about summary refs log tree commit diff stats
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/conf/etc/gitweb.conf22
-rw-r--r--tools/conf/etc/iptables/vlan.v4170
-rw-r--r--tools/conf/etc/nginx/sites-enabled/git.localhost.conf25
-rwxr-xr-xtools/conf/etc/rc.d/blan93
-rw-r--r--tools/conf/etc/skel/.xinitrc16
-rw-r--r--tools/conf/srv/gitolite/.gitolite.rc200
-rwxr-xr-xtools/conf/srv/gitolite/deploy-web-doc42
-rw-r--r--tools/conf/srv/gitolite/deploy-web.sh75
-rwxr-xr-xtools/conf/srv/gitolite/deploy.sh175
-rw-r--r--tools/conf/srv/gitolite/gitolite.conf80
-rw-r--r--tools/conf/srv/gitolite/hook.sh95
-rw-r--r--tools/gitolite.html503
-rw-r--r--tools/index.html21
-rw-r--r--tools/network.html21
-rw-r--r--tools/nginx.html2
-rw-r--r--tools/openssh.html63
-rw-r--r--tools/qemu.html127
-rw-r--r--tools/scripts/autoport.sh24
-rw-r--r--tools/scripts/external-ports.sh8
-rw-r--r--tools/scripts/pkgmk-test.conf38
-rw-r--r--tools/scripts/pkgmk-test.sh5
-rwxr-xr-x[-rw-r--r--]tools/scripts/replace.sh1
-rw-r--r--tools/storage.html20
-rw-r--r--tools/tcpdump.html4
-rw-r--r--tools/vim.html14
-rw-r--r--tools/x.html321
26 files changed, 1716 insertions, 449 deletions
diff --git a/tools/conf/etc/gitweb.conf b/tools/conf/etc/gitweb.conf
new file mode 100644
index 0000000..26034fb
--- /dev/null
+++ b/tools/conf/etc/gitweb.conf
@@ -0,0 +1,22 @@
+# The directories where your projects are. Must not end with a slash.
+our $projectroot = "/srv/gitolite/repositories"; 
+
+# Base URLs for links displayed in the web interface.
+our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com); 
+
+our $site_name = "gitweb";
+our $git_temp = "/srv/www/gitweb_tmp";
+
+our $projects_list = "/srv/gitolite/projects.list";
+
+our $projects_list_group_categories = 1;
+
+our $home_link_str="GitWeb";
+
+$feature{'highlight'}{'default'} = [1];
+
+$feature{'pathinfo'}{'default'} = [1];
+
+our @extra_breadcrumbs = (
+      [ 'HomePage' => 'https://core.privat-network.net/' ],
+);
diff --git a/tools/conf/etc/iptables/vlan.v4 b/tools/conf/etc/iptables/vlan.v4
new file mode 100644
index 0000000..8c87389
--- /dev/null
+++ b/tools/conf/etc/iptables/vlan.v4
@@ -0,0 +1,170 @@
+# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016
+*security
+:INPUT ACCEPT [6:2056]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [6:2056]
+COMMIT
+# Completed on Sat Oct 15 17:20:41 2016
+# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016
+*raw
+:PREROUTING ACCEPT [7:2092]
+:OUTPUT ACCEPT [6:2056]
+COMMIT
+# Completed on Sat Oct 15 17:20:41 2016
+# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016
+*mangle
+:PREROUTING ACCEPT [7:2092]
+:INPUT ACCEPT [6:2056]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [6:2056]
+:POSTROUTING ACCEPT [6:2056]
+COMMIT
+# Completed on Sat Oct 15 17:20:41 2016
+# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016
+*filter
+:INPUT DROP [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT DROP [0:0]
+-A INPUT -i lo -j ACCEPT
+-A INPUT -i br0 -j ACCEPT
+-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop sync: " --log-level 7
+-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
+-A INPUT -f -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop frag: "
+-A INPUT -f -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop null: "
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop syn rst syn rs"
+-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop xmas: "
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop fin scan: "
+-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP
+#################################################################################
+#	INPUT
+#	Established connections and passive
+#
+
+# Allow established from dns server
+#-A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# INPUT accept passive
+-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED -j ACCEPT
+
+
+# Allow irc
+-A INPUT -p tcp -m tcp --sport 6667 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow xmmp
+-A INPUT -p tcp -m tcp --sport 5222 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
+# Allow established from https server
+-A INPUT -p tcp -m tcp --sport 443 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p udp -m udp --sport 443 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+
+# Allow established from http server
+-A INPUT -p tcp -m tcp --sport 80 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from rsync server
+-A INPUT -p tcp -m tcp --sport 873 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from pop3s server
+-A INPUT -p tcp -m tcp --sport 995 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from smtps server
+-A INPUT -p tcp -m tcp --sport 465 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from ntp server
+-A INPUT -p udp -m udp --sport 123 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from whois server
+-A INPUT -p tcp -m tcp --sport 43 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+# Allow established from ftp server
+-A INPUT -p tcp -m tcp --sport 20 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --sport 21 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+##################################################################################
+#	INPUT
+#	New and established connections to local servers
+#
+
+# allow ping
+-A INPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp --icmp-type 0 -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+# INPUT accept from wlp7s0 to dns server
+#-A INPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
+
+# INPUT accept from wlp7s0 to https server
+-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
+# INPUT accept from wlp7s0 to ssh server
+-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 2222 -m state --state ESTABLISHED -j ACCEPT
+-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 2222 -m state --state NEW -m limit --limit 6/min --limit-burst 3 -j ACCEPT
+
+-A FORWARD -i br0 -j ACCEPT
+
+-A INPUT -j LOG --log-prefix "iptables: INPUT: " --log-level 7
+-A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7
+
+##################################################################################
+#	Output
+#	Connections to remote servers
+#
+-A OUTPUT -o lo -j ACCEPT
+-A OUTPUT -o br0 -j ACCEPT
+
+# Allow ping
+-A OUTPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
+# Allow to ssh clients
+-A OUTPUT -p tcp -m tcp --sport 2222 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+
+# Allow to dns
+#-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow from dns server
+#-A OUTPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+
+# Allow irc
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 6667 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow xmmp
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 5222 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
+
+
+# Allow to rsync server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to pop3s server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to smtps server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to ntp server
+-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 123 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to ftp server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 20 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to https server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
+-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
+# Allow to http server
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
+
+##################################################################################
+#	Output
+#	Connections from local servers
+#
+
+
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED -j ACCEPT
+-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state NEW -j ACCEPT
+
+
+-A OUTPUT -j LOG --log-prefix "iptables: OUTPUT: " --log-level 7
+COMMIT
+# Completed on Sat Oct 15 17:20:41 2016
+# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016
+*nat
+:PREROUTING ACCEPT [1:36]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+
+-A POSTROUTING -s 10.0.0.0/24 -d 10.0.0.0/24 -j ACCEPT
+-A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE
+#-A POSTROUTING -o wlp7s0 -j MASQUERADE
+
+COMMIT
+# Completed on Sat Oct 15 17:20:41 2016
diff --git a/tools/conf/etc/nginx/sites-enabled/git.localhost.conf b/tools/conf/etc/nginx/sites-enabled/git.localhost.conf
new file mode 100644
index 0000000..d114ab8
--- /dev/null
+++ b/tools/conf/etc/nginx/sites-enabled/git.localhost.conf
@@ -0,0 +1,25 @@
+server {
+    listen 443 ssl;
+
+    server_name git.localhost git.c9.core git.core.privat-network.net;
+
+    root /srv/www/gitweb;
+
+    location /static/ {
+        # static files (png/css) served from /usr/share/gitweb/static
+        root /usr/share/gitweb ;
+        expires 30d;
+    }
+
+    location / {
+        index gitweb.cgi
+        fastcgi_param GITWEB_CONFIG  /etc/gitweb.conf;
+        fastcgi_param DOCUMENT_ROOT  /srv/www/gitweb/;
+        fastcgi_param SCRIPT_NAME    /gitweb.cgi$fastcgi_path_info;
+        fastcgi_split_path_info      ^()(/?.+)$;
+
+        include fastcgi_params;
+        fastcgi_pass unix:/var/run/fcgiwrap.sock;
+     }
+
+}
diff --git a/tools/conf/etc/rc.d/blan b/tools/conf/etc/rc.d/blan
index f75d272..f3ea322 100755
--- a/tools/conf/etc/rc.d/blan
+++ b/tools/conf/etc/rc.d/blan
@@ -4,60 +4,55 @@
 #
 
 DEV="br0"
-PHY="enp8s0"
 
-ADDR=10.0.0.1
+ADDR=10.0.0.254
 NET=10.0.0.0
+GW=192.168.1.254
 MASK=24
-GTW=10.0.0.1
-NTAPS=$((`/usr/bin/nproc`-1))
+
+# one tap for each cpu core
+NTAPS=$((`/usr/bin/nproc`))
 
 case $1 in
-	start)
-                /sbin/ip link add name ${DEV} type bridge
-                /sbin/ip link set dev ${DEV} up
-
-                /bin/sleep 0.2s
-                /sbin/ip route flush dev ${PHY}
-                /sbin/ip addr flush dev ${PHY}
-                /sbin/ip link set dev ${PHY} master ${DEV}
-
-                /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
-
-                for i in `/usr/bin/seq $NTAPS`
-                do
-                    TAP="tap$i"
-                    echo $TAP
-                    /sbin/ip tuntap add ${TAP} mode tap group kvm
-                    /sbin/ip link set ${TAP} up
-                    /bin/sleep 0.2s
-                    #brctl addif $switch $1
-                    /sbin/ip link set ${TAP} master ${DEV}
-                done
-
-		exit 0
-		;;
-	stop)
-
-                for i in `/usr/bin/seq $NTAPS`
-                do
-                    TAP="tap$i"
-		    /sbin/ip link del ${TAP}
-                    echo $TAP
-                done
-
-       		/sbin/ip link set dev ${DEV} down
-		/sbin/ip route flush dev ${DEV}
-		/sbin/ip link del ${DEV}
-		exit 0
-		;;
-	restart)
-		$0 stop
-		$0 start
-		;;
-	*)
-		echo "Usage: $0 [start|stop|restart]"
-		;;
+    start)
+        /sbin/ip link add name ${DEV} type bridge
+        /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
+        /sbin/ip link set dev ${DEV} up
+        /bin/sleep 0.2s
+
+        for i in `/usr/bin/seq $NTAPS`
+        do
+            TAP="tap$i"
+            echo "Setting up ${TAP} tap interface."
+            /sbin/ip tuntap add ${TAP} mode tap group kvm
+            /sbin/ip link set ${TAP} up
+            /bin/sleep 0.2s
+            /sbin/ip link set ${TAP} master ${DEV}
+        done
+
+        exit 0
+        ;;
+    stop)
+
+        for i in `/usr/bin/seq $NTAPS`
+        do
+            TAP="tap$i"
+            echo "Deleting ${TAP} tap interface."
+            /sbin/ip link del ${TAP}
+        done
+
+        /sbin/ip link set dev ${DEV} down
+        /sbin/ip route flush dev ${DEV}
+        /sbin/ip link del ${DEV}
+        exit 0
+        ;;
+    restart)
+        $0 stop
+        $0 start
+        ;;
+    *)
+        echo "Usage: $0 [start|stop|restart]"
+        ;;
 esac
 
