talks: reorganize into folders without breaking links

Signed-off-by: Xe Iaso <me@xeiaso.net>

23 files changed, 239 insertions, 190 deletions

diff --git a/lume/src/talks/2018/_data.yml b/lume/src/talks/2018/_data.yml
new file mode 100644
index 0000000..5a723b1
--- /dev/null
+++ b/lume/src/talks/2018/_data.yml
@@ -0,0 +1 @@
+year: 2018
diff --git a/lume/src/talks/irc-why-it-failed-2018-05-17.md b/lume/src/talks/2018/irc-why-it-failed.md
index e409ebe..2e5cf76 100644
--- a/lume/src/talks/irc-why-it-failed-2018-05-17.md
+++ b/lume/src/talks/2018/irc-why-it-failed.md
@@ -2,6 +2,7 @@
 title: "IRC: Why it Failed"
 date: 2018-05-17
 slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/irc-why-it-failed.pdf
+basename: ../irc-why-it-failed-2018-05-17
 ---
 
 A brief discussion of the IRC protocol and why it has failed in today's internet.
diff --git a/lume/src/talks/thinking-different-2018-11-03.md b/lume/src/talks/2018/thinking-different.md
index 05581d8..3250795 100644
--- a/lume/src/talks/thinking-different-2018-11-03.md
+++ b/lume/src/talks/2018/thinking-different.md
@@ -1,6 +1,7 @@
 ---
 title: "Thinking Different"
 date: 2018-11-03
+basename: ../thinking-different-2018-11-03
 slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/thinking-different.pdf
 ---
 
diff --git a/lume/src/talks/2019/_data.yml b/lume/src/talks/2019/_data.yml
new file mode 100644
index 0000000..70940ea
--- /dev/null
+++ b/lume/src/talks/2019/_data.yml
@@ -0,0 +1 @@
+year: 2019
diff --git a/lume/src/talks/progressive-webapp-conversion-in-5-minutes-2019-01-28.md b/lume/src/talks/2019/progressive-webapp-conversion-in-5-minutes.md
index c2276a2..4ec0356 100644
--- a/lume/src/talks/progressive-webapp-conversion-in-5-minutes-2019-01-28.md
+++ b/lume/src/talks/2019/progressive-webapp-conversion-in-5-minutes.md
@@ -1,6 +1,7 @@
 ---
 title: "Progressive Web App Conversion in 5 Minutes"
 date: 2019-01-28
+basename: ../progressive-webapp-conversion-in-5-minutes-2019-01-28
 slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/pwa-conversion.pdf
 ---
 
