix.github.io/screentest/), a relatively old
+[X11](https://en.wikipedia.org/wiki/X_Window_System)/[GTK](https://en.wikipedia.org/wiki/GTK)2 program that I was previously using to, well, test
+screens. 
+
+# Screentest is dead
+
+It was [removed from Debian in May 2023](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035806) but had already missed two
+releases (Debian 11 "bullseye" and 12 "bookworm") due to release
+critical bugs. The stated reason for removal was:
+
+> The package is orphaned and its upstream is no longer developed.  It
+> depends on gtk2, has a low popcon and no reverse dependencies.
+
+So I had little hope to see this program back in Debian. The [git
+repository](https://github.com/TobiX/screentest) shows very little activity, the last being two years
+ago. Interestingly, I do not *quite* remember what it was testing, but
+I do remember it to find dead pixels, confirm native resolution, and
+various pixel-peeping. Now, I think it's safe to assume this program
+is dead and buried, and anyways I'm running
+[[software/desktop/wayland]] now, surely there's something better?
+
+Well, no. Of course not. Someone would know about it and tell me
+before I go on a random coding spree in a fit of
+procrastination... riiight? At least, the [Debconf video team](https://debconf-video-team.pages.debian.net/docs/)
+didn't seem to know of any replacement. They actually suggested I just
+"invoke gstreamer directly" and "embrace the joy of shell scripting".
+
+# Screentest reborn
+
+So, I naively did exactly that and [wrote a horrible shell
+script](https://gitlab.com/anarcat/scripts/-/blob/9ad60d159ed77c411b8b5a4aa1bf5b8c02d76c70/screentest). Then I realized the next step was to write an command line
+parser and monitor geometry guessing, and thought "NOPE, THIS IS WHERE
+THE SHELL STOPS", and [rewrote the whole thing in Python](https://gitlab.com/anarcat/scripts/-/commit/704a2c238aeb4a81f05d43c1082c2933cecc99c5).
+
+Now, screentest lives as a ~400-line Python script, half of which is
+taken by unit test data and command-line parsing.
+
+# Why screentest
+
+Some smarty pants is going to complain and ask why the heck one would
+need something like that (and, well, someone already did), so maybe I
+can lay down a list of use case:
+
+ * testing color output, in broad terms (answering the question of "is
+   it just me or this project really yellow?")
+
+ * testing focus and keystone ("this looks blurry, can you find a nice
+   sharp frame in that movie to adjust focus?")
+
+ * test for native resolution and sharpness ("does this projector
+   *really* support 4k for 30$? that sounds like bullcrap")
+
+ * looking for dead pixels ("i have a new monitor, i hope it's
+   intact")
+
+# What does screentest do?
+
+That is done through a set of "patterns" that are displayed on
+screen. The list of patterns is actually hardcoded in the script,
+copy-pasted from [this list](https://gstreamer.freedesktop.org/documentation/videotestsrc/index.html?gi-language=c#GstVideoTestSrcPattern) from the [videotestsrc gstreamer
+plugin](https://gstreamer.freedesktop.org/documentation/videotestsrc/), but you can pass any pattern supported by your gstreamer
+installation with `--patterns`. A list of patterns relevant to your
+installation is available with the `gst-inspect-1.0 videotestsrc`
+command.
+
+By default, `screentest` cycles through all patterns. Each pattern
+runs indefinitely until closed, then the next pattern starts. 
+
+You can restrict to a subset, for example this would be a good test
+for dead pixels:
+
+    screentest --patterns black,white,red,green,blue
+
+This would be a good sharpness test:
+
+    screentest --patterns checkers-1,checkers-2,checkers-4,checkers-8,pinwheel,spokes
+
+A good generic test is the classic [SMPTE color bars](https://en.wikipedia.org/wiki/SMPTE_color_bars) and is the
+first in the list, but can be called individually:
+
+    screentest --patterns smpte
+
+> (I will mention, by the way, that as a system administrator with
+> decades of experience, it is nearly impossible to type [SMPTE](https://en.wikipedia.org/wiki/Society_of_Motion_Picture_and_Television_Engineers)
+> without first typing [SMTP](https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol) and re-typing it again a few times
+> before I get it right. I fully expect this post to have numerous
+> typos.)
+
+For multi-monitor setups, `screentest` also supports specifying which
+output to use as a native resolution, with `--output`. Failing that,
+it will try to look at the outputs and use the first it will
+find. If it fails to find anything, you can specify a resolution with
+`--resolution WIDTHxHEIGHT`. 
+
+I have tried to make it go full screen by default, but stumbled a [bug
+in Sway](https://github.com/swaywm/sway/issues/2176) that crashes `gstreamer`. If your Wayland compositor
+supports it, you can possibly enable full screen with `--sink
+waylandsink fullscreen=true`. Otherwise it will create a new window
+that you will have to make fullscreen yourself.
+
+For completeness, there's also an `--audio` flag that will emit the
+classic "drone", a sine wave at 440Hz at 40% volume (the [audiotestsrc
+gstreamer plugin](https://gstreamer.freedesktop.org/documentation/audiotestsrc/). And there's a `--overlay-name` option to show
+the pattern name, in case you get lost and want to start with one of
+them again.
+
+## How this works
+
+Most of the work is done by gstreamer. The script merely generates a
+pipeline and calls [gst-launch](https://manpages.debian.org/gst-launch-1.0) to show the output. That both
+limits what it can do but also makes it much easier to use than
+figuring out `gst-launch`.
+
+I feel there *might* be some additional patterns that could be useful,
+but I feel those are better left to gstreamer. I, for example, am
+somewhat nostalgic of the [Philips circle pattern](https://en.wikipedia.org/wiki/Philips_circle_pattern) that used to
+play for TV stations that were off-air in my area. But that, in my
+opinion, could be coded as an addition to the gstreamer plugin than a
+separate thing.
+
+The script shows which command is being ran, so I also think it's a
+good introduction to gstreamer pipelines and how they can be used to
+do various things.
+
+I've previously worked with `ffmpeg` pipelines (in another such
+procrastinated coding spree, [video-proxy-magic](https://gitlab.com/anarcat/video-proxy-magic)), and I must say
+gstreamer is much more intuitive, even though it *might* be slightly
+less powerful.
+
+In retrospect, I should probably have picked a new name, to avoid
+crashing the namespace already used by the project, which is [now on
+GitHub](https://github.com/TobiX/screentest/) and, who knows, might come back to life after this blog
+post. It would [not be the first time](https://anarc.at/blog/2022-03-02-procmail-considered-harmful/#developing-story).
+
+Now, I have finally found something to test my projector, which will
+likely confirm what I've already known all along, and that it's kind
+of a piece of crap and I need to get a proper one.
+
+[[!tag draft]]

testing dark modes on android
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index f8219add..4167801f 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -69,6 +69,9 @@ I am testing those and they might make it to the top list once I'm happy:
    tabs as well, but seems to overlap with the tab menu, Auto Tab
    Discard is also [recommended](https://support.mozilla.org/en-US/kb/add-on-badges)
  * [Clean URLs](https://docs.clearurls.xyz/) (no deb, [source](https://github.com/ClearURLs/Addon)) - remove garbage in URLs
+ * [Dark Background and Light Text](https://addons.mozilla.org/en-GB/firefox/addon/dark-background-light-text/) (no deb, [source](https://github.com/m-khvoinitsky/dark-background-light-text-extension)) - Mozilla
+   also recommends [Midnight Lizard](https://addons.mozilla.org/addon/midnight-lizard-quantum/) for Android, and I also tested
+   [dark reader](https://addons.mozilla.org/addon/darkreader/)
  * [display anchors](https://addons.mozilla.org/en-US/firefox/addon/display-_anchors/) (no deb, [source](https://github.com/Rob--W/display-anchors))
  * [Greasemonkey](https://addons.mozilla.org/firefox/addon/greasemonkey/) (no deb, [source](https://github.com/greasemonkey/greasemonkey/)) - mostly for [this one hack
    for Nextcloud Calendar to show UTC times alongside local](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/nextcloud#showing-utc-times-in-weekly-calendar-view)

