alejandro-angulo/alejandr0angul0.dev
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Ran linters on all files and added codespell (#13)

Browse source
This commit is contained in:
Alejandro Angulo 2021-12-31 11:34:37 -08:00 committed by GitHub
parent 7b118b71d6
commit dc9b131e72
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 229 additions and 228 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -4,6 +4,9 @@
# Deployment config
config/production/deployment.toml
# Hugo build lock
.hugo_build.lock
# yarn
.pnp.*
.yarn/*

11
.pre-commit-config.yaml
View file

@ -3,7 +3,7 @@
# See https://pre-commit.com/hooks.html for more hooks
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.0.1
rev: v4.1.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
@ -14,13 +14,18 @@ repos:
.*\.cjs
)$
- repo: https://github.com/pre-commit/mirrors-eslint
rev: v7.32.0
rev: v8.5.0
hooks:
- id: eslint
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.4.1
rev: v2.5.1
hooks:
- id: prettier
additional_dependencies:
- prettier@2.4.1
- prettier-plugin-go-template@0.0.11
- repo: https://github.com/codespell-project/codespell
rev: v2.1.0
hooks:
- id: codespell
types: [markdown]

1
archetypes/default.md
View file

@ -3,4 +3,3 @@ title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---

1
config/production/deployment.toml.sample
View file

@ -19,4 +19,3 @@ gzip = false
[[matchers]]
pattern = "^.+\\.(html|xml|json)$"
gzip = true

