run prettier on markdown again?

README.md

@@ -4,7 +4,7 @@ repository as dotfiles, but historical reasons...
 # Directories explained
 
 - .mikaela — files that most likely aren't suitable for places where other
-	people than me have access too
+  people than me have access too
 - Windows — files releated to Windows
 - conf — config files like .tmux.conf
 - etc — /etc/

Windows/10to11/README.md

@@ -22,11 +22,11 @@ I think the first method is likely the best, but I cannot rule these working
 on another system out yet. They didn't work on my first system tried.
 
 - `00-AllowUpgradesWithUnsupportedTPMOrCPU.reg` - the official Microsoft
-	recommendation and the only one that should be used. If after reboot
-	nothing happens, maybe try the rest rebooting every failure.
-	- https://support.microsoft.com/windows/windows-11-n-asentaminen-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e
+  recommendation and the only one that should be used. If after reboot
+  nothing happens, maybe try the rest rebooting every failure.
+  - https://support.microsoft.com/windows/windows-11-n-asentaminen-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e
 - `01-LabConfig.reg` - widely reported to work
 - `01-Setup.reg` - ^
 - `02-DevRing.reg` - after joining the Insider program, this should enforce
-	joining to Dev ring which should offer Windows 11 instantly. It may be
-	advisable to leave after successful update.
+  joining to Dev ring which should offer Windows 11 instantly. It may be
+  advisable to leave after successful update.

Windows/DoH/README.md

@@ -3,17 +3,17 @@
 Requires Windows 11.
 
 - `GPO-EnforceDoH.reg` enables the group policy to require DoH. However it
-	didn't seem to work for me or it allowed me to set the DNS server to not
-	use DoH.
+  didn't seem to work for me or it allowed me to set the DNS server to not
+  use DoH.
 
 - `DohWellKnownServers` adds DoH support for multiple IPv4 & IPv6 addresses
-	that Windows 11 isn't shipping by default, currently:
-	- Adguard
-	- Cloudflare antimalware
-	- DNS0 (& Zero)
-	- Mullvad
-	- Mullvad Adblock
-	- Quad9 ECS (Windows 11 defaults include Quad9 default)
+  that Windows 11 isn't shipping by default, currently:
+  - Adguard
+  - Cloudflare antimalware
+  - DNS0 (& Zero)
+  - Mullvad
+  - Mullvad Adblock
+  - Quad9 ECS (Windows 11 defaults include Quad9 default)
 
 ## Configuration
 
@@ -21,6 +21,6 @@ Once Windows knows about the DoH servers (DohWellKnownServers.reg), DNS-over
 HTTPS can be enabled for:
 
 - All networks: `Windows-I (Settings) -> Network & Internet -> Advanced network settings -> WLAN -> View additional properties -> DNS Server assignment -> Edit`
-	- Same place for Ethernet etc.
+  - Same place for Ethernet etc.
 - Specific network: `Windows-I (Settings) -> Network & Internet -> WiFi -> Connected SSID -> DNS server assignment -> Edit`
-	- Note: if the all networks one is configured, there is a warning about it not being used.
+  - Note: if the all networks one is configured, there is a warning about it not being used.

Windows/IPv6.reg.markdown

@@ -3,6 +3,6 @@ Some kind of explaining for [IPv6.reg](IPv6.reg) like
 
 - Resolve IPv6 even without native connectivity.
 - Enable Teredo
-	- As EnterpriseClient so it also works when joined into domain.
+  - As EnterpriseClient so it also works when joined into domain.
 - Use `teredo.trex.fi` as Teredo server. This should be replaced with
-	something that is as near as possible.
+  something that is as near as possible.

Windows/Windows.reg.markdown

@@ -9,10 +9,10 @@ Windows Registry Editor Version 5.00
 
 - Make the file Windows Registry Editor script
 - Ask admins for password/PIN in UAC
-	- 2 would ask for yes or no, 0 disable entirely (don't do that).
+  - 2 would ask for yes or no, 0 disable entirely (don't do that).
 - prompt standard users for username and password. 2021-12-19: I don't understand this or the line below.
-	- The other option (1) doesn't even give them UAC prompt so you must
-	always login as admin to do anything.
+  - The other option (1) doesn't even give them UAC prompt so you must
+    always login as admin to do anything.
 
 ```
 "dontdisplaylastusername"=dword:00000000
@@ -39,8 +39,8 @@ Windows Registry Editor Version 5.00
 ```
 
 - Sets hardware clock to UTC time (doesn't affect system clock!)
-	- qword for 64-bit, dword for 32-bit systems. The actual reg file has
-	only qword as I haven't seen 32-bit Windowses lately.
+  - qword for 64-bit, dword for 32-bit systems. The actual reg file has
+    only qword as I haven't seen 32-bit Windowses lately.
 
 ```
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]

Windows/time/README.md

@@ -7,16 +7,16 @@ w32tm /query /peers
 ```
 