sort and reshuffle extensions, remove dupes
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index 8983f293..f8219add 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -30,8 +30,8 @@ I have those extensions installed and use them very frequently:
    [872773](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872773).
  * [Cookie AutoDelete](https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/) (no Debian package, [908285](http://bugs.debian.org/908285),
    [source](https://github.com/Cookie-AutoDelete/Cookie-AutoDelete)) - clear long-term identities for all sites except a
-   few
- * [GhostText][] (no debian package, [#910289](https://bugs.debian.org/910289), [source](https://github.com/GhostText/GhostText))- "It's all text" replacement
+   few, too bad it does not sync with uBlock/uMatrix ([issue
+   43](https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/43))
  * [Livemarks](https://addons.mozilla.org/en-US/firefox/addon/livemarks/) (no deb, [source](https://github.com/nt1m/livemarks)) or [Awesome RSS](https://addons.mozilla.org/en-US/firefox/addon/awesome-rss/) (no deb,
    [source](https://github.com/shgysk8zer0/awesome-rss)) - replace the [Live bookmarks removal](https://support.mozilla.org/en-US/kb/live-bookmarks-migration)
  * [uBlock Origin][] ([[!debpkg webext-ublock-origin desc="debian
@@ -70,6 +70,8 @@ I am testing those and they might make it to the top list once I'm happy:
    Discard is also [recommended](https://support.mozilla.org/en-US/kb/add-on-badges)
  * [Clean URLs](https://docs.clearurls.xyz/) (no deb, [source](https://github.com/ClearURLs/Addon)) - remove garbage in URLs
  * [display anchors](https://addons.mozilla.org/en-US/firefox/addon/display-_anchors/) (no deb, [source](https://github.com/Rob--W/display-anchors))
+ * [Greasemonkey](https://addons.mozilla.org/firefox/addon/greasemonkey/) (no deb, [source](https://github.com/greasemonkey/greasemonkey/)) - mostly for [this one hack
+   for Nextcloud Calendar to show UTC times alongside local](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/nextcloud#showing-utc-times-in-weekly-calendar-view)
  * [link hints][] (no deb, [source](https://github.com/lydell/LinkHints/)) - nice and simple alternative
    to full-scale keyboard driven interface like [tridactyl][], see the
    [keybindings](#keybindings) section below
@@ -98,6 +100,9 @@ tired of them...
    tab to a container, UI is very clikety (can't open a
    container-specific tab from the keyboard), etc. need to click-hold
    on the "+" tab button to choose container.
+ * [GhostText][] (no debian package, [#910289](https://bugs.debian.org/910289), [source](https://github.com/GhostText/GhostText))- "It's
+   all text" replacement, allowed me to edit text areas with my
+   favorite text editor (Emacs), worried about security implications
  * [LibRedirect]() ([no deb](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018865), [source](https://libredirect.github.io/source_code.html)) - redirect big platforms
    to proxied alternatives, i particularly like the Medium.com
    alternative, https://scribe.rip - stopped using because
@@ -111,6 +116,8 @@ tired of them...
  * [Switch container](https://addons.mozilla.org/en-US/firefox/addon/switch-container/) (no deb, [source](https://gitlab.com/mjanetmars/switch-container)) - fixes *one* of the
    issues with multi-account containers (ie. moving tab to another
    container)
+ * [Temporary containers](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/) - not sure that works so
+   well... installed it and then never used it so i uninstalled it.
  * [View Page Archive & Cache](https://addons.mozilla.org/en-US/firefox/addon/view-page-archive/) (no deb, [source](https://github.com/dessant/view-page-archive/)) - load page in
    one or many page archives. No "save" button unfortunately, but is
    good enough for my purposes. [The Archiver](https://addons.mozilla.org/en-US/firefox/addon/the-archiver/) (no deb,
@@ -123,30 +130,15 @@ I once used those but eventually removed them for various
 reasons. Some are unsupported, non-free software, inconvenient, too
 hard to use or simply irrelevant.
 
- * [Cookie autodelete](https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/) - even though uMatrix stops most cookies
-   from being sent, it actually stores them locally. it would be great
-   if this could sync with umatrix block lists... maybe with [issue
-   43](https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/43)? turns out this is too inconvenient: need to specify the
-   cookies to keep per container, then per site, it's a huge mess and
-   there's no way to run a "simulation" mode... either the cookies get
-   deleted and you get kicked out everywhere (at once!) or it does
-   nothing.
- * [Sea containers](https://addons.mozilla.org/en-US/firefox/addon/sea-containers/) - another GUI for containers. installed it and
-   then never used it so i uninstalled it.
- * [Temporary containers](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/) - not sure that works so
-   well... installed it and then never used it so i uninstalled it.
  * [adblock plus](https://addons.mozilla.org/fr/firefox/addon/1865) - now selling ads! replaced with ublock
  * [Addons compatibility reporter](https://addons.mozilla.org/en-US/firefox/addon/add-on-compatibility-reporter/) - useless since Firefox 57 /
    Quantum, as incompatible extensions are just *disabled*
  * [Debian buttons](https://icedeb.ktnx.net/) didn't work for me as it requires buttons, so I
    made a simple [bookmarks folder](https://salsa.debian.org/debian/debian-bookmarks-shortcuts) instead
+ * [firebug](https://addons.mozilla.org/firefox/1843/) - somewhat built-in
  * [it's all text!][] ([[!debpkg xul-ext-itsalltext desc="debian
    package"]], [source](https://github.com/docwhat/itsalltext)) - now [obsolete](https://github.com/docwhat/itsalltext/issues/94) and replaced by
    GhostText (see above)
- * [yslow](https://addons.mozilla.org/fr/firefox/addon/5369) - now more or less built-in
- * [firebug](https://addons.mozilla.org/firefox/1843/) - same
- * [webdevelopper toolbar](https://addons.mozilla.org/firefox/60/) - not exactly builtin, but builtins are
-   good enough now
  * [password hasher](https://addons.mozilla.org/fr/firefox/addon/3282) -
    has security issues - completely removed any password management
    from my browser, see [[blog/2017-03-02-password-hashers]] for a
@@ -162,6 +154,18 @@ hard to use or simply irrelevant.
    available, is not free software, and seems to not actually be
    working offline, so URL contents are shared with an online
    service.
+ * [Sea containers](https://addons.mozilla.org/en-US/firefox/addon/sea-containers/) - another GUI for containers. installed it and
+   then never used it so i uninstalled it.
+ * [Smart HTTPS](https://addons.mozilla.org/en-US/firefox/addon/smart-https-revived/) (no deb, [source](https://github.com/ilGur1132/Smart-HTTPS)) - some use [HTTPS
+   everywhere](https://www.eff.org/https-everywhere) but I found that one works too and doesn't require
+   sites to be added to a list. nowadays, https URLs match http URLs
+   quite well: long gone are the days where wikipedia had a special
+   "secure" URL... HE does have a "Block all unencrypted requests"
+   setting, but it does exactly that: it breaks plaintext sites
+   completely. See [issue #7936](https://github.com/EFForg/https-everywhere/issues/7936) and [issue #16488](https://github.com/EFForg/https-everywhere/issues/16488) for
+   details. Nowadays, I just don't need any extension: I enable
+   [HTTPS-only mode](https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/) (AKA `dom.security.https_only_mode`). The EFF
+   even [deprecated HTTPS everywhere](https://www.eff.org/https-everywhere/set-https-default-your-browser) because of this.
  * [Snooze tabs](https://addons.mozilla.org/en-US/firefox/addon/snoozetabs/) (no deb, [source](https://github.com/bwinton/SnoozeTabs#readme)) - another way to deal with
    tab explosion. never really used it seriously, i have an agenda and
    Wallabag for that kind of stuff
@@ -185,6 +189,9 @@ hard to use or simply irrelevant.
    down, but it often fails to notice when a site is down or think
    it's down when it isn't. Replaced with [View Page Archive &
    Cache][].
+ * [webdevelopper toolbar](https://addons.mozilla.org/firefox/60/) - not exactly builtin, but builtins are
+   good enough now
+ * [yslow](https://addons.mozilla.org/fr/firefox/addon/5369) - now more or less built-in
  * [zotero](https://www.zotero.org/) is in a bad shape in Debian. The
    "XUL" extension is gone from Zotero 5.0, and the 4.0 extension will
    stop working because upstream will drop support in 2018. Debian is
@@ -192,16 +199,6 @@ hard to use or simply irrelevant.
    ([#871502](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871502)). Right now I'm using the <del>standalone binary from
    upstream</del> flatpak but I'm looking at alternatives, see
    [[services/bookmarks]] for that more general problem.
- * [Smart HTTPS](https://addons.mozilla.org/en-US/firefox/addon/smart-https-revived/) (no deb, [source](https://github.com/ilGur1132/Smart-HTTPS)) - some use [HTTPS
-   everywhere](https://www.eff.org/https-everywhere) but I found that one works too and doesn't require
-   sites to be added to a list. nowadays, https URLs match http URLs
-   quite well: long gone are the days where wikipedia had a special
-   "secure" URL... HE does have a "Block all unencrypted requests"
-   setting, but it does exactly that: it breaks plaintext sites
-   completely. See [issue #7936](https://github.com/EFForg/https-everywhere/issues/7936) and [issue #16488](https://github.com/EFForg/https-everywhere/issues/16488) for
-   details. Nowadays, I just don't need any extension: I enable
-   [HTTPS-only mode](https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/) (AKA `dom.security.https_only_mode`). The EFF
-   even [deprecated HTTPS everywhere](https://www.eff.org/https-everywhere/set-https-default-your-browser) because of this.
 
 [it's all text!]: https://addons.mozilla.org/en-US/firefox/addon/its-all-text/
 

update battery/chargers status: bought Sharge junk
diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index 460df3c2..3f961033 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -85,6 +85,31 @@ The spec here is at least 65W USB-C with international plugs.
   interesting gear nevertheless)
 * StarLabs have a [65W USB-C charger](https://ca.starlabs.systems/collections/power-cables/products/65w-gan-usb-c-power-adapter) with detachable plugs
 
+### Sharge
+
+I also bought [this
+charger](https://sharge.com/products/shargeek-usb-c-charger-100w?variant=44383481954555):
+
+ * 77 x 59 x 29mm, 220g
+ * USB-C × 3, USB-A × 1
+ * PD3.0, PPS(3.3~21V⎓5A), QC 3.0/4+, Apple 2.4, SCP, FCP, AFC, PE(C), VOOC, DASH, PE(A)
+ * Output:
+   * USB-C1 or USB-C2: PD 100W
+   * USB-C3: PD 20W
+   * USB-A: QC 18W / CSP 22.5W
+   * USB-C1+USB-C2: PD 60W+PD 30W
+   * USB-C1+USB-C3: PD 60W+PD 20W
+   * USB-C2+USB-C3: PD 45W+PD 20W
+   * USB-C1+USB-A: PD 60W+QC 18W / SCP 22.5W
+   * USB-C2+USB-A: PD 45W+QC 18W / SCP 22.5W
+   * USB-C3+USB-A: 10W+10W
+   * USB-C1+USB-C2+USB-C3: PD 45W+PD 30W+PD 20W
+   * USB-C1+USB-C2+USB-A: PD 45W+PD 30W+QC 18W / SCP 22.5W
+   * USB-C1+USB-C3+USB-A: PD 60W+10W+10W
+   * USB-C2+USB-C3+USB-A: PD45W+10W+10W
+   * USB-C1+USB-C2+USB-C3+USB-A: PD 45W+PD 30W+10W+10W
+ * include 3 adapter plugs
+
 ### TOFU power station
 
 I found that weird little thing through [this Twitter post](https://twitter.com/bsdbcr/status/1614887137735737346) from
diff --git a/hardware/battery.md b/hardware/battery.md
index 3ef04a85..1ba325c1 100644
--- a/hardware/battery.md
+++ b/hardware/battery.md
@@ -1,5 +1,7 @@
 [[!toc levels=3]]
 
+See also [[USB-C docks and power supplies blog post|blog/2023-02-10-usb-c]].
+
 # Power banks
 
 ## Specification
@@ -72,6 +74,15 @@ Specs:
  * 68,33 x 131,83 x 15,75 mm, 222g
 
 Poids : 222 g
+
+The actual device I have on hand here is:
+
+ * Output: 5V/2.1A
+ * Capacity: 20Ah/74Wh
+ * 2xUSB-A 1xUSB-C 1xMicroUSB (input)
+ * Button with 4 LEDs indicating current charge
+ * 144 x 67mm x 26mm, mass unknown, about a pound?
+
 ## Sharge
 
 [Sharge](https://sharge.com/) also has interesting products, even if a little flashy and
@@ -85,7 +96,8 @@ Specs:
 
  * 151 × 59 × 47mm, 591.3g
  * 25,600mAh / 93.5Wh
- * USB-C × 2 (100W / 70W + 30W), USB-A × 1 (18W), DC × 1 (
+ * USB-C × 2 (100W / 70W + 30W), USB-A × 1 (18W), DC × 1 (75W, 5.5x2.5
+   barrel connector)
  * PD 3.0
  * 199$
  * DC output port with voltage adjustable from 3.3V to 25.2V in 0.1V
@@ -101,6 +113,8 @@ cheaper (150$).
 