39
content/posts/X1C6-arch-linux-install.md
View file

@ -14,7 +14,7 @@ I recently picked up a 6th gen X1 Carbon so of course I wanted to install Arch L
in case I ever have to do this again. I used [ejmg's
guide](https://github.com/ejmg/an-idiots-guide-to-installing-arch-on-a-lenovo-carbon-x1-gen-6) guide, [HardenedArray's gist
guide](https://gist.github.com/HardenedArray/ee3041c04165926fca02deca675effe1), and the [Arch Linux wiki
page](https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)) as references.
page](<https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)>) as references.
_Note_: This was my setup as of July 2020ish. Things have changed since then.
@ -22,13 +22,13 @@ _Note_: This was my setup as of July 2020ish. Things have changed since then.
### Prepare Installation Media
This part is relatively straighforward. Check out the [arch wiki
This part is relatively straightforward. Check out the [arch wiki
page](https://wiki.archlinux.org/title/USB_flash_installation_medium).
### Prepare BIOS
BIOS -> Security -> Secure Boot -> Disable
BIOS -> Config -> Thunderbolt(TM) 3 -> Thunderbolt BIOS Assist Mode: Enabled
BIOS -> Config -> Thunderbolt(TM) 3 -> Thunderbolt BIOS Assist Mode: Enabled
Configure boot order to boot off USB
BIOS -> Startup -> Boot -> Move USB HDD to the top of the list (also moved USB FDD to 2nd since I wasn't sure which one I needed
@ -62,18 +62,18 @@ commands.
### Partition Drive
My device had two SSDs installed. `lsblk` showed them as `nvme0n1` and `nvme1n1`. My primary SSD was `nvme1n1` so I ran `gdisk
/dev/nmve1n1`. You can enter `?` to get a list of commands. I went ahead and deleted (`d`) all the existing partitions. Created an
EFI partition (`n`) on partition 1 with a size of 100 MiB (chose first sector and then `+100M` for the last sector) with hex code
EF00 (EFI partition). I created partition 2 to span the rest of the device. I tried having a separate boot partition but ran into
issues getting my system to boot up properly. It's probably possible to have a separate boot partition but it probably makes the
setup more complex. So, unless you know what you're doing, don't create any other partitions on this drive.
My device had two SSDs installed. `lsblk` showed them as `nvme0n1` and `nvme1n1`. My primary SSD was `nvme1n1` so I ran
`gdisk /dev/nmve1n1`. You can enter `?` to get a list of commands. I went ahead and deleted (`d`) all the existing partitions.
Created an EFI partition (`n`) on partition 1 with a size of 100 MiB (chose first sector and then `+100M` for the last sector)
with hex code EF00 (EFI partition). I created partition 2 to span the rest of the device. I tried having a separate boot partition
but ran into issues getting my system to boot up properly. It's probably possible to have a separate boot partition but it
probably makes the setup more complex. So, unless you know what you're doing, don't create any other partitions on this drive.
For my second drive I ran `gdisk /dev/nvme0n1` and left a single partition spanning the entire device with hex code 8300 (Linux
FS). This drive can be partitioned however you like.
I should zero my devices but I'm not that paranoid so I didn't. This could be done with `ddrescue` or with `cat` like so `cat
/dev/zero > /dev/nvme1n1 && cat /dev/zero /dev/nme0n1`.
I should zero my devices but I'm not that paranoid so I didn't. This could be done with `ddrescue` or with `cat` like so
`cat /dev/zero > /dev/nvme1n1 && cat /dev/zero /dev/nme0n1`.
### Setup filesystems
@ -119,7 +119,6 @@ lvcreate -l 100%FREE Data -n root
Create a FAT32 filesystem for the EFI partition, set up the swap partition, and format the rest with ext4.
```bash
mkfs.vfat -F 32 /dev/nvme1n1p1
mkswap /dev/mapper/Arch-swap
@ -203,7 +202,7 @@ Replace `alejandro` with your username. `sudo` will later be configured to allow
### More Encryption Configuration
When the system boots up, the bootloader (I'll be using `grub`) will need to read `/boot` and the system will need access to any
other volumes specified in the fstab file. Without any extra configuration, there will be a passphrase prompt for every volume.
other volumes specified in the fstab file. Without any extra configuration, there will be a passphrase prompt for every volume.
LUKS devices have multiple "key slots." It's possible to use a key file to fill in one of the key slots and later pass that file
in to open (decrypt) a LUKS device. This makes it possible to have `grub` handle decryption of root and swap without requiring the
user to enter multiple passphrases (which is clunky and error-prone). Other volumes (my data root volume) can be configured in
@ -245,7 +244,7 @@ Secondary /dev/nvme0n1p1 /crypto_keyfile.bin
```
The `discard` option has to do with the `TRIM` command and is basically a performance optimization. Read more about it on
[wikipedia](https://en.wikipedia.org/wiki/Trim_(computing)).
[wikipedia](<https://en.wikipedia.org/wiki/Trim_(computing)>).
Edit the `mkinitpcio` configuration file (`/etc/mkinitpcio.conf`) to setup decryption.
@ -294,7 +293,7 @@ either).
### First Logon
Log in to your system as root and alow users in the wheel group to use `sudo`. Run `visudo`, if you get an error saying no editor
Log in to your system as root and allow users in the wheel group to use `sudo`. Run `visudo`, if you get an error saying no editor
found just prepend the editor's path like this `EDITOR=/usr/bin/vim visudo`. Uncomment the following line `%wheel ALL=(ALL) ALL`.
You can log out and log in with your own user account now.
@ -396,6 +395,7 @@ cp /etc/sway/config ~/.config/sway
mkdir -p ~/.config/waybar
cp /etc/xdg/waybar/* ~/.config/waybar
```
I edited my sway config to mimic my i3 config so I needed to grab a few packages first.
```bash
@ -419,7 +419,7 @@ echo "export MOZ_ENABLE_WAYLAND=1" >> ~/.zprofile
After restarting sway, I was able to run Firefox. I ran into my next issue (seems like a recurring theme) soon after. Everything
on the screen seemed too big. The scaling factor for my display was too large (first world problem, I know). Luckily for me sway
supports (but doesn't reccommend) fractional scaling. I got my display's name using `swaymsg`.
supports (but doesn't recommend) fractional scaling. I got my display's name using `swaymsg`.
```bash
swaymsg -t get_outputs
@ -511,8 +511,9 @@ export SSH_AUTH_SOCK
sway
```
Store spotify password in keystore `secret-tool --label='Spotify' application rust-keyring service spotifyd
username <your-username>`. You'll be prompted to create a default keyring if one hasn't already been created.
Store spotify password in keystore
`secret-tool --label='Spotify' application rust-keyring service spotifyd username <your-username>`. You'll be prompted to create a
default keyring if one hasn't already been created.
Create systemd unit file and run spotifyd
@ -537,7 +538,7 @@ alias config='/usr/bin/git --git-dir=$HOME/.myconf/ --work-tree=$HOME' # Add th
```bash
yay -S light
usermod -a -G video alejandro # need to be in video group to control backlight
# below 2 reload udev rules, so light doesn't requre root permissions
# below 2 reload udev rules, so light doesn't require root permissions
sudo udevadm control --reload-rule
sudo udevadm trigger
# Above 2 commands didn't work for me, but did after a reboot

290
content/posts/hosting-static-site-aws.md
View file

@ -40,15 +40,15 @@ read permissions to objects in the bucket.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<your domain name here>/*"
}
]
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<your domain name here>/*"
}
]
}
```
@ -75,7 +75,7 @@ aws route53 list-hosted-zones
## Setting up Certificate
A cerificate is needed for https support. To do so a cert has to be requeted from AWS's aptly named AWS Certificate Manager (ACM).
Once a request is in, domain ownership needs to be validated (AWS can't be giving out certs for just any domain). Validation can
Once a request is in, domain ownership needs to be validated (AWS can't be giving out certs for just any domain). Validation can
be done through DNS or email. Email validation requires controlling an email address like `admin@suprecool.tld` and clicking a
link in an email sent to it. DNS validation requires adding a CNAME record in a hosted zone.
@ -98,17 +98,21 @@ Prepare a json file to add the required CNAME.
```json
{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "<name shown in last command>",
"Type": "CNAME",
"TTL": 300,
"ResourceRecords": [{
"Value": "<value show in last command>"
}]
}
}]
"Changes": [
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "<name shown in last command>",
"Type": "CNAME",
"TTL": 300,
"ResourceRecords": [
{
"Value": "<value show in last command>"
}
]
}
}
]
}
```
@ -130,128 +134,116 @@ for the JSON required is below. The region name is whatever was configured when
```json
{
"Aliases": {
"Quantity": 1,
"Items": [
"<your domain name here>"
]
},
"DefaultRootObject": "index.html",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
"DomainName": "<your domain name here>.s3-website-<your region here>.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "http-only",
"OriginSslProtocols": {
"Quantity": 3,
"Items": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
},
"ConnectionAttempts": 3,
"ConnectionTimeout": 10
}
]
},
"OriginGroups": {
"Aliases": {
"Quantity": 1,
"Items": ["<your domain name here>"]
},
"DefaultRootObject": "index.html",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
"DomainName": "<your domain name here>.s3-website-<your region here>.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "http-only",
"OriginSslProtocols": {
"Quantity": 3,
"Items": ["TLSv1", "TLSv1.1", "TLSv1.2"]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
},
"ConnectionAttempts": 3,
"ConnectionTimeout": 10
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
"ForwardedValues": {
"QueryString": false,
"Cookies": {
"Forward": "none"
},
"Headers": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
"ForwardedValues": {
"QueryString": false,
"Cookies": {
"Forward": "none"
},
"Headers": {
"Quantity": 0
},
"QueryStringCacheKeys": {
"Quantity": 0
}
},
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "redirect-to-https",
"MinTTL": 0,
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
]
}
},
"SmoothStreaming": false,
"DefaultTTL": 86400,
"MaxTTL": 31536000,
"Compress": false,
"LambdaFunctionAssociations": {
"Quantity": 0
},
"FieldLevelEncryptionId": ""
},
"CacheBehaviors": {
},
"QueryStringCacheKeys": {
"Quantity": 0
}
},
"CustomErrorResponses": {
"Quantity": 1,
"Items": [
{
"ErrorCode": 404,
"ResponsePagePath": "/404.html",
"ResponseCode": "404",
"ErrorCachingMinTTL": 60
}
]
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"Comment": "",
"Logging": {
"Enabled": false,
"IncludeCookies": false,
"Bucket": "",
"Prefix": ""
"ViewerProtocolPolicy": "redirect-to-https",
"MinTTL": 0,
"AllowedMethods": {
"Quantity": 2,
"Items": ["HEAD", "GET"],
"CachedMethods": {
"Quantity": 2,
"Items": ["HEAD", "GET"]
}
},
"PriceClass": "PriceClass_All",
"Enabled": true,
"ViewerCertificate": {
"ACMCertificateArn": "<your certificate ARN>",
"SSLSupportMethod": "sni-only",
"MinimumProtocolVersion": "TLSv1.2_2018",
"Certificate": "<your certificate ARN>",
"CertificateSource": "acm"
"SmoothStreaming": false,
"DefaultTTL": 86400,
"MaxTTL": 31536000,
"Compress": false,
"LambdaFunctionAssociations": {
"Quantity": 0
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"WebACLId": "",
"HttpVersion": "http2",
"IsIPV6Enabled": true
"FieldLevelEncryptionId": ""
},
"CacheBehaviors": {
"Quantity": 0
},
"CustomErrorResponses": {
"Quantity": 1,
"Items": [
{
"ErrorCode": 404,
"ResponsePagePath": "/404.html",
"ResponseCode": "404",
"ErrorCachingMinTTL": 60
}
]
},
"Comment": "",
"Logging": {
"Enabled": false,
"IncludeCookies": false,
"Bucket": "",
"Prefix": ""
},
"PriceClass": "PriceClass_All",
"Enabled": true,
"ViewerCertificate": {
"ACMCertificateArn": "<your certificate ARN>",
"SSLSupportMethod": "sni-only",
"MinimumProtocolVersion": "TLSv1.2_2018",
"Certificate": "<your certificate ARN>",
"CertificateSource": "acm"
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"WebACLId": "",
"HttpVersion": "http2",
"IsIPV6Enabled": true
}
```
@ -276,18 +268,20 @@ Prepare a json file for the Route 53 request. Fun fact: `HostedZoneId` is hardco
```json
{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "<your domain name here>.",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "Z2FDTNDATAQYW2",
"DNSName": "<your CloudFront distribution domain name>.",
"EvaluateTargetHealth": false
}
"Changes": [
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "<your domain name here>.",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "Z2FDTNDATAQYW2",
"DNSName": "<your CloudFront distribution domain name>.",
"EvaluateTargetHealth": false
}
}]
}
}
]
}
```

6
content/posts/no-referrals-please.md
View file

@ -8,8 +8,8 @@ draft = false
### TL;DR
* Use `same-origin` Referrer Policy with Django
* Double leters are unecesary and slow down typing ([see Referer in this document](https://tools.ietf.org/html/rfc1945))
- Use `same-origin` Referrer Policy with Django
- Double leters are unecesary and slow down typing ([see Referer in this document](https://tools.ietf.org/html/rfc1945))
---
@ -25,7 +25,7 @@ that users are more likely to have the fonts already cached (making my site load
But, what's this referrer business? Turns out that browsers send information on what page a user comes from. This information is
stored in the headers under the `Referer` field. Yes, _referer_ and not _referrer_. According to wikipedia, [this
mispelling](https://tools.ietf.org/html/rfc1945) [is found](https://tools.ietf.org/html/rfc2616) in [multiple
misspelling](https://tools.ietf.org/html/rfc1945) [is found](https://tools.ietf.org/html/rfc2616) in [multiple
RFCs](https://tools.ietf.org/html/rfc7231).
This information seems pretty innocuous, but can be used (in tandem with other techniques) to track people online. Sites can

14
content/posts/running-travis-ci-locally.md
View file

@ -7,9 +7,9 @@ tags = ["procrastination"]
### TL;DR
* Travis build was failing.
* Found a possible fix, but I didn't want to push commits just to check if it would work.
* Ran [travis-build](https://github.com/travis-ci/travis-build) in a Docker container to test the fix.
- Travis build was failing.
- Found a possible fix, but I didn't want to push commits just to check if it would work.
- Ran [travis-build](https://github.com/travis-ci/travis-build) in a Docker container to test the fix.
---
@ -30,7 +30,7 @@ The command "pip install -r requirements.txt" failed and exited with 1 during .
Your build has been stopped.
```
Well at least *my* code didn't break anything. But hey, it's a Sunday and I have chores to ignore. Let's look into this. I googled
Well at least _my_ code didn't break anything. But hey, it's a Sunday and I have chores to ignore. Let's look into this. I googled
the error and stumbled upon a [comment on Github](https://github.com/psycopg/psycopg2/issues/594#issuecomment-346514672) stating
that the fix was to update the psycopg2 requirement to 2.7.1 (the current latest version). Great, that should be an easy fix. But
hang on, I have all these chores to ignore. I can probably run Travis locally before pushing just to verify the fix. Let's look
@ -66,8 +66,9 @@ Here are the steps that worked for me. I hope this is useful for someone else so
First off, we'll need to decide on one of Travis's docker containers to run from. Available containers are [listed on
Quay](https://quay.io/organization/travisci). We'll want one of the containers named `travis-<some language>`. I copy-pasted from
the instructions in the Medium article so I ended up running everything under the `travis-jvm` container. In retrospect, I should
have used `travis-python` since I was dealing with a Python project. The command `docker run -it -u travis
quay.io/travisci/travis-jvm /bin/bash` can be used to run the container (replace `travis-jvm` with whatever container is desired).
have used `travis-python` since I was dealing with a Python project. The command
`docker run -it -u travis quay.io/travisci/travis-jvm /bin/bash`
can be used to run the container (replace `travis-jvm` with whatever container is desired).
Before setting up `travis-build` we can choose which version of Ruby to work with. The latest stable version was 2.4.3 when I
checked so I decided to go with that.
@ -149,4 +150,3 @@ as I had hoped :) .
This process is pretty convoluted but I think I can automate this and include it a container for my project. But, maybe I'm better
off using something like Jenkins for CI if I'm so concerned with running my builds locally. At least I can feel like I did
something productive while avoiding my chores.

17
layouts/partials/comments.html
View file

@ -1,8 +1,9 @@
<script src="https://utteranc.es/client.js"
repo="alejandro-angulo/alejandr0angul0.dev"
issue-term="pathname"
label="blog comment"
theme="dark-blue"
crossorigin="anonymous"
async>
</script>
<script
src="https://utteranc.es/client.js"
repo="alejandro-angulo/alejandr0angul0.dev"
issue-term="pathname"
label="blog comment"
theme="dark-blue"
crossorigin="anonymous"
async
></script>

9
themes/alejandro-angulo/layouts/404.html
View file

@ -1,11 +1,12 @@
{{ define "main" }}
<pre>
<pre>
░█▀█░█▀█░▀█▀░░░█▀▀░█▀█░█░█░█▀█░█▀▄
░█░█░█░█░░█░░░░█▀▀░█░█░█░█░█░█░█░█
░▀░▀░▀▀▀░░▀░░░░▀░░░▀▀▀░▀▀▀░▀░▀░▀▀░
</pre>
<p>
<a href="{{ .Site.BaseURL }}">Go home</a> or use the navigation at the top to navigate to another page.
</p>
<p>
<a href="{{ .Site.BaseURL }}">Go home</a> or use the navigation at the top
to navigate to another page.
</p>
{{ end }}

16
themes/alejandro-angulo/layouts/_default/baseof.html
View file

@ -1,11 +1,11 @@
<!DOCTYPE html>
<html>
{{- partial "head.html" . -}}
<body>
{{- partial "header.html" . -}}
<div id="content">
{{- block "main" . }}{{- end }}
</div>
{{- partial "footer.html" . -}}
</body>
{{- partial "head.html" . -}}
<body>
{{- partial "header.html" . -}}
<div id="content">
{{- block "main" . }}{{- end }}
</div>
{{- partial "footer.html" . -}}
</body>
</html>

10
themes/alejandro-angulo/layouts/_default/list.html
View file

@ -1,10 +1,8 @@
{{ define "main" }}
<h1>{{ .Title }}</h1>
{{ range .Pages.ByPublishDate.Reverse }}
<p>
<h3><a class="title" href="{{ .RelPermalink }}">{{ .Title }}</a></h3>
<h1>{{ .Title }}</h1>
<h3><a class="title" href="{{ .RelPermalink }}">{{ .Title }}</a></h3>
{{ range .Pages.ByPublishDate.Reverse }}
{{ partial "metadata.html" . }}
<p class="summary">{{ .Summary }}</p>
</p>
{{ end }}
{{ end }}
{{ end }}

6
themes/alejandro-angulo/layouts/_default/single.html
View file

@ -1,5 +1,5 @@
{{ define "main" }}
<h1>{{ .Title }}</h1>
{{ partial "metadata.html" . }}
{{ .Content }}
<h1>{{ .Title }}</h1>
{{ partial "metadata.html" . }}
{{ .Content }}
{{ end }}

30
themes/alejandro-angulo/layouts/partials/header.html
View file

@ -1,18 +1,18 @@
<div id="header">
<div id="banner">
<div class="lhs">
<a class="home-link" href="{{ .Site.BaseURL }}">{{ .Site.Title }}</a>
</div>
<div class="rhs">
<nav id="nav" class="nav justify-content-center">
{{ range .Site.Menus.main }}
<a class="nav-link" href="{{ .URL }}">
{{ $text := print .Name | safeHTML }}
{{ $text }}
</a>
{{ end }}
</nav>
<span class="current-page">[{{ .Title }}]</span>
</div>
<div id="banner">
<div class="lhs">
<a class="home-link" href="{{ .Site.BaseURL }}">{{ .Site.Title }}</a>
</div>
<div class="rhs">
<nav id="nav" class="nav justify-content-center">
{{ range .Site.Menus.main }}
<a class="nav-link" href="{{ .URL }}">
{{ $text := print .Name | safeHTML }}
{{ $text }}
</a>
{{ end }}
</nav>
<span class="current-page">[{{ .Title }}]</span>
</div>
</div>
</div>