[pre-commit.ci] pre-commit autoupdate

updates:
- [github.com/python-jsonschema/check-jsonschema: 0.33.1 → 0.33.2](https://github.com/python-jsonschema/check-jsonschema/compare/0.33.1...0.33.2)

.github/workflows/html5validator.yml.disabled

@@ -1,25 +0,0 @@
-name: HTML5 Validator
-
-on:
-  push:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4 # Required will all actions
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ".ruby-version"
-          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
-
-      - name: Jekyll build
-        run: |
-          bundle exec jekyll build --drafts --profile
-
-      - name: Checks HTML5 validity
-        uses: Cyb3r-Jak3/html5validator-action@v7.2.0
-        with:
-          root: _site/
-          blacklist: n r or ir

.gitmodules

@@ -2,11 +2,17 @@
 	path = lfs-media
 	url = https://github.com/Mikaela/mikaela.github.io.git
 	branch = lfs-media
+	ignore= dirty
+	shallow = true
 [submodule "or"]
 	path = or
 	url = https://github.com/Mikaela/ormirror.git
 	branch = master
+	ignore= dirty
+	shallow = true
 [submodule "ir"]
 	path = ir
 	url = https://github.com/Mikaela/i2pmirror.git
 	branch = master
+	ignore= dirty
+	shallow = true

.nvmrc

@@ -1 +1 @@
-lts/*
+stable

.pre-commit-config.yaml

@@ -14,9 +14,6 @@ ci:
 
 # Consistency with other tools
 default_language_version:
-  node: "lts"
-  # Remember .python-version !
-  python: "3.13"
   ruby: ".ruby-version"
 
 repos:
@@ -47,7 +44,7 @@ repos:
       - id: check-illegal-windows-names
 
   - repo: https://github.com/pre-commit/sync-pre-commit-deps
-    rev: v0.0.1
+    rev: v0.0.3
     hooks:
       - id: sync-pre-commit-deps
 
@@ -69,7 +66,7 @@ repos:
           ]
 
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.29.4
+    rev: 0.33.2
     hooks:
       - id: check-dependabot
       - id: check-github-actions
@@ -92,7 +89,7 @@ repos:
         language: system
 
   - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
-    rev: "3.0.3"
+    rev: "3.2.1"
     hooks:
       - id: editorconfig-checker
         alias: ec

.python-version

@@ -1 +0,0 @@
-system

.ruby-version

@@ -1 +1 @@
-3.3.6
+3.4.4

.wokeignore

@@ -0,0 +1,3 @@
+txt/lists.txt
+.wokeignore
+n/essentialsoftware.md

Gemfile

@@ -14,7 +14,6 @@ gem "jekyll-sitemap"
 gem "jekyll-seo-tag"
 # Required for `bundle exec jekyll serve`
 gem "webrick"
-
 # Required for https://www.npmjs.com/package/@prettier/plugin-ruby
 gem "prettier_print"
 gem "syntax_tree"

Gemfile.lock

@@ -1,7 +1,7 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (8.0.0)
+    activesupport (8.0.2)
       base64
       benchmark (>= 0.3)
       bigdecimal
@@ -16,45 +16,55 @@ GEM
       uri (>= 0.13.1)
     addressable (2.8.7)
       public_suffix (>= 2.0.2, < 7.0)
-    base64 (0.2.0)
-    benchmark (0.4.0)
-    bigdecimal (3.1.8)
+    base64 (0.3.0)
+    benchmark (0.4.1)
+    bigdecimal (3.2.2)
     colorator (1.1.0)
-    concurrent-ruby (1.3.4)
-    connection_pool (2.4.1)
-    drb (2.2.1)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.3)
+    csv (3.3.5)
+    drb (2.2.3)
     em-websocket (0.5.3)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0)
     eventmachine (1.2.7)
-    ffi (1.17.0)
-    ffi (1.17.0-aarch64-linux-gnu)
-    ffi (1.17.0-aarch64-linux-musl)
-    ffi (1.17.0-arm-linux-gnu)
-    ffi (1.17.0-arm-linux-musl)
-    ffi (1.17.0-arm64-darwin)
-    ffi (1.17.0-x86-linux-gnu)
-    ffi (1.17.0-x86-linux-musl)
-    ffi (1.17.0-x86_64-darwin)
-    ffi (1.17.0-x86_64-linux-gnu)
-    ffi (1.17.0-x86_64-linux-musl)
+    ffi (1.17.2)
+    ffi (1.17.2-aarch64-linux-gnu)
+    ffi (1.17.2-aarch64-linux-musl)
+    ffi (1.17.2-arm-linux-gnu)
+    ffi (1.17.2-arm-linux-musl)
+    ffi (1.17.2-arm64-darwin)
+    ffi (1.17.2-x86-linux-gnu)
+    ffi (1.17.2-x86-linux-musl)
+    ffi (1.17.2-x86_64-darwin)
+    ffi (1.17.2-x86_64-linux-gnu)
+    ffi (1.17.2-x86_64-linux-musl)
     forwardable-extended (2.6.0)
-    google-protobuf (4.28.3)
+    google-protobuf (4.31.1)
       bigdecimal
       rake (>= 13)
-    google-protobuf (4.28.3-aarch64-linux)
+    google-protobuf (4.31.1-aarch64-linux-gnu)
       bigdecimal
       rake (>= 13)
-    google-protobuf (4.28.3-arm64-darwin)
+    google-protobuf (4.31.1-aarch64-linux-musl)
       bigdecimal
       rake (>= 13)
-    google-protobuf (4.28.3-x86-linux)
+    google-protobuf (4.31.1-arm64-darwin)
       bigdecimal
       rake (>= 13)
-    google-protobuf (4.28.3-x86_64-darwin)
+    google-protobuf (4.31.1-x86-linux-gnu)
       bigdecimal
       rake (>= 13)
-    google-protobuf (4.28.3-x86_64-linux)
+    google-protobuf (4.31.1-x86-linux-musl)
+      bigdecimal
+      rake (>= 13)
+    google-protobuf (4.31.1-x86_64-darwin)
+      bigdecimal
+      rake (>= 13)
+    google-protobuf (4.31.1-x86_64-linux-gnu)
+      bigdecimal
+      rake (>= 13)
+    google-protobuf (4.31.1-x86_64-linux-musl)
       bigdecimal
       rake (>= 13)
     haml (6.3.0)
@@ -65,19 +75,22 @@ GEM
       activesupport (>= 2)
       nokogiri (>= 1.4)
     http_parser.rb (0.8.0)
-    i18n (1.14.6)
+    i18n (1.14.7)
       concurrent-ruby (~> 1.0)
-    jekyll (4.3.4)
+    jekyll (4.4.1)
       addressable (~> 2.4)
+      base64 (~> 0.2)
       colorator (~> 1.0)
+      csv (~> 3.0)
       em-websocket (~> 0.5)
       i18n (~> 1.0)
       jekyll-sass-converter (>= 2.0, < 4.0)
       jekyll-watch (~> 2.0)
+      json (~> 2.6)
       kramdown (~> 2.3, >= 2.3.1)
       kramdown-parser-gfm (~> 1.0)
       liquid (~> 4.0)
-      mercenary (>= 0.3.6, < 0.5)
+      mercenary (~> 0.3, >= 0.3.6)
       pathutil (~> 0.9)
       rouge (>= 3.0, < 5.0)
       safe_yaml (~> 1.0)
@@ -90,14 +103,15 @@ GEM
       jekyll (>= 3.7, < 5.0)
     jekyll-redirect-from (0.16.0)
       jekyll (>= 3.3, < 5.0)
-    jekyll-sass-converter (3.0.0)
-      sass-embedded (~> 1.54)
+    jekyll-sass-converter (3.1.0)
+      sass-embedded (~> 1.75)
     jekyll-seo-tag (2.8.0)
       jekyll (>= 3.8, < 5.0)
     jekyll-sitemap (1.4.0)
       jekyll (>= 3.7, < 5.0)
     jekyll-watch (2.2.1)
       listen (~> 3.0)
+    json (2.12.2)
     kramdown (2.5.1)
       rexml (>= 3.3.9)
     kramdown-parser-gfm (1.1.0)
@@ -106,89 +120,81 @@ GEM
     listen (3.9.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    logger (1.6.1)
+    logger (1.7.0)
     mercenary (0.4.0)
-    mini_portile2 (2.8.8)
+    mini_portile2 (2.8.9)
     minima (2.5.2)
       jekyll (>= 3.5, < 5.0)
       jekyll-feed (~> 0.9)
       jekyll-seo-tag (~> 2.1)
-    minitest (5.25.2)
-    nokogiri (1.16.7)
+    minitest (5.25.5)
+    nokogiri (1.18.8)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.16.7-aarch64-linux)
+    nokogiri (1.18.8-aarch64-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.16.7-arm-linux)
+    nokogiri (1.18.8-aarch64-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.16.7-arm64-darwin)
+    nokogiri (1.18.8-arm-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.16.7-x86-linux)
+    nokogiri (1.18.8-arm-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.16.7-x86_64-darwin)
+    nokogiri (1.18.8-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.7-x86_64-linux)
+    nokogiri (1.18.8-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.8-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.8-x86_64-linux-musl)
       racc (~> 1.4)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
     prettier_print (1.2.1)
-    public_suffix (6.0.1)
+    public_suffix (6.0.2)
     racc (1.8.1)
-    rake (13.2.1)
+    rake (13.3.0)
     rb-fsevent (0.11.2)
     rb-inotify (0.11.1)
       ffi (~> 1.0)
-    rbs (3.6.1)
+    rbs (3.9.4)
       logger
-    rexml (3.3.9)
-    rouge (4.5.1)
+    rexml (3.4.1)
+    rouge (4.5.2)
     safe_yaml (1.0.5)
-    sass-embedded (1.81.0)
-      google-protobuf (~> 4.28)
+    sass-embedded (1.89.2)
+      google-protobuf (~> 4.31)
       rake (>= 13)
-    sass-embedded (1.81.0-aarch64-linux-android)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-aarch64-linux-gnu)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-aarch64-linux-musl)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-aarch64-mingw-ucrt)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-arm-linux-androideabi)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-arm-linux-gnueabihf)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-arm-linux-musleabihf)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-arm64-darwin)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-riscv64-linux-android)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-riscv64-linux-gnu)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-riscv64-linux-musl)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86-cygwin)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86-linux-android)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86-linux-gnu)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86-linux-musl)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86-mingw-ucrt)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86_64-cygwin)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86_64-darwin)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86_64-linux-android)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86_64-linux-gnu)
-      google-protobuf (~> 4.28)
-    sass-embedded (1.81.0-x86_64-linux-musl)
-      google-protobuf (~> 4.28)
-    securerandom (0.3.2)
+    sass-embedded (1.89.2-aarch64-linux-android)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-aarch64-linux-gnu)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-aarch64-linux-musl)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-aarch64-mingw-ucrt)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-arm-linux-androideabi)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-arm-linux-gnueabihf)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-arm-linux-musleabihf)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-arm64-darwin)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-riscv64-linux-android)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-riscv64-linux-gnu)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-riscv64-linux-musl)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-x86_64-darwin)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-x86_64-linux-android)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-x86_64-linux-gnu)
+      google-protobuf (~> 4.31)
+    sass-embedded (1.89.2-x86_64-linux-musl)
+      google-protobuf (~> 4.31)
+    securerandom (0.4.1)
     syntax_tree (6.2.0)
       prettier_print (>= 1.2.0)
     syntax_tree-haml (4.0.3)
@@ -203,12 +209,12 @@ GEM
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
     thor (1.3.2)
-    tilt (2.4.0)
+    tilt (2.6.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.6.0)
-    uri (1.0.2)
-    webrick (1.9.0)
+    uri (1.0.3)
+    webrick (1.9.1)
 
 PLATFORMS
   aarch64-linux
@@ -251,7 +257,7 @@ DEPENDENCIES
   webrick
 
 RUBY VERSION
-   ruby 3.3.6p108
+   ruby 3.4.4p34
 
 BUNDLED WITH
-   2.5.22
+   2.6.9

_config.yml

@@ -9,9 +9,10 @@ description: > # this means to ignore newlines until "baseurl:"
   {Trans,HSP,AS} pride or not, I won't vanish. Self-taught IT generalist, open
   for new opportunities with those embracing diversity. ⚧︎ She/They
   <br/><br/><em lang="en">This website is licensed under the <a
-  href="(https://creativecommons.org/licenses/by/4.0/">Creative Commons
+  href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
   Attribution 4.0 International License</a> by <a
-  href="https://aminda.eu">Aminda Suomalainen</a>.</em>
+  href="https://aminda.eu">Aminda Suomalainen</a>.</em> The content is written
+  by me without LLMs.
 baseurl: "" # the subpath of your site, e.g. /blog/
 # I would like to use www subdomain to not have all cookies passed to top
 # level, but there seems to be a redirect issue otherwise.
@@ -26,13 +27,13 @@ codeberg_username: Aminda
 email: "suomalainen@aminda.eu"
 github_username: Mikaela
 linkedin_username: Aminda-eu
-facebook_username: aminda.eu
+#facebook_username: aminda.eu
 instagram_username: amiauh39
 
-facebook:
-  publisher: "357677997429713"
-  app_id: "1614500206007989"
-  admins: aminda.eu
+#facebook:
+#  publisher: "357677997429713"
+#  app_id: "1614500206007989"
+#  admins: aminda.eu
 mastodon:
   username: Aminda
   instance: sauna.social
@@ -45,7 +46,7 @@ webmaster_verifications:
   google: oELGPuQ0VNEekDke964c0XCMYaC_Nd_Mr_TRYEVRXgY
   bing: DDF472BEC8E65C680D65A24256C33B24
   yandex: 2d5398c328c66322
-  facebook: 7xn4x8q3svdnolnp60rmlp4lph3t5d
+#  facebook: 7xn4x8q3svdnolnp60rmlp4lph3t5d
 # Jekyll SEO as well
 defaults:
   - scope:

_includes/head.html

@@ -27,6 +27,9 @@
   <link rel="me prefetch" href="{{ site.url }}">
   <link rel="openid.delegate" href="https://aminda.eu/">
   <link rel="openid.server" href="https://openid.indieauth.com/openid">
+  <meta name="color-scheme" content="dark light">
+  <meta name="theme-color" media="(prefers-color-scheme: dark)" content="#ffb700">
+  <meta name="theme-color" media="(prefers-color-scheme: light)" content="#fdfdfd">
   <link rel="stylesheet prefetch" href="{{ "/assets/main.css" | prepend: site.baseurl }}">
   <link rel="alternate" type="application/rss+xml" title="{{ site.title }}" href="{{ "/blog/feed.xml" | prepend: site.baseurl | prepend: site.url }}">
   <link rel="alternate" type="application/rss+xml" title="{{ site.title }} - in English" href="{{ "/blog/feed.en.xml" | prepend: site.baseurl | prepend: site.url }}">
@@ -42,6 +45,7 @@
  <link rel="me" type="application/activity+json" href="https://metapixl.com/aminda">
  <link rel="me" href="https://keyoxide.org/aspe:keyoxide.org:LGWNUB7QG4M326FXXBH5Z6PLVY">
  <link rel="me" href="https://linkedin.com/in/{{site.linkedin_username}}">
+ <link rel="me" href="https://libre.fm/user/Mikaela">
  <!-- https://github.com/macdonst/detect-missing-adblocker -->
  <script rel="prefetch" type="module" src="https://unpkg.com/detect-missing-adblocker@latest/dist/detect-missing-adblocker.js?module=true"></script>
  <link rel="stylesheet prefetch" href="https://unpkg.com/detect-missing-adblocker@latest/nativeads.js.css">

assets/main.scss

@@ -6,15 +6,40 @@
 
 // Font specifications. I keep changing my mind on what are the most pleasant
 // fonts to my eyes, so I won't bother commenting them here.'
-$serif-font-family: ui-serif, "Roboto Serif", "Noto Serif", Tinos, serif,
-  "Noto Emoji", "Noto Color Emoji", emoji;
-$sans-serif-font-family: ui-sans-serif, "Roboto Flex", Roboto, "Noto Sans",
-  Arimo, sans-serif, "Noto Emoji", "Noto Color Emoji", emoji;
-$monospace-font-family: ui-monospace, "Roboto Mono", "Noto Mono", Cousine,
-  monospace, "Noto Emoji", "Noto Color Emoji", emoji;
+$serif-font-family:
+  ui-serif, "Roboto Serif", "Noto Serif", Tinos, serif, "Noto Emoji",
+  "Noto Color Emoji", "Segoe UI Emoji", emoji;
+$sans-serif-font-family:
+  "Inclusive Sans", ui-sans-serif, "Roboto Flex", "Segoe UI Variable", Roboto,
+  "Noto Sans", Arimo, sans-serif, "Noto Emoji", "Noto Color Emoji",
+  "Segoe UI Emoji", emoji;
+$monospace-font-family:
+  "Comic Shanns Mono", ui-monospace, "Roboto Mono", "Segoe UI Mono",
+  "Noto Mono", Cousine, monospace, "Noto Emoji", "Noto Color Emoji",
+  "Segoe UI Emoji", emoji;
 // Must be in the end under threat of undefined variable error.
 $base-font-family: $sans-serif-font-family;
 