 [This Framework user is very happy with his Storm2](https://community.frame.work/t/this-looks-like-a-decent-portable-140w-power-bank-good-match-for-the-fw-laptop/23032/12?u=anarcat).
 
+Update: I ended up buying a Storm2 for now.
+
 ## TOFU
 
 I bought the [MASA power bank](https://zentofu.com/tpb.php) which promise a 68.4Wh supply

wscreensaver fork
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 88aff768..33b00b53 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -811,7 +811,9 @@ do not solve that problem either.
 It looks like [swaylock-plugin][], a swaylock fork, which at least
 attempts to solve this problem, although not directly using the real
 xscreensaver hacks. [swaylock-effects][] is another attempt at this,
-but it only adds more effects, it doesn't delegate the image display.
+but it only adds more effects, it doesn't delegate the image
+display. There's also an attempt at porting xscreensaver out right,
+with [wscreensaver](https://sr.ht/~mstoeckl/wscreensaver/).
 
 Other than that, maybe it's time to just let go of those funky
 animations and just let swaylock do it's thing, which is display a

merge UPS stuff into battery
The .org mode was first exported as HTML then converted to markdown
with html2markdown (from python3-html2text) because it correctly
handles tables (and org-mode's Markdown output doesn't).
Then the TOC was removed, headings were tweaked, and so on.
diff --git a/hardware/battery.md b/hardware/battery.md
index a4a71acc..3ef04a85 100644
--- a/hardware/battery.md
+++ b/hardware/battery.md
@@ -58,6 +58,20 @@ nice:
 The [Anker prime](https://www.anker.com/products/a1336-20000mah-power-bank?variant=42691854925974) is slightly cheaper (130$) and shorter (124.6 x
 53.3 x 48.26mm). 100W, 20Ah.
 
+## Belkin
+
+I have bought a number of Power banks from the local Best Buy. As
+typical from Best Buy, all of the products I find in my order history
+are gone from their website, but the current (late 2023) equivalent
+would probably be this [10Ah power bank](https://www.bestbuy.ca/fr-ca/produit/chargeur-portable-a-deux-ports-usb-de-10000-mah-de-belkin-bleu/16937984).
+
+Specs:
+
+ * 15W output (total!)
+ * 2xUSB-A 1xUSB-C
+ * 68,33 x 131,83 x 15,75 mm, 222g
+
+Poids : 222 g
 ## Sharge
 
 [Sharge](https://sharge.com/) also has interesting products, even if a little flashy and
@@ -180,6 +194,63 @@ the battery, but then it's only one battery, so only 5W charging,
 which is very slow. Upside: it can also charge the battery from an
 external power source. [Review](https://lygte-info.dk/review/Review%20Charger%20Folomov%20A1%20UK.html)
 
+# UPS
+
+## Battery capacity estimates
+
+### Upstairs office
+
+| item     | DC V | DC A | DC W  | AC V | AC A  | VA   | rated VA   |
+|----------|------|------|-------|------|-------|------|------------|
+| ATA      | 5    | 2    | 10    | 120  | 0.3   | 36.  | 23-36      |
+| phone    | 6    | 0.4  | 2.4   | 120  | 0.150 | 18.  |            |
+| cordless | 6    | 0.3  | 1.8   | 120  | 0.025 | 3.   |            |
+| Omnia    | 12   | 3.33 | 39.96 | 120  | 1.5   | 180. |            |
+| Modem    | 12   | 2    | 24    | 120  | 0.7   | 84.  |            |
+| Total    |      |      | 78.16 |      |       | 321. | 320?       |
+<!-- this was an org-mode table that computed sums automatically: -->
+<!-- #+TBLFM: $4=$2*$3::$7=$5*$6::@1$4=DC W::@1$7=VA::@7$4=vsum(@2$4..@6$4)::@7$7=vsum(@2$7..@6$7) -->
+
+Setup on the APC BR1000MS (1000VA), which estimates ~3h standby time, with
+about 18W in actual use.
+
+This survived for about 2h30 minutes during a 3h power outage on 2021-06-09,
+with indoor temperature of about 27C.
+
+### Downstairs
+
+server should take less than 500W AC, according to the specs. But according to
+what's actually inside, it should be much less:
+
+| item        | rating | count | rating count |
+|-------------|--------|-------|--------------|
+| Motherboard | 50 W   | 1     | 50 W         |
+| CPU         | 65 W   | 1     | 65 W         |
+| Memory      | 3 W    | 1     | 3 W          |
+| HDDs        | 9 W    | 4     | 36 W         |
+| SSDs        | 3 W    | 2     | 6 W          |
+| Total       | -      | -     | 160 W        |
+<!-- this was an org-mode table that computed sums automatically: -->
+<!-- #+TBLFM: $4=$2*$3::@7$4=vsum(@2$4..@6$4)::<r2> -->
+
+Actual power usage, according to the UPS downstairs (APC BX1500M 1500VA),
+fluctuates between 60 and 80 watts, with about 50 minutes of standby time.
+
+## Possible hardware
+
+  * APC Back-UPS BR1500MS, 270$ 1500VA 4-15min load, USB 10 ports <https://www.mikescomputershop.com/product/8866164>
+  * APC Back-UPS BR1500G 290$ 1500VA 3-13min load, no USB, 5 ports + 5 surge <https://www.mikescomputershop.com/product/76822>
+  * APC Back-UPS 650 105$ 650VA 3-13min load max 400W load 4 ports + 4 surge <https://www.mikescomputershop.com/product/474878>
+  * spare batteries: <https://www.upsbatterycenter.ca/>
+  * how to pick a UPS (TL;DR: VA = 1.6*W): <https://www.howtogeek.com/161479/how-to-select-a-battery-backup-for-your-computer/>
+
+## Actual hardware
+
+I ended up ordering this from Amazon (yes, I know):
+
+  * APC BR1000MS: 1000VA, 196$
+  * APC BX1500M: 1500VA, 212$
+
 # See also
 
  * [[power.org]]
diff --git a/hardware/power.org b/hardware/power.org
deleted file mode 100644
index ab79cb22..00000000
--- a/hardware/power.org
+++ /dev/null
@@ -1,59 +0,0 @@
-* Battery capacity estimates
-
-** Upstairs office
-
-| item     | DC V | DC A |  DC W | AC V |  AC A |   VA | rated VA |
-|----------+------+------+-------+------+-------+------+----------|
-| ATA      |    5 |    2 |    10 |  120 |   0.3 |  36. | 23-36    |
-| phone    |    6 |  0.4 |   2.4 |  120 | 0.150 |  18. |          |
-| cordless |    6 |  0.3 |   1.8 |  120 | 0.025 |   3. |          |
-| Omnia    |   12 | 3.33 | 39.96 |  120 |   1.5 | 180. |          |
-| Modem    |   12 |    2 |    24 |  120 |   0.7 |  84. |          |
-| Total    |      |      | 78.16 |      |       | 321. | 320?     |
-#+TBLFM: $4=$2*$3::$7=$5*$6::@1$4=DC W::@1$7=VA::@7$4=vsum(@2$4..@6$4)::@7$7=vsum(@2$7..@6$7)
-
-Setup on the APC BR1000MS (1000VA), which estimates ~3h standby time,
-with about 18W in actual use.
-
-This survived for about 2h30 minutes during a 3h power outage on
-2021-06-09, with indoor temperature of about 27C.
-
-** Downstairs
-
-server should take less than 500W AC, according to the specs. But
-according to what's actually inside, it should be much less:
-
-| item        | rating | count | rating count |
-| Motherboard | 50 W   |     1 | 50 W         |
-| CPU         | 65 W   |     1 | 65 W         |
-| Memory      | 3 W    |     1 | 3 W          |
-| HDDs        | 9 W    |     4 | 36 W         |
-| SSDs        | 3 W    |     2 | 6 W          |
-| Total       | -      |     - | 160 W        |
-#+TBLFM: $4=$2*$3::@7$4=vsum(@2$4..@6$4)::<r2>
-
-Actual power usage, according to the UPS downstairs (APC BX1500M
-1500VA), fluctuates between 60 and 80 watts, with about 50 minutes of
-standby time.
-
-* Possible hardware
-
- * APC Back-UPS BR1500MS, 270$ 1500VA 4-15min load, USB 10 ports
-   https://www.mikescomputershop.com/product/8866164
-
- * APC Back-UPS BR1500G 290$ 1500VA 3-13min load, no USB, 5 ports + 5
-   surge https://www.mikescomputershop.com/product/76822
-
- * APC Back-UPS 650 105$ 650VA 3-13min load max 400W load 4 ports + 4
-   surge https://www.mikescomputershop.com/product/474878
-
- * spare batteries: https://www.upsbatterycenter.ca/
-
- * how to pick a UPS (TL;DR: VA = 1.6*W): https://www.howtogeek.com/161479/how-to-select-a-battery-backup-for-your-computer/
-
-* Actual hardware
-
-I ended up ordering this from Amazon (yes, I know):
-
- * APC BR1000MS: 1000VA, 196$
- * APC BX1500M: 1500VA, 212$

fix headings, toc
diff --git a/hardware/battery.md b/hardware/battery.md
index ae60c1c0..a4a71acc 100644
--- a/hardware/battery.md
+++ b/hardware/battery.md
@@ -1,3 +1,5 @@
+[[!toc levels=3]]
+
 # Power banks
 
 ## Specification
@@ -163,14 +165,14 @@ that the batteries could be eventually changed, although there's no
 promise on the repairability of this thing, which I would assume to be
 poor unless proven otherwise.
 
