linux/ssh: improved ssh key login with link to automation video

templates/docker-compose.md

@@ -45,6 +45,9 @@ Set the following volumes with the -v tag.
 ### rebuild.sh
 
 ```sh
+#!/bin/sh
+docker-compose down
+docker-compose up -d
 ```
 
 <!-- ### .env -->

templates/program.md

@@ -12,3 +12,7 @@ package.
 
 This section addresses the usage of /name/.
 /basic description for usage/
+
+## Troubleshooting 
+
+This section will focus on errors and the fixing of errors of /name/.

wiki/airsonic.md

@@ -7,7 +7,7 @@ Airsonic is not maintained anymore and therefore deprecated.
 A more modern implementation of it is
 [Airsonic-Advanced](./airsonic-advanced.md).
 
-## Set up
+## Setup
 
 The software can be setup via [Docker](/wiki/docker.md) with the
 [linuxserver image](./docker/linuxserver_-_airsonic.md).

wiki/android.md

@@ -44,6 +44,36 @@ This section addresses various useful applications.
 - [Markor](https://github.com/gsantner/markor) is a text editor supporting
   [Markdown](/wiki/markup_language.md)
 
+## Improve Security and Privacy
+
+Security and privacy are important topics, especially so when dealing with mobile phones.
+This section focusses on improving them on a standard Android system.
+
+The Elecronic Frontier Foundation recommends the following changes in their guide 
+[Guide](https://ssd.eff.org/module/how-to-get-to-know-android-privacy-and-security-settings).
+
+- [2FA](#multi-factor-authentication)
+- A strong password (though the usage of biometrics is not recommended due to the possibility of
+  being physically forced to unlock a phone with them)
+- Privacy permission
+- Find my device
+- Theft protection
+- Google privacy checkup
+- Backups (though the usage of them gives data to Google, so it may rather be turned off)
+- Disable WEP networks
+- Obscure lockscreen notifications
+
+The YouTube Channel 9to5Google also has a 
+[video on security and privcacy](https://www.youtube.com/watch?v=eswIeNxSIqo) which additionally
+suggest the following changes.
+
+- Alert when clipboard is accessed
+- Enable app pinnig
+
+Another option to add which may not improve security or privacy but improves usability - especially
+if a difficult passphrase is used - is the enabling of "Extend Unlock".
+There "Trusted Devices" can be set or the "On-body Detection" can be enabled.
+
 ## Multi-Factor Authentication
 
 [Multi-factor authentication](/wiki/multi-factor_authentication.md) can easily be set up on android

wiki/docker/actualbudget_-actual-server.md

@@ -0,0 +1,67 @@
+# actualbudget - actual-server
+
+This is a [Docker](/wiki/docker.md) container for an actualbudget server.
+The official container and documentation was made by
+[actualbudget](https://actualbudget.org/docs/install/docker/).
+This docker-rebuild is made up by a `docker-compose.yml` file.
+
+## Set-up
+
+Create the files `rebuild.sh`, `docker-compose.yml` at the same
+place.
+Change the settings according to your needs and run `./rebuild.sh` afterwards.
+
+### Ports
+
+Set the following ports in the `ports:` section.
+
+| Container Port | Recommended outside port | Protocol  | Description   |
+| -------------- | ------------------------ | --------- | ------------- |
+| `5006`         | `5006`                   | TCP       | WebUI         |
+
+### Volumes
+
+Set the following volumes with the -v tag.
+
+| Outside mount/volume name | Container mount | Description        |
+| ------------------------- | --------------- | ------------------ |
+| `actual`                  | `/data`         | Actual Budget data |
+
+### rebuild.sh
+
+```sh
+#!/bin/sh
+docker-compose down
+docker-compose up -d
+```
+
+### docker-compose.yml
+
+```yml
+version: '3'
+services:
+  actual_server:
+    image: docker.io/actualbudget/actual-server:latest
+    ports:
+      # This line makes Actual available at port 5006 of the device you run the server on,
+      # i.e. http://localhost:5006. You can change the first number to change the port, if you want.
+      - '5006:5006'
+    # environment:
+      # Uncomment any of the lines below to set configuration options.
+      # - ACTUAL_HTTPS_KEY=/data/selfhost.key
+      # - ACTUAL_HTTPS_CERT=/data/selfhost.crt
+      # - ACTUAL_PORT=5006
+      # - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
+      # - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
+      # - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
+      # See all options and more details at https://actualbudget.github.io/docs/Installing/Configuration
+      # !! If you are not using any of these options, remove the 'environment:' tag entirely.
+    volumes:
+      # Change './actual-data' below to the path to the folder you want Actual to store its data in on your server.
+      # '/data' is the path Actual will look for its files in by default, so leave that as-is.
+      - actual:/data
+    restart: unless-stopped
+
+volumes:
+   actual:
+```

