$ dpkg-query -W firefox
firefox 148.0.2-1
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

$ sudo service lightdm restart

$ dconf dump / > dconf.backup (1)
$ dconf reset -f /org/gnome (2)

$ dpkg-query -W gnome lightdm dconf-cli
dconf-cli       0.40.0-5
gnome   1:48+2
lightdm 1.32.0-6+b2
$ lsb_release -dr
Description:    Debian GNU/Linux 13 (trixie)
Release:        13
$ arch
x86_64

$ w3m -dump http://100.121.84.16:5000/ | grep ^v
v0.54.1

 > DISABLED
> Exception: Invalid URL 'DISABLED': No scheme supplied. Perhaps you meant https://DISABLED?
[Create a link to share watch config with others]

* Watch protocol is not permitted or invalid URL format

$ docker compose --file ~/src/changedetection.io/docker-compose.yml up -d

$ yt-dlp -f 244+251 yYgF87nqyKI --write-auto-subs --sub-langs ja,en_orig
[youtube] Extracting URL: yYgF87nqyKI
[youtube] yYgF87nqyKI: Downloading webpage
[youtube] yYgF87nqyKI: Downloading android vr player API JSON
[youtube] yYgF87nqyKI: Downloading web safari player API JSON
[youtube] yYgF87nqyKI: Downloading player 4c5cf06a-tv
[youtube] [jsc:deno] Solving JS challenges using deno
[youtube] yYgF87nqyKI: Downloading m3u8 information
[info] yYgF87nqyKI: Downloading subtitles: ja
[info] yYgF87nqyKI: Downloading 1 format(s): 244+251
[info] Writing video subtitles to: CDImage - Cam [yYgF87nqyKI].ja.vtt
WARNING: The extractor specified to use impersonation for this download, but no impersonate target is available. If you encounter errors, then see  https://github.com/yt-dlp/yt-dlp#impersonation  for information on installing the required dependencies
ERROR: Unable to download video subtitles for 'ja': HTTP Error 429: Too Many Requests

[info] Writing video subtitles to: CDImage - Cam [yYgF87nqyKI].ja.vtt
[debug] Invoking http downloader on "https://www.youtube.com/api/timedtext?v=yYgF87nqyKI&ei=M4WXaZnECfax2roP_YqAqAc&caps=asr&opi=112496729&xoaf=5&xowf=1&xospf=1&hl=en&ip=0.0.0.0&ipbits=0&expire=1771562915&sparams=ip%2Cipbits%2Cexpire%2Cv%2Cei%2Ccaps%2Copi%2Cxoaf&signature=1B0AC6AA8FB20AFE9B45B2F66DBB1000F04DE626.909918AF43ACD2AFD3E0C2C61E53A3C72E49AB6C&key=yt8&kind=asr&lang=en&fmt=vtt&tlang=ja"
WARNING: The extractor specified to use impersonation for this download, but no impersonate target is available. If you encounter errors, then see  https://github.com/yt-dlp/yt-dlp#impersonation  for information on installing the required dependencies
ERROR: Unable to download video subtitles for 'ja': HTTP Error 429: Too Many Requests
Traceback (most recent call last):
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 4449, in _write_subtitles
    self.dl(sub_filename, sub_copy, subtitle=True)
    ~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 3285, in dl
    return fd.download(name, new_info, subtitle)
           ~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/downloader/common.py", line 480, in download
    ret = self.real_download(filename, info_dict)
  File "/home/matoken/bin/yt-dlp/yt_dlp/downloader/http.py", line 362, in real_download
    establish_connection()
    ~~~~~~~~~~~~~~~~~~~~^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/downloader/http.py", line 119, in establish_connection
    ctx.data = self.ydl.urlopen(request)
               ~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 4260, in urlopen
    return self._request_director.send(req)
           ~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/networking/common.py", line 117, in send
    response = handler.send(request)
  File "/home/matoken/bin/yt-dlp/yt_dlp/networking/_helper.py", line 194, in wrapper
    return func(self, *args, **kwargs)
  File "/home/matoken/bin/yt-dlp/yt_dlp/networking/common.py", line 359, in send
    return self._send(request)
           ~~~~~~~~~~^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/networking/_requests.py", line 361, in _send
    raise HTTPError(res, redirect_loop=max_redirects_exceeded)
yt_dlp.networking.exceptions.HTTPError: HTTP Error 429: Too Many Requests