-### Xtar
+## Xtar
 
 [This thread](https://old.reddit.com/r/18650masterrace/comments/qpx456/power_bank_options/) pointed at the [PBS2 charger](https://www.xtar.cc/product/XTAR-PB2S-Charger-122.html) which features
 swappable batteries, but is limited to ~25W output if I read it right.
 
 30$.
 
-### Folomov
+## Folomov
 
 An extreme case is the [Folomov A1](http://www.folomov.com/content/?126.html) which is just two terminals
 that you connect to both end of a battery. Tiny, basically the size of

move all power banks stuff out of usb-c article
diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index 6a9a77dd..460df3c2 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -242,64 +242,8 @@ that the manual doesn't even mention all of it. For example, the
 specifications mention a LED and an SD card reader somewhere in there,
 and I haven't found those yet, and they're not in the manual.
 
-This and the MASA power bank (below) were ordered together and took
-over a *month* to ship.
-
-### TOFU MASA power bank
-
-This is getting off-topic but...
-
-I also bought the [MASA power bank](https://zentofu.com/tpb.php) which promise a 68.4Wh supply
-so, in theory, could act as a second battery for my framework
-laptop. I'll believe it when I see it though. It also acts as a
-wireless charger which would be nice if I had any wireless charging
-thing. It ships in a nice case and a USB-C wire with two adapters that
-actually fit in the case if you roll them up just so. 
-
-Specifications:
-
- * Full recharge in 3 hours with 33W input, 50% in one hour
- * Type-c Port1: Support USB-PD/Maximum 30W(5/9/12/15/20V)
- * Output Port1: Maximum 36W(20/15/12/9/5V)
- * Output Port2: Maximum 18W(9V2A,5V3A)
- * Wireless: QI standard Maximum 7.5W
- * Battery: Li-ion Polymer battery
- * 3 cells: 68.4Wh (18000mAh±5%)
- * Dimensions, closed: 80x80x28 mm
- * Dimensions, opened: 82x80x57 mm
- * Weight: 320g
- * [User manual](https://www.zentofu.com/book/en_TPB.jpg)
- * [Home page](https://zentofu.com/tpb.php)
- * [Shop](https://www.elvesfactory.com/worldshop/EN/TOFU/TPB) (88$USD)
-
-A little bulky. Doesn't seem to actually charge anything, hugely
-disappointing.
-
-Update: in contact with tech support, it seems I am misinterpreting
-the output of the LEDs. Also, when the battery is fully discharged, it
-can't charge fast with USB-C.
-
-Here are the LED meanings I could gather:
-
- * when clicked:
-   * all four LEDs steady: battery full, 100% charged
-   * 3 LEDs steady: 75% charged
-   * 2 LEDs steady: 50% charged
-   * 1 LED steady: 25% charged
-   * all four LEDs blinking: low battery warning, plug in a USB-A slow
-     charger for an hour
-   * no LED: flat dead, plug in a slow charger
- * when charging:
-   * rightmost LED blinking: 0-25% charged, need slow charging
-   * one steady LED, second LED blinking: 25%+ charged, can charge
-     fast
-
-The LED button can be pushed for two seconds to reset the protection
-circuits.
-
-Update 2: even with that knowledge, the last time I tried to use this,
-I failed. I was simply trying to charge a Pixel 6a phone, and it
-wouldn't charge. Garbage.
+This and the [[MASA power bank|hardware/battery#TOFU]] were ordered
+together and took over a *month* to ship.
 
 ### Ugreen
 
@@ -350,36 +294,11 @@ A good choice.
 ### ZMI
 
 [ZMI](https://www.zmifi.com/) has interesting products like [this 65W international travel
-adapter](https://www.zmifi.com/en/product/2/171.html). Found out about the company in [this post on the
-Framework forum](https://community.frame.work/t/this-looks-like-a-decent-portable-140w-power-bank-good-match-for-the-fw-laptop/23032/8?u=anarcat) referring to some battery pack of theirs they
-were happy with.
-
-One charger I was puzzled by is this [combined charger /
-battery](https://www.zmifi.com/en/product/1/156.html). It's a 45W charger with a small (6700mAh, so about
-presumably 25Wh). It has a USB-A and USB-C port. Otherwise they have a
-single [30W 10Ah battery](https://www.zmifi.com/en/product/1/173.html) which can presumably charge a Framework
-laptop in an hour.
-
-They're also doing this [crowdfunding campaign](https://www.indiegogo.com/projects/zmi-no-20-the-world-s-most-powerful-powerpack#/) for "ZMI No. 20:
-The World's Most Powerful PowerPack 25000mAh Battery w/ 3 PD Ports |
-Revolutionary 210W Max Output | 100W USB-C/USB-A | Fast Charge". That
-product is actually "shipping" but is not on their main store page
-yet, and it's not possible to buy it on the IndieGogo page either.
-
-Interestingly, it seems to embed a 21700 battery, similar to the 18650
-but more compact and apparently [used in Tesla cars](https://www.ecolithiumbattery.com/21700-vs-18650/), see also
-[this comparison with the 18650](https://tritekbattery.com/21700-or-18650-battle-of-batteries-on-lev/). This gives at least some promise
-that the batteries could be eventually changed, although there's no
-promise on the repairability of this thing, which I would assume to be
-poor unless proven otherwise.
+adapter](https://www.zmifi.com/en/product/2/171.html). They have more battery packs though, see
+[[hardware/battery#zmi]] for more.
 
 Untested.
 
-Update: there *are* such devices, from less reputable sources. See
-[this 18650/21700 PD45W power pack](https://www.aliexpress.com/item/1005005187644748.html) or [200W](https://www.aliexpress.com/item/1005005201173947.html) (!!). Ali Express
-also has [this USB tester](https://www.aliexpress.com/item/1005004417453269.html) which could be used to compare battery
-packs and chargers.
-
 ## USB Docks
 
 Specification: 
@@ -470,6 +389,10 @@ logging out fixes the issue: GDM3 takes over and reinitializes the
 monitors properly. Then Sway can do its thing when I log back in
 again.
 
+## Power banks
+
+This has been spun out in another page, see [[hardware/battery]].
+
 # Your turn!
 
 So what's your desktop setup like? Do you have docks? a laptop? a
diff --git a/hardware/battery.md b/hardware/battery.md
new file mode 100644
index 00000000..ae60c1c0
--- /dev/null
+++ b/hardware/battery.md
@@ -0,0 +1,183 @@
+# Power banks
+
+## Specification
+
+Minimum requirements:
+
+ * USB-C input and output
+ * phone-sized, not too bulky
+ * airplane-ready (<=100Wh, [according to this](https://community.frame.work/t/this-looks-like-a-decent-portable-140w-power-bank-good-match-for-the-fw-laptop/23032/8?u=anarcat))
+ * ~65W USB-C PD, enough to power a laptop for a while
+ * fast *and* slow charging
+
+Nice to have:
+
+ * 100W+ USB-C PD
+ * user-serviceable batteries
+ * LED output with temperature, full charge, input/output power, etc,
+   state of the art might be Sharge here...
+
+One thing to keep in mind with user-swappable battery banks is that
+even if the capacity itself isn't that big, it's possible to carry an
+large number of (full) batteries and swap them along, or rotate them
+in another charger (although another charger is then required).
+
+## Ali Express stuff
+
+There are a number of power banks with user-replaceable batteries on
+Ali Express. See [this 18650/21700 PD45W power pack](https://www.aliexpress.com/item/1005005187644748.html) or [200W](https://www.aliexpress.com/item/1005005201173947.html)
+(!!). Came from [this discussion](https://community.frame.work/t/we-want-a-battery-case/28802/60). The 200W might be a bit too
+bulky and not airline-friendly. The 45W is pretty ugly and too bulky.
+
+[This model](https://www.aliexpress.com/item/1005004338082463.html) boasts room for *16* 18650 but only 15W output. 15$
+though. 90$ batteries included. [Recommended by this reddit user](https://old.reddit.com/r/SteamDeck/comments/ydb5uy/i_tried_the_aliexpress_ip5389_power_bank_with_my/),
+found in [this thread](https://old.reddit.com/r/18650masterrace/comments/x9403q/help_with_purchasing_power_bank/iny6t6n/).
+
+[This model](https://www.aliexpress.com/item/1005004244989066.html) is much more promising: 8x18650 batteries, 38.4Ah, PD
+100W. 
+
+Note: Ali Express also has [this USB tester](https://www.aliexpress.com/item/1005004417453269.html) which could be used to
+compare battery packs and chargers.
+
+## Anker
+
+Anker is [widely](https://old.reddit.com/r/BuyItForLife/comments/987psf/request_looking_for_a_portable_power_bank/) [recommended](https://old.reddit.com/r/BuyItForLife/comments/i06nwq/request_bifl_power_bank/). The [Anker 737](https://www.anker.com/products/a1289?variant=41974285041814) is pretty
+nice:
+
+ * decent display
+ * 140W in/out
+ * simultaneous charge/discharge
+ * 24Ah
+ * 2xUSB-C 1xUSB-A
+ * a little bulky: 155.7 × 54.6 × 49.5 mm
+ * heavy: 636g
+ * expensive: 170$
+
+The [Anker prime](https://www.anker.com/products/a1336-20000mah-power-bank?variant=42691854925974) is slightly cheaper (130$) and shorter (124.6 x
+53.3 x 48.26mm). 100W, 20Ah.
+
+## Sharge
+
+[Sharge](https://sharge.com/) also has interesting products, even if a little flashy and
+expensive, [their Storm2 charger](https://sharge.com/products/storm2) looks like it has replaceable
+batteries, [and this post seems to say it's possible to replace
+them](https://old.reddit.com/r/mobilerepair/comments/zm2j9b/repairable_portable_power_banks_can_i_repair_this/j08nulc/), but [this teardown is disappointing](https://www.youtube.com/watch?v=jak02wPBHzg), and doesn't even
+show how to replace the batteries. [This comment says they are "welded
+in"](https://old.reddit.com/r/18650masterrace/comments/x9403q/help_with_purchasing_power_bank/io32bvt/), although that might be an exaggeration.
+
+Specs:
+
+ * 151 × 59 × 47mm, 591.3g
+ * 25,600mAh / 93.5Wh
+ * USB-C × 2 (100W / 70W + 30W), USB-A × 1 (18W), DC × 1 (
+ * PD 3.0