+@font-face {
+  font-family: "Inclusive Sans";
+  src: url("https://raw.githubusercontent.com/LivKing/Inclusive-Sans/refs/heads/main/fonts/webfonts/InclusiveSans[wght].woff2")
+    format("woff2");
+  font-weight: normal;
+  font-style: normal;
+}
+@font-face {
+  font-family: "Inclusive Sans Italic";
+  src: url("https://raw.githubusercontent.com/LivKing/Inclusive-Sans/refs/heads/main/fonts/webfonts/InclusiveSans-Italic[wght].woff2")
+    format("woff2");
+  font-weight: normal;
+  font-style: italic;
+}
+@font-face {
+  font-family: "Comic Shanns Mono";
+  src: url("https://raw.githubusercontent.com/jesusmgg/comic-shanns-mono/refs/heads/master/fonts/ComicShannsMono-Regular.otf")
+    format("opentype");
+}
+
 // CSS of used Jekyll theme
 @import "{{ site.theme }}";
 
@@ -22,7 +47,7 @@ $base-font-family: $sans-serif-font-family;
 
 // As high in css as can be edited.
 :root {
-  color-scheme: light dark !important;
+  color-scheme: dark light !important;
 }
 
 // Revert to defaults, or make settings default
@@ -51,13 +76,13 @@ $base-font-family: $sans-serif-font-family;
 // E.g. blesmrt.net vs bIesmrt.net
 a {
   text-decoration: underline !important;
-  font-family: $serif-font-family;
+  //font-family: $serif-font-family;
 }
 
 // Extraneous considering the above.
-//a.site-title {
-//  font-family: $serif-font-family;
-//}
+a.site-title {
+  font-family: $serif-font-family;
+}
 
 // .page-content {
 //     width: 100% !important;
@@ -78,14 +103,14 @@ code {
 
 // Serif for headings to constrast with everything else being sans-serif
 // (except links).
-h1,
-h2,
-h3,
-h4,
-h5,
-h6 {
-  font-family: $serif-font-family !important;
-}
+// h1,
+// h2,
+// h3,
+// h4,
+// h5,
+// h6 {
+//   font-family: $serif-font-family !important;
+// }
 
 // Overrides for light themes
 @media (prefers-color-scheme: light) {
@@ -132,7 +157,7 @@ h6 {
 #bio {
   //text-align: center;
   font-style: italic;
-  font-family: ui-cursive, $serif-font-family;
+  font-family: ui-cursive, $sans-serif-font-family;
 }
 
 // _layouts/mini.html calls this for returning to index!

blog/_posts/2015-03-25-leaving-bots-life.md

@@ -52,7 +52,8 @@ per trip from [Kotka] to [Hamina] and [Hamina] to [Kotka].
 
 ---
 
-_Update: [I graduated on 2015-05-29.]({% post_url blog/2015-05-29-graduation %})_
+_Update: [I graduated on
+2015-05-29.]({% post_url blog/2015-05-29-graduation %})_
 
 I would graduate in summer without this issue and the only thing I have missing
 is work training. As I don't have work training place I was doing it at school

blog/_posts/2015-03-26-weechat-sasl-simply.md

@@ -65,6 +65,7 @@ choises:
 1. Trust the fingerprints manually using `irc.server.NETWORK.ssl_fingerprint`,
    see [this post].
 2. Disable SSL certificate checking using
-   `/set irc.server.NETWORK.ssl_verify off` **NOT RECOMMENDED**, see [this post].
+   `/set irc.server.NETWORK.ssl_verify off` **NOT RECOMMENDED**, see [this
+   post].
 
 [this post]:{% post_url blog/2015-02-24-znc160-ssl %}

blog/_posts/2015-04-22-IRC-over-TLS.md

@@ -60,9 +60,8 @@ _Now you can move into reading why [IRC over SSL is pointless],
 
 [poodle]: https://en.wikipedia.org/wiki/POODLE
 
-[verify the certificates]:{% post_url blog/2015-02-24-znc160-ssl %} [IRC
-over SSL
-is
+[verify the certificates]:{% post_url blog/2015-02-24-znc160-ssl %} [IRC over
+SSL is
 pointless]:https://www.quakenet.org/articles/99-trust-is-not-transitive-or-why-irc-over-ssl-is-pointless
 [web.archive.org]:https://web.archive.org/web/20130425123002/http://www.quakenet.org/articles/99-trust-is-not-transitive-or-why-irc-over-ssl-is-pointless
 

blog/_posts/2015-05-18-life-bot-background.md

@@ -11,10 +11,11 @@ sitemap: false
 _More on my life and a little background on bots; also trigger warning about
 probably everything..._
 
-Start with the [previous post on
-the subject]({% post_url blog/2015-03-25-leaving-bots-life %})...
+Start with the [previous post on the
+subject]({% post_url blog/2015-03-25-leaving-bots-life %})...
 
-_Update: [I graduated on 2015-05-29.]({% post_url blog/2015-05-29-graduation %})_
+_Update: [I graduated on
+2015-05-29.]({% post_url blog/2015-05-29-graduation %})_
 
 So I have been away from school for months now and the fact that I won't
 graduate seems very sure. I haven't left home unless I have had too either and

blog/_posts/2015-06-03-setting-umodes.md

@@ -50,8 +50,8 @@ what the actual umodes are on your network, try `/quote help umode` or
 
 - i — invisible, hides your channel list from whois with ircd-seven and possibly
   some other ircds. Also hides you from /who of people who don't share channels
-  with you. [See also why I unset
-  it here.]({% post_url blog/2015-03-26-umode--i %})
+  with you. [See also why I unset it
+  here.]({% post_url blog/2015-03-26-umode--i %})
 - I — On InspIRCd with [hidechans] module hides your channel list from whois.
 - w — receive wallops, less-important announcements from network operators that
   are only received by those who are curious and have umode +w. More important

blog/_posts/2015-06-12-ufw.md

@@ -23,7 +23,7 @@ configure everything on host level if it was my network).
 
 _Threat model: service I am not aware of or that I accidentally make listen
 wider than intended, with UFW I am aware of what ports are allowed. I assume any
-mobile host is going to move randomly and while some whitelists (especially
+mobile host is going to move randomly and while some allowlists (especially
 link-local and IPv4 LANs) will overlap and possibly allow access, it's still
 better than being open to the internet and overlay networks that I have
 interacted with recently._
@@ -55,7 +55,7 @@ ufw allow 60000:61000/udp
 - 22 TCP/ssh — Allow acces to SSHd you don't want to lock yourself out.
   - previously I used `ufw limit` but it seems to be too oversensitive, just use
     SSHGuard.
-- Deny incoming connections unless the port has been whitelisted.
+- Deny incoming connections unless the port has been allowlisted.
 - Allow all outgoing connections, keeping list of authorized ports would be too
   much for me.
 - Start ufw on boot and now (I am not sure if this step is required, but better

blog/_posts/2015-06-29-minusta.md

@@ -116,4 +116,5 @@ vahvistamista, joka taas tapahtuu hyvällä tuurilla vuoden 2016 aikana.
 TERVE SUOMEN TAKIA JA ITSEMURHA ON MINULLE AINOA TIE ULOS TÄSTÄ LAILLISESTA
 KIDUTUKSESTA SUKUPUOLI/NEUROLOGISIA VÄHEMMISTÖJÄ KOHTAAN!**
 
-_[Katso myös muut kirjoitukseni elämästäni englanniksi]({{ site.url }}/about#life)_
+_[Katso myös muut kirjoitukseni elämästäni
+englanniksi]({{ site.url }}/about#life)_

blog/_posts/2015-09-19-atheme-quickstart.md

@@ -38,7 +38,8 @@ Now you should be successfully identified and should configure automatic
 identification, I cannot help with it so much, but I can point you to beginning:
 
 - [liberachat's SASL instructions](https://libera.chat/guides/sasl)
-- [My instructions for SASL with WeeChat]({% post_url blog/2015-03-26-weechat-sasl-simply %})
+- [My instructions for SASL with
+  WeeChat]({% post_url blog/2015-03-26-weechat-sasl-simply %})
 - [Searx YOURCLIENTHERE SASL](https://search.disroot.org/?q=YOURCLIENTHERE+SASL)
 - IRCCloud: edit network and go to advanced settings and you will see box for
   NickServ password.
@@ -127,8 +128,7 @@ Now there are only two tasks left, making the group op and adding ops there:
 
 ## Futher reading
 
-- [Always add opers to access list (this is the $oper in
-  my
+- [Always add opers to access list (this is the $oper in my
   templates)]({% post_url blog/2015-01-10-channels-hostmask-groups-a-basic-howto %})
   - oops, did I just repeat previous post
 - [Keep the ops opped]({% post_url blog/2015-04-01-keep-the-ops-opped %})

blog/_posts/2015-10-09-arch-reflector.md

@@ -15,9 +15,8 @@ redirect_from:
 _Reflector is a tool that checks the most recently upgraded Arch Linux mirrors
 and ranks them by speed and saves them to your mirrorlist._
 
-**This is largely based on [ArchWiki page on reflector] which is licensed in [GNU
-Free
-Documentation License 1.3 or later].**
+**This is largely based on [ArchWiki page on reflector] which is licensed in
+[GNU Free Documentation License 1.3 or later].**
 
 [archwiki page on reflector]: https://wiki.archlinux.org/index.php/Reflector
 [gnu free documentation license 1.3 or later]:

blog/_posts/2021-11-23-leaving-privacyguides.md

@@ -173,14 +173,15 @@ more, I already wrote too much about encrypted DNS...
 
 If you look into Privacy Guides instant messaging platforms, at the time of
 writing it will suggest you to use Element. That means nothing, [there are three
-different apps called as Element on three different platforms, the only thing
-in common is the name and if you are looking for privacy, you should look into
-it deeper or look entirely elsewhere, but that is my previous blog
-post]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %}). TL;DR is that (at
-the time of writing) your room specific display names may leak and media files are
-never actually removed. If that is fine for you, great. If your issue is just with
-room specific display names, I would suggest a Matrix client that allows using multiple
-different accounts such as [FluffyChat](https://fluffychat.im/) (note: I am a contributor).
+different apps called as Element on three different platforms, the only thing in
+common is the name and if you are looking for privacy, you should look into it
+deeper or look entirely elsewhere, but that is my previous blog
+post]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %}). TL;DR is that
+(at the time of writing) your room specific display names may leak and media
+files are never actually removed. If that is fine for you, great. If your issue
+is just with room specific display names, I would suggest a Matrix client that
+allows using multiple different accounts such as
+[FluffyChat](https://fluffychat.im/) (note: I am a contributor).
 
 Privacy Guides not warning about Matrix may be partially my fault as
 [I was the team member mainly warning about it and assigned the issue to myself](https://github.com/privacyguides/privacyguides.org/issues/50)

blog/_posts/2024-05-17-https-everywhere.md

@@ -73,6 +73,8 @@ including their parent directories if those don't exist already and
 `chmod -v a+rx` verbosely allows everyone to read and execute, which is required
 for listing directory contents.
 
+<!-- prettier-ignore-start -->
+
 ```bash
 # An example, without the -p there would be error about the parent directory
 # not existing
@@ -83,6 +85,8 @@ mkdir: created directory '/tmp/meow/meow'
 mode of '/tmp/meow' retained as 0755 (rwxr-xr-x)
 ```
 
+<!-- prettier-ignore-end -->
+
 ---
 
 Anyway, HTTPS Everywhere for Chromium. Once the directory exists, it's just a
@@ -269,7 +273,8 @@ version 115). You should already know how to enable it if you have read this far
 😼
 
 **_SEQUEL ANNOUNCEMENT!_** [Part Ⅱ: Browser policies Ⅱ: Deploying PrivacyBadger
-and uBlock Origin]({% post_url blog/2024-05-22-policy-contentblocker %}) is now online!
+and uBlock Origin]({% post_url blog/2024-05-22-policy-contentblocker %}) is now
+online!
 
 ## Documentation and other policies
 

blog/_posts/2024-05-22-policy-contentblocker.md

@@ -16,10 +16,10 @@ policy receiving some positive feedback and I felt like continuing on the
 subject by instructing with extension installation. This barely scratches the
 surface of what browser policy can do for you either though._
 
-I recommend reading the [browser policy part Ⅰ on enforcing HTTPS
-only mode]({% post_url blog/2024-05-17-https-everywhere %}) as especially the
-Firefox part will continue building on it and I will try to not repeat myself,
-although that is unavoidable.
+I recommend reading the [browser policy part Ⅰ on enforcing HTTPS only
+mode]({% post_url blog/2024-05-17-https-everywhere %}) as especially the Firefox
+part will continue building on it and I will try to not repeat myself, although
+that is unavoidable.
 
 <!-- editorconfig-checker-disable -->
 <!-- prettier-ignore-start -->
@@ -48,12 +48,12 @@ although that is unavoidable.
 
 ## Chromium
 
-[I previously instructed with the directory creation and permissions in the
-part Ⅰ]({% post_url blog/2024-05-17-https-everywhere %}#chromium) and there I
-also mentioned loving how I can create separate files there as opposed to
-messing everything together. I tend to use the filename `aminda-extensions.json`
-for all extension related as Chromium isn't perfect either and only lets the
-options appear once.
+[I previously instructed with the directory creation and permissions in the part
+Ⅰ]({% post_url blog/2024-05-17-https-everywhere %}#chromium) and there I also
+mentioned loving how I can create separate files there as opposed to messing
+everything together. I tend to use the filename `aminda-extensions.json` for all
+extension related as Chromium isn't perfect either and only lets the options
+appear once.
 
