Here is something i found:

Ensure LUKS Drive is Configured
If the drive isn’t encrypted yet, you can encrypt it with LUKS:

bash
Copy
Edit
sudo cryptsetup luksFormat /dev/sdX
Replace /dev/sdX with the appropriate drive/partition. Be cautious—this step will erase all data on the drive.

Add the Drive to /etc/crypttab
Edit the /etc/crypttab file to configure the system to unlock the drive at boot.

Open the file:

bash
Copy
Edit
sudo nano /etc/crypttab
Add an entry for the encrypted drive:

bash
Copy
Edit
cryptname /dev/sdX none luks
cryptname: A name for the decrypted device (used later in /etc/fstab).
/dev/sdX: Path to the encrypted device.
none: Use none for a passphrase prompt at boot or specify a path to a key file.
luks: Indicates LUKS encryption.
Example:

bash
Copy
Edit
cryptdrive /dev/sdb1 none luks
3. Add the Decrypted Device to /etc/fstab
To automatically mount the decrypted drive after unlocking:

Edit /etc/fstab:

bash
Copy
Edit
sudo nano /etc/fstab
Add an entry for the decrypted drive:

bash
Copy
Edit
/dev/mapper/cryptname /mnt/mountpoint ext4 defaults 0 2
Replace:

/dev/mapper/cryptname with the mapped device from /etc/crypttab.
/mnt/mountpoint with your desired mount point.
ext4 with your file system type.
4. Generate an Initramfs
If the root file system or a critical drive is encrypted, you’ll need to update the initramfs to include decryption tools.

Update the initramfs:

bash
Copy
Edit
sudo update-initramfs -u
Verify that the cryptsetup package is installed in your initramfs configuration.

Test Boot Behavior
Reboot the system and observe the decryption process:

If you specified none in /etc/crypttab, you should be prompted for a passphrase at boot.
If a key file was used, the drive should decrypt automatically.
6. Using a Key File for Automatic Decryption
To avoid entering a passphrase at boot, use a key file:

Generate a key file:

bash
Copy
Edit
sudo dd if=/dev/urandom of=/root/luks-keyfile bs=4096 count=1
Set permissions:

bash
Copy
Edit
sudo chmod 600 /root/luks-keyfile
Add the key file to the LUKS header:

bash
Copy
Edit
sudo cryptsetup luksAddKey /dev/sdX /root/luks-keyfile
Update /etc/crypttab:

bash
Copy
Edit
cryptname /dev/sdX /root/luks-keyfile luks
Update the initramfs:

bash
Copy
Edit
sudo update-initramfs -u
Reboot to test automatic decryption.

Troubleshooting
Device not found during boot: Ensure the correct device path is used in /etc/crypttab.
Passphrase prompt not appearing: Verify cryptsetup is installed and included in initramfs.
Boot hangs or fails: Boot into a live session, comment out entries in /etc/fstab or /etc/crypttab, and investigate.

Okay for anyone still around, I was able to get this sorted, it appears that the initial file I was using was either corrupted or maybe a patch for an existing installation.

I've documented the process, copied below for reference. I won't be sharing IBMs RPM's on this post. You should be able to get these directly from IBM's website free of charge, but your mileage may vary.

Installing IBM Datapower on CentOS 8/9 or Rocky Linux 8/9 to your Hypervisor/Cloud Provider

Minimum System Requirements
• 4 vCPU
• 16 GiB RAM
• 80 GiB Disk Space
• 4 Network Interfaces – with DHCP or Statically Assigned IPs
• 2 Available Loop devices – Documented Below
• Default Partitioning will work, can be configured to meet any security requirements (separate LV for VAR for example)
• Installation without a GUI recommended with these below features
◦ “Server Installation” Option
▪ Guest Agents (Drivers for Hypervisor/Cloud recommended)
▪ Remote Management for Linux recommended – SSH and or Cockpit
• Root only account – User accounts are unnecessary
• Security Policy to adhere to any State/Fed requirements (may effect Installation Destination configuration – not documented here).

Configure Timezone and any other settings as required – no specific documentation needed

Sample User: root
Password: your-password

Upon installation check for updates and install a few required repositories.

sudo dnf update -y sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm sudo dnf update -y sudo dnf search schroot sudo dnf install schroot ipvsadm kmod telnet -y

Post installation of dependencies we need to confirm our loop devices are configured.

Confirm what loop devices exist (likely there is only 1) so we’ll need to create some with the below.

List your loop devices:

ls -l /dev/loop* brw-r----- 1 rootls disk 7, 0 Jul 24 17:49 /dev/loop-control

We only have the loop-control device, so create two more loop devices with the below.

mknod -m660 /dev/loop1 b 7 8 mknod -m660 /dev/loop2 b 7 8

Confirm the devices are listed.

ls -l /dev/loop* brw-rw----. 1 root root 7, 8 Nov 27 08:10 /dev/loop1 brw-rw----. 1 root root 7, 8 Nov 27 08:10 /dev/loop2 crw-rw----. 1 root disk 10, 237 Nov 27 07:51 /dev/loop-control

Now transfer or download the Datapower and LibgCrypt RPMs to this system using something line wget or WinSCP depending on access. You can find libgcrypt here (https://rpmfind.net)

Once transferred, you may have to decompress the installation files.

tar -xf idg_lx10540.cd.ASL.prod.tar

Now we can install the program

sudo yum install idg_lx.10540.image.x86_64.rpm idg_lx10540.common.x86_64.rpm

Once installed, you’ll connect to the system via telnet on the system’s loopback address

telnet 127.0.0.1 2200 Initial login is: admin Initial Password is: admin

Confirm to all prompts with Y and then run/create and confirm a new password

You must restart the DataPower Gateway to make the Common Criteria policies effective.

idg# configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit Global mode Modify Web management service configuration

Now you can go to the web console via your computer and using the primary IP address. In our example
https://ip-address:9090

You’ll use the login password you created while connected via SSH. You’ll have to create yet another new password.

Once the password is updated, you’ll be able to login and complete the setup by accepting the license agreement.

After accepting the licensing agreement the system will need to reboot. After logging in via SSH you’ll need to restart the web interface.

telnet 127.0.0.1 2200 admin <password> idg<config> idg <config> configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit

That's the complete installation process from start to finish. The last step would be to setup initialization of the datapower service upon restart. I'll be working on this sometime this week probably so that the environment is fault tolerant.

@CCWTech said in Clean a Linux or UNIX Text File to Strip Hidden Characters:

@scottalanmiller Great, but can you explain the syntax of the command?

trim anything accept characters 11, 12, or 40-176. The acceptable character ranges.

@DustinB3403

Ha! That's the thing though, I am curious if sudo will be (at least partially derived) from the sudo we know and love, or will it be Microsoft's own thing that happens to use a command named sudo.

@NetworkNerd

1. Identify the Cause of High Disk IO and CPU Wait MariaDB Activity: Since mariadb is showing high IO during the problematic window, it's crucial to identify the queries causing this load. You can enable the slow query log in MariaDB to capture queries that are taking an unusually long time to execute. Scheduled Tasks: Check for any scheduled tasks (cron jobs) on the server that run around 5 AM CST. These could be system tasks, WordPress cron jobs, or database maintenance tasks. 2. Systemd-journald Failure The failure of systemd-journal-flush.service suggests that the journaling system is overwhelmed, likely due to the high IO load. Investigate the journal logs (journalctl) for any errors or warnings that occur around this time. 3. Review WordPress Plugins and Activities Plugin Behavior: Even though plugins like Updraft Plus are scheduled for different times, they might be triggering background tasks. Verify plugin behavior and logs. WordPress Cron: WordPress has its own cron system (wp-cron.php) that can sometimes trigger resource-intensive tasks. Review the WordPress cron events. 4. Server and Database Optimization Database Optimization: Run a check and optimization task on your MariaDB database. Over time, databases can become inefficient and slow. Upgrade Resources: An e2-micro instance is quite limited in resources. If this issue is related to resource constraints, consider upgrading the VM instance type. 5. Monitoring and Logs Enable Enhanced Monitoring: Tools like sar, iotop, or atop can provide in-depth system metrics. Make sure they are configured correctly. Access and Error Logs: Review NGINX, PHP-FPM, and MariaDB logs for any anomalies during the problematic time frame. 6. External Factors Traffic Spikes: Although Jetpack stats show low traffic, consider checking the access logs for unexpected traffic spikes, which might be bots or crawlers. Network Analysis: Use tools to monitor network activity. Unexpected external connections might be contributing to the load. 7. Testing and Isolation Isolate Components: Temporarily disable certain components or plugins during the problem window to see if the issue persists. Test in a Staging Environment: If possible, replicate the setup in a staging environment to test without affecting the live site.

The Linux / Windows approach gives you far more flexibility. MacOS is useless in a million scenarios. But when it is good, it's really good. The UI is still pretty crap, but things like patching they can do with a reliability no one else can. No matter how hard anyone tries, vertical integration of components means things like patching can be tested completely, not just spot checked.

There is a ppd you can use for cups in the Mac driver.

Primera LX900 - ColorLabelSugned - Payload~~ - Library - Printers - PPDs - Contents - Resources - CL900.ppd

@scottalanmiller said in Installing Mastodon 4.1.2 on Debian 11:

@stacksofplates said in Installing Mastodon 4.1.2 on Debian 11:

Their official image is here ghcr.io/mastodon/mastodon

Yeah, that one was flaky. But is it official? Why's it on a different account?

Yes it's their official. Ghcr is the GitHub packages repo. It's similar to GCR, ECR, etc. Other OCI image repositories are more popular now since Docker has imposed limits on Docker Hub.