 - The list is space separated NTP servers, while I think Windows uses SNTP instead
-	of NTP.
+  of NTP.
 - `/resync` may sync current time, but is also required for the GUI
-	(Windows + I, Date & time) and following command to get aware of peers.
+  (Windows + I, Date & time) and following command to get aware of peers.
 - Shows where time is synced from and statistics.
-	- There is also `net time` to sync, I am unsure of the differences while
-	that may be blocked while the second keeps working. It may also not
-	show all the peers, just the primary one, while `w32tm` is more verbose
-	and has all of them.
+  - There is also `net time` to sync, I am unsure of the differences while
+    that may be blocked while the second keeps working. It may also not
+    show all the peers, just the primary one, while `w32tm` is more verbose
+    and has all of them.
 - As Windows doesn't support NTS and probably won't in near future, there is
-	no point in listing distant foreign servers.
+  no point in listing distant foreign servers.
 
 ## Variations
 
@@ -47,14 +47,14 @@ w32tm /config /syncfromflags:manual /manualpeerlist:"time.cloudflare.com ntp1.ko
 - https://www.netnod.se/nts/network-time-security
 - https://www.vttresearch.com/fi/palvelut/suomen-aika-ntp-palvelu#julkinen
 - https://www.ntppool.org/use.html
-	- Also mentions the syntax for multiple servers, but considering this Elisa
-	list has so many servers I am only picking one pool address just in case
-	the others somehow fail.
+  - Also mentions the syntax for multiple servers, but considering this Elisa
+    list has so many servers I am only picking one pool address just in case
+    the others somehow fail.
 
 ## Additional reading
 
 - Above links
 - https://jasoncoltrin.com/2018/08/02/how-to-set-clock-time-on-ad-domain-controller-and-sync-windows-clients/
-	- this file might not exist without this post, while it doesn't mention
-	multiple servers, uses `time.windows.com` and I am yet to actually touch
-	NTP on Windows Server environment.
+  - this file might not exist without this post, while it doesn't mention
+    multiple servers, uses `time.windows.com` and I am yet to actually touch
+    NTP on Windows Server environment.

conf/sway/README.md

@@ -25,7 +25,7 @@ methods setting fonts):
 - Document text: Noto Serif Regular 11
 - Monospace text: Noto Sans Mono Regular 10
 - Legacy window title text: Noto Serif Bold 11
-	- Apparently this means "apps that don't use client-side decorations"
+  - Apparently this means "apps that don't use client-side decorations"
 
 The number behind is obviously the number and it's based on what were the
 defaults before I touched them so I am hoping GNOME knows what they are
@@ -42,10 +42,10 @@ have trouble handling it, e.g. mpv (makes Ä and Ö and Å all Å) and Firefox
 Other font settings in GNOME-Tweak:
 
 - Hinting: _a bit_
-	- for no particular reason
+  - for no particular reason
 - Antialiasing: _Subpixel (for LCD-displays)_
-	- I have no idea where there are "standard grayscale" displays that aren't
-	LCD.
+  - I have no idea where there are "standard grayscale" displays that aren't
+    LCD.
 
 ### Screen mirroring
 
@@ -56,6 +56,6 @@ Workarounds:
 - Use VNC (see my Scripts repo [`bash/swaymirror.bash`](https://gitea.blesmrt.net/mikaela/scripts/src/branch/master/bash/swaymirror.bash))
 - Do something weird with OBS
 - Use a dedicated application that don't seem to be in Fedora repos, flatpak
-	or snap.
-	- [github.com/Ferdi265/wl-mirror](https://github.com/Ferdi265/wl-mirror)
-	- [github.com/progandy/wdomirror](https://github.com/progandy/wdomirror)
+  or snap.
+  - [github.com/Ferdi265/wl-mirror](https://github.com/Ferdi265/wl-mirror)
+  - [github.com/progandy/wdomirror](https://github.com/progandy/wdomirror)

conf/sway/config.d/README.md

@@ -5,7 +5,7 @@ Thus this `README.md` is not read, even if I happened to carelessly
 copy-paste it in.
 