diff --git a/lume/src/talks/2019/webassembly-on-the-server-system-calls.md b/lume/src/talks/2019/webassembly-on-the-server-system-calls.md
new file mode 100644
index 0000000..e3f96a1
--- /dev/null
+++ b/lume/src/talks/2019/webassembly-on-the-server-system-calls.md
@@ -0,0 +1,136 @@
+---
+title: "WebAssembly on the Server: How System Calls Work"
+date: 2019-05-31
+basename: ../webassembly-on-the-server-system-calls-2019-05-31
+slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/wasm-on-the-server-system-calls.pdf
+---
+
+[Video](https://www.youtube.com/watch?v=G4l8RX0tA3E)
+
+## My Speaker Notes
+
+- Hi, my name is Christine. I work as a senior SRE for Lightspeed. Today I'm gonna talk about something I've been researching and learning a lot about: WebAssembly on the server.
+- Something a lot of you might be asking: what is WebAssembly?
+  - WebAssembly is very new and there's a lot of confusing and overly vague coverage on it.
+  - In this talk, I will explain WebAssembly at a high level and show how to start solving one of the hardest problems in it: how to communicate with the outside world.
+  - When I say the "outside world" I mean anything that is not literally one of these 5 basic things:
+    - Externally imported functions, defined by the user
+    - The dynamic dispatch function table
+    - Global variables
+    - Linear memory, or basically ram
+    - Compiled functions, or your code that runs in the virtual machine
+- WebAssembly is a Virtual Machine format for the Web
+  - The closest analogue to WASM in its current form is a CPU and supporting hardware
+  - However, because it's a virtual machine, the hardware is irrelevant
+  - Though it was intended for browsers, the implementation of it is really generic.
+  - WebAssembly provides:
+    - External functions
+    - A function table for dynamic dispatch
+    - Immutable globals (as of the MVP)
+    - Linear memory
+    - Compiled functions (these exist outside of linear memory like an AVR chip)
+- Why WebAssembly on the Server?
+  - It makes hardware less relevant.
+  - Most of our industry targets a single vendor in basic configurations: Intel amd64 processors running Linux
+    - Intel has had many security bugs and it may not be a good idea to fundamentally design our architecture to rely on them.
+  - This also removes the OS from the equation for most compute tasks.
+- What are system calls and why do they matter?
+- System calls enforce abstractions to the outside world.
+  - Your code goes through system calls to reach things from the outside world, eg:
+    - Randomness
+    - Network sockets
+    - The filesystem
+    - Etc
+- How are they implemented?
+  - The platform your program runs on exposes those system calls
+  - Programs pass pointers into linear memory (this will be shown later in the slides)
+- Why is this relevant to WebAssembly?
+  - The WebAssembly Minimum Viable Product doesn't define any system calls
+- WebAssembly System Calls Out of The Box
+  - Yeah, nothing. You're on your own. This is both very good and very very bad.
+- So what's a pointer in WebAssembly?
+  - Simplified, a WebAssembly virtual machine is some structure that has a reference to a byte slice. That byte slice is treated as the linear memory of that VM.
+  - A pointer is just an offset into this slice
+  - Showing the WebAssembly world diagram from earlier: pointers apply to only this part of it. Function pointers _do_ exist in WebAssembly, just by the dynamic dispatch table from earlier.
+- So what can we do about it?
+- Let's introduce a pet project of mine for a few years. It's called Dagger, and it has been a fantastic stepping stone while other solutions are being invented.
+  - Dagger is a proof of concept system call API that I'll be walking through the high level implementation of
+  - It's got a very simple implementation (500-ish lines)
+  - It's intended for teaching and learning about the low levels of WebAssembly.
+  - It's based on a very very very simplistic view of the unix philosophy. In unix, everything is a file. With Dagger, everything is a stream, even HTTP.
+  - As such, there's no magic in Dagger.
+  - And even though it's so simple, it's still usable for more than just basic/trivial things.
+  - A dagger process has a bunch of streams in a slice.
+  - The API gives out and uses stream descriptors, or offsets into this slice.
+- Dagger's API is really really simple, it's only got 5 calls:
+  - Opening a stream
+  - Closing a stream
+  - Reading from a stream
+  - Writing to a stream
+  - Flushing intermediately buffered data from a stream to its remote (or local) target
+- Open