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 1698, in wrapper
    return func(self, *args, **kwargs)
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 1854, in __extract_info
    return self.process_ie_result(ie_result, download, extra_info)
           ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 1913, in process_ie_result
    ie_result = self.process_video_result(ie_result, download=download)
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 3096, in process_video_result
    self.process_info(new_info)
    ~~~~~~~~~~~~~~~~~^^^^^^^^^^
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 189, in wrapper
    return func(self, *args, **kwargs)
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 3353, in process_info
    sub_files = self._write_subtitles(info_dict, temp_filename)
  File "/home/matoken/bin/yt-dlp/yt_dlp/YoutubeDL.py", line 4457, in _write_subtitles
    raise DownloadError(msg)
yt_dlp.utils.DownloadError: Unable to download video subtitles for 'ja': HTTP Error 429: Too Many Requests

$ yt-dlp -f 244+251 yYgF87nqyKI --write-auto-subs --sub-langs ja,en_orig --sleep-subtitles 60

$ mpv --sub-files='CDImage - Cam [yYgF87nqyKI].en.vtt:CDImage - Cam [yYgF87nqyKI].ja.vtt' --secondary-sid=2 'CDImage - Cam [yYgF87nqyKI].webm'

$ yt-dlp --version
2026.02.04
$ deno --version
deno 2.6.8 (stable, release, x86_64-unknown-linux-gnu)
v8 14.5.201.2-rusty
typescript 5.9.2
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

$ sudo -u snac ~snac/snac2/snac state ~snac/snac-data
server: snac.matoken.org (snac/2.90)
uptime: 1:11:46:03
job fifo size (cur): 0
job fifo size (peak): 11
thread #0 state: waiting
thread #1 state: waiting
thread #2 state: waiting
thread #3 state: waiting
$ lsb_release -dr
No LSB modules are available.
Description:    Debian GNU/Linux 12 (bookworm)
Release:        12
$ arch
x86_64

タブのページをロックする: バージョン 1.2025.1227.0
$ dpkg-query -W firefox
firefox 147.0.3-1+b1
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

$ sudo -u www-data php updater/updater.phar

  :

[✘] Verify integrity failed
There are more files than the downloaded archive in the downloads/ folder.

Update failed. To resume or retry just execute the updater again.

2026-02-08T22:30:46+0000 T8hDMIut3r [info] storage location: /var/www/files.matoken.org/data/updater-ocws62au2wl3/downloads/
2026-02-08T22:30:57+0000 T8hDMIut3r [info] end of verifyIntegrity()

$ ls -lA  /var/www/files.matoken.org/data/updater-ocws62au2wl3/downloads/
合計 610548
-rw-r--r-- 1 www-data www-data 312581794  1月 16 04:09 nextcloud-32.0.4.zip
-rw-r--r-- 1 www-data www-data 312597357  2月  9 07:24 nextcloud-32.0.5.zip

$ rm /var/www/files.matoken.org/data/updater-ocws62au2wl3/downloads/nextcloud-32.0.4.zip

$ sudo -u www-data php updater/updater.phar --no-backup

  :

"occ upgrade" finished

Keep maintenance mode active? [y/N]
Maintenance mode disabled

Maintenance mode is disabled

$ sudo -u www-data php /var/www/files.matoken.org/occ --version
Nextcloud 32.0.3
$ lsb_release -dr
No LSB modules are available.
Description:    Debian GNU/Linux 12 (bookworm)
Release:        12
$ arch
x86_64

$ echo '1
2
3' > num
$ echo 'い
ろ
は' > data

$ paste --version | head -1
paste (GNU coreutils) 9.7
$ paste num data
1       い
2       ろ
3       は

