Pig squeal
excess0680
Doesn’t look like a caterpillar to me. It has well-defined legs (not prolegs which larvae are known to have) and looks a lot like a plant hopper of some kind to me. I am not an expert, and I can’t conclusively say if those hairs are irritants.
I’ve set this up although I can’t post the exact steps since it’s been so long ago. Here’s a summary.
Have a machine on the same network as the server. Setup dropbear-initramfs on your server to have a SSH server enabled on the luks unlock screen. You’ll have to set the SSH login command to unlock luks in authorized_keys. Then when you need to unlock your server from boot, use ssh with the -J option to jump to the server. Important here: use the local server ip address with respect to the secondary machine. e.g. ssh 192.168.1.1 -J secondary
In that example, 192.168.1.1 is your server address accessible from your secondary machine.
You can unlock remotely through this as well. I’ve setup Tailscale and can unlock my server when I need to reboot for kernel upgrades.
Separate from the security fixes, Vaultwarden now lets clients have archiving capabilities. Before this update, I created a separate organization just to archive unused accounts. (Although now I have to deal with “moving” those accounts back to my main collection…)
I’ve read that if you or your family depend on some kind of firewall provided by a company (and removing or disabling it is not allowed), then that firewall might outright refuse to connect to such a domain, even if the domain was never used. (Basically outright blocking .xyz at the root.) It’s not applicable in most cases but it is definitely a case of overzealous “protection” software. It’s just an unpredictable outcome and a risk. If you don’t plan on hosting email and don’t use a firewall like that, then it would be marginally acceptable.
I would still strongly recommend a .com or .net. The only advantage of using lesser known (or of low reputation) TLD is that more domains will not have been taken. I’d rather just try to be creative or pick something longer with .com.
Beyond just the registrar you pick, try not to pick some vanity TLDs. The ubiquitous ones (e.g. .com and .net) are fine. For example .xyz has a bad reputation (due to its initial low price to register, it became used for many spammers) and might be blocked in unexpected places. Others might lure you in with a cheap first year but charge much higher for subsequent years.
In addition to that, ccTLDs (country code) can be a wildcard, especially if you don’t live in the region served by it. Although rare, the country registry can seize your domain. Most commonly though, many, including .us, do not allow you to mask your personal information (WHOIS privacy). I’ve had a .me for a long time and even though they haven’t been much of a problem, they are also raising the price for renewal faster than an equivalent .com, and so I’ve been thinking of letting that domain go.
If you trust your country’s ccTLD registry and they’re reputable, that’s less of an issue, however.
Nobody else has mentioned this but there have been several times that Bing censored something and it propagated to DDG, most notably when Microsoft censored Tank Man (intended for China, probably) but then Tank Man also was censored on DDG.
Partly because of these incidents, I could never consider DDG reliable.
By some sheer coincidence, I searched this topic today. I’ve been a consistent user of the parenthesis expansion, but never thought of why I preferred one or the other.
I suppose the primary advantage is that $() will expand in a consistent way. You can even nest quotes and more expansions in one, while you’d struggle the same with backtick notation.
So I’ll just keep using parentheses.
Exuvia
Cool find!
In addition to podman unshare (which you would just prefix in front of commands like chmod), you can just temporarily do podman unshare chown -R root: <path> if you backup while the container is down. Don’t try that command on live containers.
For a more permanent solution, you can investigate which user (ID) is the default in the container and add the option --user-ns=“keep-id:uid=$the_user_id”. This does not work with all images, especially those that use multiple users per container, but if it works, the bind mount will have the same owner as the host.
To find the user ID, you can run podman exec <container> id. In most of the images I use, it’s usually 1000.
+1 on Zojirushi. They make excellent vacuum bottles and other related household/kitchen items and utensils. I’ve got one of their bottles and a water boiler.