+  - Open opens a stream by URL, then returns its descriptor. It can also return an error instead.
+  - It's got 5 basic stream types:
+    - Logging
+    - Jailed filesystem access
+    - HTTP/S
+      - 5 system calls is all you need for HTTP!
+    - Randomness
+    - Standard input/output
+  - Let's walk through the code that implements it
+    - Here's a simplified view of the open function in a Dagger process.
+    - The system call arguments are here
+    - And the stream URL gets read from the VM memory here
+    - Remember that pointers are just integer offsets into memory
+    - Then this gets passed to the rest of the open file logic that isn't shown here
+- Close
+  - Closes a stream by its descriptor.
+  - It returns a negative error if anything goes wrong, which is unlikely.
+  - Let's walk through its code:
+    - It grabs the arguments from the VM
+    - Then it passes that to the rest of the logic that isn't shown here
+- Read
+  - Reads a limited amount of bytes from a stream
+  - Returns a negative error if things go wrong
+  - Let's walk through its code:
+    - This is a bigger function, so I've broken it up into a few slides.
+    - First it gets the arguments from the VM
+    - Then it creates the intermediate buffer to copy things into from the stream
+    - Then it does the reading into that buffer
+    - Then it copies the buffer into the VM ram
+- Write
+  - Write is very similar to read, except it just copies the ram out of the VM and into the stream
+  - It returns the number of bytes written, which SHOULD equal the data length argument
+  - Let's walk through the code:
+    - Again, this function is bigger so I
+- Flush
+  - Flush does just about what you'd think, it flushes intermediate buffers to the actual stream targets.
+  - This blocks until the flushing is complete
+  - Mostly used for the HTTP client
+  - Let's walk through its code:
+    - It gets the descriptor from the VM
+    - It runs the flush operation and returns the result
+- So, with all this covered, let's talk about usage. Here's the famous "Hello, world" example:
+  - This is in Zig, mainly because Zig allows me to be really concise. Things work just about as you'd expect so it's less of a logical jump than you'd think.
+  - First we try to open the stream. Dagger doesn't have any streams open in its environment by default, so we open standard output.
+  - Then we try to write the message to the stream. The interface in Zig is a bit rough right now, but it takes the pointer to the message and how long the message is. Zig doesn't let us implicitly ignore the return value of this function, so we just explicitly ignore it instead.
+  - Finally we try to close the output stream.
+  - The beauty of zig is that if any of these things we try to do fails, the entire function will fail.
+  - However none of this fails so we can just run it with the dagger tool and get this output:
+- What this can build to
+  - This basic idea can be used to build up to any of the following things:
+    - A functions as a service backend (See Olin)
+    - Generic event handlers
+    - Distributed computing
+    - Transactional computing
+- What you can do
+  - Play with the code (link at the end)
+  - Implement this API from scratch
+    - It's really not that hard
+  - A possible project idea I was going to do but ran out of time (moving internationally sucks) is to make a Gopher server with every route powered by WebAssembly
+- Got questions?
+  - Tweet or email me if you really want to make sure your questions get answered. That is one of the best ways to ensure I actually see it.
+  - I'm happy to go into detail, I can pull out code examples too.
+- Thanks to all of these people who have given help, ideas and inspiration. Without them I would never have been able to get this far.
+- Follow my progress on GitHub!
+  - I hope that QR code is big enough. If it's not let me know and I can make things like that bigger in the future somehow, hopefully.
diff --git a/lume/src/talks/2021/_data.yml b/lume/src/talks/2021/_data.yml
new file mode 100644
index 0000000..a6fb71c
--- /dev/null
+++ b/lume/src/talks/2021/_data.yml
@@ -0,0 +1 @@
+year: 2021
diff --git a/lume/src/talks/nixos-pain-2021-11-10.md b/lume/src/talks/2021/nixos-pain.md
index d40329a..0116a11 100644
--- a/lume/src/talks/nixos-pain-2021-11-10.md
+++ b/lume/src/talks/2021/nixos-pain.md
@@ -2,11 +2,12 @@
 title: How Nix and NixOS Get So Close to Perfect
 date: 2021-11-10
 slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/nixos-pain.pdf
+basename: ../nixos-pain-2021-11-10
 tags:
- - nix
- - nixos
- - docker
- - packagingcon
+  - nix
+  - nixos
+  - docker
+  - packagingcon
 ---
 
