diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/css/sections/content.css b/_vendor/github.com/linode/linode-docs-theme/assets/css/sections/content.css
index a276aa7dd02..67da1ebaa24 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/css/sections/content.css
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/css/sections/content.css
@@ -84,7 +84,7 @@ Note that this is usually used in combination with Tailwind's Typography plugin
 }
 
 .content .file .chroma {
-  @apply rounded-b-md m-0;
+  @apply rounded-b-md m-0 py-1;
 }
 
 .content .file .chroma .lntable {
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/index.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/index.js
index 9adf18c52dc..c7077d0c86b 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/index.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/index.js
@@ -1,6 +1,5 @@
 export * from './disqus';
 export * from './dropdowns';
 export * from './svg';
-export * from './trustarc';
 export * from './magic-helpers';
 export * from './tabs';
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/trustarc.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/trustarc.js
deleted file mode 100644
index b99b847dbb8..00000000000
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/components/trustarc.js
+++ /dev/null
@@ -1,108 +0,0 @@
-import { getCookie } from '../helpers/helpers';
-
-var debug = 0 ? console.log.bind(console, '[trustarc]') : function () {};
-
-const cookieNamePrivacy = 'cmapi_cookie_privacy';
-const cookieNameNotice = 'notice_behavior';
-
-export function initConsentManager(trustarcDomain, trustecm, callback) {
-	debug('initConsentManager for domain', trustarcDomain);
-
-	// Check to see if any of the TrustArc cookies are already set.
-	if (getCookie(cookieNamePrivacy) || getCookie(cookieNameNotice)) {
-		debug('TrustArc cookieset');
-		doInit(trustecm);
-		callback();
-	}
-
-	var apiObject = {
-		PrivacyManagerAPI: {
-			action: 'getConsentDecision',
-			timestamp: new Date().getTime(),
-			self: trustarcDomain,
-		},
-	};
-
-	const onConsent = function (e) {
-		if (typeof e.data != 'string') {
-			return;
-		}
-
-		let data;
-		try {
-			data = JSON.parse(e.data);
-		} catch (err) {
-			return;
-		}
-
-		if (data.source == 'preference_manager' && data.message == 'submit_preferences') {
-			debug('TrustArc preference message received:', data.message, data.data);
-			doInit(trustecm, data.data);
-			callback();
-		} else if (data.source == 'preference_manager') {
-			//debug('Unhandled TrustArc message received:', data.message, JSON.stringify(data));
-		}
-	};
-
-	window.top.postMessage(JSON.stringify(apiObject), '*');
-	window.addEventListener('message', onConsent, false);
-}
-
-function doInit(trustecm, privacyCookie = '') {
-	// Assume that initConsentManager can be called multiple times and that the consent state may have changed.
-	// Start with a clean slate.
-	for (let bucket in trustecm) {
-		trustecm[bucket] = false;
-	}
-
-	let buckets = {
-		required: 1,
-		performance: 2,
-		functional: 3,
-		targeting: 4,
-		social: 5,
-	};
-
-	if (privacyCookie) {
-		// The privacy settings fetched from the API are zero based. We need to convert them to 1 based,
-		// which is what's stored in the cookie.
-		let parts = privacyCookie.split(',');
-		for (let i = 0; i < parts.length; i++) {
-			parts[i] = parseInt(parts[i]) + 1;
-		}
-		privacyCookie = parts.join(',');
-		debug('received privacy settings from API', privacyCookie);
-	} else {
-		// If the user has expressed consent, then the cmapi_cookie_privacy cookie will be set, and we can check there to see if the user has allowed a particular bucket.
-		privacyCookie = getCookie(cookieNamePrivacy);
-		debug('read privacyCookie', privacyCookie);
-	}
-
-	if (privacyCookie) {
-		for (let bucket in buckets) {
-			if (privacyCookie.indexOf(buckets[bucket]) > -1) {
-				trustecm[bucket] = true;
-			}
-		}
-		debug('trustecm', trustecm);
-		return;
-	}
-
-	// If the user has not expressed consent, then the cmapi_cookie_privacy cookie will be missing, so we look instead at the notice_behavior cookie.
-	// If it contains the word expressed, then it means we can only fire required tags. But if it doesn't contain expressed, then full consent is implied,
-	// and it's ok to fire all the tags.
-	noticeBehaviorCookie = getCookie(cookieNameNotice);
-	debug('noticeBehaviorCookie', noticeBehaviorCookie);
-	if (!noticeBehaviorCookie) {
-		return;
-	}
-	if (noticeBehaviorCookie.indexOf('expressed') > -1) {
-		debug('expressed');
-		trustecm.required = true;
-		return;
-	}
-	for (let bucket in trustecm) {
-		trustecm[bucket] = true;
-	}
-	debug('trustecm', trustecm);
-}
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/index.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/index.js
index 4a88e2f5438..e403807cd0d 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/index.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/index.js
@@ -35,6 +35,14 @@ import { newSVGViewerController } from './navigation/svg-viewer';
 // Set up the search configuration (as defined in config.toml).
 const searchConfig = getSearchConfig(params);
 
+// Handle consent changes.
+(function () {
+	window.OptanonWrapper = function () {
+		const e = new CustomEvent('onetrust:groups-updated', { detail: OnetrustActiveGroups });
+		window.dispatchEvent(e);
+	};
+})();
+
 // Set up and start Alpine.
 (function () {
 	// For integration tests.
@@ -191,6 +199,8 @@ const searchConfig = getSearchConfig(params);
 			return;
 		}
 
+		reloadOTBanner();
+
 		pushDataLayer('docs_navigate');
 	});
 
@@ -261,3 +271,28 @@ const searchConfig = getSearchConfig(params);
 	window.addEventListener('turbo:before-render', restoreScroll);
 	window.addEventListener('turbo:render', restoreScroll);
 })();
+
+// See https://my.onetrust.com/s/article/UUID-69162cb7-c4a2-ac70-39a1-ca69c9340046?language=en_US&topicId=0TO1Q000000ssJBWAY
+function reloadOTBanner() {
+	var otConsentSdk = document.getElementById('onetrust-consent-sdk');
+	if (otConsentSdk) {
+		otConsentSdk.remove();
+	}
+
+	if (window.OneTrust != null) {
+		OneTrust.Init();
+
+		setTimeout(function () {
+			OneTrust.LoadBanner();
+
+			var toggleDisplay = document.getElementsByClassName('ot-sdk-show-settings');
+
+			for (var i = 0; i < toggleDisplay.length; i++) {
+				toggleDisplay[i].onclick = function (event) {
+					event.stopImmediatePropagation();
+					window.OneTrust.ToggleInfoDisplay();
+				};
+			}
+		}, 1000);
+	}
+}
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-analytics.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-analytics.js
index 4e515967c08..5f203cd0c38 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-analytics.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-analytics.js
@@ -7,14 +7,14 @@ const userTokenCookieName = 'linode_anonymous_usertoken';
 var debug = 0 ? console.log.bind(console, '[nav-analytics]') : function () {};
 
 export class AnalyticsEventsCollector {
-	constructor(searchConfig, getLastQueryID, trustecm) {
+	constructor(searchConfig, getLastQueryID, onetrust) {
 		this.headers = {
 			'X-Algolia-Application-Id': searchConfig.app_id,
 			'X-Algolia-API-Key': searchConfig.api_key,
 		};
 
 		(this.getLastQueryID = getLastQueryID), (this.urlEvents = `https://insights.algolia.io/1/events`);
-		this.trustecm = trustecm;
+		this.onetrust = onetrust;
 		this.anonomousUserToken = unspecificedUserToken;
 		if (supportsCookies()) {
 			this.anonomousUserToken = getCookie(userTokenCookieName);
@@ -46,7 +46,7 @@ export class AnalyticsEventsCollector {
 		if (searchConfig.click_analytics) {
 			const mergedIndex = searchConfig.indexName(searchConfig.sections_merged.index);
 			const userToken = () => {
-				if (trustecm.performance) {
+				if (onetrust.performance) {
 					return this.anonomousUserToken;
 				}
 				return unspecificedUserToken;
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-store.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-store.js
index cc2b3691fe0..096c4572e49 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-store.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav-store.js
@@ -2,7 +2,6 @@ import { isMobile } from '../helpers/helpers';
 import { getScrollPosNavbar } from './nav';
 import { AnalyticsEventsCollector } from './nav-analytics';
 import { RecommendationsFetcher } from './recommendations';
-import { initConsentManager } from '../components/index';
 
 export function newNavStore(searchConfig, searchStore, params, Alpine) {
 	const debug = 0 ? console.log.bind(console, '[nav-store]') : function () {};
@@ -37,14 +36,22 @@ export function newNavStore(searchConfig, searchStore, params, Alpine) {
 			toc: false,
 		},
 
-		// TrustArc consent settings. This will also be set on the window object,
-		// but keep it here so we can react on changes.
-		trustecm: {
+		onetrust: {
 			required: false,
-			socialmedia: false,
-			targeting: false,
-			functional: false,
 			performance: false,
+			functional: false,
+			targeting: false,
+			socialmedia: false,
+
+			toggleConsentDialog(event) {
+				if (!window.OneTrust) {
+					return;
+				}
+				debug('toggleConsentDialog');
+				// TODO1 see https://github.com/linode/linode-docs-theme/issues/954 Cookie Consent Links
+				window.OneTrust.ToggleInfoDisplay();
+				event.preventDefault();
+			},
 		},
 
 		recommendations: new RecommendationsFetcher(searchConfig),
@@ -91,11 +98,10 @@ export function newNavStore(searchConfig, searchStore, params, Alpine) {
 					}
 				}
 			});
-			window.trustecm = this.trustecm;
 			let getLastQueryID = () => {
 				return searchStore.results.lastQueryID;
 			};
-			this.analytics = new AnalyticsEventsCollector(searchConfig, getLastQueryID, this.trustecm);
+			this.analytics = new AnalyticsEventsCollector(searchConfig, getLastQueryID, this.onetrust);
 
 			// The callback below may be called multiple times.
 			let analyticsLoadEventPublished = false;
@@ -112,8 +118,19 @@ export function newNavStore(searchConfig, searchStore, params, Alpine) {
 					this.analytics.handler.startNewPage();
 				}
 			};
+		},
 
-			initConsentManager(params.trustarc_domain, this.trustecm, cb);
+		updateOptanonGroups(groups) {
+			// Groups on form ,C0001,C0002,C0003,C0004,C0005,
+			// Split on comma, remove empty strings.
+			let groupArray = groups.split(',').filter(Boolean);
+			this.onetrust.required = groupArray.includes('C0001');
+			this.onetrust.performance = groupArray.includes('C0002');
+			this.onetrust.functional = groupArray.includes('C0003');
+			this.onetrust.targeting = groupArray.includes('C0004');
+			this.onetrust.socialmedia = groupArray.includes('C0005');
+
+			console.log('updateOptanonGroups', this.onetrust);
 		},
 
 		openSearchPanel(scrollUp = false) {
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav.js
index a20b1c6c05f..c1aa95d965d 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/main/navigation/nav.js
@@ -93,6 +93,10 @@ export function newNavController(weglot_api_key) {
 			});
 		},
 