$ paste num data -d,
1,い
2,ろ
3,は

$ paste num data -d＝
1��
2��
3��

$ wget https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.xz \
	https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.xz.sig
$ echo 'SHA256 (coreutils-9.10.tar.xz) = FlNamt8LEANzZOLWEqrT2fTso6NElJztdNEvr0vVHSU=' | cksum -a sha256 --check
coreutils-9.10.tar.xz: OK
$ gpg --verify coreutils-9.10.tar.xz.sig
gpg: assuming signed data in 'coreutils-9.10.tar.xz'
gpg: Signature made Wed Feb  4 21:46:29 2026 JST
gpg:                using RSA key 6C37DC12121A5006BC1DB804DF6FD971306037D9
gpg: Good signature from "P draig Brady <P@draigBrady.com>" [unknown]
gpg:                 aka "P draig Brady <pixelbeat@gnu.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6C37 DC12 121A 5006 BC1D  B804 DF6F D971 3060 37D9
$ tar xvf coreutils-9.10.tar.xz
$ cd coreutils-9.10
$ sudo apt build-dep coreutils
$ ./configure
$ make
$ src/paste --version | head -1
paste (GNU coreutils) 9.10

$ ./src/paste num data -d＝
1＝い
2＝ろ
3＝は
$ ./src/paste num data -d🐈
1🐈い
2🐈ろ
3🐈は

$ dpkg-query -W coreutils
coreutils       9.7-3
$ src/paste --version
paste (GNU coreutils) 9.10
Copyright (C) 2026 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by David M. Ihnat and David MacKenzie.
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

$ git clone https://github.com/VirusTotal/vt-cli
$ cd vt-cli
$ make
$ build/vt -h
A command-line tool for interacting with VirusTotal.

Usage:
  vt [command]

Available Commands:
  analysis       Get a file or URL analysis
  collection     Get information about collections
  completion     Output shell completion code for the specified shell (bash or zsh)
  domain         Get information about Internet domains
  download       Download files
  file           Get information about files
  group          Get information about VirusTotal groups
  help           Help about any command
  hunting        Manage malware hunting rules and notifications
  init           Initialize or re-initialize vt command-line tool
  iocstream      Manage IoC Stream notifications
  ip             Get information about IP addresses
  meta           Returns metadata about VirusTotal
  monitor        Manage your monitor account
  monitorpartner Manage your monitor partner account
  retrohunt      Manage retrohunt jobs
  scan           Scan files or URLs
  search         Search for files in VirusTotal Intelligence
  threatprofile  Get information about Threat Profiles
  url            Get information about URLs
  user           Get information about VirusTotal users
  version        Show version number

Flags:
  -k, --apikey string   API key
      --format string   Output format (yaml/json/csv) (default "yaml")
  -h, --help            help for vt
  -s, --silent          Silent or quiet mode. Do not show progress meter
  -v, --verbose         verbose output

Use "vt [command] --help" for more information about a command.

$ build/vt init

██╗   ██╗██╗██████╗ ██╗   ██╗███████╗████████╗ ██████╗ ████████╗ █████╗ ██╗
██║   ██║██║██╔══██╗██║   ██║██╔════╝╚══██╔══╝██╔═══██╗╚══██╔══╝██╔══██╗██║
██║   ██║██║██████╔╝██║   ██║███████╗   ██║   ██║   ██║   ██║   ███████║██║
╚██╗ ██╔╝██║██╔══██╗██║   ██║╚════██║   ██║   ██║   ██║   ██║   ██╔══██║██║
 ╚████╔╝ ██║██║  ██║╚██████╔╝███████║   ██║   ╚██████╔╝   ██║   ██║  ██║███████╗
  ╚═══╝  ╚═╝╚═╝  ╚═╝ ╚═════╝ ╚══════╝   ╚═╝    ╚═════╝    ╚═╝   ╚═╝  ╚═╝╚══════╝

VirusTotal Command-Line Interface: Threat Intelligence at your fingertips.

Enter your API key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
API key written to config file: /home/matoken/.vt.toml
Relationships cache written to: /home/matoken/.cache/.vt.relationships.cache

$ build/vt scan file ~/Downloads/briar-desktop-x64-0.6.4-beta.AppImage
/home/matoken/Downloads/briar-desktop-x64-0.6.4-beta.AppImage YTg3MzBiNGEwOWFmODUxMjgwYmFjOGI0YjE1YmQ4MTE6MTc3MDE5NDcyOA==

$ build/vt analysis YTg3MzBiNGEwOWFmODUxMjgwYmFjOGI0YjE1YmQ4MTE6MTc3MDE5NDcyOA==
Quota exceeded

Access level
 Limited , standard free public API
Upgrade to premium
Usage 	Must not be used in business workflows, commercial products or services.
Request rate 	1 lookups / min
Daily quota 	1 lookups / day
Monthly quota 	31 lookups / month