 ## Author's Note
@@ -320,7 +321,6 @@ documentation on every single thing that ships with NixOS by default. There
 should be no module in the library of modules without documentation on how to
 use it and an example or two of where you'd use some of the weirder options.
 
-
 <center>
   <picture>
     <source srcset="https://cdn.xeiaso.net/file/christine-static/static/talks/nixos-pain/028.d.avif" type="image/avif">
diff --git a/lume/src/talks/surreal-horror-pam-2021-11-09.md b/lume/src/talks/2021/surreal-horror-pam.md
index 3fbacd6..9058949 100644
--- a/lume/src/talks/surreal-horror-pam-2021-11-09.md
+++ b/lume/src/talks/2021/surreal-horror-pam.md
@@ -2,10 +2,11 @@
 title: The Surreal Horror of PAM
 date: 2021-11-09
 slides_link: https://cdn.xeiaso.net/file/christine-static/static/talks/surreal-horror-pam.pdf
+basename: ../surreal-horror-pam-2021-11-09
 tags:
- - alpinelinux
- - pam
- - satire
+  - alpinelinux
+  - pam
+  - satire
 ---
 
 <iframe width="1043" height="587" src="https://www.youtube.com/embed/INjCiHUIjgg" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
@@ -137,15 +138,15 @@ Alpine Linux here because it is the simpler option for getting PAM to work and I
 really do not want to spend all day debugging PAM with gdb and strace on Ubuntu
 to demonstrate it with that. PAM has a few kinds of modules:
 
-* authentication, this is not just checking your password, but also making sure
+- authentication, this is not just checking your password, but also making sure
   that your account is allowed to be logged into and setting up things like your
   preferred login shell
-* account, the things that assign a user an account based on the circumstances
+- account, the things that assign a user an account based on the circumstances
   of their authentication or validate that somehow (this is also where an LDAP
   server would get thrown into the mix if you really hate yourself)
-* password, the things that check passwords or do other kinds of validation like
+- password, the things that check passwords or do other kinds of validation like
   that (if you want to use Google Authenticator TOTP codes, you’d do that here)
-* session, these things handle other system errata like making sure the
+- session, these things handle other system errata like making sure the
   message-of-the-day (MOTD) is shown when you log in or letting logind know
   about the session so it can make a cgroup for you
 
diff --git a/lume/src/talks/systemd-the-good-parts-2021-05-16.md b/lume/src/talks/2021/systemd-the-good-parts.md
index addc75a..491c514 100644
--- a/lume/src/talks/systemd-the-good-parts-2021-05-16.md
+++ b/lume/src/talks/2021/systemd-the-good-parts.md
@@ -1,6 +1,7 @@
 ---
 title: "systemd: The Good Parts"
 date: 2021-05-16
+basename: ../systemd-the-good-parts-2021-05-16
 slides_link: https://docs.google.com/presentation/d/1a0XaGu87xUcpQQVLkrnXKoKrdpN1ObiPrG9aGYVMw7k/edit?usp=sharing
 ---
 
@@ -16,6 +17,7 @@ of material to cover and the notes are going to be on my website. I have been an
 Alpine user for almost a decade and it's one of my favorite linux distributions.
 
 The best things in life come with disclaimers and here are the disclaimers for this talk:
+
 - This talk may contain opinions. These opinions are my own and not necessarily
   the opinions of my employer.
 - This talk is not evangelism. This talk is intended to show how green the grass
@@ -72,7 +74,7 @@ questions:
 - What are the last few log lines?
 - If you need to reboot the server right now for some reason, will that service
   come back up on reboot?
-  
+
 ![](https://cdn.xeiaso.net/file/christine-static/blog/Screen+Shot+2021-05-11+at+23.02.15.png)
 
 systemd includes a tool called systemctl that allows you to query the status of
@@ -93,7 +95,7 @@ command for the service powering christine.website. So let's go down the list:
   those numbers aren't reflected here but it's actually much higher.
 - At the bottom we can see the last few log lines. These are just random
   requests that people make to my blog.
-  
+
 If you haven't seen all of this in action before you might be wondering
 something like "Wait, where did it get those logs from?"
 
@@ -126,17 +128,18 @@ deployments.
 