 So the file may look a bit scary, but it's actually quite simple (and the
 difficulty comes from getting json formatted correctly, which I am leaving for
@@ -338,9 +338,9 @@ _Oh meow, no more json!_ I am sorry.
 }
 ```
 
-Doesn't that look familiar? Yes, it's practically the same file [from
-part Ⅰ]({% post_url blog/2024-05-17-https-everywhere %}#dns-over-https-1) and
-the extensions took the exact same values as Chromium, only the IDs and download
+Doesn't that look familiar? Yes, it's practically the same file [from part
+Ⅰ]({% post_url blog/2024-05-17-https-everywhere %}#dns-over-https-1) and the
+extensions took the exact same values as Chromium, only the IDs and download
 locations changed and some Chromium extras disappeared.
 
 Well, in uBlock Origin I did add the Mozilla/Firefox domains to avoid breakage
@@ -467,8 +467,7 @@ browser policies.
 ### Where is all the futher reading?
 
 If you have read both blog posts carefully, this one didn't actually say
-anything new, it's all linked [from
-part
+anything new, it's all linked [from part
 Ⅰ]({% post_url blog/2024-05-17-https-everywhere %}#documentation-and-other-policies).
 
 _[Obligatory changelog link](https://github.com/Mikaela/mikaela.github.io/commits/master/blog/_posts/2024-05-22-policy-contentblocker.md)_

index.html

@@ -132,6 +132,7 @@ robots: noai, nofollow
         >codeberg.org</a
       ></em
     >
+    <!--
     <small
       ><a
         href="https://www.facebook.com/profile.php?id={{ site.facebook_username }}"
@@ -143,7 +144,7 @@ robots: noai, nofollow
         rel="me"
         >&#129477;&#65038;</a
       >)</small
-    >
+      >-->
     <em
       ><a
         href="https://github.com/{{ site.github_username }}"
@@ -182,6 +183,11 @@ robots: noai, nofollow
       href="https://liberapay.com/Mikaela"
       >LiberaPay.com</a
     >
+    <a
+      rel="me"
+      href="https://libre.fm/user/Mikaela"
+      >Libre.fm</a
+    >
     <a
       rel="me"
       href="https://www.linkedin.com/in/{{ site.linkedin_username }}/"

lfs-media

@@ -1 +1 @@
-Subproject commit bd5ecee3218b3638c8a351df60c52db4eb7cfc7d
+Subproject commit 7ec1d2fadd214ee20a12fe85f9bc4e00141c7519

n/androidtv.md

@@ -0,0 +1,49 @@
+---
+title: Notes on Android TV
+excerpt:
+  Huonokuuloisten tekstityksen käyttöönotto Android TVllä. Enabling hearing
+  impaired subtitles on Android TV.
+layout: mini
+permalink: /n/androidtv.html
+sitemap: true
+lang: en
+robots: noai
+---
+
+_{{ page.excerpt }}_
+
+<!-- editorconfig-checker-disable -->
+<!-- prettier-ignore-start -->
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
+
+- [Tekstitykset huonokuuloisille](#tekstitykset-huonokuuloisille)
+- [Closed captions for hearing impaired](#closed-captions-for-hearing-impaired)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+<!-- prettier-ignore-end -->
+<!-- editorconfig-checker-enable -->
+
+<div lang="fi">
+
+## Tekstitykset huonokuuloisille
+
+1. Avaa televisiokanava.
+1. Paina kaukosäätimen `Menu`-painiketta ja valitse `Lisäasetukset`.
+1. Valitse `Tekstitys`. Aseta _Tekstityksen tyypiksi_ `Kuulovammainen`.
+
+</div>
+
+<div lang="en">
+
+## Closed captions for hearing impaired
+
+1. Open a TV channel.
+1. Press the `Menu` button on the remote control and select `Advanced settings`.
+1. Select `Subtitles` (or was it `Captions`?). Enter _Subtitle type_ and select
+   `Hearing impaired`.
+
+</div>

n/annoying-ports.md

@@ -6,6 +6,8 @@ excerpt:
   abuse those for something else without even thinking about backdoors?
 layout: mini
 permalink: /n/annoying-ports.html
+redirect_from:
+  - /n/annoyingports.html
 sitemap: true
 lang: en
 ---

n/dns.md

@@ -39,7 +39,6 @@ _{{ page.excerpt }} For DNS resolvers, refer to [r/resolv.tsv](/r/resolv.tsv)_
 - [Mobile applications](#mobile-applications)
   - [Android](#android)
   - [Rethink](#rethink)
-    - [Using Obtainium with APKPure/Aegon](#using-obtainium-with-apkpureaegon)
   - [FFUpdater](#ffupdater)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
@@ -140,8 +139,8 @@ and may help with decreasing your _digital carbon footprint_.
 
 I was also surprised to find speedy Google Play Store download in the middle of
 sea (Helsinki-Tallinn) when switching from non-ECS to ECS nameserver. I wonder
-if they had an [edge node](https://peering.google.com/#/) somewhere in clsoe
-proximity or if it was juat happenstance.
+if they had an [edge node](https://peering.google.com/#/) somewhere in close
+proximity or if it was just happenstance.
 
 _The above means GAFAM, if you don't use them in any form, there may not be a
 need for ECS._
@@ -203,18 +202,19 @@ HTTPS everywhere? Do you know to not accept warnings about certificate issues?
 Do the other (less technical) users of your network? Would you or them be a
 delicious target? Do you even use GAFAM services?
 
+It's important to remember that authoritative nameserver is the one that knows
+where the domain is hosted that you can see through e.g. `whois aminda.eu` which
+will reply `lakas.ns.cloudflare.com` and `coco.ns.cloudflare.com`. Thus when you
+perform a DNS query with ECS enabled, the USA will know your IP with the
+accuracy of 256 users (poor example since
+[this site is currently hosted on GitHub pages](https://github.com/Mikaela/mikaela.github.io/issues/153)).
+Same as when you visit a domain ending
+[`.af`, Afganistan will know](https://en.wikipedia.org/wiki/.af#Restrictions).
+
 See also:
 
 - [_Understanding the Privacy Implications of ECS_](https://yacin.nadji.us/docs/pubs/dimva16_ecs.pdf)
 
-<del>_Later I have been torn on whether the quote above is correct and helps
-decrease my digital climate footprint more or less than adblocking on DNS level,
-but what really put the scales towards ECS for me was late night GApple update
-that was keeping me from sleeping. So ECS is for busy people who want to
-sleep?_</del> _The CISA link above makes me question this the very next day
-considering I belong to gender and sexual minorities, Pirate Party of Finland,
-and everything..._
-
 ### Why to use private ECS?
 
 _Android DoH3 option:_
@@ -224,7 +224,7 @@ Do you want the benefits of ECS with the privacy and security of not having ECS?
 Private ECS is a compromise solution in the middle, although not without its own
 issues.
 
-Your private DNS provider will lie for you and say that your IP address is
+Your private DNS provider will lie a bit for you and say that your IP address is
 somewhere else where it will also place many others from your ISP. However what
 if it says you are a customer of another ISP, possibly even located in another
 country? It tends to have greater accuracy with IPv4 than IPv6,
@@ -238,6 +238,12 @@ In that case you may <del>get even worse performance</del> be in even worse
 situation than without ECS. Then again if everything works properly, you will
 get the benefit of ECS without the privacy impact and lessened security impact.
 
+I am often observing Cloudflare and other public DNS providers connecting me to
+Swedish servers when no ECS is used and so far the only place where I spent
+significant amount of time with wrong private ECS was a school and considering
+the drawbacks of ECS in the current world situation, I think private ECS is
+easily the least bad option.
+
 See the next section for testing "where you are." Consider also what is
 important for you if you had to pick one or two from privacy, performance and
 climate.
@@ -285,14 +291,16 @@ dig +short TXT whoami-ecs.v4.powerdns.org.
 In my experience [DNS0.eu] tends to have better filtering and
 [reporting options](https://www.dns0.eu/report) than [Quad9], while
 [servers being located only in](https://www.dns0.eu/network) the
-[European Union](https://european-union.europa.eu) is mildly problematic when
-your users start traveling outside it either for work or leisure, which across
-continents tends to bring round-trips overseas. Additionally private ECS (see
-above) tends to be bad poor for IPv6 and for very small AS like a school, it
-directs to another side of the country, but that is a very minor issue.
+[European Union](https://european-union.europa.eu) may either be free brownie
+points on not sending DNS queries outside of the EU or mildly problematic when
+your users start traveling outside the EU which which brings round-trips
+overseas. Additionally private ECS (see above) tends to be bad poor for IPv6 and
+for very small AS like a school, it directs to another side of the country, but
+that is a very minor issue, as opposed to constantly being directed to another
+country.
 
 Meanwhile [Quad9] blocking seems almost as good in
-[tests like this](https://techblog.nexxwave.eu/public-dns-malware-filters-tested-in-2024/)
+[tests like this](https://techblog.nexxwave.eu/public-dns-malware-filters-tested-in-september-2024/)
 and they give me impression
 [of more transparency](https://quad9.net/about/transparency-report) (as opposed
 to
@@ -311,33 +319,6 @@ other options; [default filters](https://www.dns0.eu),
 [DNS0.eu]: https://www.dns0.eu
 [Quad9]: https://quad9.net
 
-<!--
-
-### Conclusion
-
-As the size and confusion this page induces to anyone else than me shows, I have spent too much time thinking about DNS and related matters.
-
-- Android: while the system only gives the option between `cloudflare-dns.com` and `dns.google` (HTTP/3, see below),
-  web browsers are free to choose the DoH server. If the device is not expected to travel far outside the EU, DNS0.eu may be a safe choice, otherwise Quad9.
-  - As I have to support devices going outside of the EU, I lean towards Quad9.
-- iOS (or Apple in general): same question, do the devices travel outside of the EU? Both provide configuration profiles.
-  - While not noticing the DNS0.eu configuration profile is difficult, [Quad9 currently hides it a bit under docs.quad9.net iOS instructions](https://docs.quad9.net/Setup_Guides/iOS/iOS_14_and_later_%28Encrypted%29/).
-- Personal computers: I have reached the cursed conclusion of [using Unbound upstreams DNS0 for IPv4, Quad9 ECS for IPv6](https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/unbound/unbound.conf.d/dot-dns0-quad9.conf) and [using the hosts file to point web browsers away from DNS0.eu IPv6](https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/hosts/dns) using [IPv4 mapped IPv6 addresses](https://en.m.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses).
-  - Especially the last part is cursed.
-  - Yes, ECS has privacy concerns, however _theoretically_ it's only a fallback if IPv4 goes down (very rare, has happened for short periods of time in my experience), but the environment also weights my decision. See above on whether to ECS or not.
-    - I hope to offset the risks of ECS by [not allowing TTLs below an hour](https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/unbound/unbound.conf.d/min-ttl-hour.conf) so whether I have a tab open or not cannot be figured out from DNS traffic alone and somewhat relatedly [serve stale records if I must](https://gitea.blesmrt.net/mikaela/shell-things/src/branch/master/etc/unbound/unbound.conf.d/expired-stale-serving-rfc8767.conf).
-- Personal servers: Personal preference, you could even use all of the DNS servers or be your own recursor. I again have small preference towards Quad9 ECS as titlefetching for unencrypted IRC connection is already open for mass surveillance and there is no telling who triggered a DNS query there anyway.
-- Business/association/enterprise/whatever device: there may be free political/regulational/bureaucratic/whatever brownie points for using DNS0.eu with the queries not being transmitted outside of the EU.
-
-This may also be a wrong approach entirely and it should just be an adblocking
-DNS as noted before.
-
-Additionally DNS filtering for web browsers may be irrelevant if browser
-policy enforces extensions that block malicious domains (such as µBlock Origin
-or AdNauseam) or even Google Safe Browsing.
-
--->
-
 ---
 
 ## CLI applications
@@ -362,7 +343,7 @@ using `cloudflare-dns.com`). **_However is connectivity in limited networks and
 maybe a bit faster speed in bad network more important than a level of security
 reached by a filtering resolver?_**
 
-Then setup your web browser (including Firefox (other than stable which disables
+Then setup your web browser (including Firefox Nightly (other channels disable
 `about:config`) and Chrome) to use DNS over HTTPS with your preferred server and
 while at it enabling HTTPS only mode.
 
@@ -439,31 +420,9 @@ Hopefully there is no situation where Rethink stops working and thinks it's
 still working. As can be deduced from this section, sometimes Rethink and I
 disagree with each other. _I don't guarantee I know what I am doing._
 
-#### Using Obtainium with APKPure/Aegon
-
-I think a few of the blocklists in Rethink are blocking apkpure's domain
-breaking Obtainium and their official app and the steps to fix that are:
-
-1. Use a DNS server that doesn't have the block (`https://open.dns0.eu/` or
-   `https://unfiltered.adguard-dns.com/dns-query` if private ECS is desirable?)
-1. Select `Apps` in Rethink's main screen (the biggest button below `Proxy` and
-   `Logs`.
-1. Search for `Obtainium` or `APKPure` and select it.
-1. Select `Domain Rules`.
-1. Select the floating `+` from bottom right.
-1. Select Wildcard, enter `*.winudf.com` and select `Trust`.
-1. Select `Okay` and now Obtainium/APKPure should work assuming no DNS is
-   blocking it (check the logs).
-
-The `Trust` could also be set globally, but what business does any other app
-have for that domain?
-
 ### [FFUpdater](https://github.com/Tobi823/ffupdater)
 
 - `https://dns0.eu;2a0f:fc80::;2a0f:fc81::;193.110.81.0;185.253.5.0`
 - `https://open.dns0.eu;2a0f:fc80::ffff;2a0f:fc81::ffff;193.110.81.254;185.253.5.254`
-- `https://doh.opendns.com/dns-query;2620:119:35::35;2620:119:53::53;208.67.222.222;208.67.220.220`
-- `https://dns11.quad9.net/dns-query;2620:fe::11;2620:fe::fe:11;9.9.9.11;149.112.112.11`
-- `https://dns12.quad9.net/dns-query;2620:fe::12;2620:fe::fe:12;9.9.9.12;149.112.112.12`
 
 ---

n/essentialsoftware.md

@@ -5,6 +5,7 @@ excerpt:
   that I forgot something important.
 layout: mini
 permalink: /n/essentialsoftware.html
+redirect_from: /n/pipx.html
 sitemap: true
 lang: en
 robots: noai
@@ -23,6 +24,17 @@ _{{ page.excerpt }}_
 
 - [Security](#security)
 - [Usability](#usability)
+  - [pipx](#pipx)
+  - [Homebrew](#homebrew)
+- [Fedora Atomic](#fedora-atomic)
+  - [Additional rpm-ostree install](#additional-rpm-ostree-install)
+  - [Flatpaks](#flatpaks)
+    - [Communication](#communication)
+    - [Gayming](#gayming)
+      - [Flatpakked Steam for the flatpak-unaware](#flatpakked-steam-for-the-flatpak-unaware)
+    - [General purpose](#general-purpose)
+    - [Office](#office)
+  - [Other essential atomic/kinoite/flatpak/gayming reading](#other-essential-atomickinoiteflatpakgayming-reading)
 - [Essential system configuration](#essential-system-configuration)
   - [Debian console](#debian-console)
   - [Terminus on Fedora](#terminus-on-fedora)
@@ -38,10 +50,13 @@ _{{ page.excerpt }}_
   - [sshd](#sshd)
   - [Encrypted DNS](#encrypted-dns)
   - [`/etc/xdg/autostart`](#etcxdgautostart)
-  - [`aminda-*.{service,socket]`](#aminda-servicesocket)
+  - [`aminda-*.{service,socket}`](#aminda-servicesocket)
 - [Remember!](#remember)
   - [Accessing UEFI setup without key smashing](#accessing-uefi-setup-without-key-smashing)
   - [Recovering selinux policy issues](#recovering-selinux-policy-issues)
+  - [Removing all flatpaks](#removing-all-flatpaks)
+  - [rsync](#rsync)
+  - [VeraCrypt](#veracrypt)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
@@ -58,6 +73,10 @@ _{{ page.excerpt }}_
     and before `initrd /initramfs-linux-lts.img`...
 - `ufw` for Deb-based or `firewalld` on Fedora (and Kali and Arch Linux, if you
   so choose in the last)
+- `setroubleshoot` on distributions using it gives graphical notifications when
+  SELinux has a security warning and thus hints that it might be a good idea to
+  take a look at journalctl to see whether it's something that requires action
+  either incorrect rule or actually nefarious activity.
 - `sshguard` for mitigating shared systems where others refuse to use keys
 - `needrestart` for knowing when updates actually require services to be
   restarted or a kernel upgrade happens and requires reboot
@@ -73,19 +92,28 @@ _{{ page.excerpt }}_
   had it connect to upstream dns\[crypt\]proxy
