Basically https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Using_your_own_keys

The process get’s worse each time I look at it so you choose if it’s worth it.

Maybe it works if you add custom secure boot keys and sign your bootloader?

won’t just boot straight into the OS, otherwise GRUB freezes (not dual booting, secure boot is off), so I have to spam F9 on startup

That would annoy me so much that I would switch bootloader or find a cmdline argument to fix it

But only to protect the children™ of course

Launch multiple?

Here:

server {
    listen 443 quic;
    listen [::]:443 quic;
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name jellyfin.kitsuna.net;
    http2      on;
    http3      on;
    quic_gso   on;
    tcp_nodelay on;
    # You can increase the limit if your need to.
    error_log /var/log/nginx/jellyfin.access.log;
#    ssl on;
#    ssl_certificate /etc/nginx/certificate.crt;
#    ssl_certificate_key /etc/nginx/certificate.key;
#    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
        ssl_certificate /etc/letsencrypt/live/kitsuna.net/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/kitsuna.net/privkey.pem;
#        ssl_certificate_key /etc/letsencrypt/live/kitsuna.net/privkey.pem;
        ssl_protocols TLSv1.2 TLSv1.3;
        add_header Alt-Svc 'h3=":$server_port"; ma=86400';
        add_header x-quic 'h3';
        add_header Alt-Svc 'h3-29=":$server_port"';
    location / {
        proxy_pass http://10.159.4.12:8096/;
#       proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forward-Proto http;
        proxy_set_header X-Nginx-Proxy true;
    }
}

Yeah, to quote the manual:

"[Unsafe Rust allows you to]

• Dereference a raw pointer.
• Call an unsafe function or method.
• Access or modify a mutable static variable.
• Implement an unsafe trait.
• Access fields of unions.

[…] The unsafe keyword only gives you access to these five features that are then not checked by the compiler for memory safety."

https://doc.rust-lang.org/book/ch20-01-unsafe-rust.html

At least people aren’t buying at these high prices, wouldn’t want them to stay there after all.

It’s right in the name, Structured Qisualisation Language (SQL).

Works on android too.

No? Everyone who uses the bitwarden app or browser extention has a local copy of the database that is used for read operations. You can’t disable this so everyone who uses bitwarden can still use their passwords even if the server dies.

That’ll be 800€ and all change you own.

Just blame Linus directly smh

Yeah I tried just now and it diesn’t seem to be working (anymore?) could’ve sworn that worked.

You can still kexec the installiers directly, I followed the netboot.xyz scripts and got the links they use. Here’s Debian as an example:

From the scripts: https://deb.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/ looking at the boot config debian-installer/amd64/grub/grub.cfg

submenu '... KDE Plasma desktop boot menu ...' {
    set gfxpayload=keep
    menuentry '... Install' {
        set background_color=black
        linux    /debian-installer/amd64/linux desktop=kde vga=788 --- quiet
        initrd   /debian-installer/amd64/initrd.gz

so we need to download those two files and take the netboot.xyz cmdline arguments then

$ kexec --command-line="desktop=kde vga=788 mirror/suite=stable initrd=initrd.magic console=ttyS0,115200n8"  --initrd=initrd.gz -l linux´
$ systemctl kexec

and it boots.

also here’s an example for the nixos netboot commands, more on that in the nixos manual:

$ kexec --load bzImage \
  --initrd=initrd.gz \
  --command-line "init=/nix/store/n37nmcvbrblk9ahfzj9nxy01axs7zsf6-nixos-system-nixos-kexec-25.11pre-git/init nohibernate loglevel=4 lsm=landlock,yama,bpf"
$ systemctl kexec

Edit:

No console access

If that means that you can only connect to SSH and have no VGA/video then this will be limited, you could setup an automated install but that requires a lot more knowledge than what your guide requires.

Kexec can be used to load a new kernel and “reboot” quickly, it can also be used to load a new kernel, an initrd and never touch the disk. Such a system lives completely in ram and allows you to modify the disk in any way you want without breaking you running Linux (which is in ram)

Any distro that has a network boot installer that can be passed to kexec can be installed this way, any that don’t can still kexec any Linux distro and then install any other distro by passing the disk to a VM and installing linux through that.

You can also kexec the netboot.xyz image and get any distro supported there.

Can’t you just kexec and be on your way?

https://youtu.be/Lj4LMlGr4og

Video from the same guy.

Wish granted, the battery is now small enough to slow charge to full in 20 minutes.

“Eliminate poverty” vs “E-L-I-M-I-N-A-T-E poverty”

i will simply want to scan projects that i personally use to be aware of its current state and future changes, before i blindly update apps i host.

If you’re just doing this for yourself then you still need to know the programming languages involved, what kind of vulnerabilities exist, how to validate them and quite a bit of how the projects operate.

The AI will output a lot of false positives and you will need to actually know if any of the “vulnerabilities” are valid or just hallucinations. Do you really want that extra workload?