Replaces spurious 0xA0 white-space characters by proper spaces

_posts/2018-08-10-openvpn-systemd-and-pushed-dns.md

@@ -108,7 +108,7 @@ So as always, it's a mess.
 
 Explanations : Even if you have perfectly followed this walk-through, if you are using **NetworkManager**, it _may_ break anyway next time you reboot or so.
 
-So the workaround (again...), is to tell **NetworkManager** not to handle the DNS configuration, and thus, not overriding the `/etc/resolv.conf` settings, EVER.
+So the workaround (again...), is to tell **NetworkManager** not to handle the DNS configuration, and thus, not overriding the `/etc/resolv.conf` settings, EVER.
 
 :warning: If you are counting on **NetworkManager** to handle connection-specific DNS configuration, I regret having to inform you it won't be possible anymore... :warning:
 

_posts/2018-11-03-how-to-secure-transmission-behind-apache-as-tls-reverse-proxy.md

@@ -109,7 +109,7 @@ Don't forget to enable the new VHOST :
 
 > For the given configuration above, you'll have to enable some new Apache modules, if they are not already loaded :  
 > `# a2enmod auth_basic env headers proxy_http ssl`  
-> `# systemctl restart apache2`
+> `# systemctl restart apache2`
 
 Now reload your Apache configuration, and everything is supposed to work... From anywhere (see below) !
 

_posts/2018-12-23-ssh-forwarding-between-host-and-container-for-gitea.md

@@ -56,10 +56,10 @@ chown -R git:nogroup /home/git/.ssh
 
 # Add to the `known_hosts` the public key of the SSH server running within the Gitea container
 su - git -c "ssh-keyscan -H -p $SSH_PORT $IP_ADDRESS > /home/git/.ssh/known_hosts 2> /dev/null"
-# Generate a keys pair to authenticate the host git session on your Gitea container
+# Generate a keys pair to authenticate the host git session on your Gitea container
 su - git -c "ssh-keygen"
 su - git -c "cat ~/.ssh/id_*.pub"
-## --> Copy the public key generated !
+## --> Copy the public key generated !
 
 # Mock a fake `/usr/local/bin/gitea` program, forwarding SSH commands to your Gitea container
 # (Sorry for this series of ugly shell escapes...)
@@ -71,7 +71,7 @@ chmod +x /usr/local/bin/gitea
 usermod -a -G ssh git
 {% endhighlight %}
 
-Before going back in the Gitea container to polish up the setup, we have to make the host keep the Gitea public identities synchronized within the fake `git` session (to accept incoming connections).  
+Before going back in the Gitea container to polish up the setup, we have to make the host keep the Gitea public identities synchronized within the fake `git` session (to accept incoming connections).  
 For this, we _cron_ a specific task (**Proxmox 5** example) :
 
 {% highlight bash %}

_posts/2020-03-20-nftables-hardening-rules-and-good-practices.md

@@ -80,7 +80,7 @@ table inet filter {
 	chain output {
 		type filter hook output priority 0; policy drop;
 
-		# ...
+		# ...
 	}
 }
 {% endhighlight %}
@@ -151,7 +151,7 @@ A regular anti-DDos rule is to [block new packets that are not `SYN`](https://ja
 
 Well, in order to match "new" packets, we need the help of the `conntrack` Netfilter module.  
 The problem : It's not available within a chain registered with the `ingress` hook, that's why we gotta use it elsewhere.  
-Let's then take the firstly encountered other "location" on the Netfilter flow, the `PREROUTING` hook.
+Let's then take the firstly encountered other "location" on the Netfilter flow, the `PREROUTING` hook.
 
 > Note : The snippet below [requires a Kernel >= 5.2](https://wiki.nftables.org/wiki-nftables/index.php/Performing_Network_Address_Translation_(NAT)#Inet_family_NAT).  
 > If that's not the case on your machine, replace `inet` by `ip`, but please notice that incoming IPv6 traffic won't be matched.
@@ -241,7 +241,7 @@ table inet filter {
 	chain output {
 		type filter hook output priority 0; policy drop;
 
-		# ...
+		# ...
 	}
 }