 # End of file
diff --git a/tools/conf/etc/skel/.xinitrc b/tools/conf/etc/skel/.xinitrc
new file mode 100644
index 0000000..ac94b39
--- /dev/null
+++ b/tools/conf/etc/skel/.xinitrc
@@ -0,0 +1,16 @@
+
+##twm &
+##xclock -geometry 50x50-1+1 &
+##xterm -geometry 80x50+494+51 &
+##xterm -geometry 80x20+494-0 &
+##exec xterm -geometry 80x66+0+0 -name login
+#
+##xrandr --output eDP1 --mode 1024x768
+#xrandr --dpi 100
+#xgamma -gamma 0.8
+syndaemon -d
+#
+## Start the window manager
+
+#exec dwm
+exec openbox
diff --git a/tools/conf/srv/gitolite/.gitolite.rc b/tools/conf/srv/gitolite/.gitolite.rc
new file mode 100644
index 0000000..fa18e4e
--- /dev/null
+++ b/tools/conf/srv/gitolite/.gitolite.rc
@@ -0,0 +1,200 @@
+# configuration variables for gitolite
+
+# This file is in perl syntax.  But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+%RC = (
+
+    # ------------------------------------------------------------------
+
+    # default umask gives you perms of '0700'; see the rc file docs for
+    # how/why you might change this
+    UMASK                           =>  027,
+
+    # look for "git-config" in the documentation
+    GIT_CONFIG_KEYS                 =>  '.*',
+
+    # comment out if you don't need all the extra detail in the logfile
+    LOG_EXTRA                       =>  1,
+    # logging options
+    # 1. leave this section as is for 'normal' gitolite logging (default)
+    # 2. uncomment this line to log ONLY to syslog:
+    # LOG_DEST                      => 'syslog',
+    # 3. uncomment this line to log to syslog and the normal gitolite log:
+    # LOG_DEST                      => 'syslog,normal',
+    # 4. prefixing "repo-log," to any of the above will **also** log just the
+    #    update records to "gl-log" in the bare repo directory:
+    # LOG_DEST                      => 'repo-log,normal',
+    # LOG_DEST                      => 'repo-log,syslog',
+    # LOG_DEST                      => 'repo-log,syslog,normal',
+
+    # roles.  add more roles (like MANAGER, TESTER, ...) here.
+    #   WARNING: if you make changes to this hash, you MUST run 'gitolite
+    #   compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+    ROLES => {
+        READERS                     =>  1,
+        WRITERS                     =>  1,
+    },
+
+    # enable caching (currently only Redis).  PLEASE RTFM BEFORE USING!!!
+    # CACHE                         =>  'Redis',
+
+    # ------------------------------------------------------------------
+
+    # rc variables used by various features
+
+    # the 'info' command prints this as additional info, if it is set
+        # SITE_INFO                 =>  'Please see http://blahblah/gitolite for more help',
+
+    # the CpuTime feature uses these
+        # display user, system, and elapsed times to user after each git operation
+        # DISPLAY_CPU_TIME          =>  1,
+        # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+        # CPU_TIME_WARN_LIMIT       =>  0.1,
+
+    # the Mirroring feature needs this
+        # HOSTNAME                  =>  "foo",
+
+    # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!
+        # CACHE_TTL                 =>  600,
+
+    # ------------------------------------------------------------------
+
+    # suggested locations for site-local gitolite code (see cust.html)
+
+        # this one is managed directly on the server
+	# LOCAL_CODE                =>  "$ENV{HOME}/local",
+
+        # or you can use this, which lets you put everything in a subdirectory
+        # called "local" in your gitolite-admin repo.  For a SECURITY WARNING
+        # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
+        LOCAL_CODE                =>  "$rc{GL_ADMIN_BASE}/local",
+
+    # ------------------------------------------------------------------
+
+    # List of commands and features to enable
+
+    ENABLE => [
+
+        # COMMANDS
+
+            # These are the commands enabled by default
+            'help',
+            'desc',
+            'info',
+            'perms',
+            'writable',
+
+            # Uncomment or add new commands here.
+            # 'create',
+            # 'fork',
+            # 'mirror',
+            # 'readme',
+            # 'sskm',
+            # 'D',
+
+        # These FEATURES are enabled by default.
+
+            # essential (unless you're using smart-http mode)
+            'ssh-authkeys',
+
+            # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
+            'git-config',
+
+            # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+            'daemon',
+
+            # creates projects.list file; if you don't use gitweb, comment this out
+            'gitweb',
+
+        # These FEATURES are disabled by default; uncomment to enable.  If you
+        # need to add new ones, ask on the mailing list :-)
+
+        # user-visible behaviour
+
+            # prevent wild repos auto-create on fetch/clone
+            # 'no-create-on-read',
+            # no auto-create at all (don't forget to enable the 'create' command!)
+            # 'no-auto-create',
+
+            # access a repo by another (possibly legacy) name
+            # 'Alias',
+
+            # give some users direct shell access.  See documentation in
+            # sts.html for details on the following two choices.
+            # "Shell $ENV{HOME}/.gitolite.shell-users",
+            # 'Shell alice bob',
+
+            # set default roles from lines like 'option default.roles-1 = ...', etc.
+            # 'set-default-roles',
+
+            # show more detailed messages on deny
+            # 'expand-deny-messages',
+
+            # show a message of the day
+            # 'Motd',
+
+        # system admin stuff
+
+            # enable mirroring (don't forget to set the HOSTNAME too!)
+            # 'Mirroring',
+
+            # allow people to submit pub files with more than one key in them
+            # 'ssh-authkeys-split',
+
+            # selective read control hack
+            # 'partial-copy',
+
+            # manage local, gitolite-controlled, copies of read-only upstream repos
+            'upstream',
+
+            # updates 'description' file instead of 'gitweb.description' config item
+            # 'cgit',
+
+            # allow repo-specific hooks to be added
+            'repo-specific-hooks',
+
+        # performance, logging, monitoring...
+
+            # be nice
+            # 'renice 10',
+
+            # log CPU times (user, system, cumulative user, cumulative system)
+            # 'CpuTime',
+
+        # syntactic_sugar for gitolite.conf and included files
+
+            # allow backslash-escaped continuation lines in gitolite.conf
+            # 'continuation-lines',
+
+            # create implicit user groups from directory names in keydir/
+            # 'keysubdirs-as-groups',
+
+            # allow simple line-oriented macros
+            # 'macros',
+
+        # Kindergarten mode
+
+            # disallow various things that sensible people shouldn't be doing anyway
+            # 'Kindergarten',
+    ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/tools/conf/srv/gitolite/deploy-web-doc b/tools/conf/srv/gitolite/deploy-web-doc
new file mode 100755
index 0000000..ae8e2db
--- /dev/null
+++ b/tools/conf/srv/gitolite/deploy-web-doc
@@ -0,0 +1,42 @@
+#!/bin/bash
+######################################################################
+#
+# Put this file in your gitolite-admin;
+# ~/gitolite-admin/local/hooks/repo-specific/deploy-web-doc
+#
+# set host to empty to create package for each push
+# or set remote host to create package based on last deployed push
+# host="https://doc.localhost"
+host=""
+# set name of witch branch should be deployed
+branch_to_deploy="deploy_branch"
+
+######################################################################
+
+
+url="$host/.last_deploy"
+source /srv/gitolite/deploy/hook.sh
+read oldrev newrev refname
+push_branch=$(git rev-parse --symbolic --abbrev-ref $refname)
+
+#SCRIPT_VARS=$(set)
+#echo "project: $PROJECT"
+#echo "local dir: $PWD" > /srv/gitolite/deploy/${GL_REPO}
+#echo "${SCRIPT_VARS}" >> /srv/gitolite/deploy/${GL_REPO}
+
+if [[ $push_branch = $branch_to_deploy  ]]; then
+
+    # if host empty we make local tracking
+    if [[ $host = "" ]]; then
+        if [[ $(is_initial ${GL_REPO}) = "true" ]]; then
+            oldrev="initial"
+        fi
+    else
+        if [[ ! $(valid_url $url) = "true" ]]; then
+            echo "Deploy: set $url on remote to start creating packages"
+            exit 1
+        fi
+        oldrev=$(get_remote_rev $url)
+    fi
+    create_package ${GL_REPO} ${PWD} ${oldrev} ${newrev} "deploy-web.sh"
+fi
diff --git a/tools/conf/srv/gitolite/deploy-web.sh b/tools/conf/srv/gitolite/deploy-web.sh
new file mode 100644
index 0000000..01e92ac
--- /dev/null
+++ b/tools/conf/srv/gitolite/deploy-web.sh
@@ -0,0 +1,75 @@
+#!/bin/bash
+
+pkg_path=$1
+
+www_root="/srv/www"
+www_user="nginx"
+www_group="www"
+
+pkg_file="${pkg_path}/project"
+pkg_rm="${pkg_path}/deleted"
+pkg_files="${pkg_path}/files"
+
+if [ ! -f ${pkg_file} ]; then
+    echo "Deploy web: invalid pkg_file ${pkg_file}"
+    exit 1
+fi
+
+pkg_name=$(head -1 ${pkg_file})
+pkg_new=$(head -3 ${pkg_file} | tail -1)
+pkg_new7=$(echo ${pkg_new} | cut -c1-7)
+
+pkg_www="${www_root}/${pkg_name}"
+pkg_back="${pkg_www}/backup_deploy"
+pkg_last="${pkg_www}/.last_deploy"
+
+if [ ! -d ${pkg_www} ]; then
+    echo "Deploy web: invalid pkg_www ${pkg_www}"
+    exit 1
+fi
+
+# first backup all data
+if [[ ! $(ls ${pkg_www} | grep -v "backup_deploy") = "" ]]; then
+    if [ ! -d ${pkg_back} ]; then
+        sudo -u ${www_user} mkdir -p ${pkg_back}
+    fi
+    backup_file="${pkg_back}/${pkg_name}-$(date '+%Y-%j-%H-%M-%S').tar.gz"
+    echo "Deploy web: making backup ${backup_file}"
+    sudo -u ${www_user} tar --exclude ${pkg_back} --xattrs -zcpf ${backup_file} ${pkg_www}
+fi
+
+# remove files and directories that have been deleted
+if [ -f ${pkg_rm} ]; then
+
+    echo "Deploy web: files to delete:"
+    # first we delete files
+    while read deleted_file; do
+        deleted_file="${pkg_www}/${deleted_file}"
+        if [ -f ${deleted_file} ]; then
+            echo "file      rm ${deleted_file}"
+            rm ${deleted_file}
+        fi
+    done <${pkg_rm}
+
+    # delete directories
+    while read deleted_file; do
+        deleted_file="${pkg_www}/${deleted_file}"
+        if [ -d ${deleted_file} ]; then
+            echo "file      rm ${deleted_file}"
+            rm ${deleted_file}
+        fi
+    done <${pkg_rm}
+
+fi
+
+# copy new files to destination
+if [ -d ${pkg_files} ]; then
+    echo "Deploy web: cp from ${pkg_files} to ${pkg_www}"
+    sudo -u ${www_user} cp -r ${pkg_files}/* ${pkg_www}
+fi
+
+echo ${pkg_new} > ${pkg_last}
+echo "Deploy: scripts/deployweb.sh ${pkg_name} ${pkg_new7} deployed."
+
+#remove temporary package
+rm -r ${pkg_path}
diff --git a/tools/conf/srv/gitolite/deploy.sh b/tools/conf/srv/gitolite/deploy.sh
new file mode 100755
index 0000000..df11f4a
--- /dev/null
+++ b/tools/conf/srv/gitolite/deploy.sh
@@ -0,0 +1,175 @@
+#!/bin/bash
+
+# origin package directory
