move updates to the end

Posts/BadRecordMac

@@ -5,14 +5,6 @@ tags: mirageos, security
 abstract: 10BTC could've been yours
 ---
 
-## Updates
-
-- Canopy uses a [map instead of a hashtable](https://github.com/Engil/Canopy/issues/30#issuecomment-215010365), [tags](https://hannes.nqsb.io/tags) now contains a list of tags ([PR here](https://github.com/Engil/Canopy/pull/39)), both thanks to voila!  I also use the [new CSS](https://github.com/Engil/Canopy/pull/38) from Engil
-- There is a [CVE for OCaml <=4.03](http://www.openwall.com/lists/oss-security/2016/04/29/1)
-- [Mirage 2.9.0](https://github.com/mirage/mirage/pull/534) was released, which integrates support of the logs library (now already used in [mirage-net-xen](https://github.com/mirage/mirage-net-xen/pull/43) and [mirage-tcpip](https://github.com/mirage/mirage-tcpip/pull/199))
-- This blog post has an accompanied [MirageOS security advisory](https://mirage.io/blog/MSA00)
-- cfcs documented some [basic unikernels](https://github.com/cfcs/mirage-examples)
-
 ## BAD RECORD MAC
 
 Roughly 2 weeks ago, [Engil](https://github.com/Engil) informed me that a TLS alert pops up in his browser sometimes when he reads this website.  His browser reported that the [message authentication code](https://en.wikipedia.org/wiki/Message_authentication_code) was wrong.  From [RFC 5246](https://tools.ietf.org/html/rfc5246): This message is always fatal and should never be observed in communication between proper implementations (except when messages were corrupted in the network).
@@ -78,3 +70,11 @@ Certainly, interfacing the outside world is complex.  The [mirage-block-xen](htt
 I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
+
+## Other updates in the MirageOS ecosystem
+
+- Canopy uses a [map instead of a hashtable](https://github.com/Engil/Canopy/issues/30#issuecomment-215010365), [tags](https://hannes.nqsb.io/tags) now contains a list of tags ([PR here](https://github.com/Engil/Canopy/pull/39)), both thanks to voila!  I also use the [new CSS](https://github.com/Engil/Canopy/pull/38) from Engil
+- There is a [CVE for OCaml <=4.03](http://www.openwall.com/lists/oss-security/2016/04/29/1)
+- [Mirage 2.9.0](https://github.com/mirage/mirage/pull/534) was released, which integrates support of the logs library (now already used in [mirage-net-xen](https://github.com/mirage/mirage-net-xen/pull/43) and [mirage-tcpip](https://github.com/mirage/mirage-tcpip/pull/199))
+- This blog post has an accompanied [MirageOS security advisory](https://mirage.io/blog/MSA00)
+- cfcs documented some [basic unikernels](https://github.com/cfcs/mirage-examples)

Posts/Functoria

@@ -5,15 +5,6 @@ tags: mirageos, background
 abstract: how to actually configure the system
 ---
 
-## Updates
-
-- now using Html5.P.print instead of string concatenation, as suggested by Drup (both on [nqsb.io](https://github.com/mirleft/nqsb.io/commit/f16291b67d203bf6b2ebc0c5c8479b7cfd153683) and in [Canopy](https://github.com/Engil/Canopy/pull/46))
-- Canopy updated and created timestamps (for [irmin-0.10](https://github.com/Engil/Canopy/pull/48) and [irmin-0.11](https://github.com/Engil/Canopy/pull/43))
-- another [resource leak in mirage-http](https://github.com/mirage/mirage-http/pull/24)
-- [mirage-platform now has 4.03 support](https://github.com/mirage/mirage-platform/pull/165) and [strtod](https://github.com/mirage/mirage-platform/issues/118) (finally :)
-- [blog posts about retreat in marrakech](https://mirage.io/blog/2016-spring-hackathon)
-- [syndic 1.5.0 release](https://github.com/Cumulus/Syndic) now using ptime instead of calendar
-
 Sorry for being late again with this article, I had other ones planned, but am not yet satisfied with content and code, will have to wait another week.
 
 ## MirageOS configuration
@@ -160,3 +151,12 @@ We walked through the configuration magic of MirageOS, which is a domain-specifi
 I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
+
+## Other updates in the MirageOS ecosystem
+
+- now using Html5.P.print instead of string concatenation, as suggested by Drup (both on [nqsb.io](https://github.com/mirleft/nqsb.io/commit/f16291b67d203bf6b2ebc0c5c8479b7cfd153683) and in [Canopy](https://github.com/Engil/Canopy/pull/46))
+- Canopy updated and created timestamps (for [irmin-0.10](https://github.com/Engil/Canopy/pull/48) and [irmin-0.11](https://github.com/Engil/Canopy/pull/43))
+- another [resource leak in mirage-http](https://github.com/mirage/mirage-http/pull/24)
+- [mirage-platform now has 4.03 support](https://github.com/mirage/mirage-platform/pull/165) and [strtod](https://github.com/mirage/mirage-platform/issues/118) (finally :)
+- [blog posts about retreat in marrakech](https://mirage.io/blog/2016-spring-hackathon)
+- [syndic 1.5.0 release](https://github.com/Cumulus/Syndic) now using ptime instead of calendar

Posts/OCaml

@@ -5,14 +5,6 @@ tags: overview, background
 abstract: a gentle introduction into OCaml
 ---
 
-## Updates
-
-- Canopy now sends out appropriate [content type](https://github.com/Engil/Canopy/pull/23) HTTP headers
-- [mirage-http 2.5.2](https://github.com/mirage/mirage-http/releases/tag/v2.5.2) was released to [opam](https://opam.ocaml.org/packages/mirage-http/mirage-http.2.5.2/) which fixes the resource leak
-- regression in [mirage-net-xen 1.6.0](https://github.com/mirage/mirage-net-xen/issues/39), I'm back on 1.4.1
-- I stumbled upon [too large crunch for MirageOS](https://github.com/mirage/mirage/issues/396), no solution apart from using a FAT image ([putting the data into an ELF section](https://github.com/mirage/mirage/issues/489) would solve the issue, if anyone is interested in MirageOS, that'd be a great project to start with)
-- unrelated, [X.509 0.5.2](https://opam.ocaml.org/packages/x509/x509.0.5.2/) fixes [this bug](https://github.com/mirleft/ocaml-x509/commit/1a1476308d24bdcc49d45c4cd9ef539ca57461d2) in certificate chain construction
-
 ## Programming
 
 For me, programming is fun.  I enjoy doing it, every single second.  All the way
@@ -141,3 +133,11 @@ specification and
 implementation](https://nqsb.io/nqsbtls-usenix-security15.pdf).  I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
+
+## Other updates in the MirageOS ecosystem
+
+- Canopy now sends out appropriate [content type](https://github.com/Engil/Canopy/pull/23) HTTP headers
+- [mirage-http 2.5.2](https://github.com/mirage/mirage-http/releases/tag/v2.5.2) was released to [opam](https://opam.ocaml.org/packages/mirage-http/mirage-http.2.5.2/) which fixes the resource leak
+- regression in [mirage-net-xen 1.6.0](https://github.com/mirage/mirage-net-xen/issues/39), I'm back on 1.4.1
+- I stumbled upon [too large crunch for MirageOS](https://github.com/mirage/mirage/issues/396), no solution apart from using a FAT image ([putting the data into an ELF section](https://github.com/mirage/mirage/issues/489) would solve the issue, if anyone is interested in MirageOS, that'd be a great project to start with)
+- unrelated, [X.509 0.5.2](https://opam.ocaml.org/packages/x509/x509.0.5.2/) fixes [this bug](https://github.com/mirleft/ocaml-x509/commit/1a1476308d24bdcc49d45c4cd9ef539ca57461d2) in certificate chain construction

Posts/OperatingSystem

@@ -5,21 +5,7 @@ tags: overview, operating system, mirageos
 abstract: Operating systems and MirageOS
 ---
 
-## Updates
-
-Sorry to be late with this entry, but I had to fix some issues:
-
-- this website is based on [Canopy](https://github.com/Engil/Canopy), the content is stored as markdown in a [git repository](https://github.com/hannesm/hannes.nqsb.io)
-- it was running in a [FreeBSD](https://FreeBSD.org) jail, but when I compiled too much the underlying [zfs file system](https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/zfs.html) wasn't happy (and is now hanging in kernel space in a read)
-- no remote power switch (borrowed to a friend 3 weeks ago), nobody was willing to go to the data centre and reboot
-- I wanted to move it anyways to a host where I can deploy [Xen](http://www.xenproject.org/) guest VMs
-- turns out the Xen compilation and deployment mode needed some love:
-   - I ported a newer [bin_prot](https://github.com/hannesm/bin_prot/tree/113.33.00+xen) to xen
-   - I wrote a clean patch to [serve via TLS](https://github.com/Engil/Canopy/pull/15) (including [HSTS header](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and redirecting HTTP (moved permanently) to HTTPS)
-   - I found a memory leak in the [mirage-http](https://github.com/mirage/mirage-http/pull/23) library
-- I was travelling
-- good news: it now works on Xen, and there is [an atom feed](https://hannes.nqsb.io/atom)
-- life of an "eat your own dogfood" full stack engineer ;)
+Sorry to be late with this entry, but I had to fix some issues.
 
 ## What is an operating system?
 
@@ -178,3 +164,17 @@ I hope I gave some insight into what the purpose of an operating systems is, and
 how MirageOS fits into the picture. I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
+
+## Other updates in the MirageOS ecosystem
+
+- this website is based on [Canopy](https://github.com/Engil/Canopy), the content is stored as markdown in a [git repository](https://github.com/hannesm/hannes.nqsb.io)
+- it was running in a [FreeBSD](https://FreeBSD.org) jail, but when I compiled too much the underlying [zfs file system](https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/zfs.html) wasn't happy (and is now hanging in kernel space in a read)
+- no remote power switch (borrowed to a friend 3 weeks ago), nobody was willing to go to the data centre and reboot
+- I wanted to move it anyways to a host where I can deploy [Xen](http://www.xenproject.org/) guest VMs
+- turns out the Xen compilation and deployment mode needed some love:
+   - I ported a newer [bin_prot](https://github.com/hannesm/bin_prot/tree/113.33.00+xen) to xen
+   - I wrote a clean patch to [serve via TLS](https://github.com/Engil/Canopy/pull/15) (including [HSTS header](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and redirecting HTTP (moved permanently) to HTTPS)
+   - I found a memory leak in the [mirage-http](https://github.com/mirage/mirage-http/pull/23) library
+- I was travelling
+- good news: it now works on Xen, and there is [an atom feed](https://hannes.nqsb.io/atom)
+- life of an "eat your own dogfood" full stack engineer ;)

Posts/Solo5

@@ -5,8 +5,8 @@ tags: future, mirageos, security
 abstract: MirageOS solo5 multiboot native on bhyve
 ---
 
-Update (2016-10-19): all has been merged upstream now!
-Update (2016-10-30): `static_website_tls` works (TLS,HTTP,network via tap device)!
+- Update (2016-10-19): all has been merged upstream now!
+- Update (2016-10-30): `static_website_tls` works (TLS,HTTP,network via tap device)!
 
 ## What?
 
@@ -86,6 +86,6 @@ I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
 
-# Other updates in the MirageOS ecosystem
+## Other updates in the MirageOS ecosystem
 
 There were some busy times, several pull requests are still waiting to get merged (e.g. some cosmetics in [mirage](https://github.com/mirage/mirage/pull/544) as preconditions for treemaps and dependency diagrams), I [proposed](https://github.com/mirage/mirage/pull/547) to use `sleep_ns : int64 -> unit io` instead of the `sleep : float -> unit io` (nobody wants floating point numbers); also an RFC for [random](https://github.com/mirage/mirage/pull/551), Matt Gray [proposed](https://github.com/mirage/mirage/pull/548) to get rid of `CLOCK` (and have a `PCLOCK` and a `MCLOCK` instead).  Soon there will be a major MirageOS release which breaks all the previous unikernels! :)

Posts/nqsbWebsite

@@ -5,13 +5,6 @@ tags: mirageos, http, tls, protocol
 abstract: building a simple website
 ---
 
-## Updates
-
-- [Canopy](https://github.com/Engil/Canopy) improvements: [no bower anymore](https://github.com/Engil/Canopy/pull/26),  [HTTP caching support (via etags)](https://github.com/Engil/Canopy/pull/27), [listings now include dates](https://github.com/Engil/Canopy/pull/31), [dates are now in big-endian (y-m-d)](https://github.com/Engil/Canopy/pull/32)
-- [MirageOS call irclog from 2014-04-20](http://canopy.mirage.io/irclogs/20-04-2016)
-- blog article about [naive authentication service using MirageOS](https://abailly.github.io/posts/mirage-os-newbie.html)
-- [OCaml 4.03 post](https://lwn.net/SubscriberLink/684128/1436601f401c1f09/)
-
 ## Task
 
 Our task is to build a small unikernel which provides a project website.  On our way we will wade through various layers using code examples.  The website itself contains a few paragraphs of text, some link lists, and our published papers in pdf form.
@@ -270,3 +263,10 @@ For a start in MirageOS unikernels, look into our [mirage-skeleton](https://gith
 I'm interested in feedback, either via
 [twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
 GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
+
+## Other updates in the MirageOS ecosystem
+
+- [Canopy](https://github.com/Engil/Canopy) improvements: [no bower anymore](https://github.com/Engil/Canopy/pull/26),  [HTTP caching support (via etags)](https://github.com/Engil/Canopy/pull/27), [listings now include dates](https://github.com/Engil/Canopy/pull/31), [dates are now in big-endian (y-m-d)](https://github.com/Engil/Canopy/pull/32)
+- [MirageOS call irclog from 2014-04-20](http://canopy.mirage.io/irclogs/20-04-2016)
+- blog article about [naive authentication service using MirageOS](https://abailly.github.io/posts/mirage-os-newbie.html)
+- [OCaml 4.03 post](https://lwn.net/SubscriberLink/684128/1436601f401c1f09/)