- Fixed issues raised by proselint.

content/ansible-example-role.rst

@@ -48,9 +48,9 @@ ansible-galaxy to install the git repo of the role and the dependencies as well.
 Testing
 -------
 
-First of all, I configured `pre-commit <http://pre-commit.com/>`_ hooks that
-check, among other things, the validity of the YAML files and the does a syntax
-check of the Ansible playbook.
+First, I configured `pre-commit <http://pre-commit.com/>`_ hooks that check,
+among other things, the validity of the YAML files and the does a syntax check
+of the Ansible playbook.
 
 As for Molecule, the configuration of the test environment is mainly under
 :code:`molecule.yml`. That is were you'd go to change the Vagrant box to test.
@@ -77,8 +77,8 @@ A word on CI
 
 Now you have all of the different pieces and workflow to run complete tests on
 roles the next obvious step is setting up a CI pipeline. In my tests and as I
-know the various CI services (I personally tried Travis-CI and CircleCI) disable
-the option to run any hypervisor. For me it's a deal breaker because I depend on
+know the various CI services (I tried Travis-CI and CircleCI) disable the
+option to run any hypervisor. For me it's a deal breaker because I depend on
 VirtualBox (I need to test on different OSes, not just Linux). If LXC serves
 your needs than you should be able to run Vagrant with the LXC provider and
 therefore Molecule. For me it's a deal breaker.

content/bundle_certs.rst

@@ -14,8 +14,8 @@ How I start new projects
 
 This little tool, along with `ssl-ca <https://www.shore.co.il/cgit/ssl-ca/>`_
 and `ssh-ca <https://www.shore.co.il/cgit/ssh-ca/>`_ have some commonality in
-how I use them and this seems like a good opportunity to share. First of all I
-keep my rc files (like :code:`.vimrc`) in the
+how I use them and this seems like a good opportunity to share. I keep my rc
+files (like :code:`.vimrc`) in the
 `rcfiles <https://www.shore.co.il/cgit/rcfiles/`>_ repo. However I don't install
 them as mentioned in the documentation. Instead I add them as Git sub modules
 and now I can be reasonably sure that when I clone the rcfiles repository, the

content/pages/about.rst

@@ -19,17 +19,17 @@ opensource software.
 Also, I'm a part-time freelancer so you can contact me at `nimrod@shore.co.il
 <mailto: nimrod@shore.co.il>`_ or at 052-8713696 (+972-52-871-3696 outside of Israel).
 
-Resume
+Résumé
 ------
 
-My resume is available online in the following formats:
+My résumé is available online in the following formats:
 
-    - `HTML (single file) <https://www.shore.co.il/resume>`_.
-    - `OpenDocument text <https://www.shore.co.il/resume/resume.odt>`_.
-    - `PDF <https://www.shore.co.il/resume/resume.pdf>`_.
-    - `Microsoft Word docx <https://www.shore.co.il/resume/resume.docx>`_.
+    - `HTML (single file) <https://www.shore.co.il/résumé>`_.
+    - `OpenDocument text <https://www.shore.co.il/résumé/résumé.odt>`_.
+    - `PDF <https://www.shore.co.il/résumé/résumé.pdf>`_.
+    - `Microsoft Word docx <https://www.shore.co.il/résumé/résumé.docx>`_.
 
-There's also a `repository <https://www.shore.co.il/cgit/resume/about>`_ that
+There's also a `repository <https://www.shore.co.il/cgit/résumé/about>`_ that
 contains the original reStructuredText version and publishing pipeline.
 
 Last thing, my public `GPG public key <{filename}/static/nimrod.asc>`_

content/resolver.rst

@@ -38,5 +38,5 @@ How does it work
 ----------------
 
 On launch, the container runs and uses its own DNS resolver (in this case NSD).
-This way the OS caching or upstream caching interferes with querying and every
-new container starts with a clean slate.
+This way the OS caching or upstream caching don't interferes with querying and
+every new container starts with an empty cache.

content/ssh_security.rst

@@ -13,13 +13,13 @@ functionality.
 Practices I avoid
 -----------------
 
-First of all, changing the listening port. The upside is that a high random port
-is scanned less often and the various script kiddies sometimes fails to notice
-it, thus reducing the noise in the logs. This however is no real security
-measure as any capable attacker will quickly spot the daemon listening on a
-different and all benefits will be lost. The downside is that by not using the
-default port you need to configure all clients accordingly. So, no substantial
-wins and minor loss. I pass on this idea.
+First, changing the listening port. The upside is that a high random port is
+scanned less often and the various script kiddies sometimes fails to notice it,
+thus reducing the noise in the logs. This however is no real security measure
+as any capable attacker will quickly spot the daemon listening on a different
+and all benefits will be lost. The downside is that by not using the default
+port you need to configure all clients accordingly. So, no substantial wins
+and minor loss. I pass on this idea.
 
 The second most common is allowing access only from the office IP or a few
 select IP addresses. The security benefit is high but the risk is also high. I

content/ssl.rst

@@ -12,7 +12,7 @@ You have a website and you want to encrypt the traffic going in and out of your
 Known attacks on SSL and TLS
 ----------------------------
 
-First of all, SSL 2.0 is insecure (it's even disabled by default in IE7) so we'll not be using it. Version roll back attacks allow a man in the middle to change the response from the client to force a lower grade (read the lowest grade possible) cipher suite.
+First, SSL 2.0 is insecure (it's even disabled by default in IE7) so we'll not be using it. Version roll back attacks allow a man in the middle to change the response from the client to force a lower grade (read the lowest grade possible) cipher suite.
 The BEAST attack exploits a weakness in CBC ciphers in TLS 1.0. But fixes all major browsers have been released for quite some time, so we're going to assume that the client is secure and CBC ciphers are safe to use (reasonable assumption, but still an assumption).
 CRIME and BREACH exploit a weakness in compression and RC4 is considered to be weak although not broken like DES or MD5.
 

content/why-no-blogging.rst

@@ -12,7 +12,7 @@ Instead of a lengthy blog post, I publish a git repo. The repo has a :code:`READ
 file, the code is documented, there's a :code:`Makefile` or :code:`fabfile`,
 you can clone and fork the repo. It's almost always better than a blog post.
 
-But now I have many repositories and just a few blog posts. What I'm going to do
+However now I have many repositories and just a few blog posts. What I'm going to do
 from now on is I'll publish the git repo, but add a short post announcing the
 repo.