 Now there's at least four classes of benefits for systemd and I'm going to break
 them down into the following groups:
+
 - developers
 - packagers
 - system administrators
 - users
- 
+
 In general people that are developing services that run on systemd get the following benefits:
 
 - Predictability. systemd configuration files are declarative rather than
   imperative. You declare units instead of imperatively building up init
   scripts. Options are declared and enforced by the service manager. This makes
-  it a lot easier to review changes for correctness. 
+  it a lot easier to review changes for correctness.
 - Portability. when setting up a service with systemd there's only one syntax to
   learn across 15 plus different distributions. This means that you don't have
   to maintain a giant pile of hacks to make the program just start consistently
@@ -188,7 +191,7 @@ system administrators of systemd systems also get the following benefits:
   operator. systemd is set up so that it's hard to do the wrong thing. It is
   hard to have logs go anywhere but the system journal. It is hard to write a
   unit that doesn't tell you if the service is actually running or not. And it
-  makes it so that the path of least resistance will do most of what you want. 
+  makes it so that the path of least resistance will do most of what you want.
 - Sometimes system administrators have opinions that are different than the
   opinions of the packager. Sometimes you need to change environment variables
   for http proxies or something and sometimes you believe the packager has
@@ -219,6 +222,7 @@ system administrators of systemd systems also get the following benefits:
   incident response, so it is more difficult to have hidden dependencies.
 
 As far as users go:
+
 - systemd is not limited to just managing system level services systemd can also
   manage user services with systemd user mode. I use this on my Linux system in
   order to have a couple services running in the background querying for weather
diff --git a/lume/src/talks/2022/_data.yml b/lume/src/talks/2022/_data.yml
new file mode 100644
index 0000000..f5eb965
--- /dev/null
+++ b/lume/src/talks/2022/_data.yml
@@ -0,0 +1 @@
+year: 2022
diff --git a/lume/src/talks/conf42-static-analysis.mdx b/lume/src/talks/2022/conf42-static-analysis.mdx
index 1798481..0e3f3d1 100644
--- a/lume/src/talks/conf42-static-analysis.mdx
+++ b/lume/src/talks/2022/conf42-static-analysis.mdx
@@ -1,6 +1,7 @@
 ---
 title: How Static Code Analysis Prevents You From Waking Up at 3AM With Production on Fire
 date: 2022-06-09
+basename: ../conf42-static-analysis
 slides_link: https://cdn.xeiaso.net/file/christine-static/talks/Conf42+SRE+2022.pdf
 ---
 
diff --git a/lume/src/talks/how-my-website-works.mdx b/lume/src/talks/2022/how-my-website-works.mdx
index 18683c2..4c19733 100644
--- a/lume/src/talks/how-my-website-works.mdx
+++ b/lume/src/talks/2022/how-my-website-works.mdx
@@ -2,6 +2,7 @@
 title: |
   My Blog is Hilariously Overengineered to the Point People Think it's a Static Site
 date: 2022-09-12
+basename: ../how-my-website-works
 slides_link: https://drive.google.com/file/d/1B6dOK-nJbu30oT8fyNwBdvoOhHOJmreI/view
 tags:
   - rust
diff --git a/lume/src/talks/rustconf-2022-sheer-terror-pam.mdx b/lume/src/talks/2022/sheer-terror-pam.mdx
index df11a25..a6d7a93 100644
--- a/lume/src/talks/rustconf-2022-sheer-terror-pam.mdx
+++ b/lume/src/talks/2022/sheer-terror-pam.mdx
@@ -1,6 +1,7 @@
 ---
 title: The Sheer Terror of PAM
 date: 2022-09-05
+basename: ../rustconf-2022-sheer-terror-pam
 slides_link: https://cdn.xeiaso.net/file/christine-static/blog/rc2022/slides.pdf
 ---
 
