diff --git a/docs/infrastruktur/labdesign-fit-test.md b/docs/infrastruktur/labdesign-fit-test.md
new file mode 100644
index 0000000..90ca8ed
--- /dev/null
+++ b/docs/infrastruktur/labdesign-fit-test.md
@@ -0,0 +1,178 @@
+---
+marp: true
+pagination: true
+size: 16:9
+---
+
+
+
+
+
+# Introduction
+
+This is assorted notes on what could go into the MakerFLOSS lab
+
+---
+
+# Requirements
+
+- A space to experiment with new software
+- A place where software could be "test run" for some time
+- A place where errors are not causing IP loss
+ - even if errors are real big !!
+
+## More details
+
+- Firewalled off from the production network
+- Accessible from outside
+- Potential for exposing services externally
+
+---
+
+## Constraints
+
+- Cost conscious
+- Support constant change
+
+---
+
+# Proposals
+
+## Short term
+
+A VPS in a (European) cloud with one public IP
+
+---
+
+## Midterm
+
+Complement the VPS with some local hardware:
+
+- Firewall with zones (VLANs, DNS/DHCP)
+- Netbird access to services in Lab
+- Switching infrastructure
+- A primary "stable" Proxmox host
+- A secondary experimentation machine
+- A backup server
+- Tunnel for external access via VPS public IP
+
+---
+
+### Basic Services in Lab
+
+- Git: Forgejo
+- ...
+
+---
+
+### Lab Diagram
+
+```mermaid
+graph LR
+ subgraph External
+ Internet[π Internet]
+ VPS[FLOSS VPS
88.99.32.236]
+ end
+
+ subgraph OrangeMaker["Orange Makerspace"]
+ OMFirewall[OrangeMaker Firewall]
+ ProdNet[Production Network]
+ end
+
+ subgraph FLOSSLab["MakerFLOSS Lab"]
+ Switch[Switch]
+ Proxmox1[LabZone 1
Test Proxmox]
+ Proxmox2[LabZone 2
Experimental]
+
+ subgraph TAPPaaS
+ FLOSSFirewall[MakerFLOSS Firewall
DNS/DHCP/VLANs]
+ PreProd[Pre-production Zone]
+ Backup[Backup Server]
+ end
+ end
+
+ Internet --> VPS
+ Internet --> OMFirewall
+ VPS -.->|Tunnel| FLOSSFirewall
+ VPS -.->|Netbird| FLOSSFirewall
+ OMFirewall --> ProdNet
+ OMFirewall --> FLOSSFirewall
+ FLOSSFirewall --> Switch
+ FLOSSFirewall --> PreProd
+ Switch --> Proxmox1
+ Switch --> Proxmox2
+ Switch --> Backup
+```
+
+---
+
+### TAPPaaS Diagram
+
+```mermaid
+graph TB
+ subgraph TAPPaaS
+ subgraph Firewall["Firewall"]
+ Zones[Zones]
+ Caddy[Caddy]
+ Certs[Certificates]
+ DHCPDNS[DHCP/DNS]
+ end
+
+ subgraph PreProd["Pre-Production"]
+ Proxmox[Proxmox]
+ Authentik[Authentik]
+ CICD[CI/CD]
+ Forgejo[Forgejo]
+ More[...]
+ end
+
+ subgraph BackupSrv["Backup"]
+ BackupService[PBS Backup Service]
+ end
+ end
+
+ Firewall --> PreProd
+ Firewall --> BackupSrv
+```
+
+---
+
+## Long term
+
+replace VPS with a direct IP pinhole access
+
+replace the "stable" FLOSS services running on VPS with modules runing on "stable" machine locally
+
+
+# Design of Mid term solution
+
diff --git a/docs/mΓΈder/2026-05-11_messaging-presentation-fit-test.md b/docs/mΓΈder/2026-05-11_messaging-presentation-fit-test.md
new file mode 100644
index 0000000..773d660
--- /dev/null
+++ b/docs/mΓΈder/2026-05-11_messaging-presentation-fit-test.md
@@ -0,0 +1,190 @@
+---
+marp: true
+theme: gaia
+class: invert
+paginate: true
+size: 16:9
+---
+
+
+
+
+
+# Messaging Without Big Tech
+
+### Free & Open Alternatives to WhatsApp and Messenger
+
+MakerFLOSS Β· May 2026
+
+---
+
+## Why Are We Here?
+
+Most people use WhatsApp, Messenger, or iMessage.