Access level
 Limited , standard free public API
Upgrade to premium
Usage 	Must not be used in business workflows, commercial products or services.
Request rate 	4 lookups / min
Daily quota 	500 lookups / day
Monthly quota 	15.5 K lookups / month

$ build/vt analysis YTg3MzBiNGEwOWFmODUxMjgwYmFjOGI0YjE1YmQ4MTE6MTc3MDE5NDcyOA== | tail -10
  stats:
    confirmed-timeout: 0
    failure: 0
    harmless: 0
    malicious: 0
    suspicious: 0
    timeout: 0
    type-unsupported: 12
    undetected: 64
  status: "completed"

$ build/vt version
vt-cli
$ git log --pretty=oneline -1
d3405587c568b6486ccd5ac773cde1a25e4bb762 (HEAD -> master, origin/master, origin/HEAD) chore: upgrade `vt-go` to version 1.1.0.
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

2026-02-02T06:38:41.358362+09:00 tp-l13 acpid: received input layer event "button/power PBTN 00000080 00000000"
2026-02-02T06:38:41.359609+09:00 tp-l13 acpid: rule from /etc/acpi/events/powerbtn-acpi-support matched
2026-02-02T06:38:41.362438+09:00 tp-l13 acpid: executing action "/etc/acpi/powerbtn-acpi-support.sh"

$ sudo git -C /etc diff HEAD~~ /etc/systemd/logind.conf
diff --git a/systemd/logind.conf b/systemd/logind.conf
index 02ec007..d7e2dbe 100644
--- a/systemd/logind.conf
+++ b/systemd/logind.conf
@@ -25,7 +25,7 @@
 #InhibitDelayMaxSec=5
 #UserStopDelaySec=10
 #SleepOperation=suspend-then-hibernate suspend
-#HandlePowerKey=poweroff
+HandlePowerKey=igore
 #HandlePowerKeyLongPress=ignore
 #HandleRebootKey=reboot
 #HandleRebootKeyLongPress=poweroff

$ sudo systemctl restart systemd-logind

$ dpkg-query -W systemd acpi
acpi    1.8-1
systemd 259-1
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64
$ sudo lshw -sanitize -json | jq '."vendor", ."version"'
"LENOVO"
"ThinkPad L13"

input_method = fcitx

      o input_method (*default*) (#)
        使用するインプットメソッド
        default は、x11 版の mlterm では xim、それ以外は、システムが提供する標準
        のインプットメソッドが使用されます。
        フォーマットは以下のようになります。

        [input method];[option1]:[option2]

        [input method] にインプットメソッド(xim/uim/m17nlib/scim/kbd/skk/wnn/
        canna/iiimf)を指定し、必要であれば ":" で区切ってオプションを列挙します。

        各インプットメソッドのオプションは以下の通りです。

        xim の場合: xim:[xim server]:[locale]
        [xim server] で XIM サーバー名(kinput2, Ami, xcin など)を指定します。
        指定しなかった場合は、環境変数 XMODIFIERS で指定した XIM サーバーが
        使用されます。[locale] には XIM サーバーのローケールを指定します。指定し
        なかった場合はシステムのローケールが使用されます。use_xim オプションで
        xim を無効にした場合、xim を指定しても無視されます。

        uim の場合:
        uim:[conversion engine]
        [conversion engine] に変換エンジン(anthy, prime, hangul2など)を指定しま
        す。指定しなかった場合は uim のデフォルト変換エンジンが使用されます。

        m17nlib の場合:
        m17nlib:[language id]:[input method]
        [language id] には ISO-639 に従って言語(ar, zh, ja など)を指定します。
        指定しなかった場合はシステムのローケールから取得した言語が使われます
        [input_method] で使用するインプットメソッド(anthy, py など)を指定します
        指定されなかった場合は [language id] のデフォルトインプットメソッドが使
        用されます。m17nlib を指定した時は key ファイルで IM_HOTKEY を指定して
        ください。

        scim の場合:
        scim (オプション無し)

        ibus の場合：
        ibus:[conversion engine]
        [conversion engine] に変換エンジン(anthy, prime, hangul2など)を指定しま
        す。指定しなかった場合は ibus のデフォルト変換エンジンが使用されます。
        (ibusを使用する際の注意点)
        ibus の preferences 画面からキーボードショートカットを設定する場合、モデ
        ィファイアの Release にはチェックを付けないでください。