 - `autostart-communication.conf` - chat/communication apps I am expected to have
-	open or at least check at times
+  open or at least check at times
 - `autostart-fineid.conf` - Finnish electric identity card, that I also use as SSH key
 - `autostart-utilities.conf` - general utilities, like `nm-applet` or VPN etc.
 - `grimshot.conf` - screenshotting keybinds using `grimshot`
@@ -13,15 +13,15 @@ copy-paste it in.
 - `keyboard.conf` - keyboard configuration
 - `media.conf` - media key configuration and autostarts related to it
 - `pointer-accel.conf` - pointer/mouse configuration, mainly setting acceleration
-	profile to `flat`
+  profile to `flat`
 - `README.md` - you are currently reading this :wink:
 - `sedric.conf` - configuration specific to my laptop hostnamed `sedric`
 - `swaybar.conf` - `swaybar` configuration
 - `swayidle.conf` - `swayidle` configuration/autostart
 - `wlsunset-kotka.conf` - `wlsunset` configuration/autostart for my hometown for when
-	I happen to visit for longer period of time
+  I happen to visit for longer period of time
 - `wlsunset-lauttasaari.conf` - `wlsunset` configuration for my home neighbourhood
 - `zz-floating.conf` - configures windows that should float. For some reason
-	that is inherited from my `i3` config, it tells to put float rules above the
-	last line, so it should be read last and `z` is the last letter of English
-	alphabet so it will hopefully be read last.
+  that is inherited from my `i3` config, it tells to put float rules above the
+  last line, so it should be read last and `z` is the last letter of English
+  alphabet so it will hopefully be read last.

etc/nginx/README.md

@@ -8,9 +8,9 @@ cannot read them from here.
 These files may age badly, so here are some hopefully timeless pointers:
 
 - Generate the config file with https://ssl-config.mozilla.org/ (and if
-	time eats it, try https://github.com/mozilla/ssl-config-generator/ in
-	hope of finding where it is now. \* Name it 00-something so it will be the first file read and make
-	everything a different file.
+  time eats it, try https://github.com/mozilla/ssl-config-generator/ in
+  hope of finding where it is now. \* Name it 00-something so it will be the first file read and make
+  everything a different file.
 - If using my acmesh-ssl.bash script, the files to fill should be like:
 
 (the script runs `$ACMESH --key-file $NGINXDIR/key.pem --fullchain-file $NGINXDIR/cert.pem --reloadcmd "$SYSTEMCTLRESTART nginx"`)
@@ -21,11 +21,11 @@ These files may age badly, so here are some hopefully timeless pointers:
 The header syntax is following, **_THIS LIKELY WON'T TIME WELL, ESPECIALLY CSP_**
 
 ```
-	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
-	add_header X-Frame-Options "SAMEORIGIN" always;
-	add_header Content-Security-Policy "block-all-mixed-content; default-src 'none'; form-action 'self'; connect-src 'self' ws: wss:; style-src 'self' https: 'unsafe-inline'; script-src 'self'; worker-src 'self'; child-src 'self'; manifest-src 'self'; font-src 'self' https:; media-src 'self' https:; img-src 'self' data: https://user-images.githubusercontent.com" always;
-	add_header X-Content-Type-Options "nosniff" always;
-	add_header Referrer-Policy "no-referrer" always;
+  add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
+  add_header X-Frame-Options "SAMEORIGIN" always;
+  add_header Content-Security-Policy "block-all-mixed-content; default-src 'none'; form-action 'self'; connect-src 'self' ws: wss:; style-src 'self' https: 'unsafe-inline'; script-src 'self'; worker-src 'self'; child-src 'self'; manifest-src 'self'; font-src 'self' https:; media-src 'self' https:; img-src 'self' data: https://user-images.githubusercontent.com" always;
+  add_header X-Content-Type-Options "nosniff" always;
+  add_header Referrer-Policy "no-referrer" always;
 ```
 
 The CSP comes from `HEAD "http://[::]:9000/#/chan-1"` to figure out what
@@ -33,9 +33,9 @@ TheLounge would be setting without a reverse proxy in front of it. `HEAD` is
 in Debian package `libwww-perl`
 
 - Refer to tester tools to see if the configuration is fine:
-	- https://observatory.mozilla.org/
-	- https://securityheaders.com/
-	- https://www.ssllabs.com/ssltest/
+  - https://observatory.mozilla.org/
+  - https://securityheaders.com/
+  - https://www.ssllabs.com/ssltest/
 
 ---
 

etc/pipewire/media-session.d/README.md

@@ -33,9 +33,9 @@ don't exist by default anymore, they need to be copied and edited separately
 See also:
 
 - https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/1220
-	- marked as duplicate of: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/207
+  - marked as duplicate of: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/207
 
 ## Bluetooth
 
 - https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
-	- https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html
+  - https://web.archive.org/web/20210614103423/https://www.redpill-linpro.com/techblog/2021/05/31/better-bluetooth-headset-audio-with-msbc.html

etc/systemd/resolved.conf.d/README.md

@@ -12,31 +12,31 @@ sudo systemctl restart systemd-resolved
 ## Files explained
 
 - `00-defaults.conf` - configuration not touching resolvers. Disables DNSSEC (as
-	systemd-resolved doesn't handle it properly), enables opportunistic DoT and
-	caching.
+  systemd-resolved doesn't handle it properly), enables opportunistic DoT and
+  caching.
 - `dot-*.conf` - configuration to use the DNS provider with DNS-over-TLS. If
-	captive portals are a concern, `DNSOverTLS=no`.
+  captive portals are a concern, `DNSOverTLS=no`.
 - `README.md` - you are reading it right now.
 
