Doubt. You probably need to set the file owners in your volume to the same user running in the container.

Pass can’t do this.

It’s a cli tool, so you can call it within another call using dollar sign syntax

terraform apply --var "myvalue=$(pass path/to/value)"

I’m using pass at home, but I’ve used hashicorp vault at a few jobs with great success.

IBM just forked it to openBao as well to get around the business license, if that’s a concern for your. But honestly I’d trust hashicorp more than IBM at this point.

You can try putting it on pretty 443 or another tls port. It’s not a perfect solution but it could help for your specific setup.

Wireguard is e2e encrypted, no middleman can inspect the packets without the private keys.

https://discord.com/servers/8311-886329492438671420

Get rid of their junk equipment and put something decent in. Discord link is a group dedicated to doing just that. You may find info for your specific ISP.

If you do it right, you won’t even need their gear inline at all.

Most people can change, and do. Most people can’t prevent it. Change is one of the only constants in life.

You sound like you have extra challenges with autism. If this is something that is negatively affecting your life, I would recommend looking into a counselor or therapist.

Best of luck. To both you and OP.

Let me rephrase. The chances for friendships for people who enjoy these activities are significantly greater for people who don’t at.

OP could force themselves to attend, and possibly make friends that way, but it’s very likely the friends will want to continue to do those things.

I would also like to remind people that the way you are is not set in stone. You can change if you want to. I used to be an introverted loaner who worked on being extroverted and accomplished it. It’s what I wanted though, I idolized extroverts. This may not apply to OP

What are your hobbies, go find where people do then together and join in.

If you don’t have many hobbies, try something new that may pique your interest.

Unfortunately most people your age are going to be at parties, university, and sports. You’re limiting your chance of success by removing those options, do it’s going to be hard. You’ll have to put in the work.

We have a team of 6 and rotate on call regularly. I’m in the US and receive no benefit for on call specifically, but other regions do. My salary more than covers the inconvenience though.

You could always add them to the allow list so they don’t get blocked.

Moving the port doesn’t reduce attack surface. It’s the same amount of surface.

Tailscale is a bit controversial because it requires a 3rd party to validate connections, a 3rd party that is a large target for threat actors, and is reliant on profitability to stay online.

I would recommend a client VPN like wireguard, or SSH being validated using signed keys against a certificate authority your control, with fail2ban.

Sounds like you were out of resources. That is the goal of a DoS attack, but you’d need connection logs to detect if that was the case.

DDoS attacks are very tricky to defend. (Source: I work in DDoS defence). There’s two sections to defense, detection and mitigation.

Detection is very easy, just look at packets. A very common DDoS attack uses UDP services to amplify your request to a bigger response, but then spoof your src ip to the target. So large amounts of traffic is likely an attack, out of band udp traffic is likely an attack. And large amount of inband traffic could be an attack.

Mitigation is trickier. You need something that can handle a massive amount of packet inspection and black holing. That’s done serious hardware. A script kiddie can buy a 20Gbe/1mpps attack with their moms credit card very easily.

Your defence options are a little limited. If your cloud provider has WAF, use it. You may be able to get rules that block common botnets. Cloudflare is another decent option, they’ll man in the middle your services, and run detection and mitigation on all traffic. They also have a decent WAF.

Best of luck!

kernel version beyond 5.6, so it doesn’t allow any modification

Wut?

What you’re looking for is an HRM. try these options: https://github.com/awesome-selfhosted/awesome-selfhosted#human-resources-management-hrm

Many programs have compile time options, and the binaries may not have them enabled.

Gotem!

Very common.

Don’t feel pressured to approve anything you don’t want to, but still be chill. It’s just work after all. (This duality takes years to figure out, but if you can, you’ll be very valuable)

Get the PM involved. Bring it up in retro and stand up.

Examples.

“I don’t feel this is PR is up to our company standards. Here’s a link to the document. Specifically tests are breaking, coverage is reduced, and your using global variables. If you need help with quality we can code pair next sprint or if I finish my tasks early. Let me know”

“Just a reminder that we have 3 PRs with needs work sitting in the queue. If you’re not able to finish them before the end of the sprint, let the scrum master/PM know in case it’s a high priority”

“We’ve all signed off on a standards guideline, and lots of PRs are falling short. Either we need more training time each sprint to reach it, or were going to have to officially reduce our standards. Let me know which one the CTO prefers”

You’d need nested virtualization enabled on your CPU, but yup, you can do it.