+		onOptanonGroupsUpdated: function (groups) {
+			this.$store.nav.updateOptanonGroups(groups);
+		},
+
 		onEffect: function () {
 			this.$store.search.updateLocationWithQuery();
 		},
diff --git a/_vendor/github.com/linode/linode-docs-theme/assets/js/testenvonly/index.js b/_vendor/github.com/linode/linode-docs-theme/assets/js/testenvonly/index.js
index e4cd7cdb84b..13dfbcaa91c 100644
--- a/_vendor/github.com/linode/linode-docs-theme/assets/js/testenvonly/index.js
+++ b/_vendor/github.com/linode/linode-docs-theme/assets/js/testenvonly/index.js
@@ -4,7 +4,6 @@
 	let opts = {
 		forceConsent: params.get('__forceconsent') === 'true',
 		apiShouldfail: params.get('__api_shouldfail') === 'true',
-		noticeBehaviour: params.get('__noticebehaviour') || 'expressed,eu',
 	};
 
 	console.log('Loading test environment with options:', opts);
@@ -17,30 +16,10 @@
 	}
 })();
 
-// forceSetCookieConsent simulates setting the TrustArc consent.
+// forceSetCookieConsent simulates setting the OneTrust consent.
 // This function is only included/invoked in test environments.
 function forceSetCookieConsent(opts) {
-	localStorage.setItem(
-		'truste.eu.cookie.cmapi_cookie_privacy',
-		'{"name":"truste.eu.cookie.cmapi_cookie_privacy","value":"permit 1,2,3,4,5","path":"/","expires":1662226579397}',
-	);
-	localStorage.setItem(
-		'truste.eu.cookie.notice_preferences',
-		'{"name":"truste.eu.cookie.notice_preferences","value":"2,4:","path":"/","expires":1662226579393}',
-	);
-	localStorage.setItem(
-		'truste.eu.cookie.notice_gdpr_prefs',
-		'{"name":"truste.eu.cookie.notice_gdpr_prefs","value":"0,1,2,3,4:","path":"/","expires":1662226579395}',
-	);
-
-	localStorage.setItem(
-		'truste.eu.cookie.cmapi_gtm_bl',
-		'{"name":"truste.eu.cookie.cmapi_gtm_bl","value":"","path":"/","expires":1662226579396}',
-	);
-
-	document.cookie = 'cmapi_cookie_privacy=permit 1,2,3;';
-	document.cookie = 'cmapi_gtm_bl=;';
-	document.cookie = 'notice_gdpr_prefs=0,1,2,3,4:;';
-	document.cookie = 'notice_preferences=2,4:;';
-	document.cookie = 'notice_behavior=' + opts.noticeBehaviour;
+	document.cookie = 'OptanonAlertBoxClosed=2024-09-18T09:20:34.230Z';
+	document.cookie =
+		'OptanonConsent=isGpcEnabled=0&datestamp=Mon+Sep+23+2024+10%3A25%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c3c54993-fe07-4044-b425-0ca7d930a31f&interactionCount=60&isAnonUser=1&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1&geolocation=NO%3B03&AwaitingReconsent=false';
 }
diff --git a/_vendor/github.com/linode/linode-docs-theme/config.toml b/_vendor/github.com/linode/linode-docs-theme/config.toml
index 4567feb974b..7838573bb9e 100644
--- a/_vendor/github.com/linode/linode-docs-theme/config.toml
+++ b/_vendor/github.com/linode/linode-docs-theme/config.toml
@@ -9,8 +9,8 @@ weglot_api_key = "wg_3b3ef29c81aa81292c64d1368ee318969"
 # For development/staging, see the config dir.
 adobe_launch_script = "https://assets.adobedtm.com/fcfd3580c848/f9e7661907ee/launch-2fb69de42220.min.js"
 
-# Trustarc Domain used in poduction
-trustarc_domain = "linode.com"
+# OneTrust Domain used in production.
+onetrust_domain_script = "01922358-0e47-73fa-9452-fa124177d6d6"
 
 [params.search_config2]
 
diff --git a/_vendor/github.com/linode/linode-docs-theme/config/development/config.toml b/_vendor/github.com/linode/linode-docs-theme/config/development/config.toml
index 850a06dfcaa..f292e15ec94 100644
--- a/_vendor/github.com/linode/linode-docs-theme/config/development/config.toml
+++ b/_vendor/github.com/linode/linode-docs-theme/config/development/config.toml
@@ -2,5 +2,5 @@
     # Adobe Analytics script used in development and on Netlify.
     adobe_launch_script = "https://assets.adobedtm.com/fcfd3580c848/f9e7661907ee/launch-006d022c8726-development.min.js"
 
-    # Trustarc domain used in development and on Netlify.
-    trustarc_domain = "linode_test.com"
+    # OneTrust Domain used in test/development.
+    onetrust_domain_script = "01922358-0e47-73fa-9452-fa124177d6d6-test"
diff --git a/_vendor/github.com/linode/linode-docs-theme/config/staging/config.toml b/_vendor/github.com/linode/linode-docs-theme/config/staging/config.toml
index 89e603d2676..9091267e64a 100644
--- a/_vendor/github.com/linode/linode-docs-theme/config/staging/config.toml
+++ b/_vendor/github.com/linode/linode-docs-theme/config/staging/config.toml
@@ -2,5 +2,5 @@
     # Adobe Analytics script used in Staging (docs.staging.linode.com/docs)
     adobe_launch_script = "https://assets.adobedtm.com/fcfd3580c848/f9e7661907ee/launch-96338797f65e-staging.min.js"
 
-    # Trustarc domain used in Staging (docs.staging.linode.com/docs)
-    # trustarc_domain = "linode.com"
+    # OneTrust Domain used in test/development.
+    onetrust_domain_script = "01922358-0e47-73fa-9452-fa124177d6d6-test"
diff --git a/_vendor/github.com/linode/linode-docs-theme/config/testing/config.toml b/_vendor/github.com/linode/linode-docs-theme/config/testing/config.toml
index 850a06dfcaa..f292e15ec94 100644
--- a/_vendor/github.com/linode/linode-docs-theme/config/testing/config.toml
+++ b/_vendor/github.com/linode/linode-docs-theme/config/testing/config.toml
@@ -2,5 +2,5 @@
     # Adobe Analytics script used in development and on Netlify.
     adobe_launch_script = "https://assets.adobedtm.com/fcfd3580c848/f9e7661907ee/launch-006d022c8726-development.min.js"
 
-    # Trustarc domain used in development and on Netlify.
-    trustarc_domain = "linode_test.com"
+    # OneTrust Domain used in test/development.
+    onetrust_domain_script = "01922358-0e47-73fa-9452-fa124177d6d6-test"
diff --git a/_vendor/github.com/linode/linode-docs-theme/content/testpages/typography.md b/_vendor/github.com/linode/linode-docs-theme/content/testpages/typography.md
index b5aaa51f938..12e19d12bcf 100644
--- a/_vendor/github.com/linode/linode-docs-theme/content/testpages/typography.md
+++ b/_vendor/github.com/linode/linode-docs-theme/content/testpages/typography.md
@@ -201,18 +201,29 @@ sudo systemctl restart apache2
 sudo systemctl restart apache2
 ```
 
-## File Shortcode
+## File Shortcode / code fence
 
 ### As a regular block
 
 Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc sollicitudin id metus vel malesuada. Ut suscipit nec orci vel sagittis. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia curae; Fusce accumsan fringilla urna et maximus. Aliquam erat volutpat. Nam malesuada faucibus massa ac ultrices. Sed finibus diam at dolor maximus porttitor.
 
+#### Fence
+
 ```file {title="/home/minecraft/run.sh"}
 #!/bin/sh
 
 java -Xms1024M -Xmx1536M -jar minecraft_server.1.13.jar -o true
 ```
 
+#### Shortcode
+
+{{< file title="/home/minecraft/run.sh" >}}
+#!/bin/sh
+
+java -Xms1024M -Xmx1536M -jar minecraft_server.1.13.jar -o true
+{{< /file >}}
+
+
 Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc sollicitudin id metus vel malesuada.
 
 ```file {title="/foo/bar/maz.go"}
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-codeblock-file.html b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-codeblock-file.html
index 9c682b490a8..8ccc1dc2278 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-codeblock-file.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-codeblock-file.html
@@ -14,7 +14,7 @@
 {{ $linenostart := .Attributes.linenostart | default 1 | int }}
 {{ $options := slice "lineNos=table" (printf "hl_lines=%s" $hl_lines ) (printf "linenostart=%d" $linenostart ) }}
 {{ $copyIcon := `<button type="button" aria-label="copy" class="btn-icon copy-button"><svg class="fill-current mr-3" style="width: 0.875rem; height: 1rem;"><use href="#icon--copy"></use></svg></button>` | safeHTML }}
-<dl class="relative file font-mono text-xs pull-out" x-data>
+<dl class="relative file font-mono text-xs pull-out not-prose" x-data>
     <div class="absolute right-0 top-0 pt-3 pr-2" @click="$copy($refs.code)">
         {{ $copyIcon }}
     </div>
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-link.html b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-link.html
index 2d1638cf2f2..2bb098c9ca6 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-link.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/_markup/render-link.html
@@ -85,8 +85,6 @@
   {{- if and .page .page.Params.description -}}
     {{- $text = .page.Params.description | markdownify -}}
   {{- end -}}
-
-
   <div>
     <a
       class="not-prose cursor-pointer flex flex-col group border p-4 rounded-md hover:shadow-md border-gray-300 m-0"
@@ -100,4 +98,4 @@
       </p>
     </a>
   </div>
-{{ end }}
+{{ end -}}
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/baseof.html b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/baseof.html
index 08f404bebb3..78481ed9d43 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/_default/baseof.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/_default/baseof.html
@@ -111,7 +111,8 @@
             x-data="lncNav"
             x-effect="onEffect()"
             @scroll.window.debounce.100ms="onScroll()"
-            @turbo:before-render.window="onTurboBeforeRender(event)"
+            @turbo:before-render.window="onTurboBeforeRender($event)"
+            @onetrust:groups-updated.window="onOptanonGroupsUpdated($event.detail)"
             @turbo:render.window="onTurboRender()"
             @popstate.window="onPopState($event)"
             id="nav-controller"
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/components/disqus.html b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/components/disqus.html
index f10e9f1337c..bfe3d7be30a 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/components/disqus.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/components/disqus.html
@@ -3,7 +3,7 @@
     class="flex justify-between bg-gray-300 pull-out items-center rounded-none md:rounded-md px-4 md:px-8 py-6 mt-8">
     <div class="font-regular tracking-normal">
       <header class="font-semibold text-lg mb-4">Join the conversation.</header>
-      <div x-show="$store.nav.trustecm.functional">
+      <div x-show="$store.nav.onetrust.functional">
         Read other comments or post your own below. Comments must be respectful,
         constructive, and relevant to the topic of the guide. Do not post
         external links or advertisements. Before posting, consider if your
@@ -13,12 +13,12 @@
         <a href="https://www.linode.com/community/questions/">Community Site</a
         >.
       </div>
-      <div x-show="!$store.nav.trustecm.functional && truste.eu">
+      <div x-show="!$store.nav.onetrust.functional">
         The Disqus commenting system for Linode Docs requires the acceptance of
         Functional Cookies, which allow us to analyze site usage so we can
         measure and improve performance. To view and create comments for this
         article, please
-        <a href="#" @click="truste.eu && truste.eu.clickListener()"
+        <a href="#" @click="$store.nav.onetrust.toggleConsentDialog($event);"
           >update your Cookie Preferences</a
         >
         on this website and refresh this web page. Please note: You must have
@@ -29,7 +29,7 @@
 