   - alternatively configure `systemd-resolved`. Simultaneously
     `systemd-networkd` may be a good idea.
-- `unattended-upgrades` or `dnf-automatic` so security updates are at least
-  downloaded if not even directly installed (see configuration and systemd
-  units!)
+- `unattended-upgrades`, `dnf-automatic` or `rpm-ostreed-automatic` so security
+  updates are at least downloaded if not even directly installed (see
+  configuration and systemd units!)
   - if `dnf-automatic`, consider
     `sudo systemctl enable dnf-automatic-install.{timer,service}` or at least
     `sudo systemctl enable dnf-automatic-download.{timer,service}`
+  - for `rpm-ostree`, `systemctl enable rpm-ostreed-automatic.timer --now`
+    - Remember to check `/etc/rpm-ostreed.conf`, it should say
+      `AutomaticUpdatePolicy=stage` and likely `LockLayering=false` under
+      `[Daemon]`. Alternatively `AutomaticUpdatePolicy=apply` for more
+      excitement in life in form of automatic reboots.
 
 ## Usability
 
 - `nvim git tmux zsh mosh` - good luck without these
 - <del>if cryptographic operations are taking ages, consider something like
   `haveged`. It's controversial, so if there are no issues, don't install a
-  random number generator.</del>
+  random number generator.</del> Should be unnecessary since kernel 5.6, but
+  **_Debian 13 sddm regardless wants it._**
+  - If you install `haveged`, please also `sudo systemctl enable --now rngd`
+    from `rng-tools` (Fedora, Arch?) or `rng-tools5` (Debian) together to ensure
+    quality, but those shouldn't be required on 5.6 and later either.
 - userspace oom killer, may avoid frozen systems, much more pleasant than
   actually having to deal with a frozen system.
   - `earlyoom`
@@ -93,9 +121,6 @@ _{{ page.excerpt }}_
   - `systemd-oomd`
     - remember to `sudo systemctl enable --now systemd-oomd`
     - https://codeberg.org/Aminda/shell-things/src/branch/cxefa/etc/systemd/oomd.conf.d
-- `zram-tools` - small compressed swap in RAM
-  - Remember to check configs! Fedora: `/etc/zram.conf`
-  - `sudo systemctl enable --now zramswap.service zram-swap.service`
 - `thermald` for additional help keeping system cool, especially intel
   - `sudo systemctl enable --now thermald`
 - `vnstat` - help for observing bandwidth usage
@@ -104,6 +129,254 @@ _{{ page.excerpt }}_
 - `tlp` - for laptop power management, especially ThinkPad.
   - `sudo tlp-stat | less`
   - `sudo systemctl enable --now tlp`
+- `zram` - for compressing RAM and getting a bit more breathing room before
+  userspace oom killer hits.
+  - Fedora: `sudo dnf install zram-generator zram-generator-defaults`
+  - Debian: `sudo apt install systemd-zram-generator`
+  - To check that it works `zramctl`. May take a while after
+    `sudo systemctl reload` or a reboot.
+- `inxi` - system information script (and dependencies)
+
+<!--
+- `zram-tools` - small compressed swap in RAM
+  - Remember to check configs! Fedora: `/etc/zram.conf`
+  - `sudo systemctl enable --now zramswap.service zram-swap.service`
+-->
+
+### pipx
+
+pipx automatically creates virtualenvs and is basically a package manager for
+apps written in Python. Here is a small list to remember in no particular order.
+
+- (`pipx install "git+https://github.com/fsfe/reuse-tool.git"`)
+  - Refer to [n/reuse](/n/reuse.html), development version. Package manager
+    version is generally good enough.
+- `pipx install "git+https://github.com/yt-dlp/yt-dlp.git"`
+  - Downloader for multiple online video services, development version.
+- `pipx install xkcdpass`
+  - `correct horse battery stable` needs no introduction, the possibilities are
+    nearly endless with `xkcdpas --help`. E.g.
+    - `xkcdpass --wordfile eff-long,fin-kotus --valid-chars '[a-z]' --delimiter ',' --case random`
+    - `UNLAWFUL,OPPIRAHAT,astonish,ruvettua,JOUTAVA,pultti`
+- (`pipx install pre-commit`)
+  - Synced pre-commit hooks for git, probably in all my repositories by now.
+    However I would install it from system package manager instead.
+- `pipx install "git+https://github.com/aajanki/yle-dl"`
+  - Downloader for `{areena,arenan}.yle.fi`, Finnish public broadcaster web
+    portal.
+- `pipx install "git+https://github.com/syncplay/syncplay.git"`
+  - Client (and server) for synchronising playback of a file. All parties need
+    the same file, but seeking, playing and pausing are synchronized. Mpv
+    recommended!
+
+Just remember to `pipx upgrade-all` occassionally!
+
+### Homebrew
+
+This section is a WIP and to avoid having to install some rpm-ostree...
+
+```
+brew install aircrack-ng btop htop inxi ipfs llvm mpv mtr neovim nmap node pipx pre-commit qrencode ruby smartmontools symlinks zsh
+```
+
+## Fedora Atomic
+
+_By which I mean Fedora Kinoite unless otherwise specified._ A system where
+everyone runs the same image, except that as this section shows, I add to it a
+bit...
+
+```bash
+# Ensure third party Fedora repos are available, this is part of KDE Prompt?
+sudo fedora-third-party enable
+# Layer packages I need on top of the base image.
+sudo rpm-ostree install android-tools cronie cronie-anacron darkman duperemove foot foot-terminfo gamescope git-lfs haveged iwd mangohud mosh rng-tools setroubleshoot snapd sshguard steam-devices syncthing terminus-fonts-console tmux tor torsocks unbound zsh
+# Remove packages I don't need from the base image. (Challenge to remove
+# nothing failed by using rpmfusion codecs anyway)
+sudo rpm-ostree override remove firefox firefox-langpacks
+# Enable automatic updates (check /etc/rpm-ostreed.conf for AutomaticUpdatePolicy=stage (or apply for automatic reboots) and LockLayering=false)
+sudo systemctl enable rpm-ostreed-automatic.timer --now
+# Disable bootsplash and kernel message hiding, adjust rootfs fstab,
+# REMEMBER TO REMOVE SSD FOR NON-SSD setups! Legacy interface names (eth0,
+# wlan0) are also nice, like is not letting invalid LUKS password drop into
+# root emergency shell. Ensure CPU vulnerability mitigation while at kargs too.
+sudo rpm-ostree kargs --delete=rhgb --delete=quiet --delete=rootflags=subvol=root --append=rootflags=subvol=root,noatime,compress-force=zstd:0,ssd --append=net.ifnames=0 --append=rd.shell=0 --append=rd.emergency=halt --append=mitigations=auto,nosmt
+# Another reminder to not use flag SSD above if there is no SSD on the system.
+# I would additionally use lockdown=confidentiality (or lockdown=integrity if
+# less privacy and security was required, but that prevents shipped osnoise
+# module from working.
+# footclient (or server) for all users on-demand
+sudo systemctl --global enable foot-server.socket
+```
+
+Consider also adding
+[RPMFusion through their OSTree instructions](https://rpmfusion.org/Howto/OSTree).
+
+- The _Major releases_ uninstalling and installing is especially important so it
+  switches from local package to layered package, which also affects all other
+  third party repositories such as `google-chrome-stable` if it was added. While
+  there is repository breakage risk stopping system upgrades, at least it will
+  upgrade itself as opposed to errorring about being a local not upgraded
+  package in the future.
+- You need it when using either Broadcom WiFi or
+  `Failed to initialize a decoder for codec 'hevc'.` from `mpv` which gets
+  resolved by following the instructions for your hardware or software codecs.
+
+### Additional rpm-ostree install
+
+- In general `neilalexander`'s yggdrasil copr makes life easier with
+  `sudo rpm-ostree install yggdrasil`
+- For ThinkPads: `sudo rpm-ostree install tlp tlp-rdw` is good for battery
+- For Broadcom WiFi with `rpmfusion-nonfree` enabled:
+  `sudo rpm-ostree install akmod-wl kernel-devel`
+- For NVIDIA propietary drivers with `sudo fedora-third-party enable`:
+  `sudo rpm-ostree install akmod-nvidia xorg-x11-drv-nvidia-cuda`
+  - This also requires
+    `sudo rpm-ostree kargs --append=rd.driver.blacklist=nouveau --append=modprobe.blacklist=nouveau --append=nvidia-drm.modeset=1`
+    and suggests keeping an eye on the source page
+    [rpmfusion howto nvidia#ostree](https://rpmfusion.org/Howto/NVIDIA#OSTree_.28Silverblue.2FKinoite.2Fetc.29)
+- For Steam Deck and other handhelds with their copr:
+  `sudo rpm-ostree install hhd adjustor hhd-ui`
+- Also with rpmfusion for DVD playback
+  `sudo rpm-ostree install rpmfusion-free-release-tainted` and
+  `sudo rpm-ostree install libdvdcss`
+- rpmfusion also has `sudo rpm-ostree install pipewire-codec-aptx` which allows
+  better quality playback with some BT devices such as Fairbuds XL.
+
+### Flatpaks
+
+These also affect non-Fedora-Kinoite for which my first production installation
+was on Steam Deck and upon learning of `flatpak uninstall --all`, this section
+got out of paw so it got cut a bit.
+
+Always remember that you **_don't paste commands to terminal directly, use a
+text editor in the middle instead!_**
+
+```bash
+# Considering everything is installed from there, it should exist
+sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
+# I need Nheko
+sudo flatpak remote-add --if-not-exists nheko-nightly https://nheko.im/nheko-reborn/nheko/-/raw/master/nheko-nightly.flatpakrepo
+```
+
+#### Communication
+
+```bash
+sudo flatpak install --assumeyes nheko-nightly im.nheko.Nheko//master
+sudo flatpak install --assumeyes flathub com.discordapp.Discord im.dino.Dino info.mumble.Mumble org.briarproject.Briar org.signal.Signal org.squidowl.halloy org.telegram.desktop
+```
+
+- Discord is a Slack competitor and somehow challenging Facebook in necessary
+  evil to be in to hear of events. Electron app.
+- Mumble is a FOSS VoIP app Discord tries to challenge and although it has
+  gaming features I use it for calling and know more people using it for
+  podcasting than calling
+- Dino is a modern XMPP client
+- Briar is a P2P messenger using Tor or LAN, no bluetooth on desktop yet?
+- Signal is E2EE messenger
+- Halloy is a modern IRC client
+- Telegram is a common chat-app although not that secure
+- Nheko nightly is simply the best Matrix client
+
+#### Gayming
+
+```bash
+sudo flatpak install --assumeyes flathub com.heroicgameslauncher.hgl com.valvesoftware.Steam com.valvesoftware.Steam.CompatibilityTool.Proton-GE net.davidotek.pupgui2
+# Note branch numbers for Heroic Games!
+sudo flatpak install --assumeyes flathub org.freedesktop.Platform.VulkanLayer.MangoHud//24.08 org.freedesktop.Platform.VulkanLayer.gamescope//24.08
+```
+
+- HeroicGames supports GOG and Epic Games (and Amazon)
+- Steam needs no explanation
+- Proton GE is improved version of Proton, the WINE based compatibility layer
+  for playing Windows games and probably needs no introduction either
+- ProtonUp allows downloading newer versions of Proton including Proton GE, in
+  flatpaks it's mainly useful for either SteamOS users or Heroic Games which
+  might actually have its integrated manager...
+- MangoHud and gamescope can be used by Heroic Games or manually in Steam (see
+  gayming README below), but they might require specific version or branch, so
+  after the dualslash change the branch from `24.08` if they decide to update to
+  require a newer version.
+
+##### Flatpakked Steam for the flatpak-unaware
+
+Looking at you, handhelddaemon, 2025-05-28.
+
+```
+mkdir -vp $HOME/.local/share/
+ln -nsfv $HOME/.var/app/com.valvesoftware.Steam/.local/share/Steam $HOME/.local/share/Steam
+ln -nsfv $HOME/.var/app/com.valvesoftware.Steam/.steam $HOME/.steam
+```
+
+#### General purpose
+
+```bash
+sudo flatpak install --assumeyes flathub app.devsuite.Ptyxis com.calibre_ebook.calibre com.dropbox.Client com.github.tchx84.Flatseal com.github.wwmm.easyeffects com.nextcloud.desktopclient.nextcloud com.rafaelmardojai.Blanket de.haeckerfelix.Shortwave io.github.celluloid_player.Celluloid io.mpv.Mpv it.mijorus.gearlever me.kozec.syncthingtk org.fedoraproject.MediaWriter org.gnome.eog org.kde.haruna org.kde.kate org.pulseaudio.pavucontrol org.kde.kwrite org.kde.okular org.qbittorrent.qBittorrent org.torproject.torbrowser-launcher org.mozilla.firefox org.videolan.VLC
+```
+
+- Ptyxis reminds me of a Windows Terminal for Linux
+- Calibre is the VLC of ebooks, especially if you have an ebook reader
+- Dropbox is a file synchronization app using the cloud :(
+- Flatseal is a permission/override manager GUI, although one is integrated with
+  KDE Plasma systemsettings
+- Easyeffects features autogain, limiter, equalizer amongst other useful audio
+  features. I wasn't sure whether to include it here, but I do autostart it most
+  of the time...
+- NextCloud is selfhosted Google/Office/whatever suite and the desktop client is
+  kind of Dropbox.
+- Blanket gives nice sounds for e.g. focusing, white and nature noise inclued
+- Shortwave is Radio Browser using Internet Radio app and woof approves having
+  it at paw
+- Celluloid is a mpv frontend, which can optionally read `mpv.conf`
+- mpv is my media player of choise and while it may be installed on the base
+  system for syncthing, it might not be everywhere and the flatpak may have
+  better codec etc. support on some systems.
+- Gearlever makes appimages less annoying a bit
+- Syncthing-gtk is a GUI for syncthing providing desktop notifications without
+  browser.
+- Spread the love of Fedora Kinoite by having Fedora Imagewriter!
+- Eye of GNOME is GNOME picture viewer and if I cannot `eog image.png` I get
+  confused
+- Haruna is another Mpv front-end, but this time KDE. It also doesn't read or
+  understand mpv.conf at the time of writing, so I ma mor elikely to suggest
+  Celluloid while using mpv directly myself.
+- Kate is my go-to text editor when I want a GUI (otherwise it's the rpm-ostree
+  nvim) and if the flatpak didn't exist (and if I wouldn't likely be using nvim
+  where flatpaks have no power), I would make it yet another rpm-ostree
+  install...
+- pavucontrol is the volume manager and needs no introduction especially if one
+  looks at it
+- kwrite is the KDE text editor
+- Okular is the KDE document viewer
+- qBittorrent just is the best way to download Linux images since the Fedora
+  Media Writer doesn't use P2P and may be a burden for servers, while it does
+  have the capacity to write any image and also restore the USB stick
+  afterwards.
+- Tor Browser just must exist everywhere just in case!
+- Firefox is the last major non-Chromium web browser and while installed by
+  default, it may not survive `flatpak uninstall --all`.
+- VLC is a world-famous media player supporting ~everything and the flathub
+  apparently bundles libdvdcss having the capacity to play DVDs.
+
+#### Office
+
+```bash
+sudo flatpak install --assumeyes flathub org.kde.skanpage org.libreoffice.LibreOffice org.libreoffice.LibreOffice.BundledExtension.Voikko
+# May be huge, especially TeXlive
+sudo flatpak install --assumeyes flathub org.freedesktop.Sdk.Extension.texlive org.kde.kile
+```
+
+- KDE Scanner app (in case of removing all flatpaks)
+- LibreOffice is world-famous office suite
+- Voikko is Finnish spellchecking support for it
+
+### Other essential atomic/kinoite/flatpak/gayming reading
+
+- [init-browser-policies.bash](https://codeberg.org/Aminda/shell-things/src/branch/cxefa/etc/init-browser-policies.bash)
+  for setting up Firefox policies. It's shipped by default in Kinoite, otherwise
+  I would list it above.
+- [gayming/README.md](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/gayming/README.md)
+  for earlier or other notes that didn't fit here or I don't want to duplicate
+  then.
 
 ## Essential system configuration
 
@@ -162,7 +435,8 @@ See Fedora, but change the `FONT` to `"ter-132b"` instead.
 
 ### Swap
 
-Zramswap is not enough. 8 GB everywhere may be enough,
+<!--Zramswap is not enough.--> 8 GB everywhere may be enough,
+
 [summarizing Gentoo](https://wiki.gentoo.org/wiki/Handbook:AMD64/Full/Installation#What_about_swap_space.3F).
 
 No swap partition and swap file is acceptable (consider SSD)? See above for
@@ -256,19 +530,21 @@ AuthenticationMethods publickey
 
 ### `/etc/xdg/autostart`
 
-Not having terminal autostarting for all users is pain.
+Not having terminal autostarting for all users is pain. First
+`sudo systemctl --global enable foot-server.socket`
 
-- https://codeberg.org/Aminda/shell-things/src/branch/cxefa/etc/xdg/autostart/kgx-tmux.desktop
+- [footclient-tmux.desktop](https://codeberg.org/Aminda/shell-things/src/branch/cxefa/etc/xdg/autostart/footclient-tmux.desktop)
 