        fcitx の場合:
        fcitx (オプション無し)

        wnn の場合:
        wnn:[server]
        [server] には、接続するかな漢字変換サーバを指定します。
        なお、JSERVER 環境変数により指定することも可能です。
        また、WNNENVRC 環境変数により wnnenvrc ファイルの場所を指定することができます。

        canna の場合:
        canna (オプション無し)

        skk の場合:
        skk:dict=[dictionary](:utf8),sskey=[sticky shift key]
        [dictionary] に、接続する辞書サーバ(skkserv)の "ホスト名:ポート番号" 又
        は、辞書ファイルのパスを指定します。辞書が UTF-8 の場合には、末尾に
        :utf8 を付けてください。
        SKK_DICTIONARY 環境変数により指定することも可能です。
        指定しない場合は、localhost の辞書サーバに接続します。
        なお、上記とは別に、~/.mlterm/skk-jisyo をローカルの辞書として使用します。

        [sticky shift key] には、sticky shift key として使用するキーを指定してく
        ださい。印刷可能な文字のキーを指定する場合はその文字(\x3bのように16進数
        で指定することも可)を、それ以外の場合は <X11/keysymdef.h> に定義されたシ
        ンボル(XK_を除く)を指定してください。
        SKK_STICKY_SHIFT_KEY 環境変数により指定することも可能です。

        kbd の場合:
        kbd(:hide):[lang]
        US キーボードで入力された文字を、指定したキーボードレイアウトの文字に変
        換します。
        :hide を指定した場合は、ステータスウィンドウを表示しません。
        [lang]には、次のいずれかを指定することができます。
        arabic, hebrew, de, fr, es, pt, jp106, isciixxx
        なお、[lang]を省略した場合、ISCII モードの時は ISCII 配列、それ以外では
        ローケールにより判定します。
        kbd を指定した時は key ファイルで IM_HOTKEY を指定してください。

        iiimf の場合:
        iiimf:[language id]:[language engine]
        [language id] には RFC1766 に従って言語(ar, zh_CN, ja など)を指定しま
        す。指定されなかった場合はシステムのローケールから取得した言語が使われ
        ます。[language engine] では使用する LE (CannaLE, newpy など)を指定しま
        す。指定されなかった場合は [language id] のデフォルト LE が使用されま
        す。
        なお、HTT_SERVER_ADDRESS 環境変数により、接続するサーバのアドレス(Unix
        Domain Socket の場合はファイルパス)を指定できます。
        また、HTT_SHOW_STATUS_WINDOW=trueを指定することにより、ステータス表示用の
        ウィンドウを表示します。
        HTT_AUX_BASE_DIR 環境変数により、aux モジュールのあるパスを指定するこ
        とができます(デフォルトは/usr/lib/iiim/le)。

    Jan 21 19:22:50[3188254] ERROR(Resource temporarily unavailable): fcitx: Could not load.

$ apt-cache search mlterm input method
mlterm-im-fcitx - MultiLingual TERMinal, Flexible Input Method plugin
mlterm-im-ibus - MultiLingual TERMinal, IBus input method plugin
mlterm-im-m17nlib - MultiLingual TERMinal, m17nlib input method plugin
mlterm-im-scim - MultiLingual TERMinal, scim input method plugin
mlterm-im-skk - MultiLingual TERMinal, SKK input method plugin
mlterm-im-uim - MultiLingual TERMinal, uim input method plugin
$ sudo apt install mlterm-im-fcitx

$ dpkg-query -W mlterm*
mlterm  3.9.4-3
mlterm-common:amd64     3.9.4-3
mlterm-im-fcitx:amd64   3.9.4-3
mlterm-im-ibus  3.9.4-3
mlterm-im-m17nlib
mlterm-im-scim
mlterm-im-uim
mlterm-tiny
mlterm-tools    3.9.4-3
$ echo "${XDG_SESSION_TYPE}"
x11
$ lsb_release -dr
Description:    Debian GNU/Linux forky/sid
Release:        n/a
$ arch
x86_64

