Tuskfish 2.0.3 brings compatibility with PHP 8.1, so if you want to wring the last few milliseconds of performance out of your site, use this version. New features include support for embedding Youtube videos, a sitemap generation facility, a 'minimum views' preference before displaying the views counter, and a live character counter for the meta description field. Third party libraries have also been updated, including adoption of Bootstrap 5.1.
Most tutorials about dockerising Golang apps tell you to use the Golang image as the base so that you can compile it. Don't do that! Why would you want hundreds of megabytes of unnecessary cruft in your image, when you could just have a tiny standalone binary, running in a container by itself? Build the binary on your development machine with a flag to statically link required libraries, and copy it directly into a scratch image. This will give you a wonderfully small, portable image with a minimal attack surface.
Update: I have an additional (as yet untested) solution: Use an access control list to grant an exception to the webserver user (www-data) to access the TLS private key. This should allow you to follow good practice in running the Docker container as a non-root user (eg. www-data), while maintaining standard restrictive root privileges on the key. The other solution, which I am running in production, is to put an NGINX reverse proxy on the host machine in front of the Apache container, and terminate the TLS connection there. If this proves workable, it is hands down the easiest way to solve the problem.
At time of writing, all other "solutions" on the internetz either tell you to weaken the file ownership permissions, or run the container as root, which you should not do. Even the official docs example doesn't explicitly set a user...which means the container will default to running as root.
When developing a project you need to be able to run it in order to test it. But you don't want local changes to the configuration files to be committed. Most 'solutions' to this problem suggest untracking (removing) it from the repository. But if you want to keep the file in your project, then use:
git update-index --skip-worktree filenameOrPath
This keeps the file in the respository, but lets you change your local copy freely without including changes in commits.
"rsnapshot" is a file system backup utility based on rsync. It makes snapshots of your file system(s) at different points in time, which are stored as a time series, giving you multiple restore points. Using hard links to reference files that already exist on disk, rsnapshot creates the illusion of multiple full backups while only taking up the space of one full backup plus changes. When coupled with SSH and key-based authentication, remote file systems can be securely backed up as well. I built an automatic backup appliance for my webservers using a Raspberry Pi 4 and the excellent Argon One M.2 case
One of the cool new features of the GoPro Hero 9 is that you can use it as a 1080p webcam. Sadly, the out-of-the-box experience is glitchy and way too unreliable to use for a serious project, but you can fix it with the right setup and more $$. TLDR: Get the media mod and use the HDMI port for better output, take the battery out and power directly through USB to prevent unwanted shutdowns, and use OBS studio to resolve audio/video syncronisation issues.