diff --git a/lume/src/talks/wasm-abi.mdx b/lume/src/talks/2022/wasm-abi.mdx
index 258091b..7440854 100644
--- a/lume/src/talks/wasm-abi.mdx
+++ b/lume/src/talks/2022/wasm-abi.mdx
@@ -1,6 +1,7 @@
 ---
 title: The Go WebAssembly ABI at a Low Level
 date: 2022-10-17
+basename: ../wasm-abi
 slides_link: "https://drive.google.com/file/d/1RKitNYC77AYnsstNsYvJcBNnaKT06stb/view?usp=sharing"
 tags:
   - wasm
diff --git a/lume/src/talks/2023/_data.yml b/lume/src/talks/2023/_data.yml
new file mode 100644
index 0000000..4f6cb9f
--- /dev/null
+++ b/lume/src/talks/2023/_data.yml
@@ -0,0 +1 @@
+year: 2023
diff --git a/lume/src/talks/asg-2023-nixos.mdx b/lume/src/talks/2023/asg-nixos.mdx
index 2329ace..13a0fac 100644
--- a/lume/src/talks/asg-2023-nixos.mdx
+++ b/lume/src/talks/2023/asg-nixos.mdx
@@ -2,13 +2,19 @@
 title: "Making NixOS modules for fun and (hopefully) profit"
 date: 2023-09-15
 slides_link: https://drive.google.com/file/d/1h0Y8PUREuSrrSStmJMJ4MFHm0h53tf5a/view?usp=sharing
+basename: ../asg-2023-nixos
 tags:
- - nix
- - nixos
- - tailscale
+  - nix
+  - nixos
+  - tailscale
 ---
 
-<XeblogConv name="Cadey" mood="coffee" standalone>There was an A/V glitch with the recording, my slides were intended to be black and white, but they somehow came out as purple and green. This couldn't be fixed even when trying several HDMI cables. If this becomes an issue I may re-record this talk in my home studio.</XeblogConv>
+<XeblogConv name="Cadey" mood="coffee" standalone>
+  There was an A/V glitch with the recording, my slides were intended to be
+  black and white, but they somehow came out as purple and green. This couldn't
+  be fixed even when trying several HDMI cables. If this becomes an issue I may
+  re-record this talk in my home studio.
+</XeblogConv>
 
 <XeblogVideo path="talks/2023/asg-nixos/video/proper"></XeblogVideo>
 
@@ -297,7 +303,7 @@ in
 };
 ```
 
-We defined the devShell to build the program development. We defined the  package to build the software, and now we'll define the module to tell NixOS how to run the software. This is a basic NixOS module. It's defined inline to the flake for now, moving it to its own file is an exercise for the reader.
+We defined the devShell to build the program development. We defined the package to build the software, and now we'll define the module to tell NixOS how to run the software. This is a basic NixOS module. It's defined inline to the flake for now, moving it to its own file is an exercise for the reader.
 
 Like I said before, a NixOS module is a function that takes in the state of the world and returns new additions to the state of the world. This NixOS module provides some options under `xe.services.douglas-adams-quotes` and then if the module is enabled, it creates a new systemd service to run it in. We're in the future, so we can use fancy things like DynamicUser to avoid having to run this service as root.
 
@@ -360,7 +366,7 @@ Here's what the file looks like. I import nixos unstable, and then I create a ni
 }
 ```
 
-To make it import this, first we add a new input that points to the Douglas Adams quotes flake. This then gets threaded into the outputs function, we import the module, and finally enable it on the system. 
+To make it import this, first we add a new input that points to the Douglas Adams quotes flake. This then gets threaded into the outputs function, we import the module, and finally enable it on the system.
 
 (Pause)
 
@@ -389,7 +395,11 @@ tailscale funnel 443 on
 
 Get your phones out, I'm gonna be showing a QR Code:
 
-<XeblogConv name="Mara" mood="hacker" standalone>For those playing the Xe Iaso blog extended universe home game, visit [m85-kongir.shark-harmonic.ts.net](https://m85-kongir.shark-harmonic.ts.net) instead.</XeblogConv>
+<XeblogConv name="Mara" mood="hacker" standalone>
+  For those playing the Xe Iaso blog extended universe home game, visit
+  [m85-kongir.shark-harmonic.ts.net](https://m85-kongir.shark-harmonic.ts.net)
+  instead.
+</XeblogConv>
 
 Scan this QR code. You can trust me, right? It's not gonna be a Rick Roll. I'm not that mean. When you do, you'll connect to my VM on my laptop on the conference wifi, yet still exposed to the public internet.
 
