diff --git a/blog - SSH tunneling.md b/blog - SSH tunneling.md
deleted file mode 100644
index 63d0212..0000000
--- a/blog - SSH tunneling.md
+++ /dev/null
@@ -1,82 +0,0 @@
-# SSH Tunneling
-
-## Local Forwarding
-
-### Examples
-
-NOTE: these use autossh to prevent the tunnel from dying
-
-Plex
-
-```shell
-autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com
-```
-
-ESXi
-
-```shell
-autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 chawley@aristotle.planethawleywood.com
-```
-
-Both ESXi and AWX
-
-```shell
-autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 -L 8091:192.168.0.25:80 chawley@aristotle.planethawleywood.com
-```
-
-Both Plex and Derry OD
-
-```shell
-autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 -L 8070:192.168.0.209:80 chawley@aristotle.planethawleywood.com
-```
-
----
-
-| Protocol | From | To | via | Notes |
-| -------- | --------------------- | ----------- | ---------------- | ----------------------------------------------------------------- |
-| SSH | my office workstation | RRD Jumpbox | chawley2@ladmin2 | I have the jumpbox host configured in.ssh/config on both machines |
-
-```shell
-ssh -N -L 8090:54.184.92.50:22 chawley2@ladmin2
-```
-
-| Protocol | From | To | via | Notes |
-| -------- | --------------------- | ----------- | ---------------- | ----------------------------------------------------------------- |
-| SSH | my office workstation | Plex (derry) | chawley@aristotle | |
-
-```shell
-ssh -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com
-```
-
-## Remote Forwarding
-
-NOTE: By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this.
-
-The following alternatives are possible:
-
-```shell
-GatewayPorts no
-```
-
-This prevents connecting to forwarded ports from outside the server computer.
-
-```shell
-GatewayPorts yes
-```
-
-This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port.
-
-### Example
-
-| Protocol | From | To | Notes |
-| -------- | --------------------- | ----------- | -------------- |
-| web | derry | overlook | This allows you to access apache web pages on derry by visiting http://overlook.planethawleywood.com:8888 as long as GatewayPorts yes is present in /etc/ssh/sshd_config (as explained above) and port 8888 is open on Overlook |
-
-```shell
-ssh -R 8888:localhost:80 root@overlook
-```
-
-## Reference
-
-* [How To Use SSH Tunneling](https://www.howtogeek.com/168145/how-to-use-ssh-tunneling/)
-* [SSH Port Forwarding Example](https://www.ssh.com/ssh/tunneling/example)
\ No newline at end of file
diff --git a/blog - hardening SSH.md b/blog - hardening SSH.md
deleted file mode 100644
index 1590a2c..0000000
--- a/blog - hardening SSH.md
+++ /dev/null
@@ -1,52 +0,0 @@
-# Hardening SSH
-
-## Summary
-
-Its about time I get a standard sshd_config file that doesn't rely on sane defaults.
-
-## Disabling Password-based Authentication
-You should disable password-based authentication altogether. Make sure to only do this once you have verified that you can log in with an account that can escalate to root - or that you have an alternate way of getting back onto your machine. To lock down your server, edit your `/etc/sshd/sshd_config` and set the following options:
-
- Protocol 2
- PermitRootLogin without-password
- PubkeyAuthentication yes
- ChallengeResponseAuthentication no
- PasswordAuthentication no
- UsePAM yes
-
-This sets a fairly strict set of defaults that should make most bots give up right after connecting. The options we used were:
-
-### Protocol
-Verify that only protocol version 2 is allowed. Theres no point in supporting the rather dated version 1 and you're only opening yourself up to ye olde bugs of old. If this reads 1 or 1,2, change it to just 2.
-
-### PermitRootLogin
-The setting without-password is a bit of a misnomer. What that does is it enables root logins, but only if the mechanism to authenticate was not a password - i.e. it enables root logins, but only for public key authentication. This is good. Never set this to yes.
-
-### PubkeyAuthentication
-Make sure this is set to yes, otherwise you wont be able to log in once you disable passwords.
-
-### ChallengeResponseAuthentication
-Set this to no to disable non-pubkey logins that could otherwise be handled through PAM.
-
-### PasswordAuthentication
-This is what we were here for: set this to no to disable tunneled clear text passwords.
-
-### UsePAM
-If your system has PAM set up, it would still be a good idea to keep this enabled even if you disabled password-based authentication. This is because PAM also provides session and account management, so set this to yes.