(Diff truncated)
tofu power bank update, hint: it sucks
diff --git a/blog/2023-02-10-usb-c.md b/blog/2023-02-10-usb-c.md
index b36b7480..6a9a77dd 100644
--- a/blog/2023-02-10-usb-c.md
+++ b/blog/2023-02-10-usb-c.md
@@ -256,6 +256,22 @@ wireless charger which would be nice if I had any wireless charging
 thing. It ships in a nice case and a USB-C wire with two adapters that
 actually fit in the case if you roll them up just so. 
 
+Specifications:
+
+ * Full recharge in 3 hours with 33W input, 50% in one hour
+ * Type-c Port1: Support USB-PD/Maximum 30W(5/9/12/15/20V)
+ * Output Port1: Maximum 36W(20/15/12/9/5V)
+ * Output Port2: Maximum 18W(9V2A,5V3A)
+ * Wireless: QI standard Maximum 7.5W
+ * Battery: Li-ion Polymer battery
+ * 3 cells: 68.4Wh (18000mAh±5%)
+ * Dimensions, closed: 80x80x28 mm
+ * Dimensions, opened: 82x80x57 mm
+ * Weight: 320g
+ * [User manual](https://www.zentofu.com/book/en_TPB.jpg)
+ * [Home page](https://zentofu.com/tpb.php)
+ * [Shop](https://www.elvesfactory.com/worldshop/EN/TOFU/TPB) (88$USD)
+
 A little bulky. Doesn't seem to actually charge anything, hugely
 disappointing.
 
@@ -281,21 +297,9 @@ Here are the LED meanings I could gather:
 The LED button can be pushed for two seconds to reset the protection
 circuits.
 
-Specifications:
-
- * Full recharge in 3 hours with 33W input, 50% in one hour
- * Type-c Port1: Support USB-PD/Maximum 30W(5/9/12/15/20V)
- * Output Port1: Maximum 36W(20/15/12/9/5V)
- * Output Port2: Maximum 18W(9V2A,5V3A)
- * Wireless: QI standard Maximum 7.5W
- * Battery: Li-ion Polymer battery
- * 3 cells: 68.4Wh (18000mAh±5%)
- * Dimensions, closed: 80x80x28 mm
- * Dimensions, opened: 82x80x57 mm
- * Weight: 320g 
- * [User manual](https://www.zentofu.com/book/en_TPB.jpg)
- * [Home page](https://zentofu.com/tpb.php)
- * [Shop](https://www.elvesfactory.com/worldshop/EN/TOFU/TPB) (88$USD)
+Update 2: even with that knowledge, the last time I tried to use this,
+I failed. I was simply trying to charge a Pixel 6a phone, and it
+wouldn't charge. Garbage.
 
 ### Ugreen
 

itp for swayosd
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 6da1cf46..88aff768 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -1469,7 +1469,7 @@ percentage.
 Other alternatives:
 
  * [Avizo][], not in Debian, requires keybinding wrapper
- * [SwayOSD][], not in Debian, requires keybinding wrapper or libinput access
+ * [SwayOSD][], [not in Debian](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057301), requires keybinding wrapper or libinput access
 
 [Avizo]: https://github.com/misterdanb/avizo
 [SwayOSD]: https://github.com/ErikReider/SwayOSD

another framework 13 review
diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index b803623f..c32d9946 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -81,6 +81,7 @@ Review:
    when under load, long battery life, still no new display options"
  * [Tom's hardware](https://www.tomshardware.com/news/amd-7040-framework-laptop-mainboard-transfer-performance-test-review), AMD - "Switching from one platform to the
    other was easy"
+ * [Phoronix](https://www.phoronix.com/review/framework-13-amd/6), AMD - "fantastic choice for Linux users"
 
 ### Framework 16
 

more fonts
diff --git a/blog/2020-03-10-font-changes.mdwn b/blog/2020-03-10-font-changes.mdwn
index 0769bfae..3e5d0a51 100644
--- a/blog/2020-03-10-font-changes.mdwn
+++ b/blog/2020-03-10-font-changes.mdwn
@@ -284,4 +284,8 @@ out a little better:
 with the other top of letters, something in Fira mono that really
 annoys me now that I've noticed it (it's not aligned!).
 
+2023-12-04: Tor is reviewing its design and are switching to [Space
+Grotesk](https://floriankarsten.github.io/space-grotesk/) and [Inter](https://rsms.me/inter/) which led me to [Space Mono](https://www.colophon-foundry.org/custom-projects/space-mono), which
+looks pretty neat.
+
 [[!tag debian-planet python-planet typography meta ikiwiki theming usability]]

update itp status, fuzzel in debian
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 4b74503b..6da1cf46 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -595,29 +595,29 @@ battle in the pull request][] that led to the creation of a fork
 Given how relatively trivial problem space is, there is of course a
 profusion of options:
 
-| Tool                    | In Debian      | Notes                                                                    |
-|-------------------------|----------------|--------------------------------------------------------------------------|
-| [alfred][]              | yes            | general launcher/assistant tool                                          |
-| [anyrun][]              | no             | Rust, launchercalculator, plugins, dmenu                                 |
-| [bemenu][]              | yes, bookworm+ | inspired by dmenu                                                        |
-| [cerebro][]             | no             | Javascript ... uh... thing                                               |
-| [dmenu-wl][]            | no             | fork of [dmenu][], straight port to Wayland                              |
-| [Fuzzel][]              | [ITP 982140][] | dmenu/drun replacement, app icon overlay                                 |
-| [gmenu][]               | no             | drun replacement, with app icons                                         |
-| [kickoff][]             | no             | dmenu/run replacement, fuzzy search, "snappy", history, copy-paste, Rust |
-| [krunner][]             | yes            | KDE's runner                                                             |
-| [mauncher][]            | no             | dmenu/drun replacement, math                                             |
-| [nwg-launchers][]       | no             | dmenu/drun replacement, JSON config, app icons, [nwg-shell project][]    |
-| [Onagre][]              | no             | rofi/alfred inspired, multiple plugins, Rust                             |
-| [πmenu][]               | no             | dmenu/drun rewrite                                                       |
-| [Rofi (lbonn's fork)][] | no             | see above                                                                |
-| [sirula][]              | no             | `.desktop` based app launcher                                            |
-| [Ulauncher][]           | [ITP 949358][] | generic launcher like Onagre/rofi/alfred, might be overkill              |
-| [tofi][]                | yes, bookworm+ | dmenu/drun replacement, C                                                |
-| [wlr-which-key][]       | no             | key-driven, limited but simple launcher, inspired by which-key.nvim      |
-| [wmenu][]               | no             | fork of dmenu-wl, but mostly a rewrite                                   |
-| [Wofi][]                | yes            | dmenu/drun replacement, not actively maintained                          |
-| [yofi][]                | no             | dmenu/drun replacement, Rust                                             |
+| Tool                    | In Debian       | Notes                                                                    |
+|-------------------------|-----------------|--------------------------------------------------------------------------|
+| [alfred][]              | yes             | general launcher/assistant tool                                          |
+| [anyrun][]              | [ITP 1057118][] | Rust, launchercalculator, plugins, dmenu                                 |
+| [bemenu][]              | yes, bookworm+  | inspired by dmenu                                                        |
+| [cerebro][]             | no              | Javascript ... uh... thing                                               |
+| [dmenu-wl][]            | no              | fork of [dmenu][], straight port to Wayland                              |
+| [Fuzzel][]              | yes, bookworm+  | dmenu/drun replacement, app icon overlay                                 |
+| [gmenu][]               | no              | drun replacement, with app icons                                         |
+| [kickoff][]             | no              | dmenu/run replacement, fuzzy search, "snappy", history, copy-paste, Rust |
+| [krunner][]             | yes             | KDE's runner                                                             |
+| [mauncher][]            | no              | dmenu/drun replacement, math                                             |
+| [nwg-launchers][]       | no              | dmenu/drun replacement, JSON config, app icons, [nwg-shell project][]    |
+| [Onagre][]              | no              | rofi/alfred inspired, multiple plugins, Rust                             |
+| [πmenu][]               | no              | dmenu/drun rewrite                                                       |
+| [Rofi (lbonn's fork)][] | no              | see above                                                                |
+| [sirula][]              | no              | `.desktop` based app launcher                                            |
+| [Ulauncher][]           | [ITP 949358][]  | generic launcher like Onagre/rofi/alfred, might be overkill              |
+| [tofi][]                | yes, bookworm+  | dmenu/drun replacement, C                                                |
+| [wlr-which-key][]       | no              | key-driven, limited but simple launcher, inspired by which-key.nvim      |
+| [wmenu][]               | no              | fork of dmenu-wl, but mostly a rewrite                                   |
+| [Wofi][]                | yes             | dmenu/drun replacement, not actively maintained                          |
+| [yofi][]                | no              | dmenu/drun replacement, Rust                                             |
 
 The above list comes partly from <https://arewewaylandyet.com/> and
 [awesome-wayland][]. It is likely incomplete.
@@ -654,6 +654,7 @@ Note that [wlogout][] could be a partial replacement (just for the
 [dmenu]: https://wiki.archlinux.org/title/dmenu
 [Fuzzel]: https://codeberg.org/dnkl/fuzzel
 [gmenu]: https://code.rocketnine.space/tslocum/gmenu
+[ITP 1057118]: https://bugs.debian.org/1057118
 [ITP 949358]: http://bugs.debian.org/949358
 [ITP 982140]: http://bugs.debian.org/982140
 [kickoff]: https://github.com/j0ru/kickoff

sort launchers
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 5415dbd6..4b74503b 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -646,7 +646,6 @@ reintegrated...
 Note that [wlogout][] could be a partial replacement (just for the
 "power menu").
 