@@ -421,8 +431,18 @@ Thanks again to the All Systems Go organizers for having me here and I hope you
 
 There was a question about encrypted secrets in NixOS. I suggest using [agenix](https://github.com/ryantm/agenix) to have age-encrypted secrets in your NixOS configs. It has you encrypt things against SSH host public keys for your machines. It's a bit of a hack, but it works well enough that it's what I use in prod for my own stuff. This really needs to be solved upstream with proper handling of secret values at the Nix level.
 
-<XeblogConv name="Aoi" mood="wut">Why do you need to use something like agenix at all?</XeblogConv>
-<XeblogConv name="Mara" mood="hacker">Every file in `/nix/store` is world-readable. Depending on your threat model and if your NixOS configs are open source, this can be fine. If your threat model includes public NixOS configs, this becomes less fine; especially when CI is brought into the mix. You wouldn't want someone to figure out what your secrets are in your CI flow and then exfiltrate [Tailscale authkeys](https://tailscale.com/kb/1085/auth-keys/) or something, that could be bad!</XeblogConv>
+<XeblogConv name="Aoi" mood="wut">
+  Why do you need to use something like agenix at all?
+</XeblogConv>
+<XeblogConv name="Mara" mood="hacker">
+  Every file in `/nix/store` is world-readable. Depending on your threat model
+  and if your NixOS configs are open source, this can be fine. If your threat
+  model includes public NixOS configs, this becomes less fine; especially when
+  CI is brought into the mix. You wouldn't want someone to figure out what your
+  secrets are in your CI flow and then exfiltrate [Tailscale
+  authkeys](https://tailscale.com/kb/1085/auth-keys/) or something, that could
+  be bad!
+</XeblogConv>
 
 ---
 
diff --git a/lume/src/talks/wazero-lightning-2023.mdx b/lume/src/talks/2023/carcinization-rust.mdx
index 16cd8e4..57f45cb 100644
--- a/lume/src/talks/wazero-lightning-2023.mdx
+++ b/lume/src/talks/2023/carcinization-rust.mdx
@@ -1,12 +1,13 @@
 ---
 title: "[talk] The carcinization of Go programs"
 date: 2023-03-24
+basename: ../wazero-lightning-2023
 slides_link: https://drive.google.com/file/d/1ANxRJPzNeKbLogZz0wCH_o9E9jNLypja/view?usp=sharing
 tags:
- - wasm
- - wazero
- - rust
- - golang
+  - wasm
+  - wazero
+  - rust
+  - golang
 skip_ads: true
 ---
 
@@ -16,9 +17,10 @@ skip_ads: true
 
 ## Transcript
 
-<XeblogConv standalone name="Cadey" mood="enby">This is a lightning
-talk version of [this
-post](https://xeiaso.net/blog/carcinization-golang).</XeblogConv>
+<XeblogConv standalone name="Cadey" mood="enby">
+  This is a lightning talk version of [this
+  post](https://xeiaso.net/blog/carcinization-golang).
+</XeblogConv>
 
 <XeblogSlide name="2023/wazero-lightning/01" essential></XeblogSlide>
 
@@ -60,10 +62,11 @@ I bet you can guess where I'm going with this, I'm talking about the
 carcinization of Go programs via WebAssembly. This is how I snuck Rust
 into a Go shop.
 