-
-## Restart SSH daemon
-
-All you need to do now is restart the SSH server, like so:
-
-```shell
-systemctl restart sshd
-```
-
-Note that restarting SSH will not kill your active session, so you should verify that the new settings will actually let you log in before closing your
-current session - and revert and restart SSH again if they don't. For maximum effect, make sure that SSH is the only way to log on to your server. At the very least make really certain that you don't have telnet enabled!
-
-There, now you're all set and can be very confident that bots wont be able to access your machines through SSH
-
-## Reference(s):
-
-[How to Harden SSH with Identities and Certificates](https://ef.gy/hardening-ssh)
\ No newline at end of file
diff --git a/blog - install K8s manually.md b/blog - install K8s manually.md
deleted file mode 100644
index 75c994d..0000000
--- a/blog - install K8s manually.md
+++ /dev/null
@@ -1,205 +0,0 @@
-# K8s Manual Install
-
-## Pre-requisites for each node
-
-Remove any exiting docker components (Not required if host is new)
-
-```
-sudo apt remove docker docker-engine docker.io containerd runc
-```
-
-Install required packages
-
-```
-sudo apt install curl ca-certificates apt-transport-https containerd nfs-common gpg
-```
-
-## Disable Swap
-
-```
-sudo swapoff -a
-```
-
-Comment out swap line in `/etc/fstab`
-
-```
-sudo vim /etc/fstab
-```
-
-## Create containerd conf file
-
-```
-sudo vim /etc/modules-load.d/containerd.conf
-```
-
-Add the following:
-
-```
-overlay
-br_netfilter
-```
-
-Insert the `overlay` and `br_netfilter` modules
-
-```
-sudo modprobe overlay && sudo modprobe br_netfilter
-```
-
-## Create 99-kubernetes-cri.conf file
-
-```
-sudo vim /etc/sysctl.d/99-kubernetes-cri.conf
-```
-
-Add the following:
-
-```
-net.bridge.bridge-nf-call-iptables = 1
-net.ipv4.ip_forward = 1
-net.bridge.bridge-nf-call-ip6tables = 1
-```
-
-Apply changes without reboot
-
-```
-sudo sysctl --system
-```
-
-## Create default containerd config
-
-```
-sudo mkdir /etc/containerd
-containerd config default | sudo tee /etc/containerd/config.toml
-```
-
-Make sure the following options are set in the specified locations in the file
-
-```
-version = 2
-[plugins]
- [plugins."io.containerd.grpc.v1.cri"]
- [plugins."io.containerd.grpc.v1.cri".containerd]
- [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
- [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
- runtime_type = "io.containerd.runc.v2"
- [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
- SystemdCgroup = true
-```
-[reference](https://github.com/containerd/containerd/issues/4203#issuecomment-651532765)
-
-## Restart Containerd
-
-```
-sudo systemctl restart containerd
-```
-
-## Install kubernetes repo and packages
-
-> Note: The legacy package repositories (apt.kubernetes.io and yum.kubernetes.io) have been deprecated and frozen starting from September 13, 2023. Using the new package repositories hosted at pkgs.k8s.io is strongly recommended and required in order to install Kubernetes versions released after September 13, 2023. The deprecated legacy repositories, and their contents, might be removed at any time in the future and without a further notice period. The new package repositories provide downloads for Kubernetes versions starting with v1.24.0. - [Reference](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/)
-
-These instructions are for Kubernetes 1.29.
-
-### Download the public signing key for the Kubernetes package repositories.
-
-_The same signing key is used for all repositories so you can disregard the version in the URL_
-
-```shell
-# If the folder `/etc/apt/keyrings` does not exist, it should be created before the curl command.
-# sudo mkdir -p -m 755 /etc/apt/keyrings
-curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
-```
-
-### Add the appropriate Kubernetes `apt` repository.
-_Please note that this repository has packages only for Kubernetes 1.29; for other Kubernetes minor versions, you need to change the Kubernetes minor version in the URL to match your desired minor version (you should also check that you are reading the documentation for the version of Kubernetes that you plan to install)._
-
-```shell
-# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
-echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
-```
-
-### Update the `apt` package index, install kubelet, kubeadm and kubectl, and pin their version:
-
-```shell
-sudo apt-get update
-sudo apt-get install -y kubelet kubeadm kubectl
-sudo apt-mark hold kubelet kubeadm kubectl
-```
-
----
-
-# Initialize the cluster
-
-_Perform the rest of the steps from the control-plane (master node) only!_
-
-## Initialize the cluster with kubeadm
-
-```
-sudo kubeadm init --upload-certs --pod-network-cidr 10.244.0.0/16
-```
-
-You should get output similar to the following:
-
-```
-Your Kubernetes control-plane has initialized successfully!