$ certbot --ip-address
usage:
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: --ip-address
$ certbot --version
certbot 4.0.0
$ rmadison certbot
certbot    | 1.12.0-2      | oldoldstable | all
certbot    | 2.1.0-4       | oldstable    | all
certbot    | 4.0.0-2       | stable       | all
certbot    | 4.0.0-2       | testing      | all
certbot    | 4.0.0-2       | unstable     | all

$ sudo apt install python3-dev python3-venv libaugeas-dev gcc (1)
$ git clone https://github.com/certbot/certbot (2)
$ cd certbot
$ git log --pretty=oneline -1
58724f68ec46c57dd3c3c8ed4ae686c2d7ad893b (HEAD -> 58724f6) Add CLI flag --ip-address (#10495)
$ python3 tools/venv.py (3)
$ source venv/bin/activate (4)
$ which certbot
/home/matoken/src/certbot/venv/bin/certbot
$ certbot --version
certbot 5.3.0.dev0

$ certbot help all | grep -A2 -- --ip-address
  --ip-address IP_ADDRESSES
                        IP addresses to include. For multiple IP addresses you
                        can use multiple --ip-address flags. All IP addresses
                        will be included as Subject Alternative Names on the
                        certificate. (default: [])
$ certbot help all | grep -A8 -- --preferred-profile
  --preferred-profile PREFERRED_PROFILE
                        Request the given profile name from the ACME server,
                        or fallback to default. If the given profile name
                        exists in the ACME directory, use it to request a a
                        certificate. Otherwise, fall back to requesting a
                        certificate without a profile (which means the CA will
                        use its default profile). This allows renewals to
                        succeed even if the CA deprecates and removes a given
                        profile. (default: None)

$ sudo bash -c "source venv/bin/activate && certbot certonly --ip-address 84.247.152.162 --preferred-profile shortlived"

$ sudo cat /etc/letsencrypt/live/84.247.152.162/cert.pem | openssl x509 -noout -issuer -subject -dates
issuer=C=US, O=Let's Encrypt, CN=YE2
subject=
notBefore=Jan 18 23:06:01 2026 GMT
notAfter=Jan 25 15:06:00 2026 GMT
$ sudo cat /etc/letsencrypt/live/84.247.152.162/cert.pem | openssl x509 -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e7:4e:65:fe:41:f7:9b:9e:38:12:12:64:13:85:b4:f3:dd
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=YE2
        Validity
            Not Before: Jan 18 23:06:01 2026 GMT
            Not After : Jan 25 15:06:00 2026 GMT
        Subject:
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:d9:d9:68:d2:fe:7b:09:0d:c4:97:1e:fc:e4:1e:
                    65:50:90:cc:63:ec:6a:98:a3:5c:77:b6:d0:33:f5:
                    4d:8f:ec:38:d5:e8:1d:01:75:fb:d6:93:15:b9:f3:
                    f8:7e:a4:a9:7b:bf:d7:4d:a3:5e:d0:ca:8f:74:e5:
                    7a:98:bc:8e:9e
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier:
                B9:59:F2:8E:CF:22:F0:86:D3:37:48:FF:76:14:18:BA:82:D8:55:87
            Authority Information Access:
                CA Issuers - URI:http://ye2.i.lencr.org/
            X509v3 Subject Alternative Name: critical
                IP Address:84.247.152.162
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://ye2.c.lencr.org/94.crl

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Jan 19 00:04:31.276 2026 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:19:47:12:58:F2:D7:9C:08:A5:0D:C0:5B:
                                F0:E7:DF:73:0F:64:77:B2:39:39:A4:3C:A1:D3:F0:39:
                                4E:7B:0D:91:02:21:00:87:BA:CE:E6:6E:F6:D3:52:D2:
                                BC:C4:ED:BE:26:6F:DE:BC:B7:17:5F:B6:47:4A:82:75:
                                A9:95:56:A0:68:FD:1F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E3:23:8D:F2:8D:A2:88:E0:AA:E0:AC:F0:FA:90:C9:85:
                                F0:B6:BF:F5:D2:A5:27:B0:01:FC:1C:44:58:C4:B6:E8
                    Timestamp : Jan 19 00:04:31.523 2026 GMT
                    Extensions: 00:00:05:00:2F:CD:F8:E5
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:CD:4B:99:89:27:23:A9:B5:4E:68:D9:
                                A0:59:63:45:F5:8F:6A:5C:1F:C2:39:24:AF:60:E4:25:
                                FF:E6:53:08:4E:02:21:00:DE:9F:73:AB:35:BC:7D:5D:
                                E7:7A:CB:DE:A7:25:FE:2E:09:A3:2A:33:6E:3B:E4:4E:
                                D7:AD:67:B9:02:E5:36:B8
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:64:02:30:09:90:c5:7b:2d:7c:21:7e:7a:21:77:3a:2d:8e:
        cd:a1:4d:d1:5e:08:2f:8c:e7:b9:ad:19:39:33:d7:67:41:76:
        68:39:26:f5:cf:8e:4d:42:5e:cf:45:69:e2:8a:18:ef:02:30:
        2b:7f:6c:90:27:d1:e5:b1:dd:a2:2a:cb:20:d4:8c:27:0c:7c:
        6d:9b:06:c8:52:bd:23:d6:aa:83:61:f5:13:fd:77:55:e9:ab:
        29:e2:bd:82:84:4d:4f:81:4b:3b:76:8a