   <div class="pt-10" x-intersect.once="visible = true">
     <template
-      x-if="$store.nav.trustecm.functional && (visible || (window.location.hash.startsWith('#comment-')))">
+      x-if="$store.nav.onetrust.functional && (visible || (window.location.hash.startsWith('#comment-')))">
       <div>
         <div
           x-data="lncDisqus('{{ site.Config.Services.Disqus.Shortname }}', lnPageInfo)"
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/before-body-end.html b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/before-body-end.html
index de57b6471e1..9ad6e6e6f32 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/before-body-end.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/before-body-end.html
@@ -1,20 +1,3 @@
-<div id="consent_blackbar"></div>
-<button
-  id="cookie-prefs-icon"
-  title="linode.com Cookie Preferences"
-  onclick="truste.eu && truste.eu.clickListener()">
-  <svg viewBox="0 0 82.46 81.4299" xmlns="http://www.w3.org/2000/svg">
-    <path
-      d="m79.9979 37.4147c.0653.9211.1103 1.8477.1103 2.7853 0 21.4719-17.4064 38.8784-38.8784 38.8784s-38.8783-17.4064-38.8783-38.8784c0-16.9064 10.7944-31.2857 25.8648-36.639.8674 5.3335 4.8539 9.6192 10.03 10.9179.1671 10.9668 9.1038 19.8069 20.1104 19.8069 2.5215 0 4.9325-.4681 7.1566-1.3151 2.4761 3.0707 6.2669 5.0369 10.5187 5.0369 1.3803 0 2.7117-.2081 3.9659-.5928zm-29.6359-37.1604c-1.8262.7011-2.7384 2.7498-2.0373 4.5761s2.7498 2.7384 4.5761 2.0373 2.7384-2.7498 2.0373-4.5761-2.7498-2.7384-4.5761-2.0373zm24.6434-.1362c-.9131.3505-1.3692 1.3749-1.0187 2.288s1.3749 1.3692 2.288 1.0187 1.3692-1.3749 1.0187-2.288-1.3749-1.3692-2.288-1.0187zm-7.6898 11.5859c-2.5995 0-4.7068 2.1073-4.7068 4.7068s2.1073 4.7068 4.7068 4.7068 4.7068-2.1073 4.7068-4.7068-2.1073-4.7068-4.7068-4.7068z"
-      fill="currentColor"></path>
-    <path
-      d="m41.2295 81.4299c-22.7344 0-41.2295-18.4951-41.2295-41.2295 0-17.4131 11.0225-33.0273 27.4287-38.8554.6562-.2334 1.3828-.1641 1.9844.1914.5996.3555 1.0117.958 1.124 1.6465.7148 4.3936 3.9658 7.9316 8.2812 9.0146 1.0332.2598 1.7627 1.1807 1.7793 2.2451.1465 9.6445 8.1133 17.4912 17.7588 17.4912 2.1709 0 4.2969-.3906 6.3203-1.1602.958-.3652 2.0303-.0693 2.668.7217 2.1318 2.6436 5.2979 4.1602 8.6875 4.1602 1.1152 0 2.2178-.165 3.2764-.4893.6836-.2109 1.4277-.0967 2.0195.3086.5908.4053.9648 1.0586 1.0156 1.7734.0791 1.1172.1162 2.0557.1162 2.9521 0 22.7344-18.4961 41.2295-41.2305 41.2295zm-14.6182-74.707c-13.2041 5.7685-21.9082 18.9131-21.9082 33.4775 0 20.1406 16.3857 36.5264 36.5264 36.5264 20.1191 0 36.4912-16.3516 36.5273-36.4619-.5713.0625-1.1465.0938-1.7246.0938-4.2568 0-8.2656-1.6816-11.2314-4.6641-2.0869.626-4.248.9424-6.4443.9424-11.6201 0-21.3145-9.0049-22.3691-20.4014-4.3916-1.6377-7.8145-5.1318-9.376-9.5127z"
-      fill="#000"></path>
-    <path
-      d="m27.0191 19.4249c0 1.1123-.9017 2.014-2.014 2.014s-2.014-.9017-2.014-2.014.9017-2.014 2.014-2.014 2.014.9017 2.014 2.014zm6.368 10.6535c-.6209 0-1.1243.5034-1.1243 1.1243s.5034 1.1243 1.1243 1.1243 1.1243-.5034 1.1243-1.1243-.5034-1.1243-1.1243-1.1243zm-11.396 22.3004c-1.7421 0-3.1543 1.4122-3.1543 3.1543s1.4122 3.1543 3.1543 3.1543 3.1543-1.4122 3.1543-3.1543-1.4122-3.1543-3.1543-3.1543zm-4.8185-22.3004c-3.2134 0-5.8185 2.605-5.8185 5.8185s2.605 5.8185 5.8185 5.8185 5.8185-2.605 5.8185-5.8185-2.605-5.8185-5.8185-5.8185zm39.7048 26.4984c-2.192 0-3.969 1.777-3.969 3.969s1.777 3.969 3.969 3.969 3.969-1.777 3.969-3.969-1.777-3.969-3.969-3.969zm-18.3142-14.6104c-2.8587 0-5.1761 2.3174-5.1761 5.1761s2.3174 5.1761 5.1761 5.1761 5.1761-2.3174 5.1761-5.1761-2.3174-5.1761-5.1761-5.1761zm28.7524 3.3403c-1.4434 0-2.6136 1.1701-2.6136 2.6136s1.1701 2.6136 2.6136 2.6136 2.6136-1.1701 2.6136-2.6136-1.1701-2.6136-2.6136-2.6136zm-30.1656 21.7944c-.9269 0-1.6783.7514-1.6783 1.6783s.7514 1.6783 1.6783 1.6783 1.6783-.7514 1.6783-1.6783-.7514-1.6783-1.6783-1.6783z"
-      fill="#fff"></path>
-  </svg>
-</button>
 {{/* Add the GTag info to a temporary array which is handled in the backing script. */}}
 {{ with $.Params.gtags }}
   <script>
@@ -25,9 +8,9 @@
   </script>
 {{ end }}
 <div x-data="{}" style="display: none;">
-  {{/* Load the common Linode (from linode-website-partials repo), but only if trustecm.functional is set. */}}
+  {{/* Load the common Linode (from linode-website-partials repo), but only if onetrust.functional is set. */}}
   {{ $js := resources.Get "linode/footer-inline.js" }}
-  <template x-if="$store.nav.trustecm.functional">
+  <template x-if="$store.nav.onetrust.functional">
     {{ partial "helpers/script-src.html" (dict "js" $js "nodefer" true "params" (dict "is_production" (ne hugo.Environment "development") ) ) }}
   </template>
 </div>
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-linode-common.html b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-linode-common.html
index fd849f2ef2d..66671d341ac 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-linode-common.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-linode-common.html
@@ -15,7 +15,3 @@
 {{ end }}
 <link href="{{ $styles.RelPermalink }}" rel="stylesheet" />
 {{ partial "helpers/script-src.html" $js }}
-{{/* TrustArc for cookie consents. Also see the partial sections/before-body-end.html */}}<script
-  async
-  crossorigin
-  src="https://consent.trustarc.com/notice?domain={{ site.Params.trustarc_domain }}&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1"></script>
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-src.html b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-src.html
index cf9809366cd..ef77010842a 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-src.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head-src.html
@@ -43,7 +43,6 @@
 {{ $params := (dict
   "search_config" site.Params.search_config2
   "weglot_api_key" site.Params.weglot_api_key
-  "trustarc_domain" site.Params.trustarc_domain
   "page_title_suffix" site.Params.page_title_suffix
   "search_cachewarmer_urls" $cacheWarmerUrls
   "is_production" (ne hugo.Environment "development")
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head.html b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head.html
index 9cfae331f5d..76d465f3be6 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/partials/sections/head.html
@@ -29,6 +29,13 @@
 <link rel="shortcut icon" href="https://assets.linode.com/icons/favicon.ico">
 
 
+{{/* OneTrust Cookies Consent Notice for www.linode.com. Load this before Adobe Analytics. */}}
+<script
+  src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js"
+  type="text/javascript"
+  charset="UTF-8"
+  data-domain-script="{{ site.Params.onetrust_domain_script }}"></script>
+
 {{/* Adobe Analytics.
   This is configured for the environments production, development (Netlify and local) and staging.
 */}}<script
diff --git a/_vendor/github.com/linode/linode-docs-theme/layouts/shortcodes/file.html b/_vendor/github.com/linode/linode-docs-theme/layouts/shortcodes/file.html
index 8830c33d7e4..c6e1bc05420 100644
--- a/_vendor/github.com/linode/linode-docs-theme/layouts/shortcodes/file.html
+++ b/_vendor/github.com/linode/linode-docs-theme/layouts/shortcodes/file.html
@@ -18,7 +18,7 @@
 {{ end }}
 {{ $options := slice "lineNos=table" (printf "hl_lines=%s" $hl_lines ) (printf "linenostart=%d" $linenostart ) }}
 {{ $copyIcon := `<button type="button" aria-label="copy" class="btn-icon copy-button"><svg class="fill-current mr-3" style="width: 0.875rem; height: 1rem;"><use href="#icon--copy"></use></svg></button>` | safeHTML }}
-<dl class="relative file font-mono text-xs pull-out" x-data>
+<dl class="relative file font-mono text-xs pull-out not-prose" x-data>
     <div class="absolute right-0 top-0 pt-3 pr-2" @click="$copy($refs.code)">
         {{ $copyIcon }}
     </div>
diff --git a/_vendor/github.com/linode/linode-website-partials/footer.css b/_vendor/github.com/linode/linode-website-partials/footer.css
index 7e576e34c2e..631db11c601 100644
--- a/_vendor/github.com/linode/linode-website-partials/footer.css
+++ b/_vendor/github.com/linode/linode-website-partials/footer.css
@@ -1,165 +1,7 @@
-#consent_blackbar,
-#truste-consent-track {
-  background-color: transparent !important;
-  bottom: 0 !important;
-  left: 0 !important;
-  margin: 0 !important;
-  padding: 0 !important;
-  position: fixed !important;
-  right: 0 !important;
-  z-index: 2147483647 !important;
-}
-
-#truste-consent-content {
-  background-color: #ffffff;
-  border: none;
-  border-top: 1px solid #ededf4;
-  box-shadow: 0 -30px 30px 0 rgba(0, 0, 0, 0.05);
-  display: flex;
-  gap: 32px;
-  padding: 16px;
-  position: relative;
-}
-@media (min-width: 48em) and (max-width: 61.99em) {
-  #truste-consent-content {
-    gap: 16px;
-  }
-}
-@media (max-width: 47.99em) {
-  #truste-consent-content {
-    flex-direction: column;
-    gap: 16px;
-  }
-}
-
-#truste-consent-header {
-  order: 999;
-}
-#truste-consent-header .truste-icon-box {
-  display: grid;
-  place-items: center;
-}
-#truste-consent-header .truste-icon-box img {
-  aspect-ratio: 1/1;
-  display: block;
-  max-width: unset;
-  padding: 8px;
-  width: 30px;
-}
-@media (max-width: 47.99em) {
-  #truste-consent-header {
-    order: unset;
-  }
-}
-
-@media (max-width: 47.99em) {
-  .truste-icon-box {
-    position: absolute;
-    right: 16px;
-    top: 16px;
-    z-index: 999;
-  }
-}
-
-.truste-messageColumn {
-  border-right: 1px solid #d9dbe1;
-  color: #32363b;
-  flex: 1;
-  font-size: 0.875rem;
-  line-height: 1.4285714286;
-  padding-right: 16px;
-}
-.truste-messageColumn h2 {
-  font-size: 1rem;
-  font-weight: 600;
-  letter-spacing: 0;
-  line-height: 1.5;
-  margin: 0 0 10px;
-}
-.truste-messageColumn a {
-  color: #017ac6;
-  text-decoration: underline;
-}
-@media (max-width: 47.99em) {
-  .truste-messageColumn {
-    border-right: none;
-    padding-right: 0;
-  }
-}
-
-.truste-buttonsColumn {
-  align-items: center;
-  display: flex;
-  flex: none;
-  gap: 8px;
-}
-.truste-buttonsColumn button {
-  background-clip: border-box;
-  background-color: #017ac6;
-  border: 2px solid transparent;
-  border-radius: 4px;
-  color: #ffffff;
-  cursor: pointer;
-  display: inline-block;
-  font-size: 0.875rem;
-  font-weight: 600;
-  line-height: 1.1428571429;
-  padding: 12px 24px;
-  text-align: center;
-  text-decoration: none;
-  white-space: nowrap;
-}
-.truste-buttonsColumn #truste-show-consent {
-  background-color: #ffffff;
-  border-color: #017ac6;
-  color: #017ac6;
-}
-@media (min-width: 48em) and (max-width: 61.99em) {
-  .truste-buttonsColumn {
-    align-items: stretch;
-    flex-direction: column;
-    justify-content: center;
-  }
-}
-@media (max-width: 47.99em) {
-  .truste-buttonsColumn {
-    justify-content: flex-end;
-  }
-  .truste-buttonsColumn :is(button, a) {
-    padding: 8px 16px;
-  }
-}
-
-#truste-consent-content {
-  overflow: visible !important;
-}
-
-#truste-repop-msg {
-  font-size: 0.875rem !important;
-  inset: auto 0 100% !important;
-  line-height: 1.4285714286 !important;
-  margin: 0 !important;
-  padding: 16px !important;
-  position: absolute !important;
-}
-
-button#cookie-prefs-icon {
-  background: transparent;
-  border: none;
-  bottom: 16px;
-  color: #494C51;
-  cursor: pointer;
-  left: 16px;
-  padding: 1px 6px;
-  position: fixed;
-  z-index: 10;
-}
-button#cookie-prefs-icon:hover {
-  color: #017ac6;
-}
-button#cookie-prefs-icon svg {
-  height: 32px;
-  width: 32px;
+#ot-sdk-btn-floating {
+  animation: none !important;
+  left: 1% !important;
+  opacity: 1 !important;
 }
 