+
+- **WhatsApp** β owned by Meta; metadata harvested
+- **Messenger** β no E2EE by default in groups; ad tracking
+- **Telegram** β _not_ E2EE by default; closed server
+- **iMessage** β Apple lock-in; no Android or Linux
+
+These apps are _convenient_ β but the cost is your data.
+
+---
+
+## Wish-list
+
+| Property | Why it matters |
+| ------------------------- | ------------------------------------------- |
+| End-to-end encryption | Only sender and recipient can read messages |
+| Open source | Anyone can audit the code |
+| Self-hostable | You control the server and the data |
+| No phone number required | Less identity linkage |
+| Cross-platform | Linux, Android, iOS, Windows |
+| Federated / decentralized | No single point of failure or control |
+
+---
+
+## The Landscape at a Glance
+
+_All apps below support end-to-end encryption._
+
+| App | Open source | Self-host | No phone# | Federation |
+| -------------------- | ----------- | --------- | --------- | ---------- |
+| **Signal** | Partial | β | β | β |
+| **Matrix / Element** | β | β | β | β |
+| **XMPP + OMEMO** | β | β | β | β |
+| **Briar** | β | N/A | β | N/A |
+| **Session** | β | Partial | β | Partial |
+
+---
+
+## Signal β The Gold Standard for E2EE
+
+Non-profit Signal Foundation. The Signal Protocol powers WhatsApp, Google RCS, and Messenger secret chats.
+
+**Pros**
+
+- Simplest UX β works like a normal messaging app
+- Audited, battle-tested cryptography; no ads, no tracking
+
+**Cons**
+
+- Phone number required β links identity to account
+- Centralized β Signal's servers, Signal's rules
+
+**Best for:** journalists, activists, everyday secure messaging
+
+---
+
+## Signal β Under the Hood
+
+```mermaid
+sequenceDiagram
+ participant A as Alice's phone
+ participant S as Signal Server
+ participant B as Bob's phone
+ A->>S: encrypted message
+ Note over S: sees: who, when, how often
does NOT see: content
+ S->>B: encrypted message
+ Note over B: decrypts with private key
+```
+
+Metadata still matters β [Signal subpoena responses](https://signal.org/bigbrother/)
+
+---
+
+## Matrix β The Federated Open Standard
+
+Matrix is a **protocol**, not an app β like email for real-time chat.
+
+```mermaid
+graph LR
+ EC[Element client] --> YH[your homeserver]
+ YH <-->|federation| OH[another homeserver]
+ FC[FluffyChat] --> OH
+```
+
+- **Servers**: Synapse (Python), Conduit (Rust), Dendrite (Go)
+- **Clients**: Element, FluffyChat, Cinny, Fractal, Nheko
+- **Bridges**: WhatsApp, Telegram, Signal, IRC, Discordβ¦
+
+---
+
+## Matrix β Pros and Cons
+
+**Pros**
+
+- Fully open source, top to bottom
+- Self-host your server β you own your data
+- Federated β no single company controls the network
+- Bridges consolidate all your chats in one place
+
+**Cons**
+
+- E2EE key management is clunky (cross-signing, key backup)
+- Synapse is resource-hungry (~1 GB RAM)
+- The UX of Element is still maturing
+
+---
+
+## Matrix Bridges β Stay Connected During the Transition
+
+A bridge relays messages between Matrix and another network β both ways.
+
+| Bridge | Network | Notes |
+| ------------------------- | ---------- | ------------------------------------------ |
+| `mautrix-whatsapp` | WhatsApp | Puppeting β your real WA account |
+| `mautrix-telegram` | Telegram | Puppeting β very stable |
+| `mautrix-signal` | Signal | Fragile β Signal actively breaks 3rd-party |
+| `meshtastic-matrix-relay` | Meshtastic | LoRa mesh β Matrix β off-grid messaging |
+
+**Catch:** Puppeting bridges hold your credentials. WhatsApp's ToS prohibits it β occasional bans occur.
+
+---
+
+## XMPP (Jabber)
+
+The _original_ federated chat standard β 1999. Still alive and kicking.
+
+- Extremely mature and lightweight
+- E2EE via OMEMO
+- Good clients: **Conversations** (Android), **Monal** (iOS/macOS), **Gajim** (desktop)
+- Con: fragmented client quality; less beginner-friendly than Signal or Matrix
+
+---
+
+## Briar
+
+Peer-to-peer messaging β _no server at all_.
+
+- Works over Tor, local WiFi, or Bluetooth (offline!)
+- Censorship-resistant by design
+- Con: Android-first; no desktop client; both parties must be online to first connect
+
+**For:** activists, disaster scenarios, high-censorship environments