That was my schoolmate…

Yep, he announced his AI.

Looks nice, I’ll try it!

No problem ;)

That was really hard to do. I created a note for myself and I will also publish it on my website. You can also decrypt the sd using fido2 hardware key (I have a nitrokey). If you don’t need that just skip steps that are for fido2.

The note:

Download the image.

Format SD card to new DOS table:

• Boot: 512M 0c W95 FAT32 (LBA)
• Root: 83 Linux

As root:

xz -d 2023-12-11-raspios-bookworm-arm64-lite.img.xz
losetup -fP 2023-12-11-raspios-bookworm-arm64-lite.img
dd if=/dev/loop0p1 of=/dev/mmcblk0p1 bs=1M
cryptsetup luksFormat --type=luks2 --cipher=xchacha20,aes-adiantum-plain64 /dev/mmcblk0p2
systemd-cryptenroll --fido2-device=auto /dev/mmcblk0p2
cryptsetup open /dev/mmcblk0p2 root
dd if=/dev/loop0p2 of=/dev/mapper/root bs=1M
e2fsck -f /dev/mapper/root
resize2fs -f /dev/mapper/root
mount /dev/mapper/root /mnt
mount /dev/mmcblk0p1 /mnt/boot/firmware
arch-chroot /mnt

In chroot:

apt update && apt full-upgrade -y && apt autoremove -y && apt install cryptsetup-initramfs fido2-tools jq debhelper git vim -y
git clone https://github.com/bertogg/fido2luks && cd fido2luks
fakeroot debian/rules binary && sudo apt install ../fido2luks*.deb
cd .. && rm -rf fido2luks*

Edit /etc/crypttab:

root            /dev/mmcblk0p2          none            luks,keyscript=/lib/fido2luks/keyscript.sh

Edit /etc/fstab:

/dev/mmcblk0p1    /boot/firmware  vfat    defaults          0       2
/dev/mapper/root  /               ext4    defaults,noatime  0       1

Change root to /dev/mapper/root and add cryptdevice=/dev/mmcblk0p2:root to /boot/firmware/cmdline.txt.

PATH="$PATH:/sbin"
update-initramfs -u

Exit chroot and finish!

umount -R /mnt

I’m already building the website ;)

https://gitlab.com/Nulide/findmydevice/-/wikis/FMD-Server

On my main profile on GrapheneOS there are 7 closed source apps and 1 self build technically closed source (for now) all out of total 71 apps.

7 out of 705 installed packages are non-free packages on my RPi server.

On my Raspberry Pi 4 4gb with encrypted sd is:

• pihole
• wireguard server
• vaultwarden
• cloudflare ddns
• nginx proxy manager
• my website
• ntfy server
• mollysocket
• findmydevice server
• watchtower

Pi is overkill for this kind of job. Load average is only 0.7% and ram usage is only 400M

It’s private if you give email alias and pay with crypto or prepaid cards.

I did and every other search engine is slower than google which is very important to me. But when I tried Kagi it was so quick, even faster than Google.

I know but it’s way better than Google.

I have a 3d printer and linux. The only good 3d modelling software I found is OnShape which is online.

My best post has 343 and my best comment has 78 upvotes. I feel useful :)

Actually you can. If you get 10 calls a day and then only 1 day 9 calls the average is a little less than 10, which means most of the time you do experience more than average.

Does your compiler not do that? Maybe you should breakup with it and get rustc compiler.

Cashew is another great, and even my favourite, finance/money/budget managment app.

I don’t have IPv6, but I can still reach IPv6 only sites if I use MullvadVPN (and probably also with other VPN providers).

You can use Armcord or other Discord client which is for sure better than the offical.