First pass at fixing links and some formatting.

14 files changed, 332 insertions, 350 deletions

diff --git a/Archived-Feed.md b/Archived-Feed.md
index 31ec0d1..7e2828f 100644
--- a/Archived-Feed.md
+++ b/Archived-Feed.md
@@ -1,10 +1,9 @@
-# Archived Feed

-

-Archived is the place for articles for which originating feed no longer exists.

-It's either Starred articles from unsubscribed feeds or [externally shared

-data](ShareAnything.md).

-

-!!! notice

-

-    Articles in Archived feed are not expired automatically, you can delete them manually

-    using `Select...` → `Delete permanently` in the main toolbar.

+# Archived Feed
+
+Archived is the place for articles for which originating feed no longer exists.
+It's either Starred articles from unsubscribed feeds or [externally shared data](Share-Anything).
+
+!!! notice
+
+    Articles in Archived feed are not expired automatically, you can delete them manually
+    using `Select...` → `Delete permanently` in the main toolbar.
diff --git a/Content-Filters.md b/Content-Filters.md
index c9708ce..74a6aaa 100644
--- a/Content-Filters.md
+++ b/Content-Filters.md
@@ -61,7 +61,7 @@ actually delete anything from the database
 3. ``Set starred`` - sets article starred automatically on import
 4. ``Assign tags`` - assigns a comma-separated list of custom tags on import
 5. ``Publish article`` - sets article published automatically on import
-6. ``Modify score`` ([Scoring](Scoring.md)) - modifies article overall score based on
+6. ``Modify score`` ([[Scoring]]) - modifies article overall score based on
 the parameter, a signed integer number. Final article score is calculated after all filters had been applied and is a sum of all matched scoring actions.
 7. ``Assign label`` - assigns specified label to the article on import
 8. ``Stop / Do nothing`` - stops further filter processing for this article, no following filters will be checked nor rules applied.
diff --git a/Encryption.md b/Encryption.md
index 7f77138..dfaa48a 100644
--- a/Encryption.md
+++ b/Encryption.md
@@ -2,7 +2,7 @@
 
 Transparent at rest encryption is optionally supported for sensitive data stored in the database, currently limited to stored session data and passwords for feeds with authentication enabled.
 
-To enable, [global configuration](GlobalConfig.md) option `TTRSS_ENCRYPTION_KEY` should be set to a 32-byte hex string of random bytes, which may be generated using CLI like this:
+To enable, [global configuration](Global-Config) option `TTRSS_ENCRYPTION_KEY` should be set to a 32-byte hex string of random bytes, which may be generated using CLI like this:
 
 ```sh
 php ./update.php --gen-encryption-key
diff --git a/FAQ.md b/FAQ.md
index 7e29bb4..8691a25 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -7,7 +7,7 @@ hide:
 
 !!! notice
 
-    [Docker-related stuff has a separate FAQ page](wiki/InstallationNotes.md#faq)
+    [Docker-related stuff has a separate FAQ page](Installation-Notes#faq)
 
 ### I want to check how tt-rss renders my feed / the feed I'm trying to use is parsed incorrectly
 
@@ -37,7 +37,7 @@ This sets your password back to default (``password``) and disables OTP.
 
 ### I have HTTP authentication enabled and get “Your access level is insufficient to run this script” error on login
 
-The problem is that if you have `auth_remote` enabled in [PLUGINS](wiki/GlobalConfig.md) tt-rss tries to automatically log you in as the user specified by the server using HTTP authentication, which may not have administrative privileges.
+The problem is that if you have `auth_remote` enabled in [PLUGINS](Global-Config) tt-rss tries to automatically log you in as the user specified by the server using HTTP authentication, which may not have administrative privileges.
 
 The easiest way is simply updating database using CLI (`php ./update.php --update-schema`). Docker setup does this on startup.
 
@@ -108,7 +108,7 @@ Related question:
 
 Because the articles are still in the feed XML and get pulled in (again) on next feed update.
 
-See also: [ArchivedFeed](wiki/ArchivedFeed.md)
+See also: [[Archived Feed]]
 
 ### I have used update daemon before, but switched away from it. However, the UI keeps nagging me about the daemon not running or not updating feeds or whatever.
 
diff --git a/Generated-Feeds.md b/Generated-Feeds.md
index cd9fac2..e0afbfb 100644
--- a/Generated-Feeds.md
+++ b/Generated-Feeds.md
@@ -1,83 +1,83 @@
-# Generated Feeds

-

-You can generate a feed (in Atom or JSON format) for almost anything displayed

-in headlines buffer (e.g. actual feeds, Labels, Categories, etc.) by clicking

-this icon:

-

-![](../images/gen_feed_icon.png)

-

-!!! warning

-

-    Subscribing to your own feed of search results is going to produce

-    duplicate articles on each and every feed update.

-

-## Data protection

-

-Feed URLs are protected using random unique keys which are specific to each

-generated feed. Key can be regenerated at any time, invalidating previous URL.

-

-![](../images/gen_feed_dialog.png)

-

-You can clear all generated feeds in Preferences (`Feeds` → `Published &

-shared articles`).

-

-## Anatomy of a generated feed URL

-

-```

-http://example.com/tt-rss/public.php?op=rss&id=61&is_cat=1&view-mode=adaptive&key=...

-```

-

--   ``id`` (integer) - requested feed ID

--   ``is_cat`` (boolean) - whether the feed is a category

--   ``view-mode`` (string) - see below

--   ``key`` (string) - automatically generated access key, specific to feed id

-

-### Optional parameters:

-

--   ``login``, ``pass`` - see above

--   ``format`` - since version:1.6.0 specifies output format, possible values: ``atom``, ``json``

--   ``limit`` - amount of articles to output, default: 30

--   ``offset`` - start output while skipping this amount of articles, default: 0

--   ``order`` - override default headlines order

--   ``ts`` - output articles newer than timestamp in [strtotime](http://www.php.net/manual/en/function.strtotime.php)

-    accepted format (since version:1.12) i.e. stuff like <code>ts=1%20month%20ago</code>

-

-### Special feed IDs:

-

--   ``-1`` - Starred articles

--   ``-2`` - Published articles

--   ``-3`` - Fresh articles

--   ``-4`` - All articles

--   ``0`` - Archived articles

-

-Feed ID values less than `-10` are considered Labels.

-

-### Special category IDs (is\_cat=1):

-

--  ``0`` - Uncategorized

-- ``-1`` - Special category (includes Starred, Published, etc.)

-- ``-2`` - Labels category (includes your labels)

-

-### View mode values:

-

-Note: It’s probably not a very good idea to use Adaptive view mode for

-generated feeds.

-

--   <code>adaptive</code> - shows unread articles only when they are

-    unread articles, shows everything otherwise

--   <code>marked</code> (this means starred), <code>has\_note</code>,

-    <code>published</code>, <code>unread</code>,

-    <code>unread\_first</code> - should be self explanatory

-

-Actual output may differ between modes for several special feeds for

-usability reasons, e.g. recently read feed ignores <code>unread</code>

-specifier because unread articles are never part of the feed).

-

-### Order values:

-

--   ``default`` - depends on the feed: either import batch date or (for published and starred feeds) ``last_published`` and ``last_marked``

--   ``title`` - sort by title

--   ``date_reverse`` - reverse sort by batch date

--   ``feed_dates`` - sort by feed-provided article dates

-

-See also: [PublishArticles](PublishArticles.md)

+# Generated Feeds
+
+You can generate a feed (in Atom or JSON format) for almost anything displayed
+in headlines buffer (e.g. actual feeds, Labels, Categories, etc.) by clicking
+this icon:
+
+![](../images/gen_feed_icon.png)
+
+!!! warning
+
+    Subscribing to your own feed of search results is going to produce
+    duplicate articles on each and every feed update.
+
+## Data protection
+
+Feed URLs are protected using random unique keys which are specific to each
+generated feed. Key can be regenerated at any time, invalidating previous URL.
+
+![](../images/gen_feed_dialog.png)
+
+You can clear all generated feeds in Preferences (`Feeds` &rarr; `Published &
+shared articles`).
+
+## Anatomy of a generated feed URL
+
+```
+http://example.com/tt-rss/public.php?op=rss&id=61&is_cat=1&view-mode=adaptive&key=...
+```
+
+-   ``id`` (integer) - requested feed ID
+-   ``is_cat`` (boolean) - whether the feed is a category
+-   ``view-mode`` (string) - see below
+-   ``key`` (string) - automatically generated access key, specific to feed id
+
+### Optional parameters:
+
+-   ``login``, ``pass`` - see above
+-   ``format`` - since version:1.6.0 specifies output format, possible values: ``atom``, ``json``
+-   ``limit`` - amount of articles to output, default: 30
+-   ``offset`` - start output while skipping this amount of articles, default: 0
+-   ``order`` - override default headlines order
+-   ``ts`` - output articles newer than timestamp in [strtotime](http://www.php.net/manual/en/function.strtotime.php)
+    accepted format (since version:1.12) i.e. stuff like <code>ts=1%20month%20ago</code>
+
+### Special feed IDs:
+
+-   ``-1`` - Starred articles
+-   ``-2`` - Published articles
+-   ``-3`` - Fresh articles
+-   ``-4`` - All articles
+-   ``0`` - Archived articles
+
+Feed ID values less than `-10` are considered Labels.
+
+### Special category IDs (is\_cat=1):
+
+-  ``0`` - Uncategorized
+- ``-1`` - Special category (includes Starred, Published, etc.)
+- ``-2`` - Labels category (includes your labels)
+
+### View mode values:
+
+Note: It’s probably not a very good idea to use Adaptive view mode for
+generated feeds.
+
+-   <code>adaptive</code> - shows unread articles only when they are
+    unread articles, shows everything otherwise
+-   <code>marked</code> (this means starred), <code>has\_note</code>,
+    <code>published</code>, <code>unread</code>,
+    <code>unread\_first</code> - should be self explanatory
+
+Actual output may differ between modes for several special feeds for
+usability reasons, e.g. recently read feed ignores <code>unread</code>
+specifier because unread articles are never part of the feed).
+
+### Order values:
+
+-   ``default`` - depends on the feed: either import batch date or (for published and starred feeds) ``last_published`` and ``last_marked``
+-   ``title`` - sort by title
+-   ``date_reverse`` - reverse sort by batch date
+-   ``feed_dates`` - sort by feed-provided article dates
+
+See also: [[Publish Articles]]
diff --git a/Home.md b/Home.md
index e7dc737..7ba26b9 100644
--- a/Home.md
+++ b/Home.md
@@ -1,66 +1,56 @@
----
-hide:
-  - navigation
-  - toc
----
-
-<style>
-  .md-typeset h1,
-  .md-content__button {
-    display: none;
-  }
-</style>
-
 Tiny Tiny RSS is a free and open source web-based news feed (RSS/Atom) reader and aggregator.
 
 ## Screenshots
 
-![](images/tt-rss/25.05/Screenshot_2025-05-10_at_09.22.19.webp){ width="350", align=left }
-![](images/tt-rss/25.05/Screenshot_2025-05-10_at_09.21.21.webp){ width="350", align=left }
-![](images/tt-rss/25.05/Screenshot_2025-05-10_at_09.22.50.webp){ width="350" }
+<img src="images/tt-rss/25.05/Screenshot_2025-05-10_at_09.22.19.webp" width="350" style="float: left">
+<img src="images/tt-rss/25.05/Screenshot_2025-05-10_at_09.21.21.webp" width="350" style="float: left">
+<img src="images/tt-rss/25.05/Screenshot_2025-05-10_at_09.22.50.webp" width="350">
 
 ## Features
 
--   Free software, licensed under [GNU GPLv3](http://www.gnu.org/copyleft/gpl.html);
--   Self-hosted: control your own data and protect your privacy instead of relying on third party services;
--   Supports:
-    -   organizing feeds by folders (and subfolders),
-    -   [feed aggregation / syndication](wiki/GeneratedFeeds.md),
-    -   keyboard shortcuts,
-    -   OPML import/export,
-    -   multiple ways to share stuff: export RSS feeds, plugins for various social sites, sharing by URL, etc,
-    -   [sharing arbitrary content through tt-rss](wiki/ShareAnything.md),
-    -   [Plugins](Plugins.md) and [themes](Themes.md),
-    -   embedding full article content via readability and site-specific plugins,
-    -   deduplication, including [perceptual hashing](https://github.com/supahgreg/tt-rss-plugin-perceptual-image-hash) for images,
-    -   podcasts,
-    -   [flexible article filtering](wiki/ContentFilters.md),
-    -   [JSON API](ApiReference.md),
-    -   and much more…
--   [Android client](AndroidClient.md);
+- Free software, licensed under [GNU GPLv3](http://www.gnu.org/copyleft/gpl.html)
+- Self-hosted: control your own data and protect your privacy instead of relying on third party services
+- Supports:
+  - organizing feeds by folders (and subfolders)
+  - [feed aggregation / syndication](Generated-Feeds)
+  - keyboard shortcuts
+  - OPML import/export
+  - multiple ways to share stuff: export RSS feeds, plugins for various social sites, sharing by URL, etc.
+  - [sharing arbitrary content through tt-rss](Share-Anything)
+  - [Plugins](Plugins) and [themes](Themes)
+  - embedding full article content via readability and site-specific plugins
+  - deduplication, including [perceptual hashing](https://github.com/supahgreg/tt-rss-plugin-perceptual-image-hash) for images
+  - podcasts
+  - [flexible article filtering](Content-Filters)
+  - [JSON API](Api-Reference)
+  - and much more…
+- ~~[[Android Client]]~~
 
 ## Development
 
-* https://github.com/supahgreg/tt-rss
+See https://github.com/supahgreg/tt-rss .
 
 ## Get in touch
 
-Join https://github.com/supahgreg/tt-rss/discussions if you have questions or need to report a bug.
+* Go to https://github.com/supahgreg/tt-rss/discussions if you have questions or want to discuss something.
+* Go to https://github.com/supahgreg/tt-rss/issues if you want to report an issue, request an enhancement/feature, etc.
 
 ## Contribute
 
-<!-- * Help translate tt-rss into your own language using [Weblate](https://hosted.weblate.org/engage/tt-rss/); -->
-* [Code contribution guidelines](https://github.com/supahgreg/tt-rss/blob/main/CONTRIBUTING.md);
+Contributions (code, translations, reporting issues, etc.) are welcome.
+
+* (not quite ready for this post-`tt-rss.org`) ~~Help translate tt-rss into your own language using [Weblate](https://hosted.weblate.org/engage/tt-rss/)~~
+* [Code contribution guidelines](https://github.com/supahgreg/tt-rss/blob/main/CONTRIBUTING.md)
 
 ## Installation
 
 You will need the following:
 
-* A modern web browser. This generally means recent Chrome or compatible;
+* A modern web browser. This generally means a recent version of Chrome/Chromium or Firefox;
 * A server (VDS or physical) running Docker;
 
-### [Docker installation guide](wiki/InstallationNotes.md)
+### [Docker installation guide](Installation-Notes)
 
-Tiny Tiny RSS uses continuous development model based on a `main` branch, which is considered stable. If possible, you should always be running latest main branch code.
+Tiny Tiny RSS uses a continuous development model based on the `main` branch, which is considered stable. If possible, you should always be running the latest `main` branch code.
 
 There’s no warranty. If it breaks you get to keep both parts.
diff --git a/Installation-Notes.md b/Installation-Notes.md
index 65d54f5..1695164 100644
--- a/Installation-Notes.md
+++ b/Installation-Notes.md
@@ -75,7 +75,7 @@ version: '3'
 services:
 
   # see FAQ entry below if upgrading from a different PostgreSQL major version (e.g. 12 to 15):
-  # https://github.com/supahgreg/tt-rss-web-static/blob/main/docs/wiki/InstallationNotes.md#i-got-the-updated-compose-file-above-and-now-my-database-keeps-restarting
+  # https://github.com/supahgreg/tt-rss/wiki/Installation-Notes#i-got-the-updated-compose-file-above-and-now-my-database-keeps-restarting
   db:
     image: postgres:15-alpine
     restart: unless-stopped
@@ -217,7 +217,7 @@ TTRSS_SELF_URL_PATH=http://example.com/tt-rss
 
 Don't use quotes around values. Note the prefix (`TTRSS_`) before the value.
 
-Look [here](https://github.com/supahgreg/tt-rss-web-static/blob/main/docs/wiki/GlobalConfig.md) for more information.
+Look [here](https://github.com/supahgreg/tt-rss/wiki/Global-Config) for more information.
 
 #### Container options
 
diff --git a/Making-Plugins.md b/Making-Plugins.md
index e230191..ad42e71 100644
--- a/Making-Plugins.md
+++ b/Making-Plugins.md
@@ -1,35 +1,35 @@
-# Making Plugins

-

-Plugins may render new preference panes or embed themselves into several

-existing one, store data using simple key -\> value data or directly in

-the database, modify how articles are rendered, alter feed data, and

-much more.

-

-You can use sample plugins bundled with tt-rss and [other

-plugins](../Plugins.md) as a starting point. Ask on the forums if you need help

-with anything specific.

-

-Some useful information may be found here:

-

-- https://github.com/supahgreg/tt-rss/blob/main/classes/PluginHost.php

-- https://github.com/supahgreg/tt-rss/blob/main/classes/Plugin.php

-

-Frontend (JS) uses different hooks, which are defined in [PluginHost.js](https://github.com/supahgreg/tt-rss/blob/main/js/PluginHost.js)

-

-## Localization support

-

-See ``time_to_read`` plugin for a complete example [here](https://github.com/supahgreg/tt-rss-plugin-time-to-read)

-

-### Implementation

-

-- Plugin translations are placed in a separate Gettext domain (name equals lowercase plugin class).

-- Translation (.po) file in ``(plugin dir)/locale/(LANG)/LC_MESSAGES/`` name should correspond to Gettext domain name.

-

-### Using gettext

-

-- On the PHP side, either use helper methods defined in ``classes/plugin.php``

-  (base class for all plugins) or call ``_dgettext`` group of functions

-  directly.

-- On the Javascript side, all translations are merged so you can use the usual

-  ``__()`` shortcut function.

-

+# Making Plugins
+
+Plugins may render new preference panes or embed themselves into several
+existing one, store data using simple key -\> value data or directly in
+the database, modify how articles are rendered, alter feed data, and
+much more.
+
+You can use sample plugins bundled with tt-rss and [other
+plugins](Plugins) as a starting point. Ask on the forums if you need help
+with anything specific.
+
+Some useful information may be found here:
+
+- https://github.com/supahgreg/tt-rss/blob/main/classes/PluginHost.php
+- https://github.com/supahgreg/tt-rss/blob/main/classes/Plugin.php
+
+Frontend (JS) uses different hooks, which are defined in [PluginHost.js](https://github.com/supahgreg/tt-rss/blob/main/js/PluginHost.js)
+
+## Localization support
+
+See ``time_to_read`` plugin for a complete example [here](https://github.com/supahgreg/tt-rss-plugin-time-to-read)
+
+### Implementation
+
+- Plugin translations are placed in a separate Gettext domain (name equals lowercase plugin class).
+- Translation (.po) file in ``(plugin dir)/locale/(LANG)/LC_MESSAGES/`` name should correspond to Gettext domain name.
+
+### Using gettext
+
+- On the PHP side, either use helper methods defined in ``classes/plugin.php``
+  (base class for all plugins) or call ``_dgettext`` group of functions
+  directly.
+- On the Javascript side, all translations are merged so you can use the usual
+  ``__()`` shortcut function.
+
diff --git a/Plugins.md b/Plugins.md
index ed3de78..6e981b7 100644
--- a/Plugins.md
+++ b/Plugins.md
@@ -13,7 +13,7 @@ etc.
 
 There are two kinds of plugins: user and system. User plugins are enabled in
 `Preferences` &rarr; `Plugins`. System plugins require adding them to a [global
-configuration](wiki/GlobalConfig.md) directive <code>PLUGINS</code> which is a
+configuration](Global-Config) directive <code>PLUGINS</code> which is a
 comma-separated list of enabled system plugins, i.e.
 
 ```js
@@ -22,7 +22,7 @@ putenv('TTRSS_PLUGINS=auth_internal, other_plugin');
 
 System plugins are always enabled for all users. If multiple search plugins are loaded, only the first one is used
 
-If you are interested in making plugins, see [MakingPlugins](wiki/MakingPlugins.md),
+If you are interested in making plugins, see [Making-Plugins](Making-Plugins),
 https://github.com/topics/tt-rss-plugin , https://github.com/topics/ttrss-plugins , etc.
 
 ### Installing plugins
diff --git a/Publish-Articles.md b/Publish-Articles.md
index 120e9a9..1cb4a50 100644
--- a/Publish-Articles.md
+++ b/Publish-Articles.md
@@ -1,18 +1,18 @@
-# Published Articles

-

-You can publish selected articles to a special RSS feed, accessible to anyone

-who knows the special randomly-generated URL. This works independently of

-[GeneratedFeeds](GeneratedFeeds.md) which allows you to share entire feeds,

-categories, etc.

-

-You can mark articles as published by clicking [standard feed

-icon](http://feedicons.com/) near headline title:

-

-![](../images/publish_articles.png)

-

-Resulting URL is displayed in Preferences (`Feeds` &rarr; `Published & shared articles`).

-

-

-!!! notice

-

-    You can also publish articles automatically using filters (`Action` &rarr; `Publish article`).

+# Published Articles
+
+You can publish selected articles to a special RSS feed, accessible to anyone
+who knows the special randomly-generated URL. This works independently of
+[[Generated Feeds]] which allows you to share entire feeds,
+categories, etc.
+
+You can mark articles as published by clicking [standard feed
+icon](http://feedicons.com/) near headline title:
+
+![](../images/publish_articles.png)
+
+Resulting URL is displayed in Preferences (`Feeds` &rarr; `Published & shared articles`).
+
+
+!!! notice
+
+    You can also publish articles automatically using filters (`Action` &rarr; `Publish article`).
diff --git a/SSL-Certificate-Authentication.md b/SSL-Certificate-Authentication.md
index 1852f81..c12f5cc 100644
--- a/SSL-Certificate-Authentication.md
+++ b/SSL-Certificate-Authentication.md
@@ -1,93 +1,93 @@
-# SSL Certificate Authentication

-

-!!! warning

-

-    This guide is considered legacy and is no longer supported as it is not compatible with

-    [stock docker compose](InstallationNotes.md) setup. Please don't report any issues when

-    trying to DIY this.

-

-This article details the steps to enable user authentication with TT-RSS using a client certificate.

-

-## Prerequisites

-

-You **must** have a working TT-RSS installation with SSL. This guide is not intended to walk you through installing TT-RSS, nor is it intended to help you enable HTTPS on your web server.

-

-If you have no idea how certificates work (i.e. the terms x509 and PKI make no sense to you), stop now.

-

-This guide includes steps for Nginx. Of course other web servers (e.g. Apache) support client certificates so you're welcome to use them if you prefer, the steps just aren't included here (but might be added at some point).

-

-This guide was written with Debian 9 in mind, other distros will vary.

-

-## Getting Started

-

-Client certificates are typically created/issued by a private Certificate Authority (i.e. **you** as the administrator would create the certificates for your users). You create a root certificate authority and install the **public** certificate for it on your web server. You then create certificates for each client, signed by the root certificate authority's private key. Each client is issued their certificate and private key (often as a single file with a `.p12` extension).

-

-Note:

-

-1. These certificates are distinct from the ones used for encrypted/HTTPS connections on your server. Those are usually issued by public Certificate Authorities (e.g. Let's Encrypt).

-2. Do **not** do the certificate creation on your public, Internet-facing web server. This should be done on a computer that's offline and the certificate authority's private key should be kept in a safe place.

-

-## Server Setup

-

-Install your certificate authority public certificate on the server. The location doesn't really matter but this is how Debian does it:

-

-```sh

-sudo cp ttrss-ca.crt /usr/local/share/ca-certificates/

-sudo chown root:root /usr/local/share/ca-certificates/ttrss-ca.crt

-sudo chmod 644 /usr/local/share/ca-certificates/ttrss-ca.crt

-```

-

-(In Debian run the command `sudo update-ca-certificates` to rebuild the list of certificate authorities.)

-

-Edit your Nginx conf file for your TT-RSS installation to add the certificate and have Nginx validate clients with it.

-

-Note:

-

-1. The file path and extension to the certificate are different than above because Debian builds a consolidated list of certificate authorities provided by the vendor, user, etc.; this is why we ran the update-ca-certificates command above and your distro may vary its approach so be aware of that.

-2. We use `ssl_verify_client on;` which prevents access to the site unless a valid certificate is provided. If you want **both** password and certificate authentication, use `ssl_verify_client optional;` instead.

-3. In the php location we do not use `$ssl_client_v_start` and `$ssl_client_v_end` Nginx variables by default. These variables were added in Nginx version 1.11.7 and Debian 9 does not ship that version. It's included as a comment for future support.

-

-```nginx

-server {

-

-    ssl_client_certificate /etc/ssl/certs/ttrss-ca.pem

-    ssl_verify_client on;

-    # ssl_verify_client optional;

-

-    location ~ [^/]\.php(/|$) {

-

-        fastcgi_param  SSL_CLIENT_M_SERIAL  $ssl_client_serial;

-        fastcgi_param  SSL_CLIENT_S_DN      $ssl_client_s_dn;

-        # fastcgi_param  SSL_CLIENT_V_START   $ssl_client_v_start;

-        # fastcgi_param  SSL_CLIENT_V_END     $ssl_client_v_end;

-        fastcgi_param  SSL_CLIENT_V_START   0;

-        fastcgi_param  SSL_CLIENT_V_END     0;

-

-    }

-

-}

-```

-

-Now restart Nginx:

-

-```sh

-sudo systemctl restart nginx

-```

-

-Update the TT-RSS config file to add `auth_remote` to the `PLUGINS` constant (near the end of the file):

-

-```php

-define('PLUGINS', 'auth_internal, auth_remote, note');

-```

-

-You might be tempted to remove `auth_internal` but we still need it so don't.

-

-Next, make sure your client certificate (the `.p12` file) is installed on your computer. Different operating systems and browsers do this differently, so you're pretty much on your own there, but if you double-click the .p12 file from the desktop the operating system should offer to install it for you. Vendor-provided browsers (e.g. IE/Edge, Safari, etc.) will typically use certificates provided by the operating system. Third-party installed browsers (e.g. Firefox) often need to have the .p12 file added to them independent of the operating system.

-

-After successfully installing the client certificate, open a new browser window/tab and visit your TT-RSS install. You should immediately be asked to confirm or select the client certificate you want to use. Select the appropriate one. You may have to login with your username/password; this is expected.

-

-Go to Preferences and scroll to the bottom. Under *Login with an SSL certificate* the *Register* button should now be available. Click it, then *Save configuration*.

-

-At this point you should be able to test if this all works. Logout of your TT-RSS session, clear your browser cache and cookies, then open a new window/tab and visit your TT-RSS install. You may be asked to verify the client certificate (some browsers ask every session and others remember your choice). Once you select the certificate it should just log you without using the username/password form.

-

-Finally, if you're never going to use password authentication you could remove `auth_internal` plugin in `config.php`, just remember to add it back if you remove certificate support in the future otherwise you'll get the login form but will never be able to login. You'll also need to enable it if you have to change client certificates as there will be no other way of logging in.

+# SSL Certificate Authentication
+
+!!! warning
+
+    This guide is considered legacy and is no longer supported as it is not compatible with
+    [stock docker compose](Installation-Notes) setup. Please don't report any issues when
+    trying to DIY this.
+
+This article details the steps to enable user authentication with TT-RSS using a client certificate.
+
+## Prerequisites
+
+You **must** have a working TT-RSS installation with SSL. This guide is not intended to walk you through installing TT-RSS, nor is it intended to help you enable HTTPS on your web server.
+
+If you have no idea how certificates work (i.e. the terms x509 and PKI make no sense to you), stop now.
+
+This guide includes steps for Nginx. Of course other web servers (e.g. Apache) support client certificates so you're welcome to use them if you prefer, the steps just aren't included here (but might be added at some point).
+
+This guide was written with Debian 9 in mind, other distros will vary.
+
+## Getting Started
+
+Client certificates are typically created/issued by a private Certificate Authority (i.e. **you** as the administrator would create the certificates for your users). You create a root certificate authority and install the **public** certificate for it on your web server. You then create certificates for each client, signed by the root certificate authority's private key. Each client is issued their certificate and private key (often as a single file with a `.p12` extension).
+
+Note:
+
+1. These certificates are distinct from the ones used for encrypted/HTTPS connections on your server. Those are usually issued by public Certificate Authorities (e.g. Let's Encrypt).
+2. Do **not** do the certificate creation on your public, Internet-facing web server. This should be done on a computer that's offline and the certificate authority's private key should be kept in a safe place.
+
+## Server Setup
+
+Install your certificate authority public certificate on the server. The location doesn't really matter but this is how Debian does it:
+
+```sh
+sudo cp ttrss-ca.crt /usr/local/share/ca-certificates/
+sudo chown root:root /usr/local/share/ca-certificates/ttrss-ca.crt
+sudo chmod 644 /usr/local/share/ca-certificates/ttrss-ca.crt
+```
+
+(In Debian run the command `sudo update-ca-certificates` to rebuild the list of certificate authorities.)
+
+Edit your Nginx conf file for your TT-RSS installation to add the certificate and have Nginx validate clients with it.
+
+Note:
+
+1. The file path and extension to the certificate are different than above because Debian builds a consolidated list of certificate authorities provided by the vendor, user, etc.; this is why we ran the update-ca-certificates command above and your distro may vary its approach so be aware of that.
+2. We use `ssl_verify_client on;` which prevents access to the site unless a valid certificate is provided. If you want **both** password and certificate authentication, use `ssl_verify_client optional;` instead.
+3. In the php location we do not use `$ssl_client_v_start` and `$ssl_client_v_end` Nginx variables by default. These variables were added in Nginx version 1.11.7 and Debian 9 does not ship that version. It's included as a comment for future support.
+
+```nginx
+server {
+
+    ssl_client_certificate /etc/ssl/certs/ttrss-ca.pem
+    ssl_verify_client on;
+    # ssl_verify_client optional;
+
+    location ~ [^/]\.php(/|$) {
+
+        fastcgi_param  SSL_CLIENT_M_SERIAL  $ssl_client_serial;
+        fastcgi_param  SSL_CLIENT_S_DN      $ssl_client_s_dn;
+        # fastcgi_param  SSL_CLIENT_V_START   $ssl_client_v_start;
+        # fastcgi_param  SSL_CLIENT_V_END     $ssl_client_v_end;
+        fastcgi_param  SSL_CLIENT_V_START   0;
+        fastcgi_param  SSL_CLIENT_V_END     0;
+
+    }
+
+}
+```
+
+Now restart Nginx:
+
+```sh
+sudo systemctl restart nginx
+```
+
+Update the TT-RSS config file to add `auth_remote` to the `PLUGINS` constant (near the end of the file):
+
+```php
+define('PLUGINS', 'auth_internal, auth_remote, note');
+```
+
+You might be tempted to remove `auth_internal` but we still need it so don't.
+
+Next, make sure your client certificate (the `.p12` file) is installed on your computer. Different operating systems and browsers do this differently, so you're pretty much on your own there, but if you double-click the .p12 file from the desktop the operating system should offer to install it for you. Vendor-provided browsers (e.g. IE/Edge, Safari, etc.) will typically use certificates provided by the operating system. Third-party installed browsers (e.g. Firefox) often need to have the .p12 file added to them independent of the operating system.
+
+After successfully installing the client certificate, open a new browser window/tab and visit your TT-RSS install. You should immediately be asked to confirm or select the client certificate you want to use. Select the appropriate one. You may have to login with your username/password; this is expected.
+
+Go to Preferences and scroll to the bottom. Under *Login with an SSL certificate* the *Register* button should now be available. Click it, then *Save configuration*.
+
+At this point you should be able to test if this all works. Logout of your TT-RSS session, clear your browser cache and cookies, then open a new window/tab and visit your TT-RSS install. You may be asked to verify the client certificate (some browsers ask every session and others remember your choice). Once you select the certificate it should just log you without using the username/password form.
+
+Finally, if you're never going to use password authentication you could remove `auth_internal` plugin in `config.php`, just remember to add it back if you remove certificate support in the future otherwise you'll get the login form but will never be able to login. You'll also need to enable it if you have to change client certificates as there will be no other way of logging in.
diff --git a/Share-Anything.md b/Share-Anything.md
index 23d4c18..f546e96 100644
--- a/Share-Anything.md
+++ b/Share-Anything.md
@@ -11,4 +11,4 @@ application.
 ![](../images/share_anything.png)

 

 Since they have no actual originating feed, shared articles are placed into

-[Archived articles](ArchivedFeed.md) feed and then set published.

+[Archived articles](Archived-Feed) feed and then set published.

diff --git a/Sorting.md b/Sorting.md
index 67d34d4..b107e82 100644
--- a/Sorting.md
+++ b/Sorting.md
@@ -1,54 +1,54 @@
-# Sorting

-

-Tiny Tiny RSS provides four options for how articles appear within a

-selected feed: `Default`, `Newest`, `Oldest`, `Title`.

-

-!!! notice

-

-    Special feeds (e.g. *Starred articles*) have unique sorting when *Default* is selected, otherwise they behave as described below.

-

-- *Descending score* means **higher numbers** are shown before lower numbers.

-- *Descending date/time* means **more recent** is shown before less recent.

-- *Ascending date/time* means **less recent** is shown before more recent.

-

-### Default

-

-This is the default (surprise!) and is recommended.

-

-1. Descending [score](Scoring.md).

-2. Descending date/time the article was added into the Tiny Tiny RSS database.

-3. Descending date/time the feed's site states the article was published or changed.

-

-### Newest

-

-1. Descending date/time the feed's site states the article was published or changed.

-

-### Oldest

-

-1. Ascending date/time the feed's site states the article was published or changed.

-

-### Title

-

-1. Alphabetically by the title of the article.

-2. Ascending date/time the article was added into the Tiny Tiny RSS database

-3. Ascending date/time the feed's site states the article was published or changed.

-

-## Special Feeds

-

-When *Default* is selected these special feeds behave as described below.

-

-### Starred articles

-

-1. Descending date/time when the article was starred.

-2. Descending date/time the article was added into the Tiny Tiny RSS database.

-3. Descending date/time the feed's site states the article was published or changed.

-

-### Published articles

-

-1. Descending date/time when the article was published.

-2. Descending date/time the article was added into the Tiny Tiny RSS database.

-3. Descending date/time the feed's site states the article was published or changed.

-

-### Recently read

-

-1. Descending date/time when the article was marked as read in Tiny Tiny RSS.

+# Sorting
+
+Tiny Tiny RSS provides four options for how articles appear within a
+selected feed: `Default`, `Newest`, `Oldest`, `Title`.
+
+!!! notice
+
+    Special feeds (e.g. *Starred articles*) have unique sorting when *Default* is selected, otherwise they behave as described below.
+
+- *Descending score* means **higher numbers** are shown before lower numbers.
+- *Descending date/time* means **more recent** is shown before less recent.
+- *Ascending date/time* means **less recent** is shown before more recent.
+
+### Default
+
+This is the default (surprise!) and is recommended.
+
+1. Descending [score](Scoring).
+2. Descending date/time the article was added into the Tiny Tiny RSS database.
+3. Descending date/time the feed's site states the article was published or changed.
+
+### Newest
+
+1. Descending date/time the feed's site states the article was published or changed.
+
+### Oldest
+
+1. Ascending date/time the feed's site states the article was published or changed.
+
+### Title
+
+1. Alphabetically by the title of the article.
+2. Ascending date/time the article was added into the Tiny Tiny RSS database
+3. Ascending date/time the feed's site states the article was published or changed.
+
+## Special Feeds
+
+When *Default* is selected these special feeds behave as described below.
+
+### Starred articles
+
+1. Descending date/time when the article was starred.
+2. Descending date/time the article was added into the Tiny Tiny RSS database.
+3. Descending date/time the feed's site states the article was published or changed.
+
+### Published articles
+
+1. Descending date/time when the article was published.
+2. Descending date/time the article was added into the Tiny Tiny RSS database.
+3. Descending date/time the feed's site states the article was published or changed.
+
+### Recently read
+
+1. Descending date/time when the article was marked as read in Tiny Tiny RSS.
diff --git a/ZeEpube.md b/ZeEpube.md
index 99d4eeb..5cb8b30 100644
--- a/ZeEpube.md
+++ b/ZeEpube.md
@@ -4,13 +4,6 @@ hide:
   - navigation
 ---
 
-<style>
-  .md-typeset h1,
-  .md-content__button {
-    display: none;
-  }
-</style>
-
 # The Epube
 
 Self-hosted web EPUB reader using [EPUB.js](https://github.com/futurepress/epub.js), Bootstrap, and [Calibre](https://calibre-ebook.com).