-[wtype]: https://github.com/atx/wtype
 [alfred]: https://github.com/albertlauncher/albert
 [anyrun]: https://github.com/Kirottu/anyrun
 [bemenu]: https://github.com/Cloudef/bemenu
@@ -654,33 +653,34 @@ Note that [wlogout][] could be a partial replacement (just for the
 [dmenu-wl]: https://github.com/nyyManni/dmenu-wayland
 [dmenu]: https://wiki.archlinux.org/title/dmenu
 [Fuzzel]: https://codeberg.org/dnkl/fuzzel
-[ITP 982140]: http://bugs.debian.org/982140
 [gmenu]: https://code.rocketnine.space/tslocum/gmenu
+[ITP 949358]: http://bugs.debian.org/949358
+[ITP 982140]: http://bugs.debian.org/982140
 [kickoff]: https://github.com/j0ru/kickoff
 [krunner]: https://invent.kde.org/frameworks/krunner
+[lbonn/rofi]: https://github.com/lbonn/rofi
 [mauncher]: https://github.com/mortie/mauncher
+[not support Wayland]: https://github.com/davatorium/rofi/issues/446
 [nwg-launchers]: https://github.com/nwg-piotr/nwg-launchers
 [nwg-shell project]: https://nwg-piotr.github.io/nwg-shell/
 [Onagre]: https://github.com/oknozor/onagre
-[πmenu]: https://github.com/phillbush/pmenu
+[rather disgraceful battle in the pull request]: https://github.com/davatorium/rofi/pull/1139
 [Rofi (lbonn's fork)]: https://github.com/lbonn/rofi
+[sample emoji picker]: https://git.sr.ht/~emersion/dotfiles/tree/master/item/bin/emoji-menu
 [sirula]: https://github.com/DorianRudolph/sirula
-[Ulauncher]: https://ulauncher.io
-[ITP 949358]: http://bugs.debian.org/949358
 [tofi]: https://github.com/philj56/tofi
-[wmenu]: https://sr.ht/~adnano/wmenu/
-[Wofi]: https://hg.sr.ht/~scoopta/wofi
-[yofi]: https://github.com/l4l/yofi
-[wl-ime-type]: https://git.sr.ht/~emersion/wl-ime-type
-[sample emoji picker]: https://git.sr.ht/~emersion/dotfiles/tree/master/item/bin/emoji-menu
-[not support Wayland]: https://github.com/davatorium/rofi/issues/446
-[rather disgraceful battle in the pull request]: https://github.com/davatorium/rofi/pull/1139
-[lbonn/rofi]: https://github.com/lbonn/rofi
-[ydotool]: https://github.com/ReimuNotMoe/ydotool
 [two-line patch]: https://gitlab.com/anarcat/scripts/-/commit/3e8925e7f4257b44eb527bf7cb8f6d8687e9ed3b
+[Ulauncher]: https://ulauncher.io
+[wl-ime-type]: https://git.sr.ht/~emersion/wl-ime-type
 [wlogout]: https://github.com/ArtsyMacaw/wlogout
-[wofi-pass]: https://github.com/TinfoilSubmarine/wofi-pass
 [wlr-which-key]: https://github.com/MaxVerevkin/wlr-which-key
+[wmenu]: https://sr.ht/~adnano/wmenu/
+[wofi-pass]: https://github.com/TinfoilSubmarine/wofi-pass
+[Wofi]: https://hg.sr.ht/~scoopta/wofi
+[wtype]: https://github.com/atx/wtype
+[ydotool]: https://github.com/ReimuNotMoe/ydotool
+[yofi]: https://github.com/l4l/yofi
+[πmenu]: https://github.com/phillbush/pmenu
 
 ### Fuzzel
 

add anyrun
diff --git a/software/desktop/wayland.md b/software/desktop/wayland.md
index 9c043895..5415dbd6 100644
--- a/software/desktop/wayland.md
+++ b/software/desktop/wayland.md
@@ -598,6 +598,7 @@ profusion of options:
 | Tool                    | In Debian      | Notes                                                                    |
 |-------------------------|----------------|--------------------------------------------------------------------------|
 | [alfred][]              | yes            | general launcher/assistant tool                                          |
+| [anyrun][]              | no             | Rust, launchercalculator, plugins, dmenu                                 |
 | [bemenu][]              | yes, bookworm+ | inspired by dmenu                                                        |
 | [cerebro][]             | no             | Javascript ... uh... thing                                               |
 | [dmenu-wl][]            | no             | fork of [dmenu][], straight port to Wayland                              |
@@ -647,6 +648,7 @@ Note that [wlogout][] could be a partial replacement (just for the
 
 [wtype]: https://github.com/atx/wtype
 [alfred]: https://github.com/albertlauncher/albert
+[anyrun]: https://github.com/Kirottu/anyrun
 [bemenu]: https://github.com/Cloudef/bemenu
 [cerebro]: https://cerebroapp.com/
 [dmenu-wl]: https://github.com/nyyManni/dmenu-wayland

add prefix command
It think it was implied that I was running this under the virsh shell,
but that was far from clear. This is more obvious.
diff --git a/services/hosting.mdwn b/services/hosting.mdwn
index c4abb78c..c23de599 100644
--- a/services/hosting.mdwn
+++ b/services/hosting.mdwn
@@ -337,7 +337,7 @@ the IP address:
 That latter MAC address is also known by `libvirt` so this command
 will show the right MAC:
 
-    # domiflist stretch-amd64
+    # virsh domiflist stretch-amd64
     Interface  Type       Source     Model       MAC
     -------------------------------------------------------
     vnet0      bridge     br0        virtio      52:54:00:55:44:73

document my epic battle with libvirt NAT
diff --git a/services/hosting.mdwn b/services/hosting.mdwn
index 3a08dfb7..c4abb78c 100644
--- a/services/hosting.mdwn
+++ b/services/hosting.mdwn
@@ -72,6 +72,110 @@ completely. This can be done by adding this to
 
 This was discovered in the [libvirt wiki](https://wiki.libvirt.org/page/Networking#Creating_network_initscripts).
 