+packages_dir="/srv/gitolite/deploy/packages"
+# temporary work directory
+deploy_dir="/srv/gitolite/deploy/deploy_dir"
+# scripts to deploy packages
+deploy_scripts="/srv/gitolite/deploy/scripts"
+
+function get_script(){
+    # receives package path return script to call
+    local pkg_path=$1
+    echo $(head -2 ${pkg_path}/project | tail -1)
+}
+
+function get_new(){
+    # receives package path return commit hash (new)
+    local pkg_path=$1
+    echo $(head -3 ${pkg_path}/project | tail -1)
+}
+
+function get_dep(){
+    # receives package path return previews commit hash (old)
+    local pkg_path=$1
+
+    new=$(head -3 ${pkg_path}/project | tail -1)
+    old=$(head -4 ${pkg_path}/project | tail -1)
+
+    if [[ ! ${new} = ${old} ]]; then
+        echo ${old} | cut -c1-7
+    fi
+}
+
+function project_extract(){
+
+    # project directory containing extracted packages
+    local prj_dir=$1
+
+    # final extracted package
+    local prj_pkg="${prj_dir}/package"
+
+    # temporary vars for swapping/iterating pkg_news
+    local pkg_new=""
+    local pkg_old=""
+    local pkg_dir=""
+    local pkg_temp=""
+    local pkg_next=1
+    local pkg_del=""
+    local x=0
+    local y=0
+
+    # array with all the news hashes
+    local pkg_news=($(ls ${prj_dir}))
+
+    # total new packages
+    local total=${#pkg_news[@]}
+
+    echo "Deploy: $(basename ${prj_dir}) extracting packages ${pkg_news[*]}"
+
+    # find first package
+    for pkg_new in ${pkg_news[@]}
+    do
+        # get package dependency
+        pkg_dir="${prj_dir}/${pkg_new}"
+        pkg_old=$(get_dep ${pkg_dir})
+        if [[ ! " ${pkg_news[@]} " =~ " ${pkg_old} " ]]; then
+            # pkg_news don't contain package
+            # we found initial package
+            pkg_temp=${pkg_news[0]}
+            pkg_news[0]=${pkg_new}
+            pkg_news[${x}]=${pkg_temp}
+            break
+        fi
+        x=$((${x}+1))
+    done
+
+    # Order packages by dependency start with first package
+    for (( y=0; y<${total}; y++ ))
+    do
+        pkg_next=$(($y+1))
+        if [[ ${pkg_next} = ${total} ]]; then
+            ## we are in the last one
+            break
+        fi
+
+        pkg_new=${pkg_news[$y]}
+        for (( x=pkg_next; x<${total}; x++ ))
+        do
+            pkg_dir="${prj_dir}/${pkg_news[${x}]}"
+            pkg_old=$(get_dep ${pkg_dir})
+            # is dependent on current
+            if [[ ${pkg_old} = ${pkg_new} ]]; then
+                pkg_temp=${pkg_news[${pkg_next}]}
+                pkg_news[${pkg_next}]=${pkg_news[${x}]}
+                pkg_news[${x}]=${pkg_temp}
+                # we can break and pass next one
+                break
+            fi
+        done
+    done
+
+    # create project final package directory
+    mkdir -p ${prj_pkg}/files
+
+    # copy project information of last commit
+    cp ${prj_dir}/${pkg_news[$((${total}-1))]}/project ${prj_pkg}
+
+    # now that packages are ordered we can start creating files
+    for pkg_new in ${pkg_news[@]}
+    do
+        pkg_dir=${prj_dir}/${pkg_new}
+        tar xf ${pkg_dir}/files.tar.xz \
+            --directory ${prj_pkg}/files
+
+        # if deleted files exists
+        if [ -f "${pkg_dir}/deleted" ]; then
+            # first collect all files/directories don't exist
+            while read pkg_del; do
+                # if file don't exist add entry to project deleted file
+                pkg_temp="${prj_pkg}/files/${pkg_del}"
+                if [ ! -f ${pkg_temp} ]; then
+                    if [ ! -d ${pkg_temp} ]; then
+                        # is not a file or directory from previous packages
+                        echo ${pkg_del} >> ${prj_pkg}/deleted
+                    fi
+                fi
+            done <${prj_dir}/${pkg_new}/deleted
+
+            # delete directories and files
+            while read pkg_del; do
+                pkg_temp="${prj_pkg}/files/${pkg_del}"
+                if [ -d ${pkg_temp} ]; then
+                    rm -r ${pkg_temp}
+                elif [ -f ${pkg_temp} ]; then
+                    rm ${pkg_temp}
+                fi
+            done <${prj_dir}/${pkg_new}/deleted
+        fi
+
+        #remove temporary directory
+        rm -r ${prj_dir}/${pkg_new}
+    done
+
+    # call project deploy script
+    call_script=${deploy_scripts}/$(get_script $prj_pkg)
+    echo "Deploy: calling deploy script: ${call_script}"
+    /bin/bash ${call_script} ${prj_pkg}
+
+}
+
+if [[ ! $(ls ${deploy_dir}) = "" ]]; then
+    rm -r ${deploy_dir}/*
+fi
+
+# first extract all packages from origin directory
+for pkg_path in `find ${packages_dir} -type f -name "*.tar.gz"`
+do
+    if [ -f ${pkg_path} ]; then
+        pkg_name=$(basename ${pkg_path})
+        pkg_proj=$(echo ${pkg_name} | cut -d "_" -f 1)
+        pkg_new7=$(echo ${pkg_name} | tail -c -15 | cut -c -7)
+        pkg_temp=${deploy_dir}/${pkg_proj}/${pkg_new7}
+        mkdir -p ${pkg_temp}
+        tar xf ${pkg_path} --directory ${pkg_temp}
+        rm ${pkg_path}
+    fi
+done
+
+# loop for all projects and deploy them
+for prj_dir in `find ${deploy_dir} -maxdepth 1 -mindepth 1 -type d`
+do
+    # order index of hashes based on old commit
+    echo "prj_dir $prj_dir"
+    project_extract ${prj_dir}
+done
diff --git a/tools/conf/srv/gitolite/gitolite.conf b/tools/conf/srv/gitolite/gitolite.conf
new file mode 100644
index 0000000..09133ec
--- /dev/null
+++ b/tools/conf/srv/gitolite/gitolite.conf
@@ -0,0 +1,80 @@
+@guests         =   gitweb
+@interns        =   silvino
+@dev            =   silvino
+@teamleads      =   silvino
+@staff          =   @interns @dev @teamleads
+
+repo  @secret
+    - = @guests
+    option deny-rules = 1
+
+repo @floss
+    RW+                     =   @dev @staff
+    R                       =   @all
+
+repo @project
+    RW+                     =   @teamleads
+    -   master              =   @dev
+    -   refs/tags/v[0-9]    =   @dev
+    RW+ develop/            =   @dev
+    RW+ feature/            =   @dev
+    RW+ hot-fix/            =   @dev
+    RW                      =   @dev
+    R                       =   @interns
+
+repo @mirror
+    RW+ release/            =   @teamleads
+    RW+ develop/            =   @dev
+    RW+ feature/            =   @dev
+    RW+ hot-fix/            =   @dev
+    R                       =   @all
+
+repo gitolite-admin
+    RW+     =   gitolite
+
+repo c9-doc c9-ports c9-pmwiki c9-assistant
+    config gitweb.owner         =   "c9 team"
+    config gitweb.category      =   "c9"
+
+repo linux-pck
+    config gitweb.owner         =   "c9 team"
+    config gitweb.category      =   "mirrors"
+
+repo opt core contrib
+    config gitweb.owner         =   "crux"
+    config gitweb.category      =   "crux"
+
+repo c9-doc
+    config gitweb.description   =   "c9 documentation"
+    option hook.post-receive     =  deploy-web-doc
+
+repo c9-ports
+    config gitweb.description   =   "c9 ports"
+
+repo c9-pmwiki
+    config gitweb.description   =   "c9 wiki"
+    option hook.post-receive     =  deploy-web-doc
+
+repo c9-assistant
+    config gitweb.owner         =   "c9 team"
+    config gitweb.description   =   "c9 open assistant"
+
+repo core
+    config gitweb.description   =   "crux core collection"
+
+repo opt
+    config gitweb.description   =   "crux opt collection"
+
+repo contrib
+    config gitweb.description   =   "crux contrib collection"
+
+repo linux-pck
+    config gitweb.description   =   "PCK or Parabola Community Kernel are multiple patches, pf-kernel and zen-kernel for Linux-libre kernel"
+    option      upstream.url    = git://git.parabola.nu/pck.git
+    option      upstream.nice   = 120
+
+
+@secret    =   gitolite-admin
+@project   =   c9-doc c9-ports c9-pmwiki c9-assistant
+@project   =   core opt contrib
+@mirror    =   linux-pck
diff --git a/tools/conf/srv/gitolite/hook.sh b/tools/conf/srv/gitolite/hook.sh
new file mode 100644
index 0000000..1f977ca
--- /dev/null
+++ b/tools/conf/srv/gitolite/hook.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# final packages dir
+packages_dir="/srv/gitolite/deploy/packages"
+# hook work directory
+hook_dir="/srv/gitolite/deploy/hook_dir"
+
+function is_initial(){
+    local prj_name=$1
+    if [ ! -d ${hook_dir}/${prj_name} ]; then
+        echo "true"
+    else
+        echo "false"
+    fi
+}
+
+function get_remote_rev(){
+    echo $(wget --no-check-certificate -qO- $1)
+}
+
+function valid_url(){
+    if [[ `wget -S --spider $1 --no-check-certificate 2>&1 | grep 'HTTP/1.1 200 OK'` ]];
+    then
+        echo "true";
+    fi
+}
+
+function create_package(){
+    # project name
+    local prj_name=$1
+    # git repository directory
+    local git_dir=$2
+    # last/old commit revision
+    local pkg_old=$3
+    # new commit revision
+    local pkg_new=$4
+    # script deploy call when extracting this package
+    local pkg_script=$5
+
+    local pkg_new7=$(echo $pkg_new | cut -c1-7)
+
+    # project directory
+    local prj_dir="${hook_dir}/${prj_name}"
+    # package directory
+    local pkg_dir="${prj_dir}/${pkg_new7}"
+    # final tar file
+    local pkg_tar="${packages_dir}/${prj_name}_${pkg_new7}.tar.gz"
+
+    # if temporary work directory exists maybe other process is creating packages
+    if [ -d "$pkg_dir" ]; then
+        echo "Deploy: temporary directory ${pkg_dir} exists, maybe other precess"
+        exit 1
+    fi
+    # create temporary directory for this package
+    mkdir -p ${pkg_dir}
+
+    echo "Deploy: ${prj_name} ${pkg_new7} package call ${pkg_script} on deploy."
+
+    # save metadata to be used by deploy script
+    echo $prj_name > ${pkg_dir}/project
+    echo $pkg_script >> ${pkg_dir}/project
+    echo $pkg_new >> ${pkg_dir}/project
+
+    # if is a valid old commit create a package with changes since then
+    # else create a full package (all files)
+    local is_commit=$(git --git-dir=${git_dir} cat-file -t ${pkg_old} 2>&1)
+    if [[ $is_commit = "commit" ]]; then
+        echo "Deploy: creating package from old commit."
+        # list with files to extract (Added Copied Modified Renamed)
+        file_list=$(git --git-dir=${git_dir} --no-pager diff \
+            --diff-filter=ACMR \
+            --name-only ${pkg_old} ${pkg_new})
+
+        # create tar archive with same name as commit hash with files
+        git --git-dir=${git_dir} archive -o ${pkg_dir}/files.tar.xz ${pkg_new} ${file_list}
+
+        # first we create list of files to be removed
+        git --git-dir=${git_dir} --no-pager diff \
+            --diff-filter=DR \
+            --name-status -t ${pkg_old} ${pkg_new} | cut -f 2 > ${pkg_dir}/deleted
+
+        # save old commit on metadata
+        echo $pkg_old >> ${pkg_dir}/project
+    else
+        echo "Deploy: creating initial package."
+        git --git-dir=${git_dir} archive -o ${pkg_dir}/files.tar.xz ${pkg_new}
+
+    fi
+
+    tar -zcpf ${pkg_tar} --directory=${pkg_dir} .
+
+    echo "Deploy: package ${pkg_tar} ready !"
+    rm -r ${pkg_dir}
+    return 0
+}
diff --git a/tools/gitolite.html b/tools/gitolite.html
index 58d6d96..94abda0 100644
--- a/tools/gitolite.html
+++ b/tools/gitolite.html
@@ -23,7 +23,7 @@
 
         <pre>
         # mkdir -p /srv/gitolite
-        # useradd -U -d /srv/gitolite gitolite
+        # useradd -r -s /bin/bash -m -d /srv/gitolite gitolite
         # chown gitolite:gitolite /srv/gitolite
         </pre>
 
@@ -38,10 +38,20 @@
         <p>Copy public key that will be used for
         authenticating gitolite administrator, read
         <a href="openssh.html#ssh">ssh</a> how to
-        create one.</p>
+        create one, key don't need to have password.
+        If the server is on remote a remote
+        machine you can use scp to copy the public key;</p>
 
         <pre>
-        $ sudo install -o gitolite -g gitolite /home/bob/.ssh/gitolite.pub /srv/gitolite/gitolite.pub
+        $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/
+        bob@core.privat-network.net's password:
+        gitolite.pub                              100%  390     0.4KB/s   00:00
+        </pre>
+
+        <p>Then on remote machine;</p>
+
+        <pre>
+        # cp /home/admin/gitolite.pub /srv/gitolite.pub
         </pre>
 
         <pre>
@@ -62,7 +72,7 @@
         </pre>
 
         <pre>
-        $ ssh -v -i ~/.ssh/gitulite_rsa gitolite@localhost -p 2222
+        $ ssh -v -i ~/.ssh/gitolite gitolite@localhost -p 2222
         </pre>
 
         <h2 id="admin">3. Gitolite Administration</h2>
@@ -72,7 +82,7 @@
         Start by cloning gitolite-adimin;</p>
 
         <pre>
-        $ git clone gitolite:gitolite-admin
+        $ git clone git-admin:gitolite-admin
         </pre>
 
         <h3>3.1. Recover Admin Account</h3>
@@ -127,38 +137,55 @@
         edit conf/gitolite.conf;</p>
 
         <pre>
-        @dev            =   alice david
-        @interns        =   clair
-        @dev            =   bob
-        @teamleads      =   mike
+        @guests         =   gitweb
+        @interns        =   bob alice
+        @dev            =   fred mary joe
+        @teamleads      =   mary
         @staff          =   @interns @dev @teamleads
 
-        @proj-repos     =   sysdoc storm atom
+        repo  @secret
+            - = @guests
+            option deny-rules = 1
 
         repo @floss
-                R                       =   @all
+            RW+                     =   @dev @staff
+            R                       =   @all
+
+        repo @project
+            RW+                     =   @teamleads
+            -   master              =   @dev
+            -   refs/tags/v[0-9]    =   @dev
+            RW+ develop/            =   @dev
+            RW+ feature/            =   @dev
+            RW+ hot-fix/            =   @dev
+            RW                      =   @dev
+            R                       =   @interns
 
-        repo @proto
-                RW+                     =   @staff
+        repo gitolite-admin
+            RW+     =   gitolite
 
-        repo @proj-repos
-                RW+                     =   @teamleads
-                -   master              =   @dev
-                -   refs/tags/v[0-9]    =   @dev
-                RW+ develop/            =   @dev
-                RW+ feature/            =   @dev
-                RW+ hot-fix/            =   @dev
-                RW                      =   @dev
-                R                       =   @managers
+        repo c9-doc c9-ports c9-pmwiki
+            config gitweb.owner         =   "c9 team"
+            config gitweb.category      =   "c9"
 
-        repo atom sysdoc
-            option hook.post-receive     =  deployweb
+        repo c9-doc
+            config gitweb.description   =   "c9 documentation"
+            option hook.post-receive     =  deploy-web-doc
 
-        repo testing
-            RW+     =   @staff
+        repo c9-ports
+            config gitweb.description   =   "c9 ports"
 
-        repo gitolite-admin
-            RW+     =   mike
+        repo c9-pmwiki
+            config gitweb.description   =   "c9 wiki"
+            option hook.post-receive     =  deploy-web-doc
+
+        repo c9-assistant
+            config gitweb.owner         =   "c9 team"
+            config gitweb.category      =   "c9"
+            config gitweb.description   =   "c9 open assistant"
+
+        @secret    =   gitolite-admin
+        @project   =   c9-doc c9-ports c9-pmwiki c9-assistant
         </pre>
 
         <p>Commit and push;</p>
@@ -174,13 +201,13 @@
 
         <pre>
         # cd /srv/gitolite/repositories/
-        # mv void.git sysdoc.git
+        # mv void.git c9-doc.git
         </pre>
 
         <p>On workstation edit conf/gitolite.conf;</p>
 
         <pre>
-        repo sysdoc
+        repo c9-doc
                 RW+     =       bob
         </pre>
 
@@ -191,12 +218,44 @@
         $ git push
         </pre>
 
+        <h4>3.3.3 Delete Repository</h4>
+
+        <pre>
+        # cd /srv/gitolite/repositories/
+        # rm -rf c9-doc.git
+        </pre>
+
+        <p>On workstation edit conf/gitolite.conf and remove c9-doc.</p>
+
         <h2 id="hooks">4. Gitolite Hooks</h2>
 
+        <p>This document creates three scripts, one is run when gitolite receives
+        push to a project with hook active, second script is run under root
+        user to allow operations where gitolite user have no rights, third one
+        is project specific.</p>
+
+        <p>This example try to have a separate creation of a package and its deployment,
+        in case deploy script is not on the same machine other method can be used to send
+        the package.</p>
+
+        <p>A normal package will have a files.tar with all or new files to extract,
+        if necessary a deleted file with the list of files to be removed and a
+        project file with data about the package like new hash commit, or witch
+        script to call to deploy.</p>
+
+        <p>Package is created under gitolite
+        <a href="conf/srv/gitolite/hook.sh">/srv/gitolite/deploy/hook.sh</a>
+        script and
+        <a href="conf/srv/gitolite/deploy.sh">/srv/gitolite/deploy/deploy.sh</a>,
+        deploy in this example is called called by cron.</p>
+
+        <h3 id="gtl-activate">4.1. Activate Hooks</h3>
+
         <p>Example from
         <a href="http://gitolite.com/gitolite/cookbook.html#v3.6-variation-repo-specific-hooks">Cookbook</a>
         how to apply hooks only to certain repos. Uncomment or add
-        this line on /srv/gitolite/.gitolite.rc, within the %RC block;</p>
+        this line on <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>,
+        within the %RC block;</p>
 
         <pre>
         LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local",
@@ -206,194 +265,244 @@
         or add it to the ENABLE list if it doesn't exist.</p>
 
         <pre>
-        GIT_CONFIG_KEYS         => '.*',
-        </pre>
-
-        <pre>
         # allow repo-specific hooks to be added
         'repo-specific-hooks',
         </pre>
 
-        <p>Put your hooks into your gitolite-admin clone, as follows:</p>
+        <p>Create directory on gitolite-admin clone;</p>
 
         <pre>
         $ cd ~/gitolite-admin
         $ mkdir -p local/hooks/repo-specific
         </pre>
 
-        <p>Create the same directory on remote as gitolite;</p>
+        <p>Now add your hooks to that directory, but instead of using the
+        git "standard" names (pre-receive, post-receive, post-update),
+        you use descriptive names (e.g. "deploy", "RSS-post", etc).</p>
+
+        <p>On remote run;</p>
 
         <pre>
         # su - gitolite
-        $ mkdir local/hooks/repo-specific
+        $ mkdir .gitolite/local/hooks/repo-specific
+        $ gitolite setup
         </pre>
 
-        <p>Now add your hooks to that directory, but instead of using the
-        git "standard" names (pre-receive, post-receive, post-update),
-        you use descriptive names (e.g. "deploy", "RSS-post", etc).</p>
+        <h3 id="gtl-deploy">4.2. Deploy and Hook script</h3>
 
-        <h3 id="gtl-deploy">4.1. Deploy Hook</h3>
+        <p>Create deploy directory on remote, /srv/gitolite/deploy
+        was chosen to have less impact on the package system;</p>
 
-        <p>This manual create two users; one gitolite that handle git
-        central server and system www for web servers. To avoid permission
-        problems this example use gitolite hooks and cron. By using cron
-        we have permission to use chown, this way files end up with right
-        www user ownership and permissions.</p>
+        <pre>
+        $ sudo -u gitolite mkdir /srv/gitolite/deploy
+        </pre>
+
+        <p>Script
+        <a href="conf/srv/gitolite/hook.sh">/srv/gitolite/deploy/hook.sh</a>
+        receives call create_package "project-name" "git-dir"
+        "valid oldrev/invalid" "newrev" "script/to/call.sh" from gitolite hook
+        and creates a package.</p>
 
-        <p>This hook allows to select wich branch is deployed and if exists,
-        calls a script inside project folder with user www. This allows to
-        do post deploy (checkout) tasks such as composer update.</p>
+        <pre>
+        $ sudo -u gitolite cp conf/srv/gitolite/hook.sh /srv/gitolite/deploy/
+        </pre>
 
-        <p>Create <a href="../conf/srv/gitoliteolite/deployweb">deployweb</a>
-        in gitolite-admin/local/hooks/repo-specific;</p>
+        <p>Script
+        <a href="conf/srv/gitolite/deploy.sh">/srv/gitolite/deploy/deploy.sh</a>
+        loops for each package, extracts, order commit hashes to create final
+        snapshot of files and call script to handle deploy.</p>
 
         <pre>
-        $ vim ~/gitolite-admin/local/hooks/repo-specific/deployweb
+        $ sudo -u gitolite cp conf/srv/gitolite/deploy.sh /srv/gitolite/deploy/
         </pre>
 
+        <h3 id="gtl-setup">4.3. Setup project hook</h3>
+
+        <p>Project hooks create a package by calling hook.sh script and
+        deploy a package being called by deploy.sh. Deploy script is a
+        simple example that handle multiple web projects.</p>
+
+        <h4>4.3.1. Hook Script</h4>
+
+        <p>Create
+        <a href="conf/srv/gitolite/deploy-web-doc">gitolite-admin/local/hooks/repo-specific/deploy-web-doc</a>;</p>
+
         <pre>
         #!/bin/bash
-
         ######################################################################
         #
         # Put this file in your gitolite-admin;
-        # ~/gitolite-admin/local/hooks/repo-specific/deployweb
+        # ~/gitolite-admin/local/hooks/repo-specific/deploy-web-doc
         #
-        while read oldrev newrev refname
-        do
-                BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname)
-                echo "Commit was for branch $BRANCH"
+        # set host to empty to create package for each push
+        # or set remote host to create package based on last deployed push
+        # host="https://doc.localhost"
+        host=""
+        # set name of witch branch should be deployed
+        branch_to_deploy="deploy_branch"
 
-                if [[ "$BRANCH" == "master" ]];then
+        ######################################################################
 
-                        # Get project name from current directory (without .git)
-                        PROJECT=$(basename "$PWD")
-                        PROJECT=${PROJECT%.git}
 
-                        echo "Project $PROJECT added to deploy list."
-                        echo $PWD &gt; /srv/gitolite/deploy/$PROJECT
-                fi
+        url="$host/.last_deploy"
+        source /srv/gitolite/deploy/hook.sh
+        read oldrev newrev refname
+        push_branch=$(git rev-parse --symbolic --abbrev-ref $refname)
 
-        done
-        </pre>
+        #SCRIPT_VARS=$(set)
+        #echo "project: $PROJECT"
+        #echo "local dir: $PWD" &gt; /srv/gitolite/deploy/${GL_REPO}
+        #echo "${SCRIPT_VARS}" &gt;&gt; /srv/gitolite/deploy/${GL_REPO}
 
-        <p>Create deploy directory on remote;</p>
+        if [[ $push_branch = $branch_to_deploy  ]]; then
 
-        <pre>
-        # su - gitolite
-        $ mkdir deploy
+            # if host empty we make local tracking
+            if [[ $host = "" ]]; then
+                if [[ $(is_initial ${GL_REPO}) = "true" ]]; then
+                    oldrev="initial"
+                fi
+            else
+                if [[ ! $(valid_url $url) = "true" ]]; then
+                    echo "Deploy: set $url on remote to start creating packages"
+                    exit 1
+                fi
+                oldrev=$(get_remote_rev $url)
+            fi
+            create_package ${GL_REPO} ${PWD} ${oldrev} ${newrev} "deploy-web.sh"
+        fi
         </pre>
 
-        <p>Add scripts to the repos you want them to be active in
-        your conf file. For example:</p>
+        <p>Activate this hook, the idea is to start with this one as a template working
+        and then implement the final one. Edit gitolite admin configuration file and
+        activate:</p>
 
         <pre>
-        repo atom @baz
-            option hook.post-receive     =  deployweb
+        repo c9-doc
+            config gitweb.description   =   "c9 documentation"
+            option hook.post-receive     =  deploy-web-doc
         </pre>
 
         <p>Add, commit, and push the admin repo;</p>
 
         <pre>
-        $ git add -u && git commit -m "deploy hook"
+        $ git add local/hooks/repo-specific/hook-deployweb
+        $ git add -u && git commit -m "added deploy c9 hook"
         </pre>
 
-        <p>On remote run;</p>
+        <p>Now we can test if our script is functioning by creating a branch on c9-doc
+        making a random change and push;<p>
 
         <pre>
-        # su - gitolite
-        $ gitolite setup
+        $ cd c9-doc
+        $ git checkout -b deploy_branch
         </pre>
 
-        <p>Create deploy script that cron will call
-        every minute, this script will check inside
-        /srv/gitolite/deploy folder for projects that have
-        been updated.</p>
+        <h4>4.3.2. Deploy Script</h4>
 
-        <p>Create <a href="../conf/srv/gitolite/deploy.sh">deploy.sh</a> in
-        /usr/share/gitolite;</p>
+        <p>Create
+        <a href="conf/srv/gitolite/deploy-web.sh">/srv/gitolite/deploy/scripts/deploy-web.sh</a>;</p>
 
         <pre>
-        $ vim /usr/share/gitolite/deploy.sh
-        </pre>
+        #!/bin/bash
 
-        <pre>
-    #!/bin/sh
+        pkg_path=$1
 
-    ######################################################################
-    #
-    # Put this file in;
-    # /usr/share/gitolite/deploy.sh
-    #
-    DIR_WWW=/srv/www/
-    DEPLOY_BRANCH=master
-    TARGET_USER=www
+        www_root="/srv/www"
+        www_user="nginx"
+        www_group="www"
 
-    for DP_FILE in /srv/gitolite/deploy/*
-    do
+        pkg_file="${pkg_path}/project"
+        pkg_rm="${pkg_path}/deleted"
+        pkg_files="${pkg_path}/files"
 
-        if [ ! -f "$DP_FILE" ]; then
-            # Nothing to do ;)
-            #echo "Deploy: invalid DP_FILE"
-            exit 1;
+        if [ ! -f ${pkg_file} ]; then
+            echo "Deploy web: invalid pkg_file ${pkg_file}"
+            exit 1
         fi
 
-        # Get project name
-        PROJECT=$(basename "$DP_FILE")
-        echo "Deploy: PROJECT=${PROJECT}"
+        pkg_name=$(head -1 ${pkg_file})
+        pkg_new=$(head -3 ${pkg_file} | tail -1)
+        pkg_new7=$(echo ${pkg_new} | cut -c1-7)
+
+        pkg_www="${www_root}/${pkg_name}"
+        pkg_back="${pkg_www}/backup_deploy"
+        pkg_last="${pkg_www}/.last_deploy"
 
-        # Get git repository path and verify if exists
-        DIR_GIT=$(head -n 1 $DP_FILE)
-        if [ ! -d "$DIR_GIT" ]; then
-            echo "Deploy: invalid DIR_GIT: ${DIR_GIT}"
-            exit 2;
+        if [ ! -d ${pkg_www} ]; then
+            echo "Deploy web: invalid pkg_www ${pkg_www}"
+            exit 1
         fi
-        echo "Deploy: DIR_GIT=${DIR_GIT}"
-
-        # Get directory to deploy and verify if exists
-        GIT_WORK_TREE=${DIR_WWW}${PROJECT}/
-        if [ ! -d "$GIT_WORK_TREE" ]; then
-            echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}"
-            echo "Deploy: creating directory: $GIT_WORK_TREE}"
-            mkdir -p $GIT_WORK_TREE
+
+        # first backup all data
+        if [[ ! $(ls ${pkg_www} | grep -v "backup_deploy") = "" ]]; then
+            if [ ! -d ${pkg_back} ]; then
+                sudo -u ${www_user} mkdir -p ${pkg_back}
+            fi
+            backup_file="${pkg_back}/${pkg_name}-$(date '+%Y-%j-%H-%M-%S').tar.gz"
+            echo "Deploy web: making backup ${backup_file}"
+            sudo -u ${www_user} tar --exclude ${pkg_back} --xattrs -zcpf ${backup_file} ${pkg_www}
         fi
-        echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}"
 
-        # Deploy (checkout)
-        echo "Deploy: starting git checkout"
+        # remove files and directories that have been deleted
+        if [ -f ${pkg_rm} ]; then
 
-        git --git-dir=$DIR_GIT \
-            --work-tree=$GIT_WORK_TREE \
-            checkout -f $DEPLOY_BRANCH
+            echo "Deploy web: files to delete:"
+            # first we delete files
+            while read deleted_file; do
+                deleted_file="${pkg_www}/${deleted_file}"
+                if [ -f ${deleted_file} ]; then
+                    echo "file      rm ${deleted_file}"
+                    rm ${deleted_file}
+                fi
+            done &lt;${pkg_rm}
+
+            # delete directories
+            while read deleted_file; do
+                deleted_file="${pkg_www}/${deleted_file}"
+                if [ -d ${deleted_file} ]; then
+                    echo "file      rm ${deleted_file}"
+                    rm ${deleted_file}
+                fi
+            done &lt;${pkg_rm}
 
+        fi
 
-        # Fix ownership and permissions
-        echo "Deploy: fixing permissions"
+        # copy new files to destination
+        if [ -d ${pkg_files} ]; then
+            echo "Deploy web: cp from ${pkg_files} to ${pkg_www}"
+            sudo -u ${www_user} cp -r ${pkg_files}/* ${pkg_www}
+        fi
 
-        echo "Deploy: setting owner: chown -R ${TARGET_USER}"
-        chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE
+        echo ${pkg_new} > ${pkg_last}
+        echo "Deploy: scripts/deployweb.sh ${pkg_name} ${pkg_new7} deployed."
 
-        echo "Deploy: setting directory permissions: chmod 755"
-        find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755
+        #remove temporary package
+        rm -r ${pkg_path}
+        </pre>
 
-        echo "Deploy: setting file permissions: chmod 644"
-        find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644
+        <h4>4.3.3. Debuging hooks</h4>
 
-        # Call project script
-        if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then
-            echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh"
-            cd ${GIT_WORK_TREE}
-            sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh
-        fi
+        <p>Comment gitolite admin repo script "if" and uncomment debug sections, this allow to
+        source the file with environment of hook.</p>
 
-        # Done with project
-        echo "Deploy: removing deploy file="$DP_FILE
-        rm $DP_FILE
+        <p>Later you can delete this branch locally and remote and start fresh. To test
+        if hook is called each time you push run;</p>
 
-        exit 0;
-    done
+
+        <pre>
+        $ echo $(( ( RANDOM % 10 ) +1 )) >> index.html && git add -u && git commit -m "test deploy" && git push git
         </pre>
 
+        <p>See if a file was created in /srv/gitolite/deploy with name of project and
+        with environmental variables of gitolite script.</p>
+
+        <p>From now on you can test changes directly on
+        /srv/gitolite/.gitolite/local/hooks/repo-specific/hook-deployweb
+        and repeat above command to see the results or create a separate script with
+        all variables generated by above script set so you don't have to push at all.</p>
+
+        <h4 id="gtl-deploy">4.4. Deploy with Cron</h4>
+
         <p>Add cron job to call deploy script every minute;</p>
 
         <pre>
@@ -406,9 +515,9 @@
         #
 
         # this way it will log
-        # * * * * * /usr/share/gitolite/deploy.sh
+        # * * * * * /usr/share/gitolite/deployweb
         # without log
-        * * * * * /usr/share/gitolite/deploy.sh > /dev/null 2>&1
+        * * * * * /usr/share/gitolite/deployweb > /dev/null 2>&1
 
         @hourly   ID=sys.hourly   /usr/sbin/runjobs /etc/cron/hourly
         @daily    ID=sys.daily    /usr/sbin/runjobs /etc/cron/daily
@@ -418,6 +527,106 @@
         # End of file
         </pre>
 
+        <h2 id="gitweb">5. Gitweb</h2>
+
+        <pre>
+        $ prt-get depinst p5-cgi p5-cgi-session libcgi \
+                        fcgiwrap spawn-fcgi highlight
+        </pre>
+
+        <h3>5.1. Configure gitweb</h3>
+
+        <p>Edit /etc/gitweb.conf</p>
+
+        <pre>
+        our $git_temp = "/srv/www/gitweb_tmp";
+
+        our $projects_list = "/srv/gitolite/projects.list";
+        # The directories where your projects are. Must not end with a slash.
+        our $projectroot = "/srv/gitolite/repositories";
+
+        # Base URLs for links displayed in the web interface.
+        our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com);
+
+        our $projects_list_group_categories = 1;
+        </pre>
+
+        <h3>5.2. Configure nginx</h3>
+
+        <p>Edit /etc/rc.d/fcgiwrap to run as nginx user member of gitolite
+        and www group;</p>
+
+        <pre>
+        USER=nginx
+        GROUP=nginx
+        </pre>
+
+        <pre>
+        # usermod -G www,gitolite nginx
+        </pre>
+
+        <p>Create link from gitweb to web server folder;</p>
+
+        <pre>
+        # ln -s /usr/share/gitweb /srv/www
+        </pre>
+
+        <p>Add this to default or main
+	<a href="nginx.html#virtual-host">nginx virtual host</a>;</p>
+
+        <pre>
+	location /gitweb/gitweb.cgi {
+            alias /srv/www/gitweb;
+	    include fastcgi_params;
+	    gzip off;
+	    fastcgi_param   SCRIPT_FILENAME  /srv/www/gitweb/gitweb.cgi;
+	    fastcgi_param   GITWEB_CONFIG    /etc/gitweb.conf;
+	    fastcgi_pass    unix:/var/run/fcgiwrap.sock;
+	}
+
+	location /gitweb {
+	    alias /srv/www/gitweb;
+	    index gitweb.cgi;
+	}
+	</pre>
+
+        <h3>5.3. Configure gitolite</h3>
+
+        <p>Edit
+        <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>,
+        change UMASK and GIT_CONFIG_KEYS to;</p>
+
+        <pre>
+        # default umask gives you perms of '0700'; see the rc file docs for
+        # how/why you might change this
+        UMASK                           =>  027,
+
+        # look for "git-config" in the documentation
+        GIT_CONFIG_KEYS                 =>  '.*',
+        </pre>
+
+        <p>Fix permissions;</p>
+
+        <pre>
+        $ sudo chown -R gitolite:gitolite /srv/gitolite
+        $ sudo chmod g+rx /srv/gitolite/projects.list
+        $ sudo chmod -R 755 /srv/gitolite/repositories/
+        </pre>
+
+        <p>Edit gitolite-admin/conf/gitolite.conf;</p>
+
+        <pre>
+        repo c9-doc
+            config gitweb.owner         =   c9 team
+            config gitweb.description   =   c9 documentation
+            config gitweb.category      =   c9
+
+        repo c9-ports
+            config gitweb.owner         =   c9 team
+            config gitweb.description   =   c9 ports
+            config gitweb.category      =   c9
+        </pre>
+
         <a href="index.html">Tools Index</a>
         <p>This is part of the c9-doc Manual.
         Copyright (C) 2016
diff --git a/tools/index.html b/tools/index.html
index 1b63a92..71fc2e4 100644
--- a/tools/index.html
+++ b/tools/index.html
@@ -133,12 +133,23 @@
                     <li><a href="openssh.html#reverse">3. Reverse connection</a></li>
                 </ul>
             </li>
+            <li><a href="nginx.html">Nginx</a>
+                <ul>
+                    <li><a href="nginx.html#install">1. Install Nginx</a></li>
+                    <li><a href="nginx.html#certs">2. Certificates</a></li>
+                    <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li>
+                    <li><a href="nginx.html#server">4. Server with PHP</a></li>
+                    <li><a href="nginx.html#userdir">5. User Directory</a></li>
+                    <li><a href="nginx.html#logs">6. Logs</a></li>
+                </ul>
+            </li>
             <li><a href="gitolite.html">Gitolite</a>
                 <ul>
                     <li><a href="gitolite.html#install">1. Install Gitolite</a></li>
                     <li><a href="gitolite.html#config">2. Configure Gitolite</a></li>
                     <li><a href="gitolite.html#admin">3. Gitolite Administration</a></li>
                     <li><a href="gitolite.html#hooks">4. Gitolite Hooks</a></li>
+                    <li><a href="gitolite.html#gitweb">5. Gitweb</a></li>
                 </ul>
             </li>
             <li><a href="postgresql.html">Postgresql</a>
@@ -152,16 +163,6 @@
                     <li><a href="postgresql.html#psql">7. Psql</a></li>
                 </ul>
             </li>
-            <li><a href="nginx.html">Nginx</a>
-                <ul>
-                    <li><a href="nginx.html#install">1. Install Nginx</a></li>
-                    <li><a href="nginx.html#certs">2. Certificates</a></li>
-                    <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li>
-                    <li><a href="nginx.html#server">4. Server with PHP</a></li>
-                    <li><a href="nginx.html#userdir">5. User Directory</a></li>
-                    <li><a href="nginx.html#logs">6. Logs</a></li>
-                </ul>
-            </li>
         </ul>
 
         <a href="../index.html">Documentation Index</a>
diff --git a/tools/network.html b/tools/network.html
index 43e4616..0dc51d6 100644
--- a/tools/network.html
+++ b/tools/network.html
@@ -14,30 +14,15 @@
         by <a href="../core/network.html">net and wlan</a> scripts, they
         allow to connect to the internet in the most common environments.</p>
 
+        <p>For network statistics and monitoring see <a href="tcpdump.html">tcpdump</a>.</p>
+
         <h2 id="bridge">Bridges</h2>
 
         <p>See <a href="conf/etc/rc.d/blan">/etc/rc.d/blan</a> on
         how to create interfaces at startup or as source to do it
         in automatic way;</p>
 
-        <pre>
-        DEV="br0"
-        PHY="enp8s0"
-        </pre>
-
-        <pre>
-        # ip link add name ${DEV} type bridge
-        # ip link set dev ${DEV} up
-        </pre>
-        <pre>
-        # ip route flush dev ${PHY}
-        # ip addr flush dev ${PHY}
-        # ip link set dev ${PHY} master ${DEV}
-        </pre>
-
-        <pre>
-        # ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
-        </pre>
+        <p>For more information about bridges <a href="http://ebtables.netfilter.org/br_fw_ia/br_fw_ia.html#section7">Bridges with iptables</a></p>
 
         <a href="index.html">Tools Index</a>
         <p>This is part of the c9 Manual.
diff --git a/tools/nginx.html b/tools/nginx.html
index 0ded2b6..5a2e00c 100644
--- a/tools/nginx.html
+++ b/tools/nginx.html
@@ -257,7 +257,7 @@
         /etc/php/conf.d/pdo_pgsql.ini
         </pre>
 
-        <h3>4.2. Setup Virtual Host</h3>
+        <h3 id="virtual-host">4.2. Setup Virtual Host</h3>
 
         <p>Server (virtual host) with pmwiki and flyspray, check
         <a href="conf/etc/nginx/sites/">/etc/nginx/sites</a>
diff --git a/tools/openssh.html b/tools/openssh.html
index d0a549c..70fe76f 100644
--- a/tools/openssh.html
+++ b/tools/openssh.html
@@ -196,31 +196,28 @@
 
         <h3 id="sshpubkey">2.1. Install Public Keys</h3>
 
-        <p>Send gitolite.pub public key to server. In this example
-        bob (administrator of gitolite) is on same host,
-        first copy is public key to admin home directory;</p>
+        <p>Example how to give ssh access to bob user to admin account
+        using public key authentication. Is necessary to make user public
+        key available in the server, this can be done by several ways, in
+        this example the public key will be copied using scp;</p>
 
         <pre>
-        # install -o admin -g admin /home/bob/.ssh/gitolite.pub /home/admin/.ssh/gitolite.pub
-        </pre>
-
-        <p>If the server is on remote a remote machine;</p>
-
-        <pre>
-        $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/.ssh/
+        $ scp /home/bob/.ssh/id_rsa.pub admin@core.privat-network.net:/home/admin/.ssh/
         bob@core.privat-network.net's password:
-        gitolite.pub                              100%  390     0.4KB/s   00:00
+        id_rsa.pub                              100%  390     0.4KB/s   00:00
         </pre>
 
-        <p>In case of bob public key for normal ssh login, admin can
-        add his public key to authorized keys;</p>
+        <p>Login on remote as admin and add bob public key to authorized keys;</p>
 
         <pre>
-        $ cat bob_rsa.pub &gt;&gt; ~/.ssh/authorized_keys
+        $ cat ~/.ssh/bob_rsa.pub &gt;&gt; ~/.ssh/authorized_keys
         </pre>
 
+        <p>Now bob can login as admin on remote server using publik key
+        athentication;</p>
+
         <pre>
-        $ ssh -P 2222 bob@remote.org
+        $ ssh -P 2222 admin@remote.org
         </pre>
 
         <h3 id="sshid">2.2. Configure Identities</h3>
@@ -230,53 +227,49 @@
         -i flag. Create or edit ~/.ssh/config</p>
 
         <pre>
-        Host admin
+        Host core
             Hostname core.privat-network.net
             IdentityFile ~/.ssh/id_rsa
             Port 2222
             User admin
 
-        Host gitolite
-            Hostname core.privat-network.net
-            IdentityFile ~/.ssh/gitolite
-            Port 2222
-            User gitolite
-
-        Host box
+        Host git
             Hostname core.privat-network.net
             IdentityFile ~/.ssh/id_rsa
             Port 2222
-            User bob
+            User gitolite
 
-        Host devbox
+        Host git-admin
             Hostname core.privat-network.net
-            IdentityFile ~/.ssh/id_rsa
+            IdentityFile ~/.ssh/gitolite
             Port 2222
             User gitolite
         </pre>
 
-        <p>Now you can just type;</p>
+        <p>Now you can just type ssh core to connect core.privat-network.net on
+        port 2222 with ~/.ssh/id_rsa as identity, or to connect to git server as
+        gitolite admin;</p>
 
         <pre>
-        $ ssh box
+        $ ssh git-admin
         </pre>
 
-        <p>On remote start <a href"../systools/tmux.html">tmux</a>
-        and detach from the session with ctrl + b d</p>
-
-        <p>Create alias on ~/.profile;</p>
+        <p>To take advantage of tmux first login on remote and start
+        <a href"../systools/tmux.html">tmux</a>, detach from the session
+        with ctrl + b d. Change ~/.bashrc and add follow alias;</p>
 
         <pre>
-        alias boxtmux="ssh servername -t tmux a"
+        alias core-server="ssh core -t tmux a"
         </pre>
 
         <p>Source it and attach to remote;</p>
 
         <pre>
-        $ boxtmux
+        $ source ~/.profile
+        $ core-server
         </pre>
 
-        <p>Logout just detach from session with ctrl + b d </p>
+        <p>To logout just detach from tmux session with ctrl + b d </p>
 
         <h2 id="reverse">3. Reverse connection</h2>
 
diff --git a/tools/qemu.html b/tools/qemu.html
index 0079dfc..86fb7aa 100644
--- a/tools/qemu.html
+++ b/tools/qemu.html
@@ -12,7 +12,9 @@
 
         <h2 id="kern">1. Host System</h2>
 
-        <p>Load modules, in this case kvm of intel cpu;</p>
+        <p>Prepare host system for virtual machines, this includes create new user,
+        loading necessary modules and configure network. Load kvm module, in this example
+        intel module is loaded but depends on host cpu;</p>
 
         <pre>
         # modprobe -a kvm-intel tun virtio
@@ -27,6 +29,7 @@
 
         <h2 id="disk">2. Disk images</h2>
 
+        <p>Qemu supports multiple disk images types.</p>
         <dl>
             <dt>img</dt>
             <dd>Raw disk image, allows dd to a physical device.</dd>
@@ -115,67 +118,109 @@
         KERNEL=="tun", GROUP="kvm", MODE="0660", OPTIONS+="static_node=net/tun"
         </pre>
 
+        <h3>2.1. Routing</h3>
 
-        <h3>2.1. Public Bridge</h3>
-
-        <p>Create <a href="network.html#bridge">bridge</a>, create new
-        tap and add it to bridge;</p>
-
-        <pre>
-        # DEV="br0"
-        # TAP="tap1"
-        </pre>
-
-        <pre>
-        # ip tuntap add ${TAP} mode tap group kvm
-        # ip link set ${TAP} up
-        </pre>
+        <p>Create interface with correct permissions set for kvm group.</p>
 
         <pre>
-        # ip link set ${TAP} master ${DEV}
+        # sysctl -w net.ipv4.ip_forward=1
+        # iptables -A INPUT -i br0 -j ACCEPT
+        # iptables -A FORWARD -i br0 -j ACCEPT
+        # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d 10.0.0.0/24 -j ACCEPT
+        # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE
         </pre>
 
-        <h3>2.2. Routing</h3>
+        <h3>2.2. Public Bridge</h3>
 
-        <p>Create interface with correct permissions set for kvm group.</p>
+        <p>Create <a href="network.html#bridge">bridge</a>, create new
+        tap and add it to bridge;</p>
 
         <pre>
-        # sysctl -w net.ipv4.ip_forward=1
-        # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+        DEV="br0"
+
+        ADDR=10.0.0.254
+        NET=10.0.0.0
+        GW=192.168.1.254
+        MASK=24
+
+        # one tap for each cpu core
+        NTAPS=$((`/usr/bin/nproc`))
+
+        case $1 in
+            start)
+                /sbin/ip link add name ${DEV} type bridge
+                /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
+                /sbin/ip link set dev ${DEV} up
+                /bin/sleep 0.2s
+
+                for i in `/usr/bin/seq $NTAPS`
+                do
+                    TAP="tap$i"
+                    echo "Setting up ${TAP} tap interface."
+                    /sbin/ip tuntap add ${TAP} mode tap group kvm
+                    /sbin/ip link set ${TAP} up
+                    /bin/sleep 0.2s
+                    /sbin/ip link set ${TAP} master ${DEV}
+                done
+
+                exit 0
+                ;;
+            stop)
+
+                for i in `/usr/bin/seq $NTAPS`
+                do
+                    TAP="tap$i"
+                    echo "Deleting ${TAP} tap interface."
+                    /sbin/ip link del ${TAP}
+                done
+
+                /sbin/ip link set dev ${DEV} down
+                /sbin/ip route flush dev ${DEV}
+                /sbin/ip link del ${DEV}
+                exit 0
+                ;;
+            restart)
+                $0 stop
+                $0 start
+                ;;
+            *)
+                echo "Usage: $0 [start|stop|restart]"
+                ;;
+        esac
+
+        # End of file
         </pre>
 
         <h2 id="guest">Guest System</h2>
 
-        <p>Start qemu with 512 of ram, mydisk.img as disk and boot from iso</p>
-
         <p>See <a href="scripts/system-qemu.sh">scripts/system-qemu.sh</a>,
         as template. Run virtual machine that uses above tap device;</p>
 
         <pre>
-        $ ISO=~/crux-3.2.iso
-        $ IMG=~/crux-img.qcow2
-        $ TAP="tap1"
+        #!/bin/bash
 
-        $ qemu-system-x86_64 \
-            -enable-kvm \
-            -m 1024 \
-            -boot d \
-            -cdrom ${ISO} \
-            -hda ${IMG} \
-            -net nic,model=virtio -net tap,ifname=${TAP},script=no,downscript=no
-        </pre>
+        function rmac_addr (){
+        printf '54:60:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))
+        }
 
-        <pre>
-        $ ISO=~/crux-3.2.iso
-        $ IMG=~/crux-img.qcow2
+        #boot=d
+        boot=$1
+        #iso=crux-3.2.iso
+        iso=$2
+        #image=crux-img.qcow2
+        image=$3
+        #tap="tap1"
+        tap=$4
+        mac=$(rmac_addr)
 
-        $ qemu-system-x86_64 \
+        qemu-system-x86_64 \
             -enable-kvm \
             -m 1024 \
-            -boot d \
-            -cdrom ${ISO} \
-            -hda ${IMG} \
-            -net nic,model=virtio -net tap,ifname=${TAP},script=no,downscript=no
+            -boot ${boot} \
+            -cdrom ${iso} \
+            -hda ${image} \
+            -device e1000,netdev=t0,mac=${mac} \
+            -netdev tap,id=t0,ifname=${tap},script=no,downscript=no
         </pre>
 
         <a href="index.html">Tools Index</a>
diff --git a/tools/scripts/autoport.sh b/tools/scripts/autoport.sh
new file mode 100644
index 0000000..9965936
--- /dev/null
+++ b/tools/scripts/autoport.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Root Directory
+DIR=$(dirname "$PWD");
+
+DIR_CONF=$DIR"/conf"
+COL_DIR=$DIR"/c9-ports/"
+
+#rm ck4up.conf
+for port in ${COL_DIR}*/ ; do
+
+    echo "Checking port $port"
+    # (cd $port && git clean -f -d . )
+    # prtwash -p -s $port
+    prtverify -m clean-repo $port
+
+    #echo "${port}Pkgfile;"
+    #source  ${port}Pkgfile;
+
+    #echo "$name md5 ${source[0]} @TAR@" >> ck4up.conf
+done
+
+portspage --title=c9-ports . > index.html
+httpup-repgen $COL_DIR
diff --git a/tools/scripts/external-ports.sh b/tools/scripts/external-ports.sh
new file mode 100644
index 0000000..21f42cb
--- /dev/null
+++ b/tools/scripts/external-ports.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+prt-get printf "%i %p %n \n" | grep "yes /usr/ports" \
+    | grep -v "ports/contrib" \
+    | grep -v "ports/opt" \
+    | grep -v "ports/core" \
+    | grep -v "ports/xorg" \
+    | grep -v "ports/c9-ports"
diff --git a/tools/scripts/pkgmk-test.conf b/tools/scripts/pkgmk-test.conf
new file mode 100644
index 0000000..2336685
--- /dev/null
+++ b/tools/scripts/pkgmk-test.conf
@@ -0,0 +1,38 @@
+#
+# /etc/pkgmk.conf: pkgmk(8) configuration
+#
+
+export CFLAGS="-O2 -march=x86-64"
+export CXXFLAGS="${CFLAGS}"
+
+export MAKEFLAGS="-j4"
+
+case ${PKGMK_ARCH} in
+	"64"|"")
+		;;
+	"32")
+		export CFLAGS="${CFLAGS} -m32"
+		export CXXFLAGS="${CXXFLAGS} -m32"
+		export LDFLAGS="${LDFLAGS} -m32"
+		export PKG_CONFIG_LIBDIR="/usr/lib32/pkgconfig"
+		;;
+	*)
+		echo "Unknown architecture selected! Exiting."
+		exit 1
+		;;
+esac
+
+ PKGMK_SOURCE_MIRRORS=(https://ports.c9.core/distfiles/)
+# PKGMK_SOURCE_DIR="$PWD"
+# PKGMK_PACKAGE_DIR="$PWD"
+# PKGMK_WORK_DIR="$PWD/work"
+# PKGMK_DOWNLOAD="no"
+# PKGMK_IGNORE_FOOTPRINT="no"
+# PKGMK_IGNORE_NEW="no"
+# PKGMK_NO_STRIP="no"
+# PKGMK_DOWNLOAD_PROG="wget"
+# PKGMK_WGET_OPTS=""
+# PKGMK_CURL_OPTS=""
+# PKGMK_COMPRESSION_MODE="gz"
+
+
diff --git a/tools/scripts/pkgmk-test.sh b/tools/scripts/pkgmk-test.sh
new file mode 100644
index 0000000..5509ac2
--- /dev/null
+++ b/tools/scripts/pkgmk-test.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+CONF=${DIR}/pkgmk-test.conf
+
+fakeroot pkgmk -cf $CONF -d $1
diff --git a/tools/scripts/replace.sh b/tools/scripts/replace.sh
index 8e393f0..e925e7d 100644..100755
--- a/tools/scripts/replace.sh
+++ b/tools/scripts/replace.sh
@@ -1,5 +1,6 @@
 #!/bin/sh
 
+# find and replace string on files
 folder=$1
 oldstring=$2
 newstring=$3
diff --git a/tools/storage.html b/tools/storage.html
index 894873b..109c6fa 100644
--- a/tools/storage.html
+++ b/tools/storage.html
@@ -30,6 +30,20 @@
 
         <h2 id="mv">2. Moving data</h2>
 
+        <p>Temp partition with 20M-50M;</dd>
+
+        <pre>
+        (parted) mkpart primary ext4 4000MiB 4050MiB
+        </pre>
+
+        <p>Ports partition with 120G allows to host sources, package
+        backups and ports;</dd>
+
+        <pre>
+        (parted) mkpart primary ext4 192000MiB 312000MiB
+        </pre>
+
+
         <p>Reboot into single-user mode where services aren't started and networking is offline.<p>
 
         <pre>
@@ -52,8 +66,14 @@
         <p>Edit the <a href="../conf/etc/fstab">/etc/fstab</a>file:</p>
 
         <pre>
+        # Temporary Data /tmp
+        UUID=50bf6e55-6461-4dd4-b315-65b53cac0995 /tmp            ext4    defaults,nodev,nosuid,noexec	0	0
+
         # Server Data /srv
         UUID=6fadcb98-e442-4af7-a5f2-1ddb6100a8c4 /srv            ext4    defaults        0       2
+
+        # Ports Data /usr/ports
+        UUID=d1df6743-d3cb-4d5a-badb-96cef3181095 /usr/ports       ext4    defaults,nodev,nosuid,noexec	0       0
         </pre>
 
         <p>Reboot in normal mode.</p>
diff --git a/tools/tcpdump.html b/tools/tcpdump.html
index ef15b59..8c9932a 100644
--- a/tools/tcpdump.html
+++ b/tools/tcpdump.html
@@ -8,6 +8,10 @@
         <h1>TCPDump</h1>
 
         <pre>
+        iftop
+        </pre>
+
+        <pre>
         tcpdump -vvv -s 0 -l -n port 53
         </pre>
 
diff --git a/tools/vim.html b/tools/vim.html
index d483e29..528c777 100644
--- a/tools/vim.html
+++ b/tools/vim.html
@@ -53,10 +53,21 @@
 
         <p>Vertical split;</p>
         <pre>
-        :sp
+        :vsp
+        </pre>
+
+        <p>Change horizontal to vertical</p>
+        <pre>
+        ctrl+w H
+        </pre>
+
+        <p>Change vertical to horizontal</p>
+        <pre>
+        ctrl+w J
         </pre>
 
         <p>Move between window splits;</p>
+
         <pre>
         ctrl+w (k,j,l,h)
         </pre>
@@ -97,7 +108,6 @@
         selection or object. For example to delete the next
         two words press: d + 2 + w. List of important operators objects,
         selections;</p>
-        <pre>
 
         <pre>
         operator + count + object
diff --git a/tools/x.html b/tools/x.html
index 214c8fc..3c6aff7 100644
--- a/tools/x.html
+++ b/tools/x.html
@@ -1,146 +1,175 @@
-<html>
-	<p>Add <a href="https://crux.nu/portdb/?a=getup&q=6c37">6c37</a>
-	port collection and activate on /etc/prt-get.conf above xorg.</p>
-
-<pre>
-$ sudo prt-get depinst xorg-server
-$ sudo prt-get depinst xorg-xinit
-$ sudo prt-get depinst xkeyboard-config
-$ sudo prt-get depinst xorg-xf86-input-evdev
-$ sudo prt-get depinst xorg-font-dejavu-ttf
-$ sudo prt-get depinst xorg-xrdb
-$ sudo prt-get depinst xorg-xmodmap
-$ sudo prt-get depinst xorg-xrandr
-$ sudo prt-get depinst xorg-xgamma
-$ sudo prt-get depinst xorg-xf86-input-synaptics
-$ sudo prt-get depinst xsel
-<pre>
-
-<pre>
-$ sudo prt-get depinst dwm
-$ sudo prt-get depinst dmenu
-$ sudo prt-get depinst st
-</pre>
-
-<p>/usr/etc/X11/xinit/xinitrc</p>
-
-<pre>
-#!/bin/sh
-
-userresources=$HOME/.Xresources
-usermodmap=$HOME/.Xmodmap
-sysresources=/usr/etc/X11/xinit/.Xresources
-sysmodmap=/usr/etc/X11/xinit/.Xmodmap
-
-# merge in defaults and keymaps
-
-if [ -f $sysresources ]; then
-    xrdb -merge $sysresources
-
-fi
-
-if [ -f $sysmodmap ]; then
-    xmodmap $sysmodmap
-fi
-
-if [ -f "$userresources" ]; then
-    xrdb -merge "$userresources"
-
-fi
-
-if [ -f "$usermodmap" ]; then
-    xmodmap "$usermodmap"
-fi
-
-# start some nice programs
-
-if [ -d /usr/etc/X11/xinit/xinitrc.d ] ; then
- for f in /usr/etc/X11/xinit/xinitrc.d/?*.sh ; do
-  [ -x "$f" ] && . "$f"
- done
- unset f
-fi
-
-#twm &
-#xclock -geometry 50x50-1+1 &
-#xterm -geometry 80x50+494+51 &
-#xterm -geometry 80x20+494-0 &
-#exec xterm -geometry 80x66+0+0 -name login
-
-#xrandr --output eDP1 --mode 1024x768
-xrandr --dpi 100
-xgamma -gamma 0.8
-syndaemon -d
-
-# Start the window manager
-exec dwm
-</pre>
-
-<p>/etc/X11/xorg.conf.d/10-keyboard.conf</p>
-
-<pre>
-     Section "InputClass"
-         Identifier             "Keyboard Defaults"
-         MatchIsKeyboard       "yes"
-         Option               "XkbLayout" "dvorak"
-     EndSection
-</pre>
-
-<p>/etc/X11/xorg.conf.d/50-synaptics.conf</p>
-
-<pre>
-# Example xorg.conf.d snippet that assigns the touchpad driver
-# to all touchpads. See xorg.conf.d(5) for more information on
-# InputClass.
-# DO NOT EDIT THIS FILE, your distribution will likely overwrite
-# it when updating. Copy (and rename) this file into
-# /etc/X11/xorg.conf.d first.
-# Additional options may be added in the form of
-#   Option "OptionName" "value"
-#
-Section "InputClass"
-        Identifier "touchpad catchall"
-        Driver "synaptics"
-        MatchIsTouchpad "on"
-# This option is recommend on all Linux systems using evdev, but cannot be
-# enabled by default. See the following link for details:
-# http://who-t.blogspot.com/2010/11/how-to-ignore-configuration-errors.html
-#       MatchDevicePath "/dev/input/event*"
-	Option "TapButton1" "1"
-	Option "TapButton2" "3"
-	Option "TapButton3" "2"
-        Option "VertEdgeScroll" "on"
-        Option "VertTwoFingerScroll" "on"
-        Option "HorizEdgeScroll" "on"
-        Option "HorizTwoFingerScroll" "on"
-EndSection
-
-Section "InputClass"
-        Identifier "touchpad ignore duplicates"
-        MatchIsTouchpad "on"
-        MatchOS "Linux"
-        MatchDevicePath "/dev/input/mouse*"
-        Option "Ignore" "on"
-EndSection
-
-# This option enables the bottom right corner to be a right button on clickpads
-# and the right and middle top areas to be right / middle buttons on clickpads
-# with a top button area.
-# This option is only interpreted by clickpads.
-Section "InputClass"
-        Identifier "Default clickpad buttons"
-        MatchDriver "synaptics"
-        Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0"
-        Option "SecondarySoftButtonAreas" "58% 0 0 15% 42% 58% 0 15%"
-EndSection
-
-# This option disables software buttons on Apple touchpads.
-# This option is only interpreted by clickpads.
-Section "InputClass"
-        Identifier "Disable clickpad buttons on Apple touchpads"
-        MatchProduct "Apple|bcm5974"
-        MatchDriver "synaptics"
-        Option "SoftButtonAreas" "0 0 0 0 0 0 0 0"
-EndSection
-</pre>
-
+<!DOCTYPE html>
+<html dir="ltr" lang="en">
+    <head>
+        <meta charset='utf-8'>
+        <title>X</title>
+    </head>
+    <body>
+
+        <a href="index.html">Tools Index</a>
+
+        <h1>X</h1>
+
+
+        <h2>Install</h2>
+
+        <p>Add <a href="https://crux.nu/portdb/?a=getup&q=6c37">6c37</a>
+        port collection and activate on /etc/prt-get.conf above xorg.</p>
+
+        <pre>
+        $ sudo prt-get depinst xorg-server
+        $ sudo prt-get depinst xorg-xinit
+        $ sudo prt-get depinst xkeyboard-config
+        $ sudo prt-get depinst xorg-xf86-input-evdev
+        $ sudo prt-get depinst xorg-font-dejavu-ttf
+        $ sudo prt-get depinst xorg-xrdb
+        $ sudo prt-get depinst xorg-xmodmap
+        $ sudo prt-get depinst xorg-xrandr
+        $ sudo prt-get depinst xorg-xgamma
+        $ sudo prt-get depinst xorg-xf86-input-synaptics
+        $ sudo prt-get depinst xsel
+        </pre>
+
+        <pre>
+        $ sudo prt-get depinst dwm
+        $ sudo prt-get depinst dmenu
+        $ sudo prt-get depinst st
+        </pre>
+
+        <h2>Configure</h2>
+
+        <p>/usr/etc/X11/xinit/xinitrc</p>
+
+        <pre>
+        #!/bin/sh
+
+        userresources=$HOME/.Xresources
+        usermodmap=$HOME/.Xmodmap
+        sysresources=/usr/etc/X11/xinit/.Xresources
+        sysmodmap=/usr/etc/X11/xinit/.Xmodmap
+
+        # merge in defaults and keymaps
+
+        if [ -f $sysresources ]; then
+            xrdb -merge $sysresources
+
+        fi
+
+        if [ -f $sysmodmap ]; then
+            xmodmap $sysmodmap
+        fi
+
+        if [ -f "$userresources" ]; then
+            xrdb -merge "$userresources"
+
+        fi
+
+        if [ -f "$usermodmap" ]; then
+            xmodmap "$usermodmap"
+        fi
+
+        # start some nice programs
+
+        if [ -d /usr/etc/X11/xinit/xinitrc.d ] ; then
+         for f in /usr/etc/X11/xinit/xinitrc.d/?*.sh ; do
+          [ -x "$f" ] && . "$f"
+         done
+         unset f
+        fi
+        </pre>
+
+        <p>/etc/X11/xorg.conf.d/10-keyboard.conf</p>
+
+        <pre>
+         Section "InputClass"
+             Identifier             "Keyboard Defaults"
+             MatchIsKeyboard       "yes"
+             Option               "XkbLayout" "dvorak"
+         EndSection
+        </pre>
+
+        <p>/etc/X11/xorg.conf.d/50-synaptics.conf</p>
+
+        <pre>
+        # Example xorg.conf.d snippet that assigns the touchpad driver
+        # to all touchpads. See xorg.conf.d(5) for more information on
+        # InputClass.
+        # DO NOT EDIT THIS FILE, your distribution will likely overwrite
+        # it when updating. Copy (and rename) this file into
+        # /etc/X11/xorg.conf.d first.
+        # Additional options may be added in the form of
+        #   Option "OptionName" "value"
+        #
+        Section "InputClass"
+                Identifier "touchpad catchall"
+                Driver "synaptics"
+                MatchIsTouchpad "on"
+        # This option is recommend on all Linux systems using evdev, but cannot be
+        # enabled by default. See the following link for details:
+        # http://who-t.blogspot.com/2010/11/how-to-ignore-configuration-errors.html
+        #       MatchDevicePath "/dev/input/event*"
+                Option "TapButton1" "1"
+                Option "TapButton2" "3"
+                Option "TapButton3" "2"
+                Option "VertEdgeScroll" "on"
+                Option "VertTwoFingerScroll" "on"
+                Option "HorizEdgeScroll" "on"
+                Option "HorizTwoFingerScroll" "on"
+        EndSection
+
+        Section "InputClass"
+                Identifier "touchpad ignore duplicates"
+                MatchIsTouchpad "on"
+                MatchOS "Linux"
+                MatchDevicePath "/dev/input/mouse*"
+                Option "Ignore" "on"
+        EndSection
+
+        # This option enables the bottom right corner to be a right button on clickpads
+        # and the right and middle top areas to be right / middle buttons on clickpads
+        # with a top button area.
+        # This option is only interpreted by clickpads.
+        Section "InputClass"
+                Identifier "Default clickpad buttons"
+                MatchDriver "synaptics"
+                Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0"
+                Option "SecondarySoftButtonAreas" "58% 0 0 15% 42% 58% 0 15%"
+        EndSection
+
+        # This option disables software buttons on Apple touchpads.
+        # This option is only interpreted by clickpads.
+        Section "InputClass"
+                Identifier "Disable clickpad buttons on Apple touchpads"
+                MatchProduct "Apple|bcm5974"
+                MatchDriver "synaptics"
+                Option "SoftButtonAreas" "0 0 0 0 0 0 0 0"
+        EndSection
+        </pre>
+
+        <p>Example of ~/.xinitrc;</p>
+
+        <pre>
+        #twm &
+        #xclock -geometry 50x50-1+1 &
+        #xterm -geometry 80x50+494+51 &
+        #xterm -geometry 80x20+494-0 &
+        #exec xterm -geometry 80x66+0+0 -name login
+
+        #xrandr --output eDP1 --mode 1024x768
+        xrandr --dpi 100
+        xgamma -gamma 0.8
+        syndaemon -d
+
+        # Start the window manager
+        exec dwm
+        </pre>
+
+        <a href="index.html">Tools Index</a>
+
+        <p>
+        This is part of the c9-doc Manual.
+        Copyright (C) 2016
+        c9 team.
+        See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
+    </body>
+</html>