 ## General commentary
 
 - Based on my test DNSOverTLS is not supported in Ubuntu 18.04.x LTS (however
-	at the time of writing this README.md, the current version is Ubuntu 20.04.0)
-	(systemd v237). DNSOverTLS became supported in v239, strict mode (yes) in
-	v243 (big improvements in v244).
-	- TODO: find out when SNI became supported, I have just spotted it in the
-	fine manual in 2020-06-??.
+  at the time of writing this README.md, the current version is Ubuntu 20.04.0)
+  (systemd v237). DNSOverTLS became supported in v239, strict mode (yes) in
+  v243 (big improvements in v244).
+  - TODO: find out when SNI became supported, I have just spotted it in the
+    fine manual in 2020-06-??.
 - Domains has to be `.~` for them to override DHCP. See https://www.internetsociety.org/blog/2018/12/dns-privacy-in-linux-systemd
-	without which I wouldn't have got this right.
+  without which I wouldn't have got this right.
 - DNSSEC may not work if the system is down for a long time and not updated.
-	Thus `allow-downgrade` may be better for non-tech people, even with the
-	potential downgrade attack. There are also captive portals, affecting
-	`DNSOverTLS`. Both take `yes` or `no` or their own special option,
-	for DNNSEC the `allow-downgrade`, for DNSOverTLS `opportunistic`.
+  Thus `allow-downgrade` may be better for non-tech people, even with the
+  potential downgrade attack. There are also captive portals, affecting
+  `DNSOverTLS`. Both take `yes` or `no` or their own special option,
+  for DNNSEC the `allow-downgrade`, for DNSOverTLS `opportunistic`.
 
 Other links I have found important and my files are based on:
 
 - https://wiki.archlinux.org/index.php/Systemd-resolved
-	- Also provides the serious issues systemd-resolved+DNSSEC issues, https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
+  - Also provides the serious issues systemd-resolved+DNSSEC issues, https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
 - request for strict DOT: https://github.com/systemd/systemd/issues/10755
 - vulnerable to MITM: https://github.com/systemd/systemd/issues/9397

etc/systemd/system/README.md

@@ -4,12 +4,12 @@ subdirectories. The sudirectories won't exist in the real
 and I forget to update this README file if that happens.
 
 - reflector.service is copied from https://wiki.archlinux.org/index.php/Reflector
-	but uses https instead of http, because there is no reason I would want
-	someone to see what I download.
+  but uses https instead of http, because there is no reason I would want
+  someone to see what I download.
 
 ## Worth reading
 
 - Waiting for network devices to have IP address (**I only use this for
-	cables**) https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme
-	_ systemctl enable NetworkManager-wait-online.service
-	_ systemctl enable systemd-networkd-wait-online.service
+  cables**) https://wiki.freedesktop.org/www/Software/systemd/NetworkTarget/#cutthecraphowdoimakenetwork.targetworkforme
+  _ systemctl enable NetworkManager-wait-online.service
+  _ systemctl enable systemd-networkd-wait-online.service

etc/systemd/system/sailfish/README.md

@@ -3,4 +3,4 @@ Sailfish OS. It doesn't have cron, so I tried the nearest equivalent
 that is there out-of-box, systemd timers.
 
 - aliendalvik-stopper again stops android support hourly so it won't waste
-	battery.
+  battery.

var/lib/iwd/README.md

@@ -6,14 +6,14 @@ NetworkManager.
 Notes:
 
 - `git commit`ing the same SSID with different capitalisations breaks
-	Windows and more common macOS setups due to their filesystems being
-	case-insensitive.
+  Windows and more common macOS setups due to their filesystems being
+  case-insensitive.
 - `Settings.AutoConnect=true` is unnecessary as it defaults to true
-	according to `man iwd.network`.
+  according to `man iwd.network`.
 - `IPv6.Enabled=true` defauls to true being also unnecessary.
 - `private-home-sample.psk` has a comment on MAC address override and sends
-	hostname with IPv4 DHCP. `private-cafe-sample.psk` always randomizes MAC
-	address and doesn't send hostname.
+  hostname with IPv4 DHCP. `private-cafe-sample.psk` always randomizes MAC
+  address and doesn't send hostname.
 - The `.open` networks always randomize MAC address too. If a network is
-	private and needs MAC address for captive portal override or something,
-	`private-home-sample.psk` should be adjusted from.
+  private and needs MAC address for captive portal override or something,
+  `private-home-sample.psk` should be adjusted from.