 .c-site-footer {
diff --git a/_vendor/github.com/linode/linode-website-partials/footer.html b/_vendor/github.com/linode/linode-website-partials/footer.html
index 7a09fb28bd9..0fe8b00f4c4 100644
--- a/_vendor/github.com/linode/linode-website-partials/footer.html
+++ b/_vendor/github.com/linode/linode-website-partials/footer.html
@@ -34,7 +34,12 @@
         </div>
 
         <div class="o-layout__module c-consent">
-          <div id="teconsent"></div>
+          <style>
+            #teconsent[consent] { display: block !important; }
+            #teconsent:not([consent]) + a { display: block !important; };
+          </style>
+          <div id="teconsent" style="display:none;"></div>
+          <a href="#open-consent-prefs" style="display:none;">Cookie Preferences</a>
         </div>
 
         <div class="o-layout__module c-social --mobile">
diff --git a/_vendor/github.com/linode/linode-website-partials/header.css b/_vendor/github.com/linode/linode-website-partials/header.css
index b1e06ca4eec..42a71fbc985 100644
--- a/_vendor/github.com/linode/linode-website-partials/header.css
+++ b/_vendor/github.com/linode/linode-website-partials/header.css
@@ -1,3 +1,31 @@
+@font-face {
+  font-display: swap;
+  font-family: "Oswald";
+  font-style: normal;
+  font-weight: 300;
+  src: local(""), url("https://assets.linode.com/fonts/oswald-v35-latin-300.woff2") format("woff2"), url("https://assets.linode.com/fonts/oswald-v35-latin-300.woff") format("woff");
+}
+@font-face {
+  font-display: swap;
+  font-family: "Oswald";
+  font-style: normal;
+  font-weight: 400;
+  src: local(""), url("https://assets.linode.com/fonts/oswald-v35-latin-regular.woff2") format("woff2"), url("https://assets.linode.com/fonts/oswald-v35-latin-regular.woff") format("woff");
+}
+@font-face {
+  font-display: swap;
+  font-family: "Source Sans Pro";
+  font-style: normal;
+  font-weight: 400;
+  src: local(""), url("https://assets.linode.com/fonts/source-sans-pro-v14-latin-regular.woff2") format("woff2"), url("https://assets.linode.com/fonts/source-sans-pro-v14-latin-regular.woff") format("woff");
+}
+@font-face {
+  font-display: swap;
+  font-family: "Source Sans Pro";
+  font-style: normal;
+  font-weight: 600;
+  src: local(""), url("https://assets.linode.com/fonts/source-sans-pro-v14-latin-600.woff2") format("woff2"), url("https://assets.linode.com/fonts/source-sans-pro-v14-latin-600.woff") format("woff");
+}
 :root {
   --site-top-offset: 0px;
   --site-banner-height: 0px;
@@ -76,7 +104,7 @@
   flex: 1;
   font-family: unset;
   font-size: unset;
-  gap: 8px;
+  gap: 4px;
   line-height: unset;
   order: 0;
   padding: 0;
@@ -279,6 +307,16 @@ body.om-position-floating-top {
   padding-left: var(--gap);
 }
 
+@media (min-width: 62em) and (max-width: 65.3125em) {
+  .c-identity__image {
+    height: 42px;
+  }
+}
+@media (max-width: 65.3125em) {
+  .c-identity {
+    --gap: 16px;
+  }
+}
 .c-site-header {
   color: #32363b;
   font-family: "Source Sans Pro", sans-serif;
@@ -303,26 +341,7 @@ body.om-position-floating-top {
 .c-site-header__primary {
   z-index: 999;
 }
-:where(.c-site-header--static, .c-site-header--dynamic) {
-  --flag-size: 40px;
-}
-:where(.c-site-header--static, .c-site-header--dynamic)::after {
-  border-color: transparent;
-  border-style: solid;
-  border-top-color: var(--flag-border-color, transparent);
-  border-width: var(--flag-size) var(--flag-size) 0 0;
-  content: "";
-  display: var(--flag-display, none);
-  height: 0;
-  inset: 0 auto auto 0;
-  position: absolute;
-  width: 0;
-  z-index: 9999;
-}
-.c-site-header--static {
-  --flag-border-color: green;
-  --flag-display: block ;
-}
+
 .c-site-header__primary {
   background-color: #ffffff;
   border-bottom: 1px solid #ededf4;
@@ -352,7 +371,7 @@ body.om-position-floating-top {
   margin-block: 0;
 }
 .c-site-header__primary .c-main-menu nav {
-  margin-right: -12px;
+  margin-right: -10px;
 }
 .c-site-header__primary .o-menu__list {
   justify-content: flex-end;
@@ -366,7 +385,7 @@ body.om-position-floating-top {
   align-items: center;
   display: flex;
   font-weight: 600;
-  margin: 0 12px;
+  margin: 0 10px;
   position: relative;
 }
 .c-site-header__primary .o-menu__title {
@@ -452,10 +471,10 @@ body.om-position-floating-top {
   padding-left: 8px;
 }
 .c-site-header__primary .c-weglot-nav .country-selector {
-  margin-right: -12px;
+  margin-right: -10px;
 }
 .c-site-header__primary .c-weglot-nav .wgcurrent {
-  margin: 0 12px;
+  margin: 0 10px;
 }
 .c-site-header__primary .c-weglot-nav .wgcurrent a, .c-site-header__primary .c-weglot-nav .wgcurrent span {
   padding: 10px 0;
diff --git a/_vendor/github.com/linode/linode-website-partials/header.js b/_vendor/github.com/linode/linode-website-partials/header.js
index a96ba5c51d9..903bfc2248d 100644
--- a/_vendor/github.com/linode/linode-website-partials/header.js
+++ b/_vendor/github.com/linode/linode-website-partials/header.js
@@ -126,7 +126,7 @@
       if (!$slot) return;
       let $feature = generateFeature(item);
       if (!$feature) return;
-      $slot.appendChild($feature);
+      $slot.replaceChildren($feature);
     });
   };
   var generateImage = function(data) {
diff --git a/_vendor/modules.txt b/_vendor/modules.txt
index bede773d69a..c33ee887be7 100644
--- a/_vendor/modules.txt
+++ b/_vendor/modules.txt
@@ -1,5 +1,5 @@
-# github.com/linode/linode-docs-theme v0.0.0-20241007154737-202188059409
-# github.com/linode/linode-website-partials v0.0.0-20241004163055-18afaa3dfa37
+# github.com/linode/linode-docs-theme v0.0.0-20241107173628-e39045c56363
+# github.com/linode/linode-website-partials v0.0.0-20241101140355-9f609290c2c4
 # github.com/gohugoio/hugo-mod-jslibs-dist/alpinejs/v3 v3.21300.20800
 # github.com/gohugoio/hugo-mod-jslibs/turbo/v8 v8.20000.20400
 # github.com/hotwired/turbo v8.0.4+incompatible
diff --git a/ci/vale/dictionary.txt b/ci/vale/dictionary.txt
index 225acd8d0df..09addb95532 100644
--- a/ci/vale/dictionary.txt
+++ b/ci/vale/dictionary.txt
@@ -1284,6 +1284,7 @@ kubespray
 Kuma
 kustomize
 kuznetosv
+Kyber
 lambdabunker
 Laminas
 Langa
diff --git a/docs/contributors/jan-schaumann/_index.md b/docs/contributors/jan-schaumann/_index.md
new file mode 100644
index 00000000000..bf2cd50cff5
--- /dev/null
+++ b/docs/contributors/jan-schaumann/_index.md
@@ -0,0 +1,6 @@
+---
+title: "Jan Schaumann"
+link: ""
+email: ""
+description: "The Linode documentation library's profile page and submission listing for Jan Schaumann"
+---
\ No newline at end of file
diff --git a/docs/contributors/seweryn-krajczok/_index.md b/docs/contributors/seweryn-krajczok/_index.md
new file mode 100644
index 00000000000..097e762f85a
--- /dev/null
+++ b/docs/contributors/seweryn-krajczok/_index.md
@@ -0,0 +1,6 @@
+---
+title: "Seweryn Krajczok"
+link: ""
+email: ""
+description: "The Linode documentation library's profile page and submission listing for Seweryn Krajczok"
+---
\ No newline at end of file
diff --git a/docs/guides/security/encryption/post-quantum-encryption-nginx-debian11/index.md b/docs/guides/security/encryption/post-quantum-encryption-nginx-debian11/index.md
new file mode 100644
index 00000000000..d98974fa44d
--- /dev/null
+++ b/docs/guides/security/encryption/post-quantum-encryption-nginx-debian11/index.md
@@ -0,0 +1,666 @@
+---
+slug: post-quantum-encryption-nginx-debian11
+title: "Post Quantum Encryption with NGINX on Debian 11"
+description: "Learn how to set up a Debian 11 Nginx web server with support for the post-quantum cryptography X25519Kyber768Draft00 / ML-KEM key exchange in TLS 1.3."
+authors: ["Seweryn Krajczok", "Jan Schaumann"]
+contributors: ["Seweryn Krajczok", "Jan Schaumann"]
+published: 2024-11-05
+keywords: ['X25519Kyber768Draft00','X25519MLKEM768', 'ML-KEM', 'post-quantum cryptography','tls 1.3','cybersecurity','debian 11','key exhange','OpenSSL','encryption','secure website']
+license: '[CC BY-ND 4.0](https://creativecommons.org/licenses/by-nd/4.0)'
+external_resources:
+- '[Open Quantum Safe](https://openquantumsafe.org/liboqs/)'
+- '[OpenSSL Library](https://openssl-library.org/)'
+- '[GitHub: Open Quantum Safe oqs-provider](https://github.com/open-quantum-safe/oqs-provider)'
+relations:
+    platform:
+        key: post-quantum-encryption-nginx
+        keywords:
+            - distribution: Debian 11
+---
+
+The National Institute of Standards and Technology (NIST) recently [released](https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards) its first finalized Post-Quantum Encryption Standards to protect against quantum computer attacks. This includes the Module-Lattice-based Key-Encapsulation Mechanism standard (ML-KEM, defined in [FIPS-203](https://csrc.nist.gov/pubs/fips/203/final)). It is already being implemented in the industry using an early [pre-standardization draft](https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/) for use with TLS.
+
+Deploying this algorithm for your web server currently requires some additional steps. The process may vary depending on your operating system's version of OpenSSL. This guide shows how to deploy this algorithm with NGINX on Debian 11, using the [Open Quantum Safe (OQS) provider](https://github.com/open-quantum-safe/oqs-provider) for OpenSSL, which is used to enable the post quantum encryption algorithm.
+
+{{< note >}}
+On Debian 11, the versions of OpenSSL and NGINX available from apt are not compatible with post quantum encryption, so this guide shows how to build them from source instead.  On Ubuntu 24.04, post quantum encryption-compatible versions are available through apt, and [this guide](/docs/guides/post-quantum-encryption-nginx-ubuntu2404/) describes how to configure the encryption algorithm on that distribution.
+{{< /note >}}
+
+## Before You Begin
+
+1.  To follow along with the steps in the guide, create a Compute Instance running Debian 11. See the [Get started](https://techdocs.akamai.com/cloud-computing/docs/getting-started) and [Create a compute instance](https://techdocs.akamai.com/cloud-computing/docs/create-a-compute-instance) product documentation for instructions. You may also choose to adapt the configuration from this guide to an existing NGINX installation.
+
+1.  Follow the [Set up and secure a Compute Instance](https://techdocs.akamai.com/cloud-computing/docs/set-up-and-secure-a-compute-instance) product documentation to appropriately secure your system.
+
+1. To implement the algorithm in NGINX, a TLS certificate is required. When using a certificate from a public certificate authority, a domain name or subdomain must be assigned to your Linode instance. Visit your domain name registrar's website to assign a new record to your Linode instance's IP address. Your IP address is [displayed in the cloud manager](https://techdocs.akamai.com/cloud-computing/docs/managing-ip-addresses-on-a-compute-instance#viewing-ip-addresses). If you use the Linode DNS Manager, visit the [manage DNS records](https://techdocs.akamai.com/cloud-computing/docs/manage-domains) product documentation to view instructions for assigning a new A/AAAA record to your IP address.
+
+1.  For an overview of how TLS encryption works, review the [Understanding TLS Certificates and Connections](/docs/guides/what-is-a-tls-certificate/) guide.
+
+{{< note >}}
+This guide is written for a non-root user. Commands that require elevated privileges are prefixed with `sudo`. If you’re not familiar with the `sudo` command, see the [Users and Groups](/docs/guides/linux-users-and-groups/) guide.
+{{< /note >}}
+
+### Install Dependencies
+
+Once your Debian 11 compute instance is set up and secured, install the dependencies and system packages needed to build OpenSSL and the OQS provider.
+
+1.  First, update your package list to ensure you download the latest available versions:
+
+    ```command
+    sudo apt update
+    ```
+
+1.  Next, install `make`, a build automation tool used to compile and link programs from source code. It reads instructions from a Makefile, which defines how to compile and build the software:
+
+    ```command
+    sudo apt install -y make
+    ```
+
+1.  Now install `gcc` (GNU Compiler Collection), which compiles source code written in languages like C and C++ into executable programs. It is essential for building OpenSSL and other software from source code:
+
+    ```command
+    sudo apt install -y gcc
+    ```
+
+## Install OpenSSL from Source
+
+Debian 11 comes with OpenSSL version `1.1.1w` by default, but the OQS provider requires OpenSSL 3.x. Therefore, you need to build a newer version from source.
+
+1.  First, change into your user's home directory, if not already:
+
+    ```command
+    cd ~
+    ```
+
+1.  Download the OpenSSL source code:
+
+    ```command
+    wget https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz
+    ```
+
+1.  Download the corresponding signature file:
+
+    ```command
+    wget https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz.asc
+    ```
+
+### Verify the OpenSSL Code Signature
+
+Before proceeding with the installation, verify the integrity and authenticity of the downloaded files using GnuPG (`gnupg`).
+
+1.  First, install `gnupg`:
+
+    ```command
+    sudo apt -y install gnupg
+    ```
+
+1.  Next, import the public OpenSSL signing key:
+
+    ```command
+    gpg --search-keys openssl@openssl.org
+    ```
+
+    When prompted, press the <kbd>1</kbd> key followed by <kbd>ENTER</kbd> to choose the key from `openssl@openssl.org`:
+
+    ```output
+    gpg: directory '/home/{{< placeholder "USERNAME" >}}/.gnupg' created
+    gpg: keybox '/home/{{< placeholder "USERNAME" >}}/.gnupg/pubring.kbx' created
+    gpg: data source: https://keys.openpgp.org:443
+    (1)	OpenSSL <openssl@openssl.org>
+        4096 bit RSA key 216094DFD0CB81EF, created: 2024-04-08
+    Keys 1-1 of 1 for "openssl@openssl.org".  Enter number(s), N)ext, or Q)uit >
+    ```
+
+    Afterward, you should see output similar to the following:
+
+    ```output
+    gpg: /home/{{< placeholder "USERNAME" >}}/.gnupg/trustdb.gpg: trustdb created
+    gpg: key 216094DFD0CB81EF: public key "OpenSSL <openssl@openssl.org>" imported
+    gpg: Total number processed: 1
+    gpg:               imported: 1
+    ```
+
+1.  Verify the fingerprint of the imported key to ensure it matches OpenSSL's official key:
+
+    ```command
+    gpg --fingerprint openssl@openssl.org
+    ```
+
+    You should see output similar to the following:
+
+    ```output
+    pub   rsa4096 2024-04-08 [SC] [expires: 2026-04-08]
+          BA54 73A2 B058 7B07 FB27  CF2D 2160 94DF D0CB 81EF
+    uid           [ unknown] OpenSSL <openssl@openssl.org>
+    ```
+
+1.  Finally, verify the OpenSSL source file against its signature:
+
+    ```command
+    gpg --verify openssl-3.4.0.tar.gz.asc openssl-3.4.0.tar.gz
+    ```
+
+    You should see a confirmation similar to the output below:
+
+    ```output
+    gpg: Signature made Tue 22 Oct 2024 12:27:03 PM UTC
+    gpg:                using RSA key BA5473A2B0587B07FB27CF2D216094DFD0CB81EF
+    gpg: Good signature from "OpenSSL <openssl@openssl.org>" [unknown]
+    ```
+
+    {{< note >}}
+    If you see a warning message about not having a trusted signature, it does not impact the validity of the signature:
+
+    ```output
+    gpg: WARNING: This key is not certified with a trusted signature!
+    gpg:          There is no indication that the signature belongs to the owner.
+    Primary key fingerprint: BA54 73A2 B058 7B07 FB27  CF2D 2160 94DF D0CB 81EF
+    ```
+
+    The warning message appears because the OpenSSL signing key has not yet been marked as "trusted" in your GnuPG keyring.
+    {{< /note >}}
+
+### Build OpenSSL
+
+After verifying the source code, the next step is to build OpenSSL from source.
+
+1.  Extract the downloaded OpenSSL archive:
+
+    ```command
+    tar zxf openssl-3.4.0.tar.gz
+    ```
+
+1.  Change into the extracted OpenSSL source directory:
+
+    ```command
+    cd openssl-3.4.0
+    ```
+
+1.  Configure the OpenSSL build, specifying the installation path as `/opt` and setting the appropriate runtime library search path:
+
+    ```command
+    ./Configure --prefix=/opt '-Wl,-rpath,$(LIBRPATH)'
+    ```
+
+1.  Use `make` to compile the OpenSSL source code:
+
+    ```command
+    make
+    ```
+
+    {{< note >}}
+    This process may take a few minutes depending on your system.
+    {{< /note >}}
+
+1.  Install the compiled OpenSSL files to the specified location:
+
+    ```command
+    sudo make install
+     ```
+
+    {{< note >}}
+    This process may take a few minutes depending on your system.
+    {{< /note >}}
+
+1.  Verify that the correct version of OpenSSL is installed:
+
+    ```command
+    /opt/bin/openssl version
+    ```
+
+    This should return the version number of the OpenSSL build you just installed to `/opt/bin`:
+
+    ```output
+    OpenSSL 3.4.0 22 Oct 2024 (Library: OpenSSL 3.4.0 22 Oct 2024)
+    ```
+
+1.  Now check the active version via the basic `openssl` command:
+
+    ```command
+    openssl version
+    ```
+
+    This should still show `1.1.1w`, the default version bundled with Debian 11:
+
+    ```output
+    OpenSSL 1.1.1w  11 Sep 2023
+    ```
+
+In order to complete the installation, you need to make sure that the version you installed in `/opt/bin` is used instead.
+
+### Add `/opt/bin` to Your `PATH`
+
+Adjust your `PATH` environment variable to prioritize the `/opt/bin` directory.
+
+1.  Open your `~/.bashrc` file in a command line text editor such as `nano`:
+
+    ```command
+    nano ~/.bashrc
+    ```
+
+    Append the following line to the end of the file:
+
+    ```file {title="~/.bashrc"}
+    export PATH=/opt/bin:$PATH
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+1.  Apply the changes:
+
+    ```command
+    source ~/.bashrc
+    ```
+
+1.  Use the basic `openssl` command to recheck the active version of OpenSSL:
+
+    ```command
+    openssl version
+    ```
+
+    The output should now show version `3.4.0`, which you installed in `/opt/bin`:
+
+    ```output
+    OpenSSL 3.4.0 3 Sep 2024 (Library: OpenSSL 3.4.0 3 Sep 2024)
+    ```
+
+## Install `oqs-provider`
+
+The `oqs-provider` is a library that integrates post-quantum cryptographic algorithms into OpenSSL. This section outlines the steps needed to install it and leverage this advanced cryptography.
+
+### Install Dependencies
+
+A couple of dependencies must be installed prior to `oqs-provider`, along with Git:
+
+1.  First, change back into your user's home directory:
+
+    ```command
+    cd ~
+    ```
+
+1.  Install `git`, a distributed version control system that can manage code repositories:
+
+    ```command
+    sudo apt install -y git
+    ```
+
+1.  Now install `cmake`, a cross-platform build system generator that helps automate the compilation and build process for software projects:
+
+    ```command
+    sudo apt install -y cmake
+    ```
+
+1.  Finally, install `ninja-build`, a build system designed to run builds in parallel, which reduces the compilation time of large projects:
+
+    ```command
+    sudo apt install -y ninja-build
+    ```
+
+### Clone the `oqs-provider` Repository
+
+1.  Use `git` to clone the `oqs-provider` repository from GitHub:
+
+    ```command
+    git clone https://github.com/open-quantum-safe/oqs-provider.git
+    ```
+
+1.  Change into the `oqs-provider` directory:
+
+    ```command
+    cd oqs-provider
+    ```
+
+### Build `oqs-provider`
+
+1.  Set the OpenSSL root directory and build the `oqs-provider` using the provided script:
+
+    ```command
+    env OPENSSL_ROOT=/opt CMAKE_PARAMS="-DOPENSSL_CRYPTO_LIBRARY=/opt/lib64/libcrypto.so" bash scripts/fullbuild.sh
+    ```
+
+    {{< note >}}
+    This process may take a few minutes depending on your system.
+    {{< /note >}}
+
+1.  Use `cmake` to install the compiled `oqs-provider`:
+
+    ```command
+    sudo cmake --install _build
+    ```
+
+1.  Run the test suite to verify the `oqs-provider` build:
+
+    ```command
+    scripts/runtests.sh
+    ```
+
+### Configure OpenSSL to Use the OQS Provider
+
+1.  Use `nano` to edit the OpenSSL configuration file:
+
+    ```command
+    sudo nano /opt/ssl/openssl.cnf
+    ```
+
+    Add the following lines at the end:
+
+    ```file {title="/opt/ssl/openssl.cnf"}
+    # PQC via OpenQuantumSafe
+    [provider_sect]
+    default = default_sect
+    oqsprovider = oqsprovider_sect
+
+    [default_sect]
+    activate = 1
+
+    [oqsprovider_sect]
+    activate = 1
+    ```
+
+    {{< note >}}
+    In this case, you are editing the `/opt/ssl/openssl.cnf` file, not the configuration file for the system OpenSSL.
+    {{< /note >}}
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+### Check Provider Version Information
+
+1.  List the active OpenSSL providers to verify the installation:
+
+    ```command
+    openssl list -providers
+    ```
+
+    You should see output similar to the following:
+
+    ```output
+    Providers:
+      default
+        name: OpenSSL Default Provider
+        version: 3.4.0
+        status: active
+      oqsprovider
+        name: OpenSSL OQS Provider
+        version: 0.7.1-dev
+        status: active
+    ```
+
+## Install Nginx from Source
+
+The version of Nginx available for Debian 11 uses OpenSSL version `1.1.1w`. In order to use OpenSSL 3.x, you must build Nginx from source.
+
+### Fetch Nginx Source
+
+1.  Before continuing, change back into your user's home directory:
+
+    ```command
+    cd ~
+    ```
+
+1.  Use `wget` to download the Nginx source files:
+
+    ```command
+    wget https://nginx.org/download/nginx-1.27.2.tar.gz
+    ```
+
+1.  Also download the corresponding signature for verification:
+
+    ```command
+    wget https://nginx.org/download/nginx-1.27.2.tar.gz.asc
+    ```
+
+### Verify the Signature
+
+1.  Download the public key:
+
+    ```command
+    wget https://nginx.org/keys/pluknet.key
+    ```
+
+1.  Import the key:
+
+    ```command
+    gpg --import pluknet.key
+    ```
+
+1.  Verify the signature:
+
+    ```command
+    gpg --verify nginx-1.27.2.tar.gz.asc nginx-1.27.2.tar.gz
+    ```
+
+    If verification succeeds, you should see output similar to the following:
+
+    ```output
+    gpg: Signature made Wed 02 Oct 2024 03:31:12 PM UTC
+    gpg:                using RSA key D6786CE303D9A9022998DC6CC8464D549AF75C0A
+    gpg:                issuer "s.kandaurov@f5.com"
+    gpg: Good signature from "Sergey Kandaurov <s.kandaurov@f5.com>" [unknown]
+    gpg:                 aka "Sergey Kandaurov <pluknet@nginx.com>" [unknown]
+    gpg: WARNING: This key is not certified with a trusted signature!
+    gpg:          There is no indication that the signature belongs to the owner.
+    Primary key fingerprint: D678 6CE3 03D9 A902 2998  DC6C C846 4D54 9AF7 5C0A
+    ```
+
+    {{< note >}}
+    Nginx uses individual developer keys to sign its releases, so don't be alarmed if you see unfamiliar names during verification. If verification fails, additional signing keys can be found at [https://nginx.org/en/pgp_keys.html](https://nginx.org/en/pgp_keys.html).
+    {{< /note >}}
+
+### Install Dependencies
+
+A couple of libraries are required before building Nginx:
+
+1.  Install `zlib1g-dev`, a compression library for handling compressed content:
+
+    ```command
+    sudo apt install -y zlib1g-dev
+    ```
+
+1.  Install `libcre3` and `libcre3-dev` to support regular expressions, often used for URL matching:
+
+    ```command
+    sudo apt install -y libpcre3 libpcre3-dev
+    ```
+
+### Build Nginx
+
+1.  Extract the source:
+
+    ```command
+    tar zxf nginx-1.27.2.tar.gz
+    ```
+
+1.  Change into the extracted source directory:
+
+    ```command
+    cd nginx-1.27.2
+    ```
+
+1.  Configure the build with the necessary flags:
+
+    ```command
+    ./configure --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' \
+        --with-ld-opt='-Wl,-z,relro -Wl,-z,now -fPIC'      \
+        --prefix=/opt                                      \
+        --conf-path=/opt/nginx/nginx.conf              	\
+        --http-log-path=/var/log/nginx/access.log      	\
+        --error-log-path=/var/log/nginx/error.log      	\
+        --lock-path=/var/lock/nginx.lock               	\
+        --pid-path=/run/nginx.pid                      	\
+        --modules-path=/opt/lib/nginx/modules              \
+        --http-client-body-temp-path=/var/lib/nginx/body   \
+        --http-fastcgi-temp-path=/var/lib/nginx/fastcgi    \
+        --http-proxy-temp-path=/var/lib/nginx/proxy        \
+        --http-scgi-temp-path=/var/lib/nginx/scgi          \
+        --http-uwsgi-temp-path=/var/lib/nginx/uwsgi        \
+        --with-compat                                  	\
+        --with-debug                                   	\
+        --with-http_ssl_module                         	\
+        --with-http_stub_status_module                 	\
+        --with-http_realip_module                      	\
+        --with-http_auth_request_module                	\
+        --with-http_v2_module                          	\
+        --with-http_dav_module                         	\
+        --with-http_slice_module                       	\
+        --with-threads                                 	\
+        --with-http_addition_module                    	\
+        --with-http_gunzip_module                      	\
+        --with-http_gzip_static_module                 	\
+        --with-http_sub_module                         	\
+        --with-pcre                                    	\
+        --with-openssl-opt=enable-tls1_3               	\
+        --with-ld-opt="-L/opt/lib64 -Wl,-rpath,/opt/lib64" \
+        --with-cc-opt="-I/opt/include"
+    ```
+
+    Except for the destination `prefix`, this example uses the same configuration parameters as the binary package. This is to retain feature parity and integrate with system scripts. The last three options passed to the `configure` script are necessary to use the OpenSSL version built earlier.
+
+1.  Compile Nginx:
+
+    ```command
+    make
+    ```
+
+1.  Install Nginx:
+
+    ```command
+    sudo make install
+    ```
+
+1.  Create the necessary directories for temporary file storage:
+
+    ```command
+    sudo mkdir /var/lib/nginx
+    ```
+
+1.  Create a directory for additional configuration files:
+
+    ```command
+    sudo mkdir /opt/nginx/conf.d
+    ```
+
+### Configure Nginx
+
+1.  Edit the main Nginx configuration file:
+
+    ```command
+    sudo nano /opt/nginx/nginx.conf
+    ```
+
+    Add the following line to the top of the file to specify the user:
+
+    ```file {title="/opt/nginx/nginx.conf"}
+    user www-data; #add this to the top of the file
+    ```
+
+    Locate the `http` block and add the highlighted lines to include configuration files in the `/opt/nginx/nginx.conf` directory:
+
+    ```file {title="/opt/nginx/nginx.conf" hl_lines="2,3" linenostart="18"}
+    http {
+        #Include additional configuration files
+        include /opt/nginx/conf.d/pqc.conf;
+        ...
+    }
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+1.  Create a server configuration file called `pqc.conf` in the `/opt/nginx/conf.d/` directory:
+
+    ```command
+    sudo nano /opt/nginx/conf.d/pqc.conf
+    ```
+
+    Give it the following contents:
+
+    ```file {title="/opt/nginx/conf.d/pqc.conf"}
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        server_name example.com www.example.com;
+
+        root /var/www/example.com;
+        index index.html index.php;
+
+        ssl_certificate /opt/certs/pqc.crt;
+        ssl_certificate_key /opt/certs/pqc.key;
+
+        ssl_protocols TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ecdh_curve X25519MLKEM768:x25519_kyber768:p384_kyber768:x25519:secp384r1:x448:secp256r1:secp521r1;