wiki/docker/ollama_-_ollama.md

@@ -0,0 +1,40 @@
+# ollama - ollama
+
+This is a [Docker](/wiki/docker.md) container for an ollama server.
+The official container and documentation was made by
+[ollama](https://hub.docker.com/r/ollama/ollama).
+
+## Set-up
+
+Create the file `rebuild.sh`.
+Change the settings according to your needs and run `./rebuild.sh` afterwards.
+
+## Ports
+
+Set the following ports in the `ports:` section.
+
+| Container Port | Recommended outside port | Protocol  | Description         |
+| -------------- | ------------------------ | --------- | ------------------- |
+| `11434`        | `11434`                  | TCP       | Communications port |
+
+## Volumes
+
+Set the following volumes with the -v tag.
+
+| Outside mount/volume name | Container mount | Description   |
+| ------------------------- | --------------- | ------------- |
+| `ollama`                  | `/root/.ollama` | Ollama data |
+
+## rebuild.sh
+
+```sh
+#!/bin/sh
+docker stop ollama
+docker rm ollama
+docker pull ollama/ollama
+docker run --name ollama \
+    --restart unless-stopped \
+    -p 11434:11434 \
+    -v ollama:/root/.ollama \
+    -d ollama/ollama
+```

wiki/docker/open-webui_-_open-webui.md

@@ -0,0 +1,41 @@
+# open-webui - open-webui
+
+This is a [Docker](/wiki/docker.md) container for a Open WebUI server.
+The official container and documentation was made by
+[open-webui](https://github.com/open-webui/open-webui).
+
+## Set-up
+
+Create the file `rebuild.sh`.
+Change the settings according to your needs and run `./rebuild.sh` afterwards.
+
+## Ports
+
+Set the following ports in the `ports:` section.
+
+| Container Port | Recommended outside port | Protocol  | Description   |
+| -------------- | ------------------------ | --------- | ------------- |
+| `11434`        | `8080`                   | TCP       | WebUI         |
+
+## Volumes
+
+Set the following volumes with the -v tag.
+
+| Outside mount/volume name | Container mount     | Description     |
+| ------------------------- | ------------------- | --------------- |
+| `open-webui`              | `/app/backend/data` | Open WebUI data |
+
+## rebuild.sh
+
+```sh
+#!/bin/sh
+docker stop openwebui
+docker rm openwebui
+docker pull ghcr.io/open-webui/open-webui:main
+docker run --name openwebui \
+    --restart unless-stopped \
+    -p 11434:8080 \
+    -v open-webui:/app/backend/data \
+    -d ghcr.io/open-webui/open-webui:main
+
+```

wiki/linux/arch-linux.md

@@ -122,13 +122,3 @@ For this type in user name and password some moments after the perceived freeze
 would do if the login screen came up.
 If the graphical interface still does not work, the command to start the graphical interface (like 
 `startx` for [X11](/wiki/linux/x_window_system.md) systems) can also work.
-
-### `/usr/lib/firmware/nvidia/ad104` exists in filesystem linux-firmware-nvidia
-
-This error comes from a decision to split the firmware modules into different parts.
-An easy way to fix it is by simply reinstalling the `linux-firmware` package and updating the
-packages of the system.
-
-```sh 
-pacman -Syu linux-firmware
-```

wiki/linux/gpg.md

@@ -10,6 +10,8 @@ On most linux distributions GPG can be installed with the `gnupg` package.
 