 ```desktop
 [Desktop Entry]
-Terminal=true
-Exec=kgx --command="bash --norc -c tmux"
-Name=Tmux in Console
-Icon=org.gnome.Console
+Type=Application
+Exec=footclient -m tmux
+Icon=foot
+Terminal=false
+Name=Foot Client running tmux
 ```
 
-### `aminda-*.{service,socket]`
+### `aminda-*.{service,socket}`
 
 They workaround either me or the distribution messing things up. While at it,
 don't forget `/etc/sysctl.d`
@@ -305,3 +581,43 @@ it.
 - Boot with flags `enforcing=0 autorelabel` to temporarily have permissive mode
   and automatic fixing.
 - What actually worked was booting with `enforcing=0` and `sudo restorecon -R /`
+
+### Removing all flatpaks
+
+```bash
+sudo flatpak uninstall --all --assumeyes
+```
+
+Now that overwhelmingly sinking into them has been resolved, you can reinstall a
+lot of them and feel overwhelmed again!
+
+### rsync
+
+You want to use `rsync` instead of `cp` when taking a final copy of a system
+before reinstall?
+
+```bash
+# Abbreviatable as -aP?
+rsync --progress --archive <source> <destination>
+```
+
+### VeraCrypt
+
+In the beginning of 2025-06 VeraCrypt decided to not be my friend. The trick was
+downloading appimage
+[from their download page](https://veracrypt.io/en/Downloads.html), ensuring it
+was signed with a key I trusted and had previously signed,
+`5069 A233 D55A 0EEB 174A  5FC3 821A CD02 680D 16DE` and **_this is not how you
+use VeraCrypt, Linux or sudo!_**
+
+```bash
+gpg --verify VeraCrypt-1.26.24-x86_64.AppImage.sig
+mkdir VeraCrypt-1.26.24-x86_64.AppImage.config
+# NO, WRONG!
+sudo ./VeraCrypt-1.26.24-x86_64.AppImage
+```
+
+but the layered VeraCrypt package kept trying to run `/usr/sbin/true` constantly
+asking for password since `Defaults timestamp_timeout=0` and even removing that
+didn't help and theoretically this will only cause permissions issue for that
+single portable appimage configuration directory created before...

n/f-droid.md

@@ -53,9 +53,6 @@ repositories out of the box, so time to add them too.
   contains SpiritCroc's apps, mainly SchildiChat.
 - [s2.spiritcroc.de/testing/fdroid/repo](fdroidrepos://s2.spiritcroc.de/testing/fdroid/repo?fingerprint=52d03f2fab785573bb295c7ab270695e3a1bdd2adc6a6de8713250b33f231225)
   contains testing versions of SpiritCroc's apps, mainly SchildiChat.
-- [divestos.org/apks/official/fdroid/repo](fdroidrepos://divestos.org/apks/official/fdroid/repo?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467)
-  contains the DivestOS apps such as Hypatia and Mull Browser (not to be
-  confused with Mullvad Browser).
 
 ## Official repositories for a single project
 

n/fairbuds.md

@@ -24,19 +24,20 @@ _{{ page.excerpt }}_
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 <em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
 
-- [Dezponia's studio EQ](#dezponias-studio-eq)
-  - [2024-04-11](#2024-04-11)
+  - [Dezponia's studio EQ](#dezponias-studio-eq)
+    - [2024-04-11](#2024-04-11)
+- [For Fairbuds](#for-fairbuds)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
 <!-- prettier-ignore-end -->
 <!-- editorconfig-checker-enable -->
 
-## Dezponia's studio EQ
+### Dezponia's studio EQ
 
 Shamelessly copied from Matrix.
 
-### 2024-04-11
+#### 2024-04-11
 
 > My settings for Studio so far is 60hz+0db, 230hz+2db, 1.1khz+0db, 4khz+5db,
 > 10khz+4db. I think the some people may prefer +/- a db or two on the 4khz and
@@ -50,8 +51,21 @@ Shamelessly copied from Matrix.
 
 In clearer words, in the app drag the four sliders to
 
-- 0
-- 2
-- 0
-- 5
-- 4
+- 0 dB
+- 2 dB
+- 0 dB
+- 5 dB
+- 4 dB
+
+## For Fairbuds
+
+The not XL kind sliders are:
+
+- 1 dB
+- 0 dB
+- 0 dB
+- 0 dB
+- -1 dB
+- 6 dB
+- -2 dB
+- 7 dB

n/kwin.md

@@ -0,0 +1,137 @@
+---
+title: Useful KDE window rules
+excerpt:
+  KDE Window rules (kwin?) are very helpful when windows just don't align to
+  your wishes, especially on small displays like Steam Deck or when your games
+  launch positioned wrong or your gamescope fullscreen flag just gets ignored.
+layout: mini
+permalink: /n/kwin.html
+redirect_from:
+  - n/windowrules.html
+  - n/kdewindowrules.html
+sitemap: true
+lang: en
+robots: noai
+---
+
+_{{ page.excerpt }}_
+
+First step is opening `LC_ALL=C.UTF-8 systemsettings`, scrolling down to
+`Apps & Windows` where there is `Window Management` which opens a sidebar with
+`Window Rules`.
+
+Alternatively one can just second click any titlebar, choose more actions and
+select either `Window specific special settings` or
+`App specific special settings` (backtranslated from Finnish).
+
+<!-- editorconfig-checker-disable -->
+<!-- prettier-ignore-start -->
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
+
+- [Gamescope](#gamescope)
+- [Steam games without gamescope](#steam-games-without-gamescope)
+- [All apps](#all-apps)
+- [FanFicFare](#fanficfare)
+- [GNOME Console](#gnome-console)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+<!-- prettier-ignore-end -->
+<!-- editorconfig-checker-enable -->
+
+## Gamescope
+
+My first papercut that I thought for a longer time on Fedora Kinoite (instead of
+SteamOS) on Steam Deck was that my games with Heroic Launcher were focusing
+wrong, partially across the screen. A few times I just double clicked the
+titlebar to maximize it, but then I realized I can right click the window,
+select the more actions and make rules for the window. Of course the add rule
+from `systemsettings` would work too.
+
+- Description: `settings for gamescope`
+- Windows class (application): `Exact match`: `gamescope`
+- Match whole window class: `Yes`
+- Window types: `All selected`
+- _Add Property_, _Size & Position_:
+- Initial placement: `Force` `Maximized`
+  - _Originally I went just with this, but then I realized that I can fix
+    gamescope ignoring `--fullscreen` flag with the next property:_
+- _Add Property_, _Size & Position_:
+- `Fullscreen`: `Apply initially` `Yes`
+
+## Steam games without gamescope
+
+- Description: `Steam apps`
+- Windows class (application): `Partial match`: `steam_app_`
+- Match whole window class: `Yes`
+- Window types: `All selected`
+- _Add Property_, _Size & Position_:
+- `Fullscreen`: `Force` `Yes`
+
+## All apps
+
+My Steam Deck has a small display and I generally use it docked to TV, so why
+not maximize everything by another rule?
+
+- Description: `everything?`
+- Windows class (application): `Unimportant`: ``
+- Match whole window class: `Yes`
+- Window types: `Normal window`
+- _Add Property,_ _Size & Position_
+- Initial placement: `Force` `Maximized`
+
+And there is one papercut less on enjoying Fedora Kinoite on Steam Deck. I think
+this would also work with SteamOS, but that launches to game mode aka big
+display mode anyway, so it's unnecessary.
+
+Offtopic lifehack:
+
+```bash
+mkdir -p ~/.config/autostart/
+ln -nsfv /var/lib/flatpak/exports/share/applications/com.heroicgameslauncher.hgl.desktop ~/.config/autostart/
+ln -nsfv /var/lib/flatpak/exports/share/applications/com.valvesoftware.Steam.desktop ~/.config/autostart/
+```
+
+Next login you will autostart Heroic Games and Steam. I suggest visiting Heroic
+Games settings to start minimized so it will background update games and Steam
+settings to start in big picture mode, so you will have Steam Deck like
+experience even without SteamOS.
+
+With Heroic Games your mileage may vary as some games want minimizing Steam for
+controller to work, others want Steam to be quit.
+
+## FanFicFare
+
+Funnily this is the first window rule I remember making on my main laptop
+regarding FFF's browser cache feature.
+
+- Description: `Calibre FFF on top`
+- Windows class (application): `Unimportant`: ``
+- Match whole window class: `Yes`
+- Window types: `Normal window`
+- _Add Property_
+- Window title: `Exact match`: `Downloading metadata for stories`
+- _Add Property_, _Arrangement & Access_
+- Keep above other windows: `Force` `Yes`
+- _Add Property_, _Size & Position_:
+- Maximized horizontally: `Force` `No`
+- _Add Property_, _Size & Position_:
+- Maximized vertically: `Force` `No`
+
+## GNOME Console
+
+I don't remember making these settings, but they seem to be working?
+
+- Description: `Preferences for org.gnome.Console`
+- Windows class (application): `Exact match`: `kgx org.gnome.Console`
+- Match whole window class: `Yes`
+- Window types: `All selected`
+- _Add Property_ _Size & Position_
+- Position: `Apply initially`: `768` x `432`
+- _Add Property_, _Size & Position_
+- Size: `Apply initially`: `768` x `432`
+
+And my GNOME Console aka `kgx` launches on bottom right of the display.

n/obtainium.md

@@ -36,9 +36,10 @@ Android 12+.
 <em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
 
 - [Importable app list](#importable-app-list)
-- [Third party F-Droid repositories](#third-party-f-droid-repositories)
-  - [Apps within them](#apps-within-them)
+- [F-Droid repositories](#f-droid-repositories)
+  - [Apps within 3rd party F-Droid repos](#apps-within-3rd-party-f-droid-repos)
 - [App Stores](#app-stores)
+- [Selfhosting forge](#selfhosting-forge)
 - [Other noteworthy apps:](#other-noteworthy-apps)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
@@ -53,41 +54,30 @@ Android 12+.
 - For apps that require GitHub or GitLab API key to be entered into Obtainium,
   see [txt/obtainium2.txt](/txt/obtainium2.txt)
 
-## Third party F-Droid repositories
+## F-Droid repositories
 
-Aren't mass-importable sadly, but using Briar as an example:
+Aren't mass-importable sadly.
 
-- App Source URL: https://briarproject.org/fdroid
-- Override Source: F-Droid Third-Party Repo
-- App ID or Name: Briar
+- SherpaTTS
+  - https://f-droid.org/packages/org.woheller69.ttsengine/
+- Briar
+  - App Source URL: https://briarproject.org/fdroid
+  - Override Source: F-Droid Third-Party Repo
+  - App ID or Name: Briar
 
 Upon adding it will become something like the link below.
 
-### Apps within them
+### Apps within 3rd party F-Droid repos
 
 _However I would use [the F-Droid repositories directly](/n/f-droid.html)._
 
 - `https://briarproject.org/fdroid/repo?appId=org.briarproject.briar.android`
-  - Briar. Third party F-Droid repo.
-- `https://fdroid.frostnerd.com?appId=com.frostnerd.smokescreen`
-  - Nebulo. Third party F-Droid repo.
-- `https://divestos.org/apks/official/fdroid/repo?appId=us.spotco.malwarescanner`
-  - Hypatia malware scanner. Third party F-Droid repo.
-- `https://divestos.org/apks/official/fdroid/repo?appId=us.spotco.fennec_dos`
-  - Mull Browser (not to be confused with Mullvad). Often suggested as the
-    closest to [LibreWolf](https://librewolf.net) on Android. Third party
-    F-Droid repo.
+  - Briar.
 
 ## App Stores
 
 _Always exercise caution when installing apps, even from Google Play Store!_
 
-- `https://github.com/accrescent/accrescent`
-  - Accrescent is a recent App Store which I have seen recommended especially in
-    privacy circles, while it's a bit plain and doesn't have much selection yet.
-- `https://apkpure.net/apkpure/com.apkpure.aegon`
-  - APK Pure. Full of intrusive advertising, I wouldn't use it without adblocker
-    and even then would keep my family away from it.
 - `https://gitlab.com/AuroraOSS/AuroraStore`
   - Open source and anonymous interface for Google Play Store. Google doesn't
     like it, so the accounts often don't work, which is the reason this section
@@ -108,23 +98,15 @@ _Always exercise caution when installing apps, even from Google Play Store!_
     but not limited to Firefox, Chromium and other browsers based on them
     (except obviously not Google Chrome). Would install for family, if they
     didn't have Google Play Store.
-- `https://appgallery.huawei.com/app/C27162`
-  - Huawei App Gallery. I don't think I recommend it, unless it comes with your
-    phone, but it's nice to know it exists and can be installed?
 - `https://github.com/ImranR98/Obtainium`
   - An app downloader that can install apps directly from the publishers, a few
     other app stores and F-Droid repositories (see an earlier section on this
     page). But you should know that already considering this page is of no
     interest to anyone else than Obtainium users (and mainly only me).
-- `https://uptodown-android.en.uptodown.com/android`
-  - Uptodown app store, pleasant interface and not so intrusive advertising as
-    opposed to APK Pure. I would consider installing it for a family member,
-    should they reach ??? apps outside of Play Store that it offers (such as
-    AdGuard (which Google again dislikes), Telegram.org/Android...)
-- `https://lite-uptodown-app-store.en.uptodown.com/android`
-  - Lighter version for less powerful phones, thinking of you Android Go
-    Edition, or certain other 8 GB memory phones. Additionally Google is
-    stripped out of it.
+
+## Selfhosting forge
+
+- `https://git.omaps.dev/organicmaps/organicmaps` override source: Forgejo/Gitea
 
 ## Other noteworthy apps:
 

n/prettier.md

@@ -121,8 +121,8 @@ This is the file that controls [`pre-commit`]s behaviour.