-
-To start using your cluster, you need to run the following as a regular user:
-
- mkdir -p $HOME/.kube
- sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
- sudo chown $(id -u):$(id -g) $HOME/.kube/config
-
-Alternatively, if you are the root user, you can run:
-
- export KUBECONFIG=/etc/kubernetes/admin.conf
-
-You should now deploy a pod network to the cluster.
-Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
- https://kubernetes.io/docs/concepts/cluster-administration/addons/
-
-Then you can join any number of worker nodes by running the following on each as root:
-
-kubeadm join 192.168.48.134:6443 --token vhcdvr.1c8gqc6s5qpiukt7 \
- --discovery-token-ca-cert-hash sha256:697968c82f451ea0174d7abcc17a7c6e347f9c55963846659233624dd10cde57
-```
-
-Follow the directions in the output to copy and change ownership on the config file.
-
-## Deploy flannel
-
-```
-kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
-```
-
-## Join worker nodes
-
-Use the command in the output to join worker nodes to the cluster.
-
-As root on each worker node:
-
-```
-kubeadm join 192.168.48.134:6443 --token vhcdvr.1c8gqc6s5qpiukt7 --discovery-token-ca-cert-hash sha256:697968c82f451ea0174d7abcc17a7c6e347f9c55963846659233624dd10cde57
-```
-
-## Verify cluster from the control-plane (Master Node)
-
-```
-kube@devitkubm1a:~$ kubectl get nodes
-```
-
-Sample output
-
-```
-NAME STATUS ROLES AGE VERSION
-devitkub1a Ready 34s v1.29.1
-devitkub1b Ready 15s v1.29.1
-devitkubm1a Ready control-plane 10m v1.29.1
-```
-
----
-
-# References
-
-* [Install Kubernetes on to bare metal servers](https://dev.azure.com/Overdrive-IT/IT-Infrastructure/_git/ansible-k8s-bare-metal?anchor=install-kubernetes-on-to-bare-metal-servers)
-* [K8S Manual Install Steps](https://dev.azure.com/OverDrive-IT/IT-Infrastructure/_wiki/wikis/IT-Infrastructure.wiki/35/K8S-Manual-Install-Steps)
-* [kubeadm reset](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-reset/)
-* [Bootstrapping clusters with kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/)
\ No newline at end of file
diff --git a/capture - Bride of Frankentein.md b/capture - Bride of Frankentein.md
deleted file mode 100644
index 128382e..0000000
--- a/capture - Bride of Frankentein.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Bride of Frankenstein
-Mary Shelley:
->"It's the perfect night for mystery and horror.
->The air itseIf is filled with monsters."
-
-Lord Byron:
->"I'm all ears!
->While heaven blasts the night without, open up your pits of hell."
-
-https://youtu.be/NgGYvuJ4JUE?si=ATDlTW7W_okoajjn&t=205
-
-https://www.youtube.com/watch?v=ZeIgj_M--gs
\ No newline at end of file
diff --git a/howto - Linode S3 Object Storage.md b/howto - Linode S3 Object Storage.md
deleted file mode 100644
index 20da2d0..0000000
--- a/howto - Linode S3 Object Storage.md
+++ /dev/null
@@ -1,40 +0,0 @@
-# Linode S3 Object Storage
-
-_Linode’s Object Storage is a globally-available, S3-compatible method for storing and accessing data. Object Storage differs from traditional hierarchical data storage, such as a traditional file system on a physical/virtual disk and Block Storage Volumes. Under Object Storage, files (also called objects) are stored in flat data structures (referred to as buckets) alongside their own rich metadata. - [https://www.linode.com/docs/products/storage/object-storage](https://www.linode.com/docs/products/storage/object-storage)_
-
-Example Bucket Name: planethawleywood
-
-
-# Install and Configure s3fs
-
-
-```
-sudo apt install s3fs
-sudo echo "ACCESSCODE:SECRETKEY" > /etc/passwd-s3fs
-sudo chmod 600 /etc/passwd-s3fs
-mkdir /mnt/data/planethawleywood-os
-```
-
-
-
-# Mount Linode S3
-
-
-## Mount from command line
-
-
-```
-s3fs planethawleywood /mnt/data/planethawleywood-os -o passwd_file=$HOME/.s3fs-creds -o url=https://us-east-1.linodeobjects.com -o use_path_request_style
-```
-
-
-
-## Mount from /etc/fstab
-
-Add this line:
-
-
-```
-planethawleywood /mnt/data/planethawleywood-os fuse.s3fs _netdev,allow_other,use_path_request_style,use_cache=/tmp,url=https://us-east-1.linodeobjects.com 0 0
-```
-