Give us your fstab and lsblk.

Or, the specific piece of information I want is where the kernels are located. When /boot is part of the root subvolume (not the default setup, sadly), then the kernels will be snapshpotted along with the rest of the filesystem. /boot/efi would be where the efi system partition is, and where the bootloader is installed.

If /boot is instead the efi parition (default setup lmao), then this means that when you restored a snapshot of your root subvolume, your kernels were not downgraded. I suspect that older kernels attempting to read/view newer kernel modules would cause this boot failure.

If the root account is locked, which cachyos does by default, then you won’t get anything from this screen.

I had to fix by usb booting and troubleshooting (a different issue though, I was playing with initramfs generation).

I used to play minecraft and geometry dash via the amazon appstore, the apps come with drm.

If you have an older nvidia gpu, you can use vgpu unlock to unlock these features on that.

Helldivers 2 and easyanticheat also have kernel level anticheat, but remain playable on linux. They disable the kernel level bits on linux.

Freshtomato is not out of date. The last stable release was december of 2024 And the github repos are being actively updated as well.

Perhaps you are confusing freshtomato with some of it’s predecessors, like tomato or advancedtomato, which are no longer currently maintained.

As for openwrt instead, that doesn’t support broadcom wifi chips, whereas freshtomato does.

This includes sideloaded apps.

This exactly. I have a FOSS app called VirtualXPosed installed (although I never use it anymore), which creates a “virtual android” in which apps can be installed and be manipulated in ways that would normally require root, despite me not having it on my phone.

Despite having “play protect” disabled, google still constantly sends me notifications about it being harmful.

It could be an old service on that same ip. Zoomeye/shodan don’t rescan on the spot, they keep records of old scans.

https://www.zoomeye.hk

Similar site as shodan, but different company. I’d recommend checking there as well.

Old post, but if you connect your phone to your PC using bluetooth, you can play audio through your phone, at least this works for me on KDE plasma. I use this to continue listening to music/podcasts from my phone without having to set up any sort of sync solution.

Previously, I was usin scrcpy, an adb based solution to route audio from my phone to my computer.

On my samsung phone I can… for now.

Edit: oh, by android distributions I meant the varkous variants put on devices by manufacterers.

Custom roms probably wouldn’t have these restrictions.

https://www.reddit.com/r/termux/comments/1gks9mf/announcement_termux_broken_on_android_15_for/

https://www.reddit.com/r/oneplus/comments/1go55ow/termux_is_now_officially_dead_for_oneplus_and/

Termux is broken on oneplus devices.

This means winlator, and other similar termux based projects will no longer work.

In addition to that, other Android distributions have also moved “child process limit” to developer options, which may forebode them removing it, and breaking termux entirely. This is pretty scary IMO.

Debian already has docker packaged. That’s more convenient.

Debian with the docker convenience script.

They seem to be moving away from this, and it’s not longer the first option on their install page

On their debian page

Use a convenience script. Only recommended for testing and development environments

Also, it should be noted about the first option they recommend, Docker Desktop, that Docker Desktop is proprietary.

I recommend just getting the docker.io and docker-compose from debian’s repositories.

You may be interested in this:

https://github.com/brunodev85/winlator

There is also a fork with increased performance, at the cost of some usability enhancements: https://github.com/MrPhryaNikFrosty/Winlator-Frost

No, I think if you’re using the nextcloud all in one image, then the management image connects to the docker socket and deploys nextcloud using that. The you could be able to update nextcloud via the web ui.

https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-update-the-containers

https://docs.linuxserver.io/images/docker-webtop/

https://github.com/89luca89/distrobox/blob/main/docs/posts/run_latest_gnome_kde_on_distrobox.md

Might be what you want.

Because forgejo’s ssh isn’t for a normal ssh service, but rather so that users can access git over ssh.

Now technically, a bastion should work, but it’s not really what people want when they are trying to set up git over ssh. Since git/ssh is a service, rather than an administrative tool, why shouldn’t it be configured within the other tools used for exposes services? (Reverse proxy/caddy).

And in addition to that, people most probably want git/ssh to be available publicly, which a bastion host doesn’t do.

So based on what you’ve said in the comments, I am guessing you are managing all your users with Nixos, in the Nixos config, and want to share these users to other services?

Yeah, I don’t even know sharing Unix users is possible. EDIT: It seems to be based on comments below.

But what I do know is possible, is for Unix/Linux to get it’s users from LDAP. Even sudo is able to read from LDAP, and use LDAP groups to authorize users as being able to sudo.

Setting these up on Nixos is trivial. You can use the users.ldap set of options on Nixos to configure authentication against an external LDAP user. Then, you can configure sudo

After all of that, you could declaratively configure an LDAP server using Nixos, including setting up users. For example, it looks like you can configure users and groups fro the kanidm ldap server

Or you could have a config file for the openldap server

RE: Manage auth at the reverse proxy: If you use Authentik as your LDAP server, it can reverse proxy services and auth users at that step. A common setup I’ve seen is to run another reverse proxy in front of authentik, and then just point that reverse proxy at authentik, and then use authentik to reverse proxy just the services you want behind a login page.

Google put an API into Chrome that sends extra system info but only to*.google.com domains. In every Chromium browser.

Only vivaldi caught this issue. Brave had this api enabled, most likely on accident.

But the problem is, that chromium is just such big and complex software, when combined with development being driven by Google, it’s just impossible for any significant changes or auditing to be done by third parties. Google is capable of exteriting control over Brave, simply by hiding changes like above, or by making massive changes like manifest v3, which are expensive for third parties to maintain.

Brave can maintain 1 big change to chromium, but for how long? What about 2, 3, etc.

My other big problem with brave is that I see them somewhat mimicking Google’s beginnings. Google started out with 3 things: an ad network, a browser, and a search engine.

Right now, Brave has those same three things. It feels very ominous to me, and I would rather not repeat the cycle of enshittification that drove me away from chrome and goolgle.