13 changed files with 58 additions and 98 deletions
--- a/docs/desktop-os/.authors.yml
+++ b/docs/desktop-os/.authors.yml
--- a/docs/desktop-os/index.md
+++ b/docs/desktop-os/index.md
@ -0,0 +1,5 @@
+# Desktop operating-system Blog
+
+The blog page of the topics particularly related to desktop operating systems. 
+
+---
--- a/docs/desktop-os/posts/01-void-install.md
+++ b/docs/desktop-os/posts/01-void-install.md
--- a/docs/desktop-os/posts/02-gentoo-openrc-install.md
+++ b/docs/desktop-os/posts/02-gentoo-openrc-install.md
--- a/docs/desktop-os/posts/03-minimal-gui-river-pipewire-openrc.md
+++ b/docs/desktop-os/posts/03-minimal-gui-river-pipewire-openrc.md
--- a/docs/index.md
+++ b/docs/index.md
@ -1,3 +1,9 @@
+---
+hide:
+  - navigation
+  - toc
+---
+
 # Welcome to the blog of the Ampel organisation

-Here we blog about various topics related to desktop and server operating systems. From base system installs to particular configuration of top level software. Always striving for simplicity, minimalism and security in each of these layers.
+Here we blog about various topics related to desktop and server operating systems. From base system installs to particular configuration of top level software. Always striving for simplicity, minimalism and security in each of these layers.
--- a/docs/server-os/.authors.yml
+++ b/docs/server-os/.authors.yml
@ -0,0 +1,13 @@
+authors:
+  luc:
+    name: "Luc"
+    description: ""
+    avatar: "https://git.ampel.dev/avatars/cbd8e77b1f18b62a6a8dc56124238153?size=512"
+    slug: "luc"
+    url: "https://git.ampel.dev/luc"
+  nils:
+    name: "Nils"
+    description: ""
+    avatar: "https://git.ampel.dev/avatars/caa9d4634a522b6e874804a280ce6d1001e4213b5e9db9ec965641269f862623?size=512"
+    slug: "nils"
+    url: "https://git.ampel.dev/nils"
--- a/docs/server-os/index.md
+++ b/docs/server-os/index.md
@ -0,0 +1,5 @@
+# Server operating-system Blog
+
+The blog page of the topics particularly related to server operating systems. 
+
+---
--- a/docs/server-os/posts/01-alpine-install.md
+++ b/docs/server-os/posts/01-alpine-install.md
--- a/docs/server-os/posts/02-security-improvements.md
+++ b/docs/server-os/posts/02-security-improvements.md
@ -9,7 +9,6 @@ authors:
 tags:
    - Alpine Linux
    - Gentoo Linux
-    - Void Linux
 categories:
    - Security
 ---
@ -24,24 +23,9 @@ Linux Security Modules (LSM) is a framework that allows the implementation of va

 These security modules may be enabled by adding them to the kernel `cmdline`:

-=== "Alpine Linux"
-
-    ``` shell title="/etc/kernel-hooks.d/secureboot.conf"
-    cmdline="... lsm=landlock,lockdown,yama,integrity ..."
-    ```
-
-=== "Gentoo Linux"
-
-    ``` shell title="/etc/kernel/cmdline"
-    ... lsm=landlock,lockdown,yama,integrity ...
-    ```
-
-=== "Void Linux"
-
-    ``` shell title="/etc/dracut.conf.d/cmdline.conf"
-    kernel_cmdline="... lsm=landlock,lockdown,yama,integrity ..."
-    ```
-
+``` shell title="/etc/kernel/cmdline"
+... lsm=landlock,lockdown,yama,integrity ...
+```

 ### Landlock

@ -85,55 +69,23 @@ AppArmor is a security module that provides a simpler alternative to SELinux. It
    sh# apk add apparmor apparmor-utils apparmor-profiles
    ```

-    and add it to the boot runlevel:
-
-    ``` shell-session
-    sh# rc-update add apparmor boot
-    ```
-
 === "Gentoo Linux"

    ``` shell-session
    sh# emerge -a apparmor apparmor-utils apparmor-profiles
    ```
-    
-    and add it to the boot runlevel:

-    ``` shell-session
-    sh# rc-update add apparmor boot
-    ```
+and add it to the boot runlevel:

-=== "Void Linux"
-
-    ``` shell-session
-    sh# xbps-install apparmor apparmor-utils apparmor-profiles
-    ```
-
-    and add the service:
-
-    ``` shell-session
-    sh# ln -s /etc/sv/apparmor /var/service
-    ```
+``` shell-session
+sh# rc-update add apparmor boot
+```

 Add `apparmor` to the kernel `cmdline` to make it operational:

-=== "Alpine Linux"
-
-    ``` shell title="/etc/kernel-hooks.d/secureboot.conf"
-    cmdline="... lsm=...,apparmor apparmor=1 ..."
-    ```
-
-=== "Gentoo Linux"
-
-    ``` shell title="/etc/kernel/cmdline"
-    ... lsm=...,apparmor apparmor=1 ...
-    ```
-
-=== "Void Linux"
-
-    ``` shell title="/etc/dracut.conf.d/cmdline.conf"
-    kernel_cmdline="... lsm=...,apparmor apparmor=1 ..."
-    ```
+``` shell title="/etc/kernel/cmdline"
+... lsm=...,apparmor apparmor=1 ...
+```

 Then reconfigure the `kernel`:

@ -149,12 +101,6 @@ Then reconfigure the `kernel`:
    sh# emerge --config gentoo-kernel
    ```

-=== "Void Linux"
-
-    ``` shell-session
-    sh# xbps-reconfigure -f linux<version>
-    ```
-
 You can check the status of `apparmor` with `apparmor-utils`:

 ``` shell-session
@ -165,23 +111,9 @@ sh# aa-status

 Boot parameters configure the bootloader to parse the relevant settings to the kernel at boot. Hardening the boot process will improve the overall security of the system. The listed boot parameters in this chapter can be parsed into the kernel `cmdline`:

-=== "Alpine Linux"
-
-    ``` shell title="/etc/kernel-hooks.d/secureboot.conf"
-    cmdline="... slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on ..."
-    ```
-
-=== "Gentoo Linux"
-
-    ``` shell title="/etc/kernel/cmdline"
-    ... slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on ...
-    ```
-
-=== "Void Linux"
-
-    ``` shell title="/etc/dracut.conf.d/cmdline.conf"
-    kernel_cmdline="... slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on ..."
-    ```
+``` shell title="/etc/kernel/cmdline"
+... slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on ...
+```

 ### Mitigations of system vulnerabilities

@ -343,12 +275,6 @@ The default memory allocator of `musl` is already reasonably secure but not as s
    sh# emerge -a hardened-malloc
    ```

-=== "Void Linux"
-
-    ``` shell-session
-    sh# xbps-install hardened-malloc
-    ```
-
 and set it to system-wide edit:

 ``` shell title="/etc/ld-musl-x86_64.path"
@ -382,14 +308,8 @@ Improve the security of the system by increasing the entropy with the `jitterent
    sh# emerge -a jitterentropy
    ```

-=== "Void Linux"
-
-    ``` shell-session
-    sh# xbps-install jitterentropy
-    ```
-
 and make sure that the module gets loaded:

 ``` shell title="/etc/modules-load.d/entropy.conf"
 jitterentropy_rng
-```
+```
--- a/docs/server-os/posts/03-container-management-podman-runit.md
+++ b/docs/server-os/posts/03-container-management-podman-runit.md
--- a/docs/server-os/posts/04-maintaining-zfs-system.md
+++ b/docs/server-os/posts/04-maintaining-zfs-system.md
--- a/mkdocs.yml
+++ b/mkdocs.yml
@ -13,6 +13,8 @@ theme:
  features:
    - navigation.instant
    - navigation.instant.progress
+    - navigation.indexes
+    - navigation.tabs
    - navigation.sections
    - toc.follow
    - search.suggest
@ -21,8 +23,8 @@ theme:
    - content.tabs.link
    - content.code.copy
    - content.code.annotate 
-  #logo: assets/ampel-logo.png
-  #favicon: assets/ampel-logo.png
+#  logo: assets/ampel-logo.png
+#  favicon: assets/ampel-logo.png
  palette:  
    - media: "(prefers-color-scheme: light)"
      scheme: default
@ -58,4 +60,13 @@ plugins:
  - search
  - tags
  - blog:
-      blog_dir: .
+      blog_dir: desktop-os
+  - blog:
+      blog_dir: server-os
+
+nav:
+  - 'Home': index.md
+  - 'Desktop OS':
+    - desktop-os/index.md
+  - 'Server OS':
+    - server-os/index.md