 ## Usage
 
+This section addresses the usage of the Open GPG.
+
 ### Generating a Key Pair
 
 A fast way to generate a key pair is by running the following command.
@@ -100,3 +102,33 @@ Replace `<id>` with the identifier of the key that should be received and truste
 gpg --recv-key <id>
 gpg --lsign <id>
 ```
+
+## Troubleshooting 
+
+This section will focus on errors and the fixing of errors of GPG.
+
+### `keyblock resource '.../pubring.kbx': No such file or directory`
+
+This error mostly occurs when updating packages via various
+[package managers](/wiki/linux/package_manager.md).
+It can easily be fixed by running the following command.
+Which will (re-)generate the needed files and directories for GPG.
+
+```sh 
+dirmngr
+```
+
+### `gpg: keyserver receive failed: No data`
+
+This error mostly occurs when updating packages via various
+[package managers](/wiki/linux/package_manager.md).
+It prevents specific packages from installing after the PGP key is not imported correctly.
+This can be fixed by importing the PGP key manually by the following command.
+In this command `<key-id>` is the id for the PGP key given by the package manager before the error
+occurs.
+`hkp://pgp.rediris.es` is a key server that can be used but other possibilities are available and
+can and should be used depending on the location.
+
+```sh 
+gpg --keyserver hkp://pgp.rediris.es --recv-key <key-id>
+```

wiki/linux/package_manager.md

@@ -240,7 +240,17 @@ Exec = /bin/bash -c "[[ -f \"/proc/modules\" && ! -d \"/usr/lib/modules/$(uname
 
 ### Troubleshooting
 
-This section addresses various uses of the pacman and yay package managers.
+This section will focus on errors and the fixing of errors of package managers.
+
+#### `/usr/lib/firmware/nvidia/ad104` exists in filesystem linux-firmware-nvidia
+
+This error comes from a decision to split the firmware modules into different parts.
+An easy way to fix it is by simply reinstalling the `linux-firmware` package and updating the
+packages of the system.
+
+```sh
+pacman -Syu linux-firmware
+```
 
 #### Update Mirrorlist
 
@@ -252,11 +262,6 @@ This can be fixed by updating it with the following command:
 curl -o /etc/pacman.d/mirrorlist https://archlinux.org/mirrorlist/all/
 ```
 
-### Troubleshooting
-
-This section addresses various errors that can happen when using the package managers yay and
-pacman.
-
 #### Error While Importing Keys
 
 Both `yay` and `pacman` use [GPG keys](/wiki/linux/gpg.md).

wiki/linux/ssh.md

@@ -41,8 +41,14 @@ You can use the modified command below for ease of use:
 cat ~/.ssh/id_rsa.pub | ssh username@server 'cat >> ~/.ssh/authorized_keys'
 ```
 
+This can also be more or less fully automated using the `-G` flag of SSH as described in 
+[a YouTube video by nixhero](https://www.youtube.com/watch?v=xCX14u9XzE8).
+
 ### Mount Directory With SSHFS
 
+This section is loosely based on
+[a GitHub comment by mlopezgva](https://github.com/VSCodium/vscodium/discussions/693).
+
 To mount a directory (in this case called `directory`) from a remote server
 (in this case called `server` also can be substituted by something like
 `user@server-ip`) on a local mount (in this case `mountpoint`) run:
@@ -51,6 +57,12 @@ To mount a directory (in this case called `directory`) from a remote server
 sshfs server:/directory mountpoint
 ```
 
+This can be very useful when trying to code on a remote machine but wanting to use the local
+instance of a text editor.
+
+Services that are hosted and use ports on a remote server can be tunneled as described in
+[the corresponding section](#port-tunneling) to setup complete remote development.
+
 ### Shorten SSH Connection Commands
 
 By adding the following lines to the file `~/.ssh/config` the command of an SSH
@@ -62,11 +74,17 @@ Host server
 	User user
 ```
 
-### Server Setup 
+### X-Forwarding
 
-[Source](https://tutorials.rc.nectar.org.au/x11forwarding/02-enable-x11-on-virtual-machine)
-For the server setup edit the file `/etc/ssh/sshd_config` and make sure X-Forwarding is enabled by
-editing a line to look like the following.
+The following sections address the usage of X-forwarding which makes it possible to use graphical
+programs remotely over SSH.
+
+#### Enabling X-Forwarding on a Server
+
+This section is based on a
+[blog by rc nectar](https://tutorials.rc.nectar.org.au/x11forwarding/02-enable-x11-on-virtual-machine).
+For the server setup of X-forwarding edit the file `/etc/ssh/sshd_config` and make sure
+X-forwarding is enabled by editing a line to look like the following.
 
 ```txt
 X11Forwarding yes
@@ -78,27 +96,64 @@ Make sure to restart the SSH daemon afterwards by running the following command.
 service sshd restart
 ```
 
-Afterwards X-Forwarding should be enabled on the server.
+Afterwards X-forwarding should be enabled on the server.
 For full functionality install the `x11-apps` package aswell.
 
-#### Client Setup
+#### Enabling X-Forwarding on a Client
 
-Auf dem Server ist das so genannte X-Forwarding aktiviert.
-Das bedeutet, dass es möglich ist, graphische Programme aufzurufen und diese über eine SSH-Verbindung darstellen zu lassen.
-Bei einem klassischen Login mittels des Terminals und dem `ssh`-Befehl kann dieser um die Flag `-C` erweitert werden
-Der komplette Befehl sieht dann wie folgt aus, wobei sich der Name für `<host>` aus dem [Setup-Abschnitt](#setup) ergibt.
+To use X-forwarding when connecting use the `-C` flag as shown in the following example.
 
 ```sh
 ssh -C <host>
 ```
 
-Die `-C`-Flag kann in der [`config`-Datei](#setup) vermerkt werden, sodass sie nicht extra angeführt werden muss.
-Dafür müssen die beiden folgenden Zeilen in die `config` unter dem entsprechenden Eintrag eingefügt werden.
+The `-C` flag can also be noted in the config file so that it does not have to be specified each
+time.
+This can be achieved by editing the config file which is located at `~/.ssh/config` and include the
+following lines.
 
 ```
     ForwardX11 yes
     ForwardX11Trusted yes
-``` 
+```
 
-Die Funktion des X-Forwardings kann geprüft werden, indem man sich beim Server einloggt und dann `xclock` aufruft.
-Bei korrekter Konfiguration sollte sich nun eine graphische Oberfläche öffnen, die die Uhrzeit anzeigt.
+The functionality of X-forwarding can easily be tested by running a graphical program when remotely
+connected.
+An example for this could be the simple clock program `xclock`.
+
+### Port Tunneling
+
+This section is based on the
+[documentation of PostgreSQL](https://www.postgresql.org/docs/current/ssh-tunnels.html).
+
+A specific port can be tunneled from a remote host to a client via SSH.
+This could be especially useful when coding remotely and wanting to access a database like
+PostgreSQL or other services.
+For the forwarding of a port run the following command.
+`<local address>` (for example `localhost`) and  `<local port>` (for example `63333`) are the
+target (and most of the time local) address and port to tunnel the service to.
+`<address of server>` (for example `joe@foo.com` or an alias) specifies the address and username of
+the server that hosts the service and `<port of service>` (for example `5432`) describes the port
+it is running at.
+
+```sh
+ssh -f -N -L <local port>:<local address>:<port of service> <address of server>
+```
+
+After running the command the tunnel will stay established until the process is killed.
+This can be done by running a command identical or similar to the following which is used to find
+the process.
+
+```sh
+ps aux | grep "ssh -f -N -L <local port>"
+```
+
+Afterwards it can be killed by running the follwing command where `<process-id>` is the id of the
+process found with the previous command.
+
+```sh
+kill <process-id>
+```
+
+Files that are based on a remote server can be mounted as described in
+[the corresponding section](#mount-directory-with-sshfs) to setup complete remote development.