-<XeblogConv name="Mara" mood="hacker">The "carcinization" refers to
-the evolutionary tendency of programs becoming either crabs or trees
-when time stretches to infinity. If you can imagine library use as
-evolution, then this joke makes more sense.</XeblogConv>
+<XeblogConv name="Mara" mood="hacker">
+  The "carcinization" refers to the evolutionary tendency of programs becoming
+  either crabs or trees when time stretches to infinity. If you can imagine
+  library use as evolution, then this joke makes more sense.
+</XeblogConv>
 
 <XeblogSlide name="2023/wazero-lightning/06"></XeblogSlide>
 
@@ -83,8 +86,10 @@ There was nothing off of the shelf to handle this in Go. I assume that
 this problem is fairly novel. Anything that was close to this just
 made atrocities out of the text in ways that I couldn't customize.
 
-<XeblogConv name="Aoi" mood="wut">I guess some solutions could be out
-there, but just locked in closed-source repos.</XeblogConv>
+<XeblogConv name="Aoi" mood="wut">
+  I guess some solutions could be out there, but just locked in closed-source
+  repos.
+</XeblogConv>
 
 <XeblogSlide name="2023/wazero-lightning/09"></XeblogSlide>
 
@@ -100,7 +105,7 @@ Rust.
 
 When I wrote this program, I made it in a fairly naiive way. I took
 HTML over standard input and had it spit out slackdown on standard
-output. 
+output.
 
 This idea just so happens to be one of the core parts of the Unix
 philosophy: programs should be filters that take input in one form and
@@ -143,7 +148,7 @@ I only found out existed about a week ago.
 And now this atrocity is shipped to production and holds together the
 Mastodon post announcement service. Most people aren't aware that it's
 a thing, and it runs fast enough that nobody really cares that it's a
-programming turducken of Go, Rust and WebAssembly. It works perfectly 
+programming turducken of Go, Rust and WebAssembly. It works perfectly
 and it wouldn't be possible without the efforts of the Wazero team.
 
 <XeblogSlide name="2023/wazero-lightning/16" essential></XeblogSlide>
diff --git a/lume/src/talks/subtle-magic-tsnet.mdx b/lume/src/talks/2023/subtle-magic-tsnet.mdx
index dbf2339..88ddf7a 100644
--- a/lume/src/talks/subtle-magic-tsnet.mdx
+++ b/lume/src/talks/2023/subtle-magic-tsnet.mdx
@@ -1,6 +1,7 @@
 ---
 title: The Subtle Magic of tsnet
 date: 2023-07-07
+basename: ../subtle-magic-tsnet
 tags:
   - tsnet
   - go
@@ -8,7 +9,8 @@ summary: Xe's Tailscale Up talk about how to use tsnet in your services, complet
 ---
 
 <div className="text-xl">
-    This post was written while I worked for Tailscale. It is archived here for posterity.
+  This post was written while I worked for Tailscale. It is archived here for
+  posterity.
 </div>
 
 <XeblogConv name="Cadey" mood="enby">
diff --git a/lume/src/talks/unix-philosophy-logical-extreme-wasm.mdx b/lume/src/talks/2023/unix-philosophy-logical-extreme-wasm.mdx
index b26f6ec..075cf80 100644
--- a/lume/src/talks/unix-philosophy-logical-extreme-wasm.mdx
+++ b/lume/src/talks/2023/unix-philosophy-logical-extreme-wasm.mdx
@@ -1,6 +1,7 @@
 ---
 title: Reaching the Unix Philosophy's Logical Extreme with Webassembly
 date: 2023-08-27
+basename: ../unix-philosophy-logical-extreme-wasm
 slides_link: https://drive.google.com/file/d/1j7sTnS2bs2XdvbpF2-1sncfkcPl8jRpE/view?usp=sharing
 ---
 
diff --git a/lume/src/talks/virtual-networks-pulumi-tailscale.mdx b/lume/src/talks/2023/virtual-networks-pulumi-tailscale.mdx
index 3409ed4..d4b6cbd 100644
--- a/lume/src/talks/virtual-networks-pulumi-tailscale.mdx
+++ b/