+## NAT configuration
+
+The *default* configuration in libvirtd is a "NAT"
+configuration. That, in turn, injects firewall rules in the kernel
+when the "network" is started, to rewrite packets going in and out of
+the VM. `dnsmasq` is used for DNS and DHCP as well.
+
+I had quite a battle with this network on my laptop,
+[[hardware/angela]]. At first nothing was getting through: IPv6 SLAAC
+configuration was working, but not DHCP. This was hanging the VM which
+led me to switch to systemd-networkd (see [boot time
+optimizations](blog/2022-04-27-sbuild-qemu#boot-time-optimizations)). That didn't fix networking but boot would at least
+not hang for a full minute while DHCP failed.
+
+Then the fix was to add a *subset* of the Puppet module's NFT ruleset,
+through [this commit](https://gitlab.com/anarcat/puppet/-/commit/8c7809480d2ee8014f5e43c333aad0d26223ba9f):
+
+    class { 'nftables::rules::qemu':
+      masquerade => false,
+    }
+
+That created the following patch on the ruleset:
+
+    --- /etc/nftables/puppet/inet-filter-chain-default_in.nft	2023-11-28 15:47:58.143874297 -0500
+    +++ /tmp/puppet-file20231128-15717-utsqvt	2023-11-28 15:59:57.891321815 -0500
+    @@ -6,6 +6,12 @@
+       ip6 nexthdr ipv6-icmp accept
+     #   Start of fragment order:50 rulename:default_in-avahi_udp
+       ip saddr { 0.0.0.0/0 } udp dport 5353 accept
+    +#   Start of fragment order:50 rulename:default_in-qemu_dhcpv4
+    +  iifname "virbr0" meta l4proto udp udp dport 67 accept
+    +#   Start of fragment order:50 rulename:default_in-qemu_tcp_dns
+    +  iifname "virbr0" tcp dport 53 accept
+    +#   Start of fragment order:50 rulename:default_in-qemu_udp_dns
+    +  iifname "virbr0" udp dport 53 accept
+     #   Start of fragment order:50 rulename:default_in-ssh
+       tcp dport {22} accept
+     #   Start of fragment order:50 rulename:default_in-syncthing
+
+
+    --- /etc/nftables/puppet/inet-filter-chain-default_fwd.nft	2023-11-28 15:47:58.151874290 -0500
+    +++ /tmp/puppet-file20231128-15717-rv4jlv	2023-11-28 15:59:57.903321806 -0500
+    @@ -1,4 +1,10 @@
+     # Start of fragment order:00 default_fwd header
+     chain default_fwd {
+    +#   Start of fragment order:50 rulename:default_fwd-qemu_iip_v4
+    +  iifname "virbr0" ip saddr 192.168.122.0/24 accept
+    +#   Start of fragment order:50 rulename:default_fwd-qemu_io_internal
+    +  iifname "virbr0" oifname "virbr0" accept
+    +#   Start of fragment order:50 rulename:default_fwd-qemu_oip_v4
+    +  oifname "virbr0" ip daddr 192.168.122.0/24 ct state related,established accept
+     # Start of fragment order:99 default_fwd footer
+     }
+
+Note that the network range matters here, it needs to match the one
+visible in the output of:
+
+    virsh net-dumpxml default
+
+Also note that I previously included the `nftables::rules::qemu` class
+as is, but that broke virtd networking with this error:
+
+    error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat --list-rules: # Warning: iptables-legacy tables present, use iptables-legacy to see them
+
+The solution was to do the above `masquerade => false`. Or, in a diff:
+
+    --- /etc/nftables/puppet/ip-nat-chain-POSTROUTING.nft	2023-11-28 14:55:32.881506364 -0500
+    +++ /tmp/puppet-file20231128-9849-fc3war	2023-11-28 15:47:58.163874281 -0500
+    @@ -4,15 +4,5 @@
+       type nat hook postrouting priority 100
+     #   Start of fragment order:02 rulename:POSTROUTING-policy
+       policy accept
+    -#   Start of fragment order:50 rulename:POSTROUTING-qemu_ignore_broadcast
+    -  ip saddr 192.168.122.0/24 ip daddr 255.255.255.255 return
+    -#   Start of fragment order:50 rulename:POSTROUTING-qemu_ignore_multicast
+    -  ip saddr 192.168.122.0/24 ip daddr 224.0.0.0/24 return
+    -#   Start of fragment order:50 rulename:POSTROUTING-qemu_masq_ip
+    -  ip saddr 192.168.122.0/24 ip daddr != 192.168.122.0/24 masquerade
+    -#   Start of fragment order:50 rulename:POSTROUTING-qemu_masq_tcp
+    -  meta l4proto tcp ip saddr 192.168.122.0/24 ip daddr != 192.168.122.0/24 masquerade to :1024-65535
+    -#   Start of fragment order:50 rulename:POSTROUTING-qemu_masq_udp
+    -  meta l4proto udp ip saddr 192.168.122.0/24 ip daddr != 192.168.122.0/24 masquerade to :1024-65535
+     # Start of fragment order:99 POSTROUTING footer
+     }
+
+The IP address distributed by dnsmasq also doesn't seem quite correct,
+as it's trying to reach `10.0.2.3` for some reason. I had to do this
+for DNS to work:
+
+    echo nameserver 192.168.122.1 > /etc/resolv.conf
+
+This might be solved by hardcoding a DNS server in `systemd-networkd`
+or elsewhere.
+
+IPv6 is configured by default, so if you're on a IPv4-only network,
+some problems are likely to occur. The fix is to edit the network and
+remove the `<ip>` block for IPv6:
+
+    service libvirtd stop
+    virsh net-destroy default
+    virsh net-edit default
+    virsh net-start default
+    service libvirtd start
+
 Base image build
 ----------------
 

document *some* of my boot-time optimisations
diff --git a/blog/2022-04-27-sbuild-qemu.md b/blog/2022-04-27-sbuild-qemu.md
index 20b00e8a..55c3d0fb 100644
--- a/blog/2022-04-27-sbuild-qemu.md
+++ b/blog/2022-04-27-sbuild-qemu.md
@@ -226,6 +226,31 @@ remember to put it back here when I do.
 
 Note that this at least partially overlaps with [[services/hosting]].
 
+## Boot time optimizations
+
+### Grub
+
+    echo 'GRUB_TIMEOUT=1' > /etc/default/grub.d/grub_timeout.cfg
+    update-grub
+
+### systemd-networkd
+
+In `/etc/systemd/network/ether.network`:
+
+    [Match]
+    Type=ether
+    # Could also be Name=eth0 or Name=!lo
+    
+    [Network]
+    DHCP=yes
+    EmitLLDP=true
+
+Then to switch:
+
+    # WARNING: only on a console that will survive network shutdown!
+    systemctl disable --now networking.service ; \
+    systemctl enable --now systemd-networkd
+
 # Nitty-gritty details no one cares about
 
 ## Fixing hang in sbuild cleanup

fix username in libvirt configuration
This, at least, is the current username in bookworm, maybe it changed?
diff --git a/blog/2022-04-27-sbuild-qemu.md b/blog/2022-04-27-sbuild-qemu.md
index de2e5bd4..20b00e8a 100644
--- a/blog/2022-04-27-sbuild-qemu.md
+++ b/blog/2022-04-27-sbuild-qemu.md
@@ -184,7 +184,7 @@ libvirt to work directly on the pristine images created by
 autopkgtest:
 
       sudo qemu-img create -f qcow2 -o backing_file=/srv/sbuild/qemu/unstable-autopkgtest-amd64.img,backing_fmt=qcow2  /var/lib/libvirt/images/unstable-autopkgtest-amd64.img 10G
-      sudo chown qemu-libvirt '/var/lib/libvirt/images/unstable-autopkgtest-amd64.img'
+      sudo chown libvirt-qemu '/var/lib/libvirt/images/unstable-autopkgtest-amd64.img'
 
 Then this VM can be adopted fairly normally in virt-manager. Note that
 it's possible that you can set that up through the libvirt XML as

another alternative monitor
diff --git a/hardware/monitor.mdwn b/hardware/monitor.mdwn
index 0467dd18..5f6ad11c 100644
--- a/hardware/monitor.mdwn
+++ b/hardware/monitor.mdwn
@@ -340,6 +340,13 @@ might be waiting for.
    * [800$ at memory express](https://www.memoryexpress.com/Products/MX00122893)
    * [850$ at canada computers](https://www.canadacomputers.com/product_info.php?cPath=22_700_1104&item_id=224899)
    * [good review at rtings](https://www.rtings.com/monitor/reviews/lg/27gn950-b)
+   * [not listed at pcpartspicker](https://ca.pcpartpicker.com/search/?q=27GN95R)
+ * LG 27GR93U-B
+   * remarkably similar to M27U in size (61.4 cm x 37.1 cm)
+   * [good review at rtings](https://www.rtings.com/monitor/reviews/lg/27gr93u-b#test_1426)
+   * [900$ at canada computers](https://www.canadacomputers.com/product_info.php?cPath=22_700_1104&item_id=247030)
+   * [900$ at best buy](https://www.bestbuy.ca/en-ca/product/lg-ultragear-27-uhd-144hz-1ms-gtg-ips-lcd-g-sync-gaming-monitor-27gr93u-b-black/17147930)
+   * [not listed at pcpartspicker](https://ca.pcpartpicker.com/search/?q=27GR93U)
  * [Gigabyte M27U](https://www.gigabyte.com/Monitor/M27U)
    * 615.67*371.15*60.3 mm (987mm for two)
    * 3840 x 2160 @ 160Hz

update monitor inventories after returned monitor
diff --git a/hardware/monitor.mdwn b/hardware/monitor.mdwn
index 99f457b4..0467dd18 100644
--- a/hardware/monitor.mdwn
+++ b/hardware/monitor.mdwn
@@ -155,13 +155,13 @@ I somehow managed to collect a ridiculous pile of old monitors. Here's
 what works and doesn't, in descending order of (totally subjective)
 "quality":
 
-| Model             | Resolution     | Size  | Contrast | Lat   | Connectors                                                    | Notes                        | Status |
-|-------------------|----------------|-------|----------|-------|---------------------------------------------------------------|------------------------------|--------|
-| [Dell U2723QE][]  | 3840x2160@60Hz | 27"   | 2000:1   | 5-8ms | HDMI DP DP-out 2xUSB-C up 90W 2xUSB-C 5x USB-A line-out RJ-45 | shiny                        | angela |
-| [Dell S2721QS][]  | 3840x2160@60Hz | 27"   | 1000:1   | 4-8ms | HDMI DP 1.2 line-out                                          | also new                     | angela |
-| [Acer P186HV][]   | 1366x768@60Hz  | 18.5" | 5000:1   | 5ms   | VGA                                                           | display looks dusty          | simon  |
-| [Dell 1704FPvt][] | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | marcos |
-| [Dell 1704FPvt][] | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | curie  |
+| Model                          | Resolution     | Size  | Contrast | Lat   | Connectors                                                    | Notes                        | Status    |
+|--------------------------------|----------------|-------|----------|-------|---------------------------------------------------------------|------------------------------|-----------|
+| [Dell U2723QE][]               | 3840x2160@60Hz | 27"   | 2000:1   | 5-8ms | HDMI DP DP-out 2xUSB-C up 90W 2xUSB-C 5x USB-A line-out RJ-45 | shiny                        | angela    |
+| [LG Flatron Wide L204WTX-SF][] | 1680x1050@60Hz | 20"   | 2000:1   | 5ms   | VGA DVI                                                       | looks great, one dead pixel  | angela |
+| [Acer P186HV][]                | 1366x768@60Hz  | 18.5" | 5000:1   | 5ms   | VGA                                                           | display looks dusty          | simon     |
+| [Dell 1704FPvt][]              | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | marcos    |
+| [Dell 1704FPvt][]              | 1280x1024@60Hz | 17"   | 1000:1   | 25ms  | VGA DVI 4xUSB                                                 | square, rotating, flickering | curie     |
 
 A note on the Dell 1704FPvt monitors: they can't be used for
 desktops. Their design resolution is 1280x1024 which is a little low,
@@ -236,11 +236,11 @@ For now, it's a cool-down period.
 