$ echo $(( $( date +%s --date 'Jan 25 15:06:00 2026 GMT' ) - $( date +%s --date='Jan 18 23:06:01 2026 GMT' ) )) (1)
575999
$ echo $((160*60*60)) (2)
576000

$ git log --pretty=oneline -1
58724f68ec46c57dd3c3c8ed4ae686c2d7ad893b (HEAD -> 58724f6) Add CLI flag --ip-address (#10495)
$ dpkg-query -W python3-dev python3-venv libaugeas-dev gcc
gcc     4:14.2.0-1
libaugeas-dev:amd64     1.14.1-1+b3
python3-dev     3.13.5-1
python3-venv    3.13.5-1
$ lsb_release -dr
Description:    Debian GNU/Linux 13 (trixie)
Release:        13
$ arch
x86_64

$ cargo --version
warning: `/home/matoken/.cargo/config` is deprecated in favor of `config.toml`
  |
  = help: if you need to support cargo 1.38 or earlier, you can symlink `config` to `config.toml`
cargo 1.92.0 (344c4567c 2025-10-21)
$ cargo install --git https://github.com/kavehtehrani/cloudflare-speed-cli --features tui
$ cloudflare-speed-cli --help
Cloudflare-based speed test with optional TUI

Usage: cloudflare-speed-cli [OPTIONS]

Options:
      --base-url <BASE_URL>
          Base URL for the Cloudflare speed test service [default: https://speed.cloudflare.com]
      --json
          Print JSON result and exit (no TUI)
      --text
          Print text summary and exit (no TUI)
      --download-duration <DOWNLOAD_DURATION>
          Download phase duration [default: 10s]
      --upload-duration <UPLOAD_DURATION>
          Upload phase duration [default: 10s]
      --idle-latency-duration <IDLE_LATENCY_DURATION>
          Idle latency probe duration (pre-test) [default: 2s]
      --concurrency <CONCURRENCY>
          Concurrency for download/upload workers [default: 6]
      --download-bytes-per-req <DOWNLOAD_BYTES_PER_REQ>
          Bytes per download request [default: 10000000]
      --upload-bytes-per-req <UPLOAD_BYTES_PER_REQ>
          Bytes per upload request [default: 5000000]
      --probe-interval-ms <PROBE_INTERVAL_MS>
          Probe interval in milliseconds [default: 250]
      --probe-timeout-ms <PROBE_TIMEOUT_MS>
          Probe timeout in milliseconds [default: 800]
      --experimental
          Enable experimental features (TURN fetch + UDP-like loss probe)
      --export-json <EXPORT_JSON>
          Export results as JSON
      --export-csv <EXPORT_CSV>
          Export results as CSV
      --auto-save <AUTO_SAVE>
          Use --auto-save true or --auto-save false to override (default: true) [default: true] [possible values: true, false]
      --interface <INTERFACE>
          Bind to a specific network interface (e.g., ens18, eth0)
      --source <SOURCE>
          Bind to a specific source IP address (e.g., 192.168.10.0)
      --certificate <CERTIFICATE>
          Path to a custom TLS certificate file (PEM or DER format)
  -h, --help
          Print help
  -V, --version
          Print version
$ cloudflare-speed-cli --version
cloudflare-speed-cli 0.3.1

$ cloudflare-speed-cli --text 2>/dev/null
IP/Colo/ASