To get a TLS certificate from Let’s Encrypt, they need to verify that you are in control of your domain. For regular domains, this can be done via HTTP, for wildcard certificates they require you to create a DNS record with a special token to verify ownership of the domain.

This means that in order to automatically obtain a TLS certificate, caddy needs to interact with the API of your domain registrar to set up this record. Since there are many different providers, this isn’t built into caddy itself and you require a version that includes the corresponding caddy-dns module. Caddy modules need to compiled into the binary, so it’s not always trivial to set up (in my case I have a systemd timer that rebuilds a local container image whenever a new version of the docker.io/caddy:builder image is available).

Caddy automatically sets up certificates for you. Since I don’t want my subdomain to appear in certificate transparency logs, I use a wildcard certificate which requires using a plugin for my DNS provider.

A reverse proxy, in my case Caddy.

To explain it a bit further: when you move a file/directory on the same mount point, moving the file/directory is essentially just a rename operation, which doesn’t involve copying the data itself and is a very cheap operation. If you move a file/directory across mount points, you need to (recursively) copy the file/directory, copy file metadata and (recursively) delete the old file/directory, which is slow and error-prone.

the hidden “trashbin”, .Trash-$(uid), invented by Ubuntu

This isn’t some “idiotic principle invented by Ubuntu”, it just follows the freedesktop.org Trash specification. For many users, it can be really beneficial, see also the spec’s introduction:

An ability to recover accidentally deleted files has become the de facto standard for today’s desktop user experience.

Users do not expect that anything they delete is permanently gone. Instead, they are used to a “Trash can” metaphor. A deleted document ends up in a “Trash can”, and stays there at least for some time — until the can is manually or automatically cleaned.

Whether an application like Prism Launcher should use the trash can or delete the files directly is an entirely different question.

I never heard of Cozy, but it looks quite nice. The Self-Hosting Documentation ist a bit lacking, but https://github.com/cozy/cozy-stack-compose contains all required information to set it it up yourself.

I originally used Nextcloud, but it has a lot of features not related to file hosting

Cozy seems to be in a similar situation, where file storage is just one of many features that it provides. If you want just files, it might be the best idea to just use any WebDAV Server or something like File Browser.

The error message is very detailed and there is nothing to add to it.

If you want to install an application/CLI tool, use pipx or your system package manager. If you want to install a library, use a virtual environment (e.g. by using python -m venv) or your system package manager.

phyphox has an Audio Amplitude feature.

By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.

Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn’t too unlikely to happen again.

basic flyers & ads, restaurant menus

For this sort of things, LibreOffice Draw can be really good. I even used it in the past to create memes.

SPRIND GmbH is also known as „Bundesagentur für Sprunginnovationen“ and owned by the Federal Republic of Germany. See https://de.wikipedia.org/wiki/Bundesagentur_für_Sprunginnovationen and https://www.sprind.org

It supports any ONVIF compatible IP camera as well as USB cameras and the raspberry pi camera module

MotionEye used to be the go-to solution.

I am not sure about the current state of the project (the python 2/3 transition took a long while, there are only pre-releases using a modern python version).

They even implemented it in Firefox: moz://a redirects to https://www.mozilla.org/en-US/about/manifesto/

I think Germany’s done it twice now.

It was Munich and they switched back to Windows after M$ moved their German headquarters to Munich.

Some people also swear by other measures, like changing the SSH port to something else. Most people end up using 2222 to easily remember. This is borderline useless, as you can see for yourself.

While being useless against a sophisticated attacker, there hasn’t been any bot activity in my sshd logs since changing my ssh port to a different one.

Declaring the use without a paid license as “Unlicensed” is very misleading since the project is also licensed under the GNU AGPL v3.0.

tenacity

You can adjust ownership and permissions for /mnt/something using chown and chmod.

I have no idea when I last updated my RasPi 0s (none of which is exposed to the public).