 Those monitors have problems and will be scrapped eventually:
 
-| Model                          | Resolution     | Size | Contrast | Lat | Connectors    | Notes                              | Status    |
-|--------------------------------|----------------|------|----------|-----|---------------|------------------------------------|-----------|
-| [HP L2245wg][]                 | 1680x1050@60Hz | 22"  | 1000:1   | 5ms | VGA DVI 2xUSB | LCD TN Film, rotating, 45-65W      | simon     |
-| [LG Flatron Wide L204WTX-SF][] | 1680x1050@60Hz | 20"  | 2000:1   | 5ms | VGA DVI       | looks great, one dead pixel        | ex-angela |
-| [Dell 2208WFP][]               | 1680x1050@?Hz  | 22"  | 1000:1   | 5ms | VGA DVI 2xUSB | looks organge-y, 20$ from recyborg | ex-angela |
+| Model                          | Resolution     | Size | Contrast | Lat   | Connectors           | Notes                              | Status    |
+|--------------------------------|----------------|------|----------|-------|----------------------|------------------------------------|-----------|
+| [HP L2245wg][]                 | 1680x1050@60Hz | 22"  | 1000:1   | 5ms   | VGA DVI 2xUSB        | LCD TN Film, rotating, 45-65W      | simon     |
+| [Dell S2721QS][]               | 3840x2160@60Hz | 27"  | 1000:1   | 4-8ms | HDMI DP 1.2 line-out | returned                           | ex-angela    |
+| [Dell 2208WFP][]               | 1680x1050@?Hz  | 22"  | 1000:1   | 5ms   | VGA DVI 2xUSB        | looks organge-y, 20$ from recyborg | ex-angela |
 
 The HP was retired because it was getting finicky: it would "short"
 and blank out, get all "fuzzy" and weird. The new monitor (the [LG

fix toc
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index c88b5aed..fce528be 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -1,6 +1,6 @@
 [[!meta title="Calibre replacement considerations"]]
 
-[[!toc levels=2]]
+[[!toc levels=3]]
 
 # Summary
 

test antholum and kavita
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index b41a7259..c88b5aed 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -315,10 +315,10 @@ the database using SQLAlchemy. It does use calibre components to
 convert books but it might be an interesting alternative to the web
 interface shipped with Calibre.
 
-[AnthoLume][], [kavita][] (C#), [librum][] (dotnet), [readarr][]
-("arr" stands for "aaargh C#/Windows again!") and [Ubooquity][]
-(... Java) are things as well, none of which are packaged in
-Debian. (What is it with e-book webservers being written in C#?!)
+[AnthoLume][], [kavita][] (C#), [librum][] (dotnet), [readarr][] ("arr" stands for
+"aaargh C#/Windows again!") and [Ubooquity][] (... Java) are things as
+well, none of which are packaged in Debian. (What is it with e-book
+webservers being written in C#?!)
 
 [readarr]: https://readarr.com/
 [Ubooquity]: https://vaemendis.net/ubooquity/
@@ -398,6 +398,92 @@ owned by a shared group and writable:
 I also added that in `.git/hooks/post-checkout` for my future self,
 although `git-annex` might overwrite that eventually...
 
+### AnthoLume quick test
+
+I tested AnthoLume briefly, mainly because it is not written in
+C#. It's promising. It can manage EPUB files (and not, e.g. PDFs or
+MOBI files) and can be used to read
+books in a web browser. 
+
+I haven't been able to import my existing library and only imported
+[one book](https://standardebooks.org/ebooks/agatha-christie/the-mysterious-affair-at-styles) from [Standard Ebooks](https://standardebooks.org/) as a test. It found the book
+title, author and a one-line summary, but not a proper cover. It did manage
+to find extra metadata online (a longer summary, a cover and ISBN),
+but after quite a few clicks. Each book has to be imported
+individually.
+
+It has a [plugin for KOReader](https://gitea.va.reichard.io/evan/AnthoLume/src/branch/master/client/) that behaves like a [koreader sync
+server](https://github.com/koreader/koreader-sync-server) that the normal [kosync plugin](https://github.com/koreader/koreader/wiki/Progress-sync) uses. Files are stored
+in a flat tree structure, and data is stored in a SQLite database:
+
+    anarcat@angela:antholume_data$ find -type f
+    ./documents/Agatha Christie - The Mysterious Affair at Styles [9333dc7f73125c9a96ded94794012294].epub
+    ./antholume.db
+    ./covers/9333dc7f73125c9a96ded94794012294.jpg
+    ./antholume.db-wal
+    ./antholume.db-shm
+
+### Kavita quick test
+
+I did the same with Kavita: run the Docker container, open in a web
+browser, etc. That worked a bit better: Kavita could import my
+existing collection. It even did so fairly quickly: it scanned my 700+
+book directory in about 10 minutes, and during that whole time the UI
+was working, visually adding books in real time and showing progress
+information:
+
+    [Kavita] [2023-11-19 03:56:56.280 +00:00  56] [Information] API.Services.Tasks.ScannerService [ScannerService] Finished library scan of 786 files and 682 series in 383606 milliseconds for books
+
+Nice.
+
+It found embedded book covers, titles, authors, overall metadata
+support seems pretty good. It's unclear if it can fetch metadata
+online however, and I suspect a good chunk of the metadata might also
+come from Calibre's OPF files.
+
+Indeed, in the [EPUB documentation](https://wiki.kavitareader.com/en/guides/managing-your-files/ebooks) they explain that:
+
+> Calibre eBook Management software can be used to edit epub metadata
+> to include Series, Volume, and Title so that series with multiple
+> books parse correctly into the same series.
+
+... almost made it. I also believe it fails to detect series from
+Calibre properly: I have a few books where I deliberately and
+painstakingly set that up in Calibre and it didn't work properly in
+Kavita.
+
+The online book reader is excellent. You can modify the orientation,
+font, margins, and supports the table of contents. It supports
+bookmarks which also double as annotations.
+
+At first, all books appear as individual series which is a bit
+maddening. If you can't figure out series, just show me the books, you
+know? The other UX problem I found is that, inside a book, clicking an
+author just brings you back to the main book listing, without
+selecting said author as you might expect.
+
+Naturally, fields like "date added" also do not get carried over from
+Calibre, which is a bit of a shame as that's pretty much the only way
+I can figure out what I'm going to read next nowadays.
+
+It's open core, with something called [Kavita+](https://wiki.kavitareader.com/en/kavita-plus) that adds features
+to paying, monthly, customers. Interesting features like Kobo Progress
+Sync and "Non-Manga Book Support" (?!) are only in the proprietary
+version.
+
+Kavita supports EPUBs, PDFs, "Manga" and "Comics" (which seem to both
+be `.cbz` files and "raw images" (within a folder). It also has
+extensive OPDS and [OPDS-PS](https://anansi-project.github.io/docs/opds-pse/intro) support (originally created by
+Ubooquity). It supports automatic library rescans. More information
+about [features here](https://wiki.kavitareader.com/en).
+
+All in all, quite interesting, but the lack of online metadata support
+is a blocker. The proprietary bits also make me not really interested
+in contributing back to the project.
+
+It did lead me to discover [komga](https://github.com/gotson/komga) as another possible software,
+but that seems focused exclusively on mangas and comics.
+
 ## Metadata editor
 
 The "collection browser" is based on a lot of metadata that Calibre

readd bookmyname, used by potager.org
diff --git a/services/dns.mdwn b/services/dns.mdwn
index 400b1094..6e81d853 100644
--- a/services/dns.mdwn
+++ b/services/dns.mdwn
@@ -60,6 +60,7 @@ n'y sont pas listés.
 
 | Registry          | .com     | .org     | .net     | .ca      | .at      | .info    | Notes                                                           |
 |-------------------|----------|----------|----------|----------|----------|----------|-----------------------------------------------------------------|
+| bookmyname.com    | 12.37USD | 14.10USD | 14.09USD | N/A      | 18.90USD | 20.61USD | used by friends, no .ca                                         |
 | cloudflare.com    | 9.77USD  | 10.11USD | 10.10USD | N/A      | N/A      | 16.18USD | forces you to use their DNS servers                             |
 | dnssimple.com     | 14.50USD | 14.00USD | 16.00USD | 16.00CAD | 18.00USD | 21.60USD | also hosting, support for [RFC 8078][]                          |
 | dynadot.com       | 11.99USD | 10.99USD | 11.99USD | 9.99USD  | 13.25USD | 17.99USD | hosted wikileaks, blocked in india for cybersquatting           |

another calibre web alternative, this one might actually be interesting!
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index 9e497ad6..b41a7259 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -315,10 +315,10 @@ the database using SQLAlchemy. It does use calibre components to
 convert books but it might be an interesting alternative to the web
 interface shipped with Calibre.
 
-[kavita][] (C#), [librum][] (dotnet), [readarr][] ("arr" stands for
-"aaargh C#/Windows again!") and [Ubooquity][] (... Java) are things as
-well, none of which are packaged in Debian. (What is it with e-book
-webservers being written in C#?!)
+[AnthoLume][], [kavita][] (C#), [librum][] (dotnet), [readarr][]
+("arr" stands for "aaargh C#/Windows again!") and [Ubooquity][]
+(... Java) are things as well, none of which are packaged in
+Debian. (What is it with e-book webservers being written in C#?!)
 
 [readarr]: https://readarr.com/
 [Ubooquity]: https://vaemendis.net/ubooquity/
@@ -330,6 +330,7 @@ webservers being written in C#?!)
 [Trantor]: https://gitlab.com/trantor/trantor
 [calibre-web]: https://github.com/janeczku/calibre-web
 [librum]: https://librumreader.com/
+[AnthoLume]: https://gitea.va.reichard.io/evan/AnthoLume
 
 ### calibre webserver setup
 

fix typo
diff --git a/services/dns.mdwn b/services/dns.mdwn
index d87e594f..400b1094 100644
--- a/services/dns.mdwn
+++ b/services/dns.mdwn
@@ -125,7 +125,7 @@ femmes. Exemples utilisés:
 
  * [[hardware/angela]] ([Davis][])
  * [[hardware/bell]] ([Hooks][])
- * [[hardware/louise]] ([Michel][]
+ * [[hardware/louise]] ([Michel][])
  * ([Margaret][]) [[hardware/atwood]]
  * ([Marie][]) [[hardware/curie]]
  * ([Richard][]) dawkins

Archival link:

The above link creates a machine-readable RSS feed that can be used to easily archive new changes to the site. It is used by internal scripts to do sanity checks on new entries in the wiki.

Created . Edited .