 I accidentally wrote this while updating this page to reflect me using prettier
 outside of [`pre-commit`] too nowadays. This has the advantage that the same
 local environment gets reused and dependencies are managed centrally, but
-assumes everyone uses pnpm, won't work in [`pre-commit` ci] and may have other issues
-I am not thinking of as a not-coder myself.
+assumes everyone uses pnpm, won't work in [`pre-commit` ci] and may have other
+issues I am not thinking of as a not-coder myself.
 
 [`pre-commit`]: https://pre-commit.com
 [`pre-commit` ci]: https://pre-commit.ci

n/qr.md

@@ -0,0 +1,109 @@
+---
+layout: mini
+comments: true
+title: "QR CODE MAKING: BIGGER IS SMALLER"
+permalink: /n/qr.html
+sitemap: true
+excerpt:
+  WHEN YOU MAKE QR CODES, CAPITAL LETTERS MEAN SMALLER QR CODE AND OTHER NOTES
+  ON MAKING THEM.
+---
+
+# QR CODE MAKING: BIGGER IS SMALLER
+
+_{{ page.excerpt }}_
+
+That is a neat trick
+[from Terence Eden's blog where the cause is also explained](https://shkspr.mobi/blog/2025/02/why-are-qr-codes-with-capital-letters-smaller-than-qr-codes-with-lower-case-letters/).
+
+<!-- editorconfig-checker-disable -->
+<!-- prettier-ignore-start -->
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
+
+- [qrencode](#qrencode)
+- [WiFi QR codes](#wifi-qr-codes)
+  - [iwd Device Provisioning Protocol](#iwd-device-provisioning-protocol)
+- [Other methods of generating QR codes](#other-methods-of-generating-qr-codes)
+- [QR code readers](#qr-code-readers)
+  - [See also](#see-also)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+<!-- prettier-ignore-end -->
+<!-- editorconfig-checker-enable -->
+
+## qrencode
+
+`qrencode` is my favourite method of creating QR codes, with the above fact a
+small QR pointing to my website would be:
+
+- `qrencode -t utf8 -i https://aminda.eu`
+  - `-t utf8` outputs to terminal as unicode and `-i` ignores case turning input
+    UPPERCASE.
+
+However my former goto was:
+
+- `qrencode -l H -t utf8 https://aminda.eu` which would feature higher error
+  correction allowing more damage (including art) while still working.
+
+Storage:
+
+- `qrencode -i -s 6 -l H -o aminda.eu https://aminda.eu`
+  - This `-s 6` doubles the pixel size, `-l H` uses highest error correction and
+    `-o aminda.eu` outputs the image to `aminda.eu.png`. This could be converted
+    through `magick aminda.eu.png aminda.eu.jpg`
+
+However usually I end up to
+[qr.bash](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/qr.bash).
+
+## WiFi QR codes
+
+For details on the specification, please refer to
+[Barcode Contents on zxing wiki instead](https://github.com/zxing/zxing/wiki/Barcode-Contents#wi-fi-network-config-android-ios-11).
+
+- Open network with SSID `openwireless.org_nomap`:
+  `qrencode -t utf8 "WIFI:T:nopass;S:openwireless.org_nomap;;"`
+  ([wifiqr-open.bash](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/wifiqr-open.bash))
+- WPAX protected network with SSID `Hollow` and key `Bastion`:
+  `qrencode -t utf8 "WIFI:T:WPA;S:Hollow;P:Bastion;H:false;"`
+  ([wifiqr.bash](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/wifiqr.bash))
+- Hidden networks? Change the `H:false` to `H:true`.
+
+### iwd Device Provisioning Protocol
+
+If you are using iwd for WiFi management, forget the above and to add a new dpp
+capable device onto your network, instead `iwctl dpp wlan0 start-configurator`
+which requires `qrencode`.
+
+To stop provisioning new devices `iwctl dpp wlan0 stop`.
+
+Obviously don't include the dots and replace `wlan0` with your actual interface.
+
+## Other methods of generating QR codes
+
+- [DuckDuckGo search beginning with qrcode](https://start.duckduckgo.com/?q=qrcode+HELLO+WORLD)
+- [Firefox add-on: Offline QR Code Generator](https://addons.mozilla.org/firefox/addon/offline-qr-code-generator/)
+  - This has spared me headache countless times on school computers for getting
+    URL stored to my browser from school computers or virtual machines without
+    complicated setups.
+- [Chrome Web Store: QR Code](https://chromewebstore.google.com/detail/qr-code/cbimgpnbgalffiohilfglgkkhpegpjlo)
+- BinaryEye & SecUSo for Android below
+
+## QR code readers
+
+- The stock Camera app.
+  - At least on iOS and SailfishOS.
+- [BinaryEye](https://github.com/markusfisch/BinaryEye) is my go-to app for QR
+  codes and will tell you more than you might want to know about them.
+  [Google Play](https://play.google.com/store/apps/details?id=de.markusfisch.android.binaryeye),
+  [F-Droid](https://f-droid.org/en/packages/de.markusfisch.android.binaryeye/)
+- [SecUSo: Privacy Friendly QR Code Scanner for Android ](https://github.com/SecUSo/privacy-friendly-qr-scanner),
+  [Google Play](https://play.google.com/store/apps/details?id=com.secuso.privacyFriendlyCodeScanner),
+  [F-Droid](https://f-droid.org/repository/browse/?fdid=com.secuso.privacyFriendlyCodeScanner)
+
+### See also
+
+- [Mikaela/gist directory vcard](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/vcard)

n/yrityskone.md

@@ -9,9 +9,10 @@ lang: fi
 <div lang="fi">Käytettyjä enimmäkseen yrityskoneita suomalaisilta tai suomenkielisiltä
 yrityksiltä:
 
-https://cimos.fi/ https://taitonetti.fi/ https://www.inrego.fi/
+[cimos.fi](https://cimos.fi/) [inrego.fi](https://www.inrego.fi/)
+[nuvoo.com](https://nuvoo.com/)
 
-Katso myös /n/puhelin
+Katso myös [/n/puhelin](/n/puhelin)
 
 </div>
 
@@ -20,8 +21,8 @@ Katso myös /n/puhelin
 International used devices (the goal of this note is business devices, but I am
 unsure whether all here are):
 
-Hungary: https://www.marseus.com/
+Hungary: [marseus.com](https://www.marseus.com/)
 
-Czech Republic in Czech https://www.gigacomputer.cz/
+Czech Republic in Czech [gigacomputer.cz](https://www.gigacomputer.cz/)
 
 </div>

package.json

@@ -1,7 +1,14 @@
 {
 	"devDependencies": {
-		"@aminda/global-prettier-config": "2024.48.0"
+		"@aminda/global-prettier-config": "2025.26.0",
+		"@prettier/plugin-ruby": "4.0.4",
+		"@prettier/plugin-xml": "3.4.1",
+		"corepack": "latest",
+		"prettier": "3.6.2",
+		"prettier-plugin-nginx": "1.0.3",
+		"prettier-plugin-sh": "0.18.0",
+		"prettier-plugin-toml": "2.0.5"
 	},
-	"packageManager": "pnpm@9.14.2+sha512.6e2baf77d06b9362294152c851c4f278ede37ab1eba3a55fda317a4a17b209f4dbb973fb250a77abc463a341fcb1f17f17cfa24091c4eb319cda0d9b84278387",
+	"packageManager": "pnpm@10.12.4+sha512.5ea8b0deed94ed68691c9bad4c955492705c5eeb8a87ef86bc62c74a26b037b08ff9570f108b2e4dbd1dd1a9186fea925e527f141c648e85af45631074680184",
 	"prettier": "@aminda/global-prettier-config"
 }

pages/about.markdown

@@ -146,23 +146,25 @@ place, so where else should it be?
 
 _Time of writing in YYYY-MM-DD (ISO 8601): title or what it's about._
 
-- [2015-03-25: Leaving bot communities & a little on my life]({% post_url 2015-03-25-leaving-bots-life %})
+- [2015-03-25: Leaving bot communities & a little on my
+  life]({% post_url 2015-03-25-leaving-bots-life %})
 - [2015-04-03: Scum]({% post_url 2015-04-03-scum %})
   - [2015-04-01: Saasta (same in Finnish)]({% post_url 2015-04-01-saasta %})
-- [2015-05-18: Somewhat more on my life & untold background
-  of bots]({% post_url 2015-05-18-life-bot-background %})
-- [2015-06-16: Feelings and wounds of
-  school bullying]({% post_url 2015-06-16-feelings %})
+- [2015-05-18: Somewhat more on my life & untold background of
+  bots]({% post_url 2015-05-18-life-bot-background %})
+- [2015-06-16: Feelings and wounds of school
+  bullying]({% post_url 2015-06-16-feelings %})
 - [2015-06-29: Google translated "suicide post"](https://translate.google.fi/translate?sl=fi&tl=en&js=y&prev=_t&hl=fi&ie=UTF-8&u=https%3A%2F%2Fmikaela.info%2Ffinnish%2F2015%2F06%2F29%2Fminusta.html&edit-text=)
   - _I was at psychiatrical hospital after writing this._
-- [2015-09-09: The most important post that I
-  have written]({% post_url 2015-09-09-act-around-trans %})
-- [2015-11-03: I moved to Lauttasaari, Helsinki]({% post_url 2015-11-03-moving %})
+- [2015-09-09: The most important post that I have
+  written]({% post_url 2015-09-09-act-around-trans %})
+- [2015-11-03: I moved to Lauttasaari,
+  Helsinki]({% post_url 2015-11-03-moving %})
   - way too positive for this section, but where else...
 - [2015-11-21: Email to Legal Affairs Committee on how trans law must be based on the right of self-definition](https://translate.google.fi/translate?sl=fi&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fmikaela.info%2Ffinnish%2F2015%2F11%2F21%2Fsahkopostia-lakivaliokunnalle-translaki.html&edit-text=)
 - [2017-04-18: Google Translated dance lesson trauma](https://translate.google.com/translate?sl=fi&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fmikaela.info%2Ffinnish%2F2017%2F04%2F18%2Ftanssitunti.html&edit-text=)
-- [2017-04-30: After trans process and AvPD, everything
-  is OK]({% post_url 2017-04-30-post-trans %})
+- [2017-04-30: After trans process and AvPD, everything is
+  OK]({% post_url 2017-04-30-post-trans %})
 
 ---
 

pages/browser-extensions.markdown

@@ -272,7 +272,8 @@ Some notes:
   `network.dns.use_https_rr_as_altsvc` to be `true`, but they seem to default to
   true at least in Firefox Nightly so maybe no action is needed.
 - [While investingating how Android 9 Private DNS works, I also wrote a DNS
-  provider comparsion here on 2019-07-11]({% post_url blog/2019-07-11-android-private-dns-in-practice %})
+  provider comparsion here on
+  2019-07-11]({% post_url blog/2019-07-11-android-private-dns-in-practice %})
 
 ## SSDs
 

pages/irc/channel.fi.markdown

@@ -52,9 +52,10 @@ näet heidän rikkovan näitä sääntöjä, sano se._
 
 Lisälukemista:
 
-- [Pidä opit oppeina (englanniksi)]({% post_url blog/2015-04-01-keep-the-ops-opped %})
-- [Kaikkien yksityisviestien estäminen
-  oletuksena (enlanniksi)]({% post_url blog/2015-04-02-umodeg %})
+- [Pidä opit oppeina
+  (englanniksi)]({% post_url blog/2015-04-01-keep-the-ops-opped %})
+- [Kaikkien yksityisviestien estäminen oletuksena
+  (enlanniksi)]({% post_url blog/2015-04-02-umodeg %})
 
 Muutosloki
 ([GitHubissa](https://github.com/Mikaela/mikaela.github.io/commits/master/pages/channel.fi.markdown)):

pages/irc/irc.markdown

@@ -24,26 +24,32 @@ channels outside of IRC@Etro.
 _Note that this section is manually updated and might be missing some links._
 
 - General
-  - [Getting help from network operators when channel ops are away]({% post_url blog/2015-01-24-getting_help_with_channel_issues %})
+  - [Getting help from network operators when channel ops are
+    away]({% post_url blog/2015-01-24-getting_help_with_channel_issues %})
   - [Disabling DCC]({% post_url blog/2015-03-18-nodcc %})
   - [Keep the ops opped]({% post_url blog/2015-04-01-keep-the-ops-opped %})
-  - [IRC over TLS is not pointless.]({% post_url blog/2015-04-22-IRC-over-TLS %})
+  - [IRC over TLS is not
+    pointless.]({% post_url blog/2015-04-22-IRC-over-TLS %})
   - [Forming irc:// or ircs:// links]({% post_url blog/2015-05-18-ircs_links %})
-  - [Making channel secret
-    or private]({% post_url blog/2015-06-08-private_secret_channels %})
-  - [Atheme quickstart: NickServ, HostServ, ChanServ
-    & GroupServ]({% post_url blog/2015-09-19-atheme-quickstart %})
+  - [Making channel secret or
+    private]({% post_url blog/2015-06-08-private_secret_channels %})
+  - [Atheme quickstart: NickServ, HostServ, ChanServ &
+    GroupServ]({% post_url blog/2015-09-19-atheme-quickstart %})
 - Oper
-  - [Channels & Hostmask groups: A
-    Basic
+  - [Channels & Hostmask groups: A Basic
     howto]({% post_url blog/2015-01-10-channels-hostmask-groups-a-basic-howto %})
 - WeeChat
-  - [Easy instructions for using SASL PLAIN]({% post_url blog/2015-03-26-weechat-sasl-simply %})
+  - [Easy instructions for using SASL
+    PLAIN]({% post_url blog/2015-03-26-weechat-sasl-simply %})
   - [Ignoring with /filter]({% post_url blog/2015-05-31-weechat-filter %})
 - User modes
-  - [Showing public channels in whois / umode -iI]({% post_url blog/2015-03-26-umode--i %})
-  - [(Un)Setting umodes (broken from umode -iI)]({% post_url blog/2015-06-03-setting-umodes %})
+  - [Showing public channels in whois / umode
+    -iI]({% post_url blog/2015-03-26-umode--i %})
+  - [(Un)Setting umodes (broken from umode
+    -iI)]({% post_url blog/2015-06-03-setting-umodes %})
 - ZNC
-  - [ZNC 1.6.0 & SSL certificate verification]({% post_url blog/2015-02-24-znc160-ssl %})
-  - [Installing ZNC on Ubuntu using PPA]({% post_url blog/2015-05-10-znc-ubuntu %})
+  - [ZNC 1.6.0 & SSL certificate
+    verification]({% post_url blog/2015-02-24-znc160-ssl %})
+  - [Installing ZNC on Ubuntu using
+    PPA]({% post_url blog/2015-05-10-znc-ubuntu %})
 - [A couple of words on protocols (on the Discuss page)](/discuss.html#a-couple-of-words-on-protocols)

pages/matrix.markdown

@@ -27,10 +27,10 @@ I also have a [txt with a list of all my accounts](/txt/matrix.txt) which
 _Note that this section is manually updated and might be missing some links._
 
 - Critique