wiki/linux/watson.md

@@ -7,7 +7,7 @@
 
 On most Linux distributions Watson can be installed with the `watson` package.
 Additionally Watson can be installed using Pythons pip package manager.
-The pip package is called ´td-watson`.
+The pip package is called `td-watson`.
 Alternatively it can be installed via [GitHub](https://github.com/TailorDev/Watson).
 
 ## Usage

wiki/obs.md

@@ -31,12 +31,11 @@ The removed background can be replaced with color key filters.
 
 #### Installation
 
-Made by royshil
-[the GitHub page](https://github.com/royshil/obs-backgroundremoval#linux)
-describes various possibilities to install the background removal for OBS on
-different systems.
-On Linux systems background removal is often contained in a package named
-`obs-backgroundremoval` or similarly.
+Made by royshil [the GitHub page](https://github.com/royshil/obs-backgroundremoval#linux) describes
+various possibilities to install the background removal for OBS on different systems.
+On Linux systems background removal is often contained in a package named `obs-backgroundremoval`
+or similarly.
+Afterwards the background removal can be added as a filter on a input source.
 
 ## Troubleshooting
 

wiki/open_webui.md

@@ -0,0 +1,42 @@
+# Open WebUI
+
+[Open WebUI](https://openwebui.com/) is a self-hostable artifical intelligence interface that
+allows different workflows and even offline operation.
+
+## Setup
+
+The software can be setup via [Docker](/wiki/docker.md) with the
+[open-webui image](/wiki/docker/open-webui_-_open-webui.md).
+
+Additionally a provider for the artificial intelligence is needed.
+This can be done by using Ollama which can be setup via docker with the
+[ollama image](/wiki/docker/ollama_-_ollama.md).
+When using this option the address and port for Ollama has to be set in the admin settings of
+WebUI.
+
+Alternatively to a self-hosted Ollama also the official ChatGPT service can be linked to WebUI.
+This also has to be set up in the admin settings.
+
+## Usage
+
+This section addresses the usage of the Open WebUI.
+
+### Downloading and Selecting New Models
+
+Models are not downloaded via the Open Webui directly.
+In fact they are managed by the provider of the AI.
+When using Ollama as described in [the setup section](#setup) the following commands can be used to
+list available networks.
+
+```sh 
+ollama list
+```
+
+Afterwards a model can be selected and pulled by using the following command. `<model>` is the name
+of the model obtained in the previous step (for example `deepseek-r1`).
+
+```sh 
+ollama pull <model>
+```
+
+After the downloading of the model it has to be set in the admin settings of WebUI.

wiki/thunderbird.md

@@ -14,3 +14,17 @@ This section is based on a
 The dark theme can not be enabled from the default preferenes or settings.
 To turn on the dark theme navigate to `Tools` and `Add-ons and Themes`.
 There select `Enable` for the theme of your choice.
+
+### List of Useful Extensions
+
+The following is a list of useful extensions for Thunderbird.
+
+- "*cloud - FileLink for Nextcloud and ownCloud" is an extension which allows the easy creation and
+  sharing of file links to a custom [Nextcloud](/wiki/nextcloud.md) or
+  [ownCloud](/wiki/owncloud.md) instance.
+- "Dark Reader" is an extension similar to
+  [Firefox'](/wiki/firefox.md#list-of-useful-firefox-add-ons) "Dark Reader" extension that adds
+  a dark mode for websites.
+- "Send Later" is an extension which allows for the scheduling of mails.
+- "Signature Switch" is an extension which adds different signatures for different purposes and
+  allows easy and automatic switching between them.