It's not just protection against security, but also human error.
https://github.com/MrMEEE/bumblebee-Old-and-abbandoned/issues/123
https://hackaday.com/2024/01/20/how-a-steam-bug-once-deleted-all-of-someones-user-data/
Just because I trust someone to write a program in a modern language they are familier in, doesn't mean I trust them to write an install script in bash, especially given how many footguns bash has.
Firstly, you may also be interested in: https://containerssh.io/v0.5/
This is a similar software, but maintained. However, it doesn't look like you limit networking with the Docker backend, beyond a simple on/off.
An even simpler solution, is to have the the ssh entry command not be the usual shell command (/bin/bash), but rather a command that starts a shell within a container. So something like:
podman run -it --rm -v "-v /HOST-DIR:/CONTAINER-DIR" docker.io/library/debian:bookworm bash would create a shell inside a short lived debian container (that is deleted upon disconnect) where a host directory is mounted inside the container.
As for mysecureshell, I would assume that since it is in the Ubuntu repos, it is still being maintained. But it's possible, since it is unmaintained that there are unknown security vulnerabilities or other issues, but:
It’ll just be for half a dozen friends for when I want to give them larger files, or if I want them to send me full-resolution photos.
If it's just for your friends, it may be okay to use a less secure solution if you trust them.
As an alternate solution: since you are looking for some sort of file searching, perhaps you could host an app explicitly designed for that, like Seafile or Nextcloud.
Browser based game with slidehopping. I like to call it the only non dead movement shooter.
No. Windows will only replace the removable media path at \EFI\boot\bootx64.efi, of the bootloader. If grub is stored somewhere else, windows won't replace it.
https://wiki.debian.org/UEFI#Force_grub-efi_installation_to_the_removable_media_path
However, not every motherboard is compliant with the UEFI spec, and supports booting from other EFI binaries than \EFI\boot\bootx64.efi. My motherboard was one such board, where I had to force grub to install to the removable media path (which isn't the default on debian, although it is the default on a lot of other distros).
@Quills@sh.itjust.works , you should test if your motherboard properly implements the UEFI specification, by going into the UEFI menu, and selecting a different file to boot from, or changing defaults. If you look and there is no such option, or the option is ignored, then you know your motherboard isn't properly implementing the UEFI spec.
You can test if your motherboard supports booting from a different file by downloading an abitrary efi file (like memtest), and then placing it in the EFI system partition, at somewhere other than the removable media path. If you can get the UEFI to boot from somewhere other than that, then the UEFI spec is properly implemented, and Windows updates won't overwrite grub.
Of course, a simpler way to test is to simply install debian and see if it boots. If it does, then windows won't overwrite grub. If not then it will. You can then install a different distro from there.
Wezterm. I started out on konsole, and was happy with it, but then I started using zellij as my terminal multiplexer. Although zellij allows you to configure what command copies and pastes text, copy/paste on wayland and windows only works by default with wezterm. It gives me consistency across multiple DEs/OSes, with minimal configuration, which is good because I was setting up development environments for many people, with many configurations
Do you use a linter like the ansible vscode extension?
I used to hate writing ansible, and yaml, until I installed the ansible lint vscode extension, and everything became much, much easier.
Later on, when I was working on a docker-compose, I noticed that the vscode yaml extension (which the ansible extension pulled in as a dependency) caught errors. It's quite intelligent, able to spot errors exactly like what you mentioned, where the yaml syntax is correct, but the docker-compose, or the ansible syntax is wrong.
I use https://quarto.org
Pros: Markdown, easy to use. Docs are very good. Also, despite being a a static site, it comes with fulltext site searching, all done locally, enabled by default:
https://quarto.org/docs/websites/website-search.html
It uses pandoc under the hood, so anything that works with pandoc works there.
Cons: No support for any kind of template engine beyond simple variable replacement, as far as I know.
But you don't get hardware graphics acceleration unless you use nixgl, and if you want to integrate it into home manager that breaks XDG entries, which I never figured out.
Also, you are illustrating the point of the commenter you replied to: nowhere on the official docs does it recommend home manager for non nixos systems, at least not when i was scrolling through them. I learned about home manager, nixgl, and the like via forum posts, either by finding them via a web search, or by asking myself.
For example, I only found code to integrate home manager with nixgl on the nixos discourse.
Someone recommended ssh, which is good, but it can't do udp connections.
https://github.com/anderspitman/awesome-tunneling
From this list, I selected rathole since they claimed to be more performant than frp, the most popular solution.
I heard obfsproxy
Yeah, tor obs4 bridges.
But somehow, my high school managed to block those. My high school was literally more locked down than the great firewall of China.
I set up: https://github.com/cognetwork-dev/Metallic
At first, then I eventually switched to https://github.com/v2ray/v2ray-core as metallic struggled on some things. Both v2ray and xray are built for the great firewall of China, and iirc, they use the same tech.
It's not too fast though. That privacy comes at a price. This may be the slowest proxy/vpn out there (although it's speedy enough for normal web browsing), whereas wireguard is the fastest. Maybe you want something in between? It depends on your threat model.
I switched to Incus for my homelab.
Blogpost: https://moonpiedumplings.github.io/projects/build-server-6/