-  - [Inconsistency issues of Element, Element and Element, also privacy concerns]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %})
+  - [Inconsistency issues of Element, Element and Element, also privacy
+    concerns]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %})
   - [Without selfhosting a homeserver or even then, Matrix moderation tools rely
-    on security
-    through
+    on security through
     obscurity]({% post_url blog/2021-12-05-matrix-community-abuse-security-by-obscurity %})
 - [A couple of words on protocols (on the Discuss page)](/discuss.html#a-couple-of-words-on-protocols)
 
@@ -49,6 +49,11 @@ _Note that this section is manually updated and might be missing some links._
 - [What are ghost and puppets?](#what-are-ghost-and-puppets)
 - [What does the public history visibility mean? I don't want to appear in search engines](#what-does-the-public-history-visibility-mean-i-dont-want-to-appear-in-search-engines)
 - [Can I see who is in any specific room without being there?](#can-i-see-who-is-in-any-specific-room-without-being-there)
+- [How do I deal with NSFL spam?](#how-do-i-deal-with-nsfl-spam)
+  - [Disabling image previews](#disabling-image-previews)
+    - [Element Web/Desktop](#element-webdesktop)
+    - [ElementX](#elementx)
+    - [Nheko](#nheko)
 - [How can I remove my messages automatically like on Signal, WhatsApp, Telegram and everything else?](#how-can-i-remove-my-messages-automatically-like-on-signal-whatsapp-telegram-and-everything-else)
   - [How can I remove my messages automatically on Nheko?](#how-can-i-remove-my-messages-automatically-on-nheko)
   - [How can I install Nheko nightly?](#how-can-i-install-nheko-nightly)
@@ -83,11 +88,8 @@ _Note that this section is manually updated and might be missing some links._
 
 ### Where else can I read about Matrix?
 
-- [Miki is the Matrix wiki](https://en.miki.community/) where I will attempt to
-  contribute to.
 - [Matrix.org](https://matrix.org/) is the official website.
 - [My gist repository also has notes on Matrix, mostly /devtools related ones](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/matrix),
-  they predate Miki and I hope to sort more relevant or historical parts there.
   - PPFI also has
     [a couple of Matrix files](https://git.piraattipuolue.fi/Pikaviestimet/Pikaviestimet/src/branch/master/matrix),
     ([GitHub mirror](https://github.com/piraattipuolue/pikaviestimet)).
@@ -101,6 +103,9 @@ _Note that this section is manually updated and might be missing some links._
 - Cos has written
   [Matrix tips they don't tell you](https://wordsmith.social/cos/matrix-tips-they-dont-tell-you)
   containing a FAQ, hints and guides.
+- [Tune Your Chat](https://tune-your-chat.github.io/ecosystem/tune/) has a
+  similar collection of hints to this section.
+- [Ubuntu Community: Dealing with spam on Matrix](https://ubuntu.com/community/communications/matrix/spam)
 
 ### Is there any kind of Matrix etiquette I should know about?
 
@@ -166,7 +171,8 @@ there are a couple of methods to try:
 Please note that your
 **_[reactions are NOT encrypted](https://github.com/matrix-org/matrix-spec/issues/660)_**
 even in encrypted rooms. See also my blog post, [Inconsistency issues of
-Element, Element and Element, also privacy concerns]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %}).
+Element, Element and Element, also privacy
+concerns]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %}).
 
 ### What are ghost and puppets?
 
@@ -236,6 +242,93 @@ in the room and aware of the alias.
 
 Otherwise no, you cannot.
 
+### How do I deal with NSFL spam?
+
+I recommend disabling image previews in public rooms, more about that below, but
+moderators would have a couple of other options too:
+
+- Do you have a
+  [Draupnir](https://github.com/the-draupnir-project/Draupnir)/[Mjolnir](https://github.com/matrix-org/mjolnir)?
+  `!draupnir protections enable <protection-name-here>` might help you. Consider
+  especially `FirstMessageIsImageProtection` (ban user if their first user is an
+  image), `MentionLimitProtection` (remove messages if they spam ping many
+  users), `MessageIsMediaProtection` (remove files containing media),
+  `MessageIsVoiceProtection` (remove voice messages). For more information see
+  `!draupnir protections` and `!draupnir help`.
+  - I don't have an access to a Mjolnir, but I think it might have older command
+    `!mjolnir enable`, but it too should understand `!mjolnir protections` or at
+    least `!mjolnir help`.
+  - If you don't have access to either, you may be able to _request_ a
+    [Draupnir4All](https://docs.draupnir.midnightthoughts.space/) instance.
+- You could use permissions manager in room settings to disallow media files.
+  See the next bullet point, except `m.room.power_levels` and _event TODO_
+  instead of `m.room.join_rules`.
+- There is also the possibility of making your join available only through
+  knocking/request to join (if it's at least version 7 of
+  {{site.matrixLatestRoomVersion}}). Element users will find the feature from
+  labs, ElementX from developer settings (see below).
+  - Element Web also has the possibility of `/devtools`, `Explore room state`,
+    `m.room.join_rules`, `{ "join_rule": "knock" }` (if the room is at least
+    version 7 of {{site.matrixLatestRoomVersion}}). Other options include
+    `restricted` (if the room is at least version <del>8</del> 9 of
+    {{site.matrixLatestRoomVersion}}) and `knock_restricted` (if the room is at
+    least version 10 of {{site.matrixLatestRoomVersion}}), but more about that
+    in
+    [my matrix/m.room.join_rules in the gist repo](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/matrix/m.room.join_rules/README.md).
+
+#### Disabling image previews
+
+Everything is its own subheading for easier navigation through the table of
+contents on top.
+
+See also the
+[Ubuntu guide for dealing with spam](https://ubuntu.com/community/communications/matrix/spam).
+
+##### Element Web/Desktop
+
+1. Open settings
+1. Select options/preferences, I am not sure which it is in English
+1. Uncheck option "display image/media previews" or something similar. It should
+   also sync to your other Element Web/Desktop clients at least upon restart.
+
+##### ElementX
+
+If you are on an ElementX version from at least April 2025, you will find the
+option to hiding media from _advanced settings_:
+
+1.  Open settings
+1.  Open _Advanced settings_
+1.  Scroll down to _Moderation and safety_
+1.  Select _Hide media previews in timeline_. You may also like to select _Hide
+    avatars in room invite requests_.
+
+Else you will find it from _developer settings_:
+
+1. Open settings
+1. Scroll down to the version number
+1. Tap the version number several times (7 for me)
+1. Open _developer settings_ that are now visible
+1. Select the first option _Hide image & video previews_.
+   1. Note that the same menu features a _Clear cache_ button on the bottom. It
+      can help if you are stuck with spam invites from ignored user or otherwise
+      experience weirdness in the app.
+
+##### Nheko
+
+I am unsure on whether this is specific to Nightly, see below for flatpak
+installation instructions.
+
+1. Open user settings. It's on bottom left in the same row that begins with
+   create a new chat (plus symbol), room directory (looks like a building), room
+   search (ctrl + k which looks like a zooming glass) and finally the user
+   settings looking like a cog.
+1. Scroll down to timeline
+1. The third option should be _show images automatically_ which has a dropbox
+   with options _always_, _only in private rooms_ and _never_. Consider which is
+   the most appropiate for you since knocking only rooms count as private even
+   if they may be big and moderators may not know who is going to spam before
+   letting them in.
+
 ### How can I remove my messages automatically like on Signal, WhatsApp, Telegram and everything else?
 
 Matrix doesn't support it, but some clients, mainly Nheko <del>(nightly)</del>
@@ -247,7 +340,7 @@ this, consult
 
 <del>Assuming you are on nightly build,</del> there are three steps:
 
-1. In global settings of Nheko, enable _Periodically disable expired events_, it
+1. In global settings of Nheko, enable _Periodically delete expired events_, it
    will affect all profiles upon restart.
 2. In the room where you wish to automatically remove your messages, go to room
    settings and select _Configure_ next to _Automatic event deletion_. There you

pnpm-lock.yaml

@@ -8,14 +8,35 @@ importers:
   .:
     devDependencies:
       "@aminda/global-prettier-config":
-        specifier: 2024.48.0
-        version: 2024.48.0
+        specifier: 2025.26.0
+        version: 2025.26.0
+      "@prettier/plugin-ruby":
+        specifier: 4.0.4
+        version: 4.0.4(prettier@3.6.2)
+      "@prettier/plugin-xml":
+        specifier: 3.4.1
+        version: 3.4.1(prettier@3.6.2)
+      corepack:
+        specifier: latest
+        version: 0.33.0
+      prettier:
+        specifier: 3.6.2
+        version: 3.6.2
+      prettier-plugin-nginx:
+        specifier: 1.0.3
+        version: 1.0.3
+      prettier-plugin-sh:
+        specifier: 0.18.0
+        version: 0.18.0(prettier@3.6.2)
+      prettier-plugin-toml:
+        specifier: 2.0.5
+        version: 2.0.5(prettier@3.6.2)
 
 packages:
-  "@aminda/global-prettier-config@2024.48.0":
+  "@aminda/global-prettier-config@2025.26.0":
     resolution:
       {
-        integrity: sha512-GvvS91Q2ijErWIed65Nw0+mRiM7BmJqeROcKqh6IuDpa71KgZj9wJT10Z6sRcNf+ms+PmMZyqD7o42LAhYqxpg==,
+        integrity: sha512-Ny0MqK1QGNWRgR1SBbQtoupN0UmK/XYwx4uo12EI8ncEbtH6eyBJzIwes+EtCn/kXu9VzQONqnrryukjbmWOqg==,
       }
 
   "@prettier/plugin-ruby@4.0.4":
@@ -34,16 +55,23 @@ packages:
     peerDependencies:
       prettier: ^3.0.0
 
-  "@taplo/core@0.1.1":
+  "@reteps/dockerfmt@0.3.6":
     resolution:
       {
-        integrity: sha512-BG/zLGf5wiNXGEVPvUAAX/4ilB3PwDUY2o0MV0y47mZbDZ9ad9UK/cIQsILat3bqbPJsALVbU6k3cskNZ3vAQg==,
+        integrity: sha512-Tb5wIMvBf/nLejTQ61krK644/CEMB/cpiaIFXqGApfGqO3GwcR3qnI0DbmkFVCl2OyEp8LnLX3EkucoL0+tbFg==,
+      }
+    engines: { node: ^v12.20.0 || ^14.13.0 || >=16.0.0 }
+
+  "@taplo/core@0.2.0":
+    resolution:
+      {
+        integrity: sha512-r8bl54Zj1In3QLkiW/ex694bVzpPJ9EhwqT9xkcUVODnVUGirdB1JTsmiIv0o1uwqZiwhi8xNnTOQBRQCpizrQ==,
       }
 
-  "@taplo/lib@0.4.0-alpha.2":
+  "@taplo/lib@0.5.0":
     resolution:
       {
-        integrity: sha512-DV/Re3DPVY+BhBtLZ3dmP4mP6YMLSsgq9qGLXwOV38lvNF/fBlgvQswzlXmzCEefL/3q2eMoefZpOI/+GLuCNA==,
+        integrity: sha512-+xIqpQXJco3T+VGaTTwmhxLa51qpkQxCjRwezjFZgr+l21ExlywJFcDfTrNmL6lG6tqb0h8GyJKO3UPGPtSCWg==,
       }
 
   "@xml-tools/parser@1.0.11":
@@ -58,11 +86,13 @@ packages:
         integrity: sha512-wy3mC1x4ye+O+QkEinVJkPf5u2vsrDIYW9G7ZuwFl6v/Yu0LwUuT2POsb+NUWApebyxfkQq6+yDfRExbnI5rcw==,
       }
 
-  mvdan-sh@0.10.1:
+  corepack@0.33.0:
     resolution:
       {
-        integrity: sha512-kMbrH0EObaKmK3nVRKUIIya1dpASHIEusM13S4V1ViHFuxuNxCo+arxoa6j/dbV22YBGjl7UKJm9QQKJ2Crzhg==,
+        integrity: sha512-XSX4BNjdwPXjUEk7/2r0vFhs1irwVncJRMyjzDel3PVKWnHQXehciX0WkvDrd1ujLLFJRe8FeZb9ASCqBtF/OA==,
       }
+    engines: { node: ^18.17.1 || ^20.10.0 || >=22.11.0 }
+    hasBin: true
 
   prettier-plugin-nginx@1.0.3:
     resolution:
@@ -70,28 +100,28 @@ packages:
         integrity: sha512-vV5q85s8XnV6NEgvz1gVLfZhmxAxY03MyOYj2ApBpjFkbs00lRsRkTmqO9L39ADuD18z1RRCcfZ3eVxKhI/nqg==,
       }
 
-  prettier-plugin-sh@0.14.0:
+  prettier-plugin-sh@0.18.0:
     resolution:
       {
-        integrity: sha512-hfXulj5+zEl/ulrO5kMuuTPKmXvOg0bnLHY1hKFNN/N+/903iZbNp8NyZBTsgI8dtkSgFfAEIQq0IQTyP1ZVFQ==,
+        integrity: sha512-cW1XL27FOJQ/qGHOW6IHwdCiNWQsAgK+feA8V6+xUTaH0cD3Mh+tFAtBvEEWvuY6hTDzRV943Fzeii+qMOh7nQ==,
+      }
+    engines: { node: ">=16.0.0" }
+    peerDependencies:
+      prettier: ^3.6.0
+
+  prettier-plugin-toml@2.0.5:
+    resolution:
+      {
+        integrity: sha512-WjXXKQyY4TdXWHU1v73UJxK/oDLSppf+b9KrSVl2kC4ZOr9CIVPKTQ/JxttgbYMaH8r3ihw7WYhMpI1EFa1obg==,
       }
     engines: { node: ">=16.0.0" }
     peerDependencies:
       prettier: ^3.0.3
 
-  prettier-plugin-toml@2.0.1:
+  prettier@3.6.2:
     resolution:
       {
-        integrity: sha512-99z1YOkViECHtXQjGIigd3talI/ybUI1zB3yniAwUrlWBXupNXThB1hM6bwSMUEj2/+tomTlMtT98F5t4s8IWA==,
-      }
-    engines: { node: ">=16.0.0" }
-    peerDependencies:
-      prettier: ^3.0.3
-
-  prettier@3.4.0:
-    resolution:
-      {
-        integrity: sha512-/OXNZcLyWkfo13ofOW5M7SLh+k5pnIs07owXK2teFpnfaOEcycnSy7HQxldaVX1ZP/7Q8oO1eDuQJNwbomQq5Q==,
+        integrity: sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==,
       }
     engines: { node: ">=14" }
     hasBin: true
@@ -102,10 +132,10 @@ packages:
         integrity: sha512-tlbJqcMHnPKI9zSrystikWKwHkBqu2a/Sgw01h3zFjvYrMxEDYHzzoMZnUrbIfpTFEsoRnnviOXNCzFiSc54Qw==,
       }
 
-  sh-syntax@0.4.2:
+  sh-syntax@0.5.8:
     resolution:
       {
-        integrity: sha512-/l2UZ5fhGZLVZa16XQM9/Vq/hezGGbdHeVEA01uWjOL1+7Ek/gt6FquW0iKKws4a9AYPYvlz6RyVvjh3JxOteg==,
+        integrity: sha512-JfVoxf4FxQI5qpsPbkHhZo+n6N9YMJobyl4oGEUBb/31oQYlgTjkXQD8PBiafS2UbWoxrTO0Z5PJUBXEPAG1Zw==,
       }
     engines: { node: ">=16.0.0" }
 
@@ -116,29 +146,32 @@ packages:
       }
 
 snapshots:
-  "@aminda/global-prettier-config@2024.48.0":
+  "@aminda/global-prettier-config@2025.26.0":
     dependencies:
-      "@prettier/plugin-ruby": 4.0.4(prettier@3.4.0)
-      "@prettier/plugin-xml": 3.4.1(prettier@3.4.0)
-      prettier: 3.4.0
+      "@prettier/plugin-ruby": 4.0.4(prettier@3.6.2)
+      "@prettier/plugin-xml": 3.4.1(prettier@3.6.2)
+      corepack: 0.33.0
+      prettier: 3.6.2
       prettier-plugin-nginx: 1.0.3
-      prettier-plugin-sh: 0.14.0(prettier@3.4.0)
-      prettier-plugin-toml: 2.0.1(prettier@3.4.0)
+      prettier-plugin-sh: 0.18.0(prettier@3.6.2)
+      prettier-plugin-toml: 2.0.5(prettier@3.6.2)
 
-  "@prettier/plugin-ruby@4.0.4(prettier@3.4.0)":
+  "@prettier/plugin-ruby@4.0.4(prettier@3.6.2)":
     dependencies:
-      prettier: 3.4.0
+      prettier: 3.6.2
 
-  "@prettier/plugin-xml@3.4.1(prettier@3.4.0)":
+  "@prettier/plugin-xml@3.4.1(prettier@3.6.2)":
     dependencies:
       "@xml-tools/parser": 1.0.11
-      prettier: 3.4.0
+      prettier: 3.6.2
 
-  "@taplo/core@0.1.1": {}
+  "@reteps/dockerfmt@0.3.6": {}
 
-  "@taplo/lib@0.4.0-alpha.2":
+  "@taplo/core@0.2.0": {}
+
+  "@taplo/lib@0.5.0":
     dependencies:
-      "@taplo/core": 0.1.1
+      "@taplo/core": 0.2.0
 
   "@xml-tools/parser@1.0.11":
     dependencies:
@@ -148,26 +181,26 @@ snapshots:
     dependencies:
       regexp-to-ast: 0.5.0
 
-  mvdan-sh@0.10.1: {}
+  corepack@0.33.0: {}
 
   prettier-plugin-nginx@1.0.3: {}
 
-  prettier-plugin-sh@0.14.0(prettier@3.4.0):
+  prettier-plugin-sh@0.18.0(prettier@3.6.2):
     dependencies:
-      mvdan-sh: 0.10.1
-      prettier: 3.4.0
-      sh-syntax: 0.4.2
+      "@reteps/dockerfmt": 0.3.6
+      prettier: 3.6.2
+      sh-syntax: 0.5.8
 
-  prettier-plugin-toml@2.0.1(prettier@3.4.0):
+  prettier-plugin-toml@2.0.5(prettier@3.6.2):
     dependencies:
-      "@taplo/lib": 0.4.0-alpha.2
-      prettier: 3.4.0
+      "@taplo/lib": 0.5.0
+      prettier: 3.6.2
 
-  prettier@3.4.0: {}
+  prettier@3.6.2: {}
 
   regexp-to-ast@0.5.0: {}
 
-  sh-syntax@0.4.2:
+  sh-syntax@0.5.8:
     dependencies:
       tslib: 2.8.1
 

r/brave.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://fedia.io/m/technology@lemmy.world/t/1874995/Brave-CEO-rants-about-lefties-glowies-George-Soros
+permalink: /r/brave.html
+sitemap: false
+---

r/brave2.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://en.wikipedia.org/wiki/Brendan_Eich#Appointment_to_CEO_and_resignation
+permalink: /r/brave2.html
+sitemap: false
+---

r/dnt.md

@@ -5,7 +5,6 @@ redirect_from:
   - r/effdntlist.html
   - r/effdnt.html
   - r/dntallowlist.html
-  - r/dntwhitelist.html
   - r/dntlist.html
 sitemap: false
 ---

r/firefoxua.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://bugzilla.mozilla.org/show_bug.cgi?id=1840385#c2
+permalink: /r/firefoxua.html
+sitemap: false
+---

r/google.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://housefresh.com/david-vs-digital-goliaths/
+permalink: /r/google.html
+sitemap: false
+---

r/google2.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://housefresh.com/how-google-decimated-housefresh/
+permalink: /r/google2.html
+sitemap: false
+---

r/hetzner.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://en.m.wikipedia.org/wiki/Hetzner#Incidents
+permalink: /r/hetzner.html
+sitemap: false
+---

r/israel.md

@@ -0,0 +1,11 @@
+---
+redirect_to: https://globalvoices.org/2014/08/04/israel-gaza-war-data-the-art-of-personalizing-propaganda/
+permalink: /r/israel.html
+redirect_from:
+  - r/gaza.md
+  - r/gazaconflict.md
+  - r/propaganda.md
+  - r/israelgaza.md
+  - r/gazaisrael.md
+sitemap: false
+---

r/kagi.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://d-shoot.net/kagi.html
+permalink: /r/kagi.html
+sitemap: false
+---

r/whataweek.md

@@ -0,0 +1,5 @@
+---
+redirect_to: https://www.peppercarrot.com/en/viewer/misc__2022-11-02_What-a-week-huh_by-David-Revoy.html
+permalink: /r/whataweek.html
+sitemap: false
+---

txt/gamescope.txt

@@ -0,0 +1 @@
+SteamDeck=1 MANGOHUD=0 gamescope --steam --fullscreen --mangoapp -- %command%

txt/lists.txt

@@ -0,0 +1,10 @@
+https://ads-for-open-source.readthedocs.io/en/latest/_static/lists/opensource-ads.txt
+https://badblock.celenity.dev/abp/ethical_whitelist.txt
+https://big.oisd.nl
+https://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=bpc-paywall-filter.txt
+https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener-AffiliateTagAllowlist.txt
+https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt
+https://raw.githubusercontent.com/Mikaela/gist/master/DNS/blocklist.txt
+https://secure.fanboy.co.nz/fanboy-annoyance.txt
+https://small.oisd.nl
+https://www.eff.org/files/effdntlist.txt

txt/matrix.txt

@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
 My Matrix accounts
 ==================
 
@@ -6,14 +9,14 @@ Having multiple accounts on different homeservers is preferable for many reasons
 See also: https://keyoxide.org/aspe:keyoxide.org:LGWNUB7QG4M326FXXBH5Z6PLVY
 
 Primary accounts
-----------------
+- - - ----------------
 
 * matrix:u/aminda:pikaviestin.fi - main…ish
 * matrix:u/mikaela.suomalainen:matrix.org - professional context where shouldersurfing may be a concern. Also {Element,SchildiChat}-{X,Android,iOS,Next}. (Predates my December 2021 namechange a bit)
 * matrix:u/Ciblia:matrix.org - ~2016 retro MXID (nowadays they aren't allowed to have capital letters which I did by accident). Also less professional {Element,SchildiChat}-{X,Android,iOS,Next}.
 
 Others
-------
+- - - ------
 
 * matrix:u/aminda:matrix.org - https://github.com/vector-im/element-web/issues/17483
 * matrix:u/aminda:mozilla.org https://github.com/flathub/im.riot.Riot/issues/268#issuecomment-1103213448
@@ -24,32 +27,33 @@ Others
 * matrix:u/aminda:conduit.ungleich.ch - IPv6 Conduit test account, but as they may erase database at all times, it may not be me.
 * matrix:u/aminda:envs.net - you know who to blame if this account is relevant to you.
 * matrix:u/aminda:beeper.com - Beeper is building everything on top of Matrix while having their own clients and everything, so one would think it likely to be on all my devices and sending notifications, regardless of any primary status of the account. However it doesn't seem to like /e/OS and has fallen a bit out of use.
+* matrix:u/mikaela-5756df8cc43b8c6019785660:gitter.im - because Element bought Gitter and converted it to native Matrix and my account alongside it ':)
 
 Bots
-----
+- - - ----
 
 * matrix:u/mikaela.matterbridge:tedomum.net - currently used
 
 Old bots
---------
+- - - --------
 
 * matrix:u/mikaela.matterbridge:converser.eu - inactive previous iteration
 * matrix:u/aminda.matterbridge:jae.fi - https://aminda.eu/matrix/#brief-history-of-my-experiences-with-dead-homeservers
 
 Bridges
--------
+- - - -------
 
 Please refer to irc.txt, telegram.txt and xmpp.txt
 
 Deactivated accounts
---------------------
+- - - --------------------
 
 These accounts are deactivated and thus no longer usable by anyone. If they reappear, assume malicious homeserver and ACL on sight.
 
 * matrix:u/aminda:the-apothecary.club - used to exist for accessibility testing animated avatars e.g. https://github.com/vector-im/element-web/issues/18442 and https://github.com/vector-im/hydrogen-web/issues/841 . I disagree with how they run their communities and thus have deactivated the account myself.
 
 Legacy
-------
+- - - ------
 
 These homeservers no longer exist and should they reappear it's most likely not me, please kban on sight unless otherwise stated.
 
@@ -63,12 +67,19 @@ These homeservers no longer exist and should they reappear it's most likely not
 
 * * * * *
 
-PS. For SSH signature add .sig to the end of the URL
-
 Aminda Suomalainen
 aspe:keyoxide.org:LGWNUB7QG4M326FXXBH5Z6PLVY
-2024-03-11 13.47+0300
+2025-03-15 10.23+0200
 
 <!--
 vim: filetype=markdown
--->
+- - - -->
+
+-----BEGIN PGP SIGNATURE-----
+
+iI8EARYKADcWIQRp/0Vahp+QMaaR4PGZOS9iuuMHIwUCZ9U5KBkcc3VvbWFsYWlu
+ZW5AbWlrYWVsYS5pbmZvAAoJEJk5L2K64wcj11sA/3e7rR3gm/iElTN3qUCvo0+J
+11mgrR+FPHxpYUEyTDl2AQCUR3k5FPdkGx8x0su3N6gG4SkB9QQeKeniX6jUJYjO
+Cg==
+=OURq
+-----END PGP SIGNATURE-----

txt/matrix.txt.sig

@@ -1,19 +0,0 @@
------BEGIN SSH SIGNATURE-----
-U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBAK6r/D3frLQSeODt763bun
-ofCPtEmm4N2GNX8V6KQKK17Lbd3HvbIgV7eCIdbXR4EoevSWFZsOGbabRvvhk0qd5H6gn3
-0qX3wp6AbCNL+BFyNggsdYEkEIXvLrVc14lOV6ERnjMBdLfMsZpnoNRZjdqqgySiIAUN0c
-QC7kR9ghPJtH55Bk2IY4tWkRUL3ptKAZiXgG1SMuJvxgKTOeWWjWFtBY4lJ5+0iQImP9dw
-69fmQgeydMx2SA9V34mEEnVF5gt/iYFgDQFVMFsclWsxqPPvs6jiJm5rdcPDdEX1x6QAeO
-H7H/Nme3CJG7STnXEjSZfmev1Ky6JBxwP9/HAKgj0/W7bFkcW2GIeXgzFS9NEO4FPPxuS1
-1Su6rEk/5mQpma6jMuE/vfyb72cxGJq9ImbRFAYNQxd8egnz71VUHi5lFmr0emu3tF4Jih
-uBFqrjbbQKmD9YANybXejSOnQ8o6Xa6JLox0htF6IsYlV/9fF426fjcrX6iy/8SubLqovl
-YwAAAARmaWxlAAAAAAAAAAZzaGE1MTIAAAGUAAAADHJzYS1zaGEyLTUxMgAAAYCj1h8ssn
-2P7Q5ETHWUj0RGACdWQYOKJMTovbcUsztFzPEPfmwaz4OvaYhvo2YLye4F7Jcj/jOF2tfC
-46nHIyARewjP7Rxh5iVRSQbmnL987b3yDa66SDpDf/p7TV5kxXbX5aj0O6voXufIVBE/TZ
-EcFLYkic3mqiLxunSznFpoN84VtqxnL5/tvWGUf0Oq7ytdj0DWOFCZkMbOFcr+uwQvdIgG
-6IeSDpoCy4QRjn+SG5BBDrrTIPqMKL3ePHSZNuWoKULFk86AkBx4r1aMywUJZTUCIOH+XM
-40iq002BpsR+x/TrpBEK3idgcyIxTe4xrWyL5C3dhu83IZptl1FJk0RdNbCd/amLMxpOsY
-NeokVkBy16eBpFF8mHNMCiKRvI2M11R4d4gihVA/4w0sJbC8YOaxHhPBNO+71YAaGbGtME
-41uN2mtGtbV8JcechPihbbsV6oQwSeTBWodn6gbP4BH+uCfgudnI5G0QQhrvIpWrwkt6xf
-Ptv1zJxX9k96bl8=
------END SSH SIGNATURE-----

txt/obtainium.txt

@@ -1,19 +1,5 @@
-https://android-system-webview.en.uptodown.com/android
-https://apkpure.net/apkpure/com.apkpure.aegon
-https://apkpure.net/lidl-home/com.lidlhome.smart
-https://apkpure.net/sunsmart-global-uv/au.org.cancervic.globaluv
-https://apkpure.net/temperature-monitor-alarm/com.device.temperature.monitor.cpu
-https://apkpure.net/thermal-monitor/com.rollerbush.thermal
-https://apkpure.net/trichrome-library/com.google.android.trichromelibrary
-https://apkpure.net/who-mental-health-at-work/org.who.mhworkforce
-https://apkpure.net/who-myoga-app/org.who.APPMYOGA
-https://apkpure.net/wiz/com.tao.wiz
-https://apkpure.net/wiz-connected/com.wizconnected.wiz2
-https://beeper.en.uptodown.com/android
-https://beeper-mini.en.uptodown.com/android
-https://bluesky-social.en.uptodown.com/android
 https://codeberg.org/Berker/keyoxide-flutter
-https://edge-beta.en.uptodown.com/android
+https://codeberg.org/comaps/comaps
 https://f-droid.org/packages/com.apps.adrcotfas.goodtime
 https://f-droid.org/packages/com.darshancomputing.BatteryIndicatorPro
 https://f-droid.org/packages/com.jarsilio.android.autoautorotate
@@ -24,14 +10,5 @@ https://f-droid.org/packages/net.osmand.plus
 https://f-droid.org/packages/org.fdroid.basic
 https://f-droid.org/packages/org.fdroid.fdroid
 https://f-droid.org/packages/org.witness.sscphase1
-https://lite-uptodown-app-store.en.uptodown.com/android
-https://microsoft-edge-canary.en.uptodown.com/android
-https://microsoft-edge-dev.en.uptodown.com/android
-https://microsoft-edge.en.uptodown.com/android
-https://pushover.en.uptodown.com/android
-https://revolut.en.uptodown.com/android
 https://signal.org
 https://telegram.org
-https://uptodown-android.en.uptodown.com/android
-https://vlc.en.uptodown.com/android
-https://whatsapp-messenger.en.uptodown.com/android

txt/obtainium2.txt

@@ -38,15 +38,19 @@ https://github.com/HabitRPG/habitica-android
 https://github.com/iamr0s/Dhizuku
 https://github.com/IllusionMan1212/lyrics-grabbr
 https://github.com/ImranR98/Obtainium
+https://github.com/JunkFood02/Seal
 https://github.com/JunkieLabs/sensify-android
 https://github.com/karasevm/PrivateDNSAndroid
 https://github.com/kawaiiDango/pano-scrobbler
+https://github.com/KotatsuApp/Kotatsu
+https://github.com/KotatsuApp/Kotatsu-nightly
 https://github.com/krille-chan/fluffychat
 https://github.com/kylecorry31/Trail-Sense
 https://github.com/Lambada10/SongSync
 https://github.com/laurent22/joplin-android
 https://github.com/LibreShift/red-moon
 https://github.com/ligi/SurvivalManual
+https://github.com/ljmc2000/NoiseLooper
 https://github.com/markusfisch/BinaryEye
 https://github.com/mastodon/mastodon-android
 https://github.com/michaeltroger/greenpass-android
@@ -54,10 +58,10 @@ https://github.com/mjaakko/NeoStumbler
 https://github.com/mollyim/mollyim-android
 https://github.com/mollyim/mollyim-android-unifiedpush
 https://github.com/mollyim/mollyim-insider-android
+https://github.com/mpv-android/mpv-android
 https://github.com/Neamar/KISS
 https://github.com/nextcloud/android
 https://github.com/ooni/probe-android
-https://github.com/organicmaps/organicmaps
 https://github.com/OsmTravel/OsmGo
 https://github.com/pilot51/voicenotify
 https://github.com/polymorphicshade/Tubular