+
+        location / {
+            try_files $uri $uri/ =404;
+        }
+    }
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+### Set up TLS/SSL Certificates
+
+Ensure that you include the necessary certificates (whether self-signed or from a trusted Certificate Authority) to enable proper TLS/SSL functionality. Without certificates, you won’t be able to establish a secure HTTPS connection.
+
+-   **Using Let's Encrpyt (Recommended for Production)**: To use automatic certificate renewal with Let's Encrypt, follow [Use Certbot to Enable HTTPS with NGINX on Ubuntu](/docs/guides/enabling-https-using-certbot-with-nginx-on-ubuntu/) to properly configure the Nginx server.
+
+-   **Using Self-Signed Certificate (Suitable for Testing/Development)**: To use a self-signed certificate, see our [Enable TLS/SSL for HTTPS](/docs/guides/getting-started-with-nginx-part-3-enable-tls-for-https/) guide, or create certificates using the following command:
+
+    1.  First create the directory for your certificates:
+
+    ```command
+    sudo mkdir /opt/certs
+    ```
+
+    2.  Then generate the self-signed certificate:
+
+    ```command
+    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /opt/certs/pqc.key -out /opt/certs/pqc.crt
+    ```
+
+### Configure `systemd` and Start Nginx
+
+1.  Create a `systemd` service file for Nginx:
+
+    ```command
+    sudo nano /etc/systemd/system/nginx.service
+    ```
+
+    Give it the following contents:
+
+    ```file {title="/etc/systemd/system/nginx.service"}
+    [Unit]
+    Description=The NGINX HTTP and reverse proxy server
+    After=network.target remote-fs.target nss-lookup.target
+
+    [Service]
+    Type=forking
+    PIDFile=/run/nginx.pid
+    ExecStartPre=/opt/sbin/nginx -t
+    ExecStart=/opt/sbin/nginx
+    ExecReload=/opt/sbin/nginx -s reload
+    ExecStop=/opt/sbin/nginx -s stop
+    PrivateTmp=true
+
+    [Install]
+    WantedBy=multi-user.target
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+1.  Start the Nginx service:
+
+    ```command
+    sudo service nginx start
+    ```
+
+Nginx should now be installed, configured, and running with OpenSSL 3.x support.
+
+## Verify Nginx Is Using Post-Quantum Algorithms
+
+Run the `openssl` command with the flags shown below:
+
+```command
+openssl s_client -groups X25519MLKEM768 -connect localhost:443
+```
+
+This command specifically checks for the `X25519_Kyber768` algorithm during a TLS connection.
diff --git a/docs/guides/security/encryption/post-quantum-encryption-nginx-ubuntu2404/index.md b/docs/guides/security/encryption/post-quantum-encryption-nginx-ubuntu2404/index.md
new file mode 100644
index 00000000000..d9d5c825a10
--- /dev/null
+++ b/docs/guides/security/encryption/post-quantum-encryption-nginx-ubuntu2404/index.md
@@ -0,0 +1,447 @@
+---
+slug: post-quantum-encryption-nginx-ubuntu2404
+title: "Post Quantum Encryption with NGINX on Ubuntu 24.04"
+description: "Learn how to set up NGINX on Ubuntu 24.04 with support for the post-quantum cryptography X25519Kyber768Draft00 / ML-KEM key exchange in TLS 1.3."
+authors: ["Seweryn Krajczok", "Jan Schaumann"]
+contributors: ["Seweryn Krajczok", "Jan Schaumann"]
+published: 2024-10-30
+keywords: ['X25519Kyber768Draft00','X25519MLKEM768', 'ML-KEM','post-quantum cryptography','tls 1.3','cybersecurity','ubuntu 24.04','key exhange','OpenSSL','encryption','secure website']
+license: '[CC BY-ND 4.0](https://creativecommons.org/licenses/by-nd/4.0)'
+external_resources:
+- '[Open Quantum Safe](https://openquantumsafe.org/)'
+- '[OpenSSL Library](https://openssl-library.org/)'
+- '[open-quantum-safe/oqs-provider on GitHub](https://github.com/open-quantum-safe/oqs-provider)'
+relations:
+    platform:
+        key: post-quantum-encryption-nginx
+        keywords:
+            - distribution: Ubuntu 24.04
+---
+
+The National Institute of Standards and Technology (NIST) recently [released](https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards) its first finalized Post-Quantum Encryption Standards to protect against quantum computer attacks. This includes the Module-Lattice-based Key-Encapsulation Mechanism standard (ML-KEM, defined in [FIPS-203](https://csrc.nist.gov/pubs/fips/203/final)). It is already being implemented in the industry using an early [pre-standardization draft](https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/) for use with TLS.
+
+Deploying this algorithm for your web server currently requires some additional steps. The process may vary depending on your operating system's version of OpenSSL. This guide shows how to deploy this algorithm with NGINX on Ubuntu 24.04, using the [Open Quantum Safe (OQS) provider](https://github.com/open-quantum-safe/oqs-provider) for OpenSSL, which is used to enable the post quantum encryption algorithm. After it is configured for the web server, several ways to verify that the server is using the algorithm are demonstrated.
+
+## Before You Begin
+
+1.  To follow along with the steps in the guide, create a Compute Instance running Ubuntu 24.04. See the [Get started](https://techdocs.akamai.com/cloud-computing/docs/getting-started) and [Create a compute instance](https://techdocs.akamai.com/cloud-computing/docs/create-a-compute-instance) product documentation for instructions. You may also choose to adapt the configuration from this guide to an existing NGINX installation.
+
+1.  Follow the [Set up and secure a Compute Instance](https://techdocs.akamai.com/cloud-computing/docs/set-up-and-secure-a-compute-instance) product documentation to appropriately secure your system.
+
+1. To implement the algorithm in NGINX, a TLS certificate is required. When using a certificate from a public certificate authority, a domain name or subdomain must be assigned to your Linode instance. Visit your domain name registrar's website to assign a new record to your Linode instance's IP address. Your IP address is [displayed in the cloud manager](https://techdocs.akamai.com/cloud-computing/docs/managing-ip-addresses-on-a-compute-instance#viewing-ip-addresses). If you use the Linode DNS Manager, visit the [manage DNS records](https://techdocs.akamai.com/cloud-computing/docs/manage-domains) product documentation to view instructions for assigning a new A/AAAA record to your IP address.
+
+1.  For an overview of how TLS encryption works, review the [Understanding TLS Certificates and Connections](/docs/guides/what-is-a-tls-certificate/) guide.
+
+{{< note >}}
+This guide is written for a non-root user. Commands that require elevated privileges are prefixed with `sudo`. If you’re not familiar with the `sudo` command, see the [Users and Groups](/docs/guides/linux-users-and-groups/) guide.
+{{< /note >}}
+
+## Install Dependencies
+
+Once your Ubuntu 24.04 compute instance is set up and secured, install the dependencies and system packages needed to build the OQS provider.
+
+1.  Update your package list to ensure you download the latest available versions:
+
+    ```command
+    sudo apt update
+    ```
+
+1.  Install `cmake`, a cross-platform build system generator that helps automate the compilation and build process for software projects:
+
+    ```command
+    sudo apt install -y cmake
+    ```
+
+1.  Install `libssl-dev`, which provides development libraries and headers for OpenSSL, needed to build software that requires cryptographic functions and secure communications:
+
+    ```command
+    sudo apt install -y libssl-dev
+    ```
+
+1.  Install `ninja-build`, a fast and lightweight build system designed to run builds in parallel, speeding up the compilation of large projects:
+
+    ```command
+    sudo apt install -y ninja-build
+    ```
+
+### Check if you have already installed OpenSSL 3.x +
+
+```command
+openssl version
+```
+
+If OpenSSL 3.x+ is already installed, go to the "Install the oqs-provider" step.
+
+## Update OpenSSL
+
+1. Update OpenSSL from Ubuntu repositories:
+
+    ```command
+    sudo apt install -y openssl
+    ```
+
+1. Verify that you now have OpenSSL >= 3.x:
+
+    ```command
+    openssl version
+    ```
+
+## Install `oqs-provider`
+
+The oqs-provider is a library that integrates post-quantum cryptographic algorithms into OpenSSL. This section outlines the steps needed to install it and leverage this advanced cryptography.
+
+### Clone the `oqs-provider` Repository
+
+1.  Use `git` to clone the `oqs-provider` repository from GitHub:
+
+    ```command
+    git clone https://github.com/open-quantum-safe/oqs-provider.git
+    ```
+
+1.  Change into the `oqs-provider` directory:
+
+    ```command
+    cd oqs-provider
+    ```
+
+### Build `oqs-provider`
+
+1.  Set the OpenSSL root directory and build the `oqs-provider` using the provided script:
+
+    ```command
+    scripts/fullbuild.sh
+    ```
+
+    {{< note >}}
+    This process may take a few minutes depending on your system.
+    {{< /note >}}
+
+1.  Use `cmake` to install the compiled `oqs-provider`:
+
+    ```command
+    sudo cmake --install _build
+    ```
+
+1.  Run the test suite to verify the `oqs-provider` build:
+
+    ```command
+    scripts/runtests.sh
+    ```
+
+    The tail of the output from the tests should resemble:
+
+    ```output
+    100% tests passed, 0 tests failed out of 6
+
+    Total Test time (real) =  93.97 sec
+
+    All oqsprovider tests passed.
+    ```
+
+### Configure OpenSSL to Use the OQS Provider
+
+Use `nano` to edit the OpenSSL configuration file:
+
+```command
+sudo nano /etc/ssl/openssl.cnf
+```
+
+Add the following lines at the end:
+
+```file {title="/etc/ssl/openssl.cnf"}
+# PQC via OpenQuantumSafe
+[provider_sect]
+default = default_sect
+oqsprovider = oqsprovider_sect
+
+[default_sect]
+activate = 1
+
+[oqsprovider_sect]
+activate = 1
+```
+
+When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+### Check Provider Version Information
+
+List the active OpenSSL providers to verify the installation:
+
+```command
+openssl list -providers
+```
+
+You should see output similar to the following:
+
+```output
+Providers:
+  default
+    name: OpenSSL Default Provider
+    version: 3.0.13
+    status: active
+  oqsprovider
+    name: OpenSSL OQS Provider
+    version: 0.7.1-dev
+    status: active
+```
+
+## Verify the Quantum-Safe KEM Algorithms are Available
+
+Run:
+
+```command
+openssl list -kem-algorithms -provider oqsprovider | egrep -i "(kyber|kem)768"
+```
+
+Output should resemble:
+
+```output
+  kyber768 @ oqsprovider
+  p384_kyber768 @ oqsprovider
+  x448_kyber768 @ oqsprovider
+  x25519_kyber768 @ oqsprovider
+  p256_kyber768 @ oqsprovider
+  mlkem768 @ oqsprovider
+  p384_mlkem768 @ oqsprovider
+  x448_mlkem768 @ oqsprovider
+  X25519MLKEM768 @ oqsprovider
+  SecP256r1MLKEM768 @ oqsprovider
+```
+
+## Set Up NGINX
+
+### Install NGINX
+
+Use `apt` to install NGINX:
+
+```command
+sudo apt install nginx
+```
+
+### Set up TLS/SSL Certificates
+
+Ensure that you include the necessary certificates (whether self-signed or from a trusted Certificate Authority) to enable proper TLS/SSL functionality. Without certificates, you won’t be able to establish a secure HTTPS connection.
+
+-   **Using Let's Encrpyt (Recommended for Production)**: To use automatic certificate renewal with Let's Encrypt, follow [Use Certbot to Enable HTTPS with NGINX on Ubuntu](/docs/guides/enabling-https-using-certbot-with-nginx-on-ubuntu/) to properly configure the Nginx server.
+
+-   **Using Self-Signed Certificate (Suitable for Testing/Development)**: To use a self-signed certificate, see our [Enable TLS/SSL for HTTPS](/docs/guides/getting-started-with-nginx-part-3-enable-tls-for-https/) guide, or create certificates using the following command:
+
+    1.  First create the directory for your certificates:
+
+        ```command
+        sudo mkdir /opt/certs
+        ```
+
+    1.  Then generate the self-signed certificate:
+
+        ```command
+        sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /opt/certs/pqc.key -out /opt/certs/pqc.crt
+        ```
+
+### Configure NGINX
+
+1.  Edit the main Nginx configuration file:
+
+    ```command
+    sudo nano /etc/nginx/nginx.conf
+    ```
+
+1.  Locate the `http` block and add the highlighted lines to include configuration files in the `/etc/nginx/nginx.conf` directory:
+
+    ```file {title="/etc/nginx/nginx.conf" hl_lines="2,3" linenostart="18"}
+    http {
+        #Include additional configuration files
+        include /etc/nginx/conf.d/pqc.conf;
+        ...
+    }
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+1.  Create a server configuration file called `pqc.conf` in the `/etc/nginx/conf.d/` directory:
+
+    ```command
+    sudo nano /etc/nginx/conf.d/pqc.conf
+    ```
+
+    Paste this snippet into the file. **Be sure to update the `ssl_certificate` and `ssl_certificate_key` parameters** with the correct file paths for your certificate files:
+
+    ```file {title="/etc/nginx/conf.d/pqc.conf"}
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        server_name example.com www.example.com;
+        root /var/www/example.com;
+        index index.html index.php;
+        ssl_certificate /opt/certs/pqc.crt;
+        ssl_certificate_key /opt/certs/pqc.key;
+        ssl_protocols TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ecdh_curve X25519MLKEM768:x25519_kyber768:p384_kyber768:x25519:secp384r1:x448:secp256r1:secp521r1;
+        location / {
+            try_files $uri $uri/ =404;
+        }
+    }
+    ```
+
+    When done, press <kbd>CTRL</kbd>+<kbd>X</kbd>, followed by <kbd>Y</kbd> then <kbd>Enter</kbd> to save the file and exit `nano`.
+
+1.  Reload the NGINX service:
+
+    ```command
+    sudo systemctl reload nginx
+    ```
+
+## Verify Nginx Is Using Post-Quantum Algorithms
+
+### Option 1: test with `openssl s_client` command
+
+To test the TLS configuration with Kyber groups using the `openssl s_client` command, you can use the following options:
+
+```command
+openssl s_client -groups x25519_kyber768 -connect localhost:443
+```
+
+### Option 2: Capture connection using tcpdump
+
+1. Enable Kyber support in either Google Chrome or Mozilla Firefox:
+
+    - Chrome:
+
+        1. Open Chrome and navigate to [chrome://flags](chrome://flags).
+
+        1. In the search bar, enter `TLS 1.3 post-quantum key agreement`.
+
+        1. Toggle the option to Enabled for `#enable-tls13-kyber` or `#use-ml-kem`.
+
+    - Firefox:
+
+        1. Open Chrome and navigate to [about:config](about:config).
+
+        1. In the search bar, enter `security.tls.enable_kyber`.
+
+        1. Toggle the option to True for `security.tls.enable_kyber`.
+
+1.  Run tcpdump to capture the network traffic between your browser and the server. In a terminal on your workstation:
+
+    ```command
+    sudo tcpdump -w pqc.pcap host <your-linode-IP-address>
+    ```
+
+1.  Visit your site using Chrome or Firefox.
+
+1.  Use Wireshark/Tshark to analyze the captured data:
+
+    ```command
+    tshark -r pqc.pcap -V | grep X25519Kyber768Draft00
+    ```
+
+    Look for the use of `x25519Kyber768Draft00` as one of the key shares within the TLS handshake extension. You should see output like this:
+
+    ```output
+    Extension: key_share (len=1263) X25519Kyber768Draft00, x25519
+                    Type: key_share (51)
+                    Length: 1263
+    ```
+
+### Option 3: Display TLS Connection Details with PHP
+
+These steps create an index.php page on your web server that displays information about your encryption algorithm:
+
+1.  On your web server, install PHP 8.3 with FPM:
+
+    ```command
+    sudo apt install -y php-fpm
+    ```
+
+1.  Edit `/etc/nginx/conf.d/pqc.conf`:
+
+    1.  Change the `index` parameter to point to the new `index.php` file:
+
+        ```file {title="/etc/nginx/conf.d/example.com.conf"}
+        server {
+            ...
+            index             index.php;
+            ...
+        ```
+
+    1.  Add a new `location ~ \.php$` block above the existing `location /` block:
+
+        ```file {title="/etc/nginx/conf.d/example.com.conf" hl_lines="4-8"}
+        server {
+            ...
+
+                location ~ \.php$ {
+                    include snippets/fastcgi-php.conf;
+                    fastcgi_param SSL_CURVE $ssl_curve;
+                    fastcgi_pass unix:/var/run/php/php-fpm.sock;
+                }
+
+                location / {
+                    try_files $uri $uri/ =404;
+                }
+        }
+        ```
+
+1.  Create a file named `index.php` in /var/www/example.com with this snippet:
+
+    ```command
+    sudo mkdir -p /var/www/example.com
+    ```
+
+    ```file {title="/var/www/example.com/index.php"}
+    <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>SSL Curve Information</title>
+    </head>
+    <body>
+        <h1>Your SSL Curve Information</h1>
+
+        <?php
+            $ssl_curve = $_SERVER['SSL_CURVE'];
+
+            if ($ssl_curve === '0x6399') {
+                echo "<p class='secure'>You are using X25519Kyber768Draft00 which is post-quantum secure.</p>";
+            } elsif ($ssl_curve === '0x4588') {
+                echo "<p class='secure'>You are using X25519MLKEM768, which is post-quantum secure.</p>";
+            } else {
+                echo "<p class='not-secure'>You are using SSL Curve: {$ssl_curve} which is not post-quantum secure.</p>";
+            }
+        ?>
+
+    </body>
+    </html>
+    ```
+
+1.  Reload NGINX:
+
+    ```command
+    sudo systemctl reload nginx
+    ```
+
+1.  Visit your website in your browser. If Kyber support is enabled in your browser, and if the TLS handshake with the web server uses the algorithm, you should see:
+
+    ```output
+    You are using X25519Kyber768Draft00 which is post-quantum secure
+    ```
+
+    Otherwise, this message is displayed:
+
+    ```output
+    You are using SSL Curve: X25519 which is not post-quantum secure.
+    ```
+
+{{< note >}}
+Remember that currently not all browsers support post-quantum algorithms. These browsers offer compatibility:
+
+- Enabled by default for Chrome 124+ on Desktop. For older Chrome versions or on mobile, you need to toggle `TLS 1.3 post-quantum key agreement` / `#use-ml-kem` in [chrome://flags](chrome://flags).
+
+- Enabled by default for Edge 124+.
+
+- Enabled by default for recent Opera and Brave.
+
+- Enabled for Firefox 124+ if you turn on `security.tls.enable_kyber` in [about:config](about:config). Firefox 128+: turn on `network.http.http3.enable_kyber` for QUIC/HTTP3.
+{{< /note >}}
diff --git a/docs/guides/security/firewalls/control-network-traffic-with-iptables/index.md b/docs/guides/security/firewalls/control-network-traffic-with-iptables/index.md
index 064966e3291..feac0d00270 100644
--- a/docs/guides/security/firewalls/control-network-traffic-with-iptables/index.md
+++ b/docs/guides/security/firewalls/control-network-traffic-with-iptables/index.md
@@ -6,7 +6,7 @@ description: "iptables is an application that allows users to configure specific
 authors: ["Linode"]
 contributors: ["Linode"]
 published: 2010-07-30
-modified: 2017-02-28
+modified: 2024-11-07
 keywords: ["iptables", "networking", "firewalls", "filtering"]
 license: '[CC BY-ND 4.0](https://creativecommons.org/licenses/by-nd/4.0)'
 aliases: ['/networking/firewalls/control-network-traffic-with-iptables/','/security/firewalls/iptables/','/security/firewalls/control-network-traffic-with-iptables/']
@@ -208,7 +208,7 @@ One way to create a firewall is to block all traffic to the system and then allo
     iptables -P INPUT DROP
     iptables -P FORWARD DROP
 
-Let's break down the example above. The first two commands add or append rules to the `INPUT` chain in order to allow access on specific ports. The `-p tcp` and `-p udp` options specify either UDP or TCP packet types. The `-m multiport` function matches packets on the basis of their source or destination ports, and can accept the specification of up to 15 ports. Multiport also accepts ranges such as `8999:9003` which counts as 2 of the 15 possible ports, but matches ports `8999`, `9000`, `9001`, `9002`, and `9003`. The next command allows all incoming and outgoing packets that are associated with existing connections so that they will not be inadvertently blocked by the firewall. The final two commands use the `-P` option to describe the *default policy* for these chains. As a result, all packets processed by `INPUT` and `FORWARD` will be dropped by default.
+In the example above, the third command allows all incoming and outgoing packets that are associated with existing connections so that they will not be inadvertently blocked by the firewall. The fourth and fifth commands add or append rules to the `INPUT` chain in order to allow access on specific ports. The `-p tcp` and `-p udp` options specify either UDP or TCP packet types. The `-m multiport` function matches packets on the basis of their source or destination ports, and can accept the specification of up to 15 ports. Multiport also accepts ranges such as `8999:9003` which counts as 2 of the 15 possible ports, but matches ports `8999`, `9000`, `9001`, `9002`, and `9003`. The final two commands use the `-P` option to describe the *default policy* for these chains. As a result, all packets processed by `INPUT` and `FORWARD` will be dropped by default.
 
 Note that the rules described above only control incoming packets, and do not limit outgoing connections.
 
@@ -224,7 +224,7 @@ You can use iptables to block all traffic and then only allow traffic from certa
     iptables -P INPUT DROP
     iptables -P FORWARD DROP
 
-In the first command, the `-s 192.168.1.0/24` statement specifies that all source IPs (`-s`) in the address space of `192.168.1` are allowed. You may specify an IP address range using CIDR (Classless Inter-Domain Routing) notation, or individual IP addresses, as in the second command. The third command allows all incoming and outgoing packets that are associated with existing connections. The final two commands set the default policy for all `INPUT` and `FORWARD` chains to drop all packets.
+ The third command allows all incoming and outgoing packets that are associated with existing connections. In the fourth command, the `-s 192.168.1.0/24` statement specifies that all source IPs (`-s`) in the address space of `192.168.1` are allowed. You may specify an IP address range using CIDR (Classless Inter-Domain Routing) notation, or individual IP addresses, as in the fifth command. The final two commands set the default policy for all `INPUT` and `FORWARD` chains to drop all packets.
 
 ## Use ip6tables to Manage IPv6 Traffic
 
diff --git a/go.mod b/go.mod
index 79dc443144b..d373904b4b5 100644
--- a/go.mod
+++ b/go.mod
@@ -7,5 +7,5 @@ require (
 	github.com/gohugoio/hugo-mod-jslibs/turbo/v7 v7.20300.20000 // indirect
 	github.com/instantpage/instant.page v5.1.1+incompatible // indirect
 	github.com/linode/linode-api-docs/v4 v4.176.0 // indirect
-	github.com/linode/linode-docs-theme v0.0.0-20241007154737-202188059409 // indirect
+	github.com/linode/linode-docs-theme v0.0.0-20241107173628-e39045c56363 // indirect
 )
diff --git a/go.sum b/go.sum
index 0e526bf80e4..ab34adf2570 100644
--- a/go.sum
+++ b/go.sum
@@ -300,6 +300,8 @@ github.com/linode/linode-docs-theme v0.0.0-20240930173647-98e081906577 h1:/DSH92
 github.com/linode/linode-docs-theme v0.0.0-20240930173647-98e081906577/go.mod h1:ZtQW0yoUPwkcDeylBJVhfcW/Io5sx2W2/ICAeFrFY1Q=
 github.com/linode/linode-docs-theme v0.0.0-20241007154737-202188059409 h1:GSiuv7Tx8+to9afAQyeJSViJ0Al9dMws4MVLl0cyoEM=
 github.com/linode/linode-docs-theme v0.0.0-20241007154737-202188059409/go.mod h1:CkKTReDRAS6YL5/wBxFsPt8Xq/F88SUeFYuX1y7sXB0=
+github.com/linode/linode-docs-theme v0.0.0-20241107173628-e39045c56363 h1:Q129RqVuxR/S7AXsQZB4ffSPktRFrE8RM6Yww8NwoX8=
+github.com/linode/linode-docs-theme v0.0.0-20241107173628-e39045c56363/go.mod h1:f3XbKgch4DFA6jz2k7snVPDoQEiWwsJu4u54BbUiCKs=
 github.com/linode/linode-website-partials v0.0.0-20221205205120-b6ea1aaa59fb/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
 github.com/linode/linode-website-partials v0.0.0-20221222200538-99862e429110/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
 github.com/linode/linode-website-partials v0.0.0-20230201145731-a8703d0a954a/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
@@ -323,3 +325,4 @@ github.com/linode/linode-website-partials v0.0.0-20240516182804-8b13c1f13759/go.
 github.com/linode/linode-website-partials v0.0.0-20240816154606-b7584738bd92/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
 github.com/linode/linode-website-partials v0.0.0-20240926202806-c5faff17a2d4/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
 github.com/linode/linode-website-partials v0.0.0-20241004163055-18afaa3dfa37/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=
+github.com/linode/linode-website-partials v0.0.0-20241101140355-9f609290c2c4/go.mod h1:K1Em3lwb16JiCwNVftAFwWGhyB9Zkl/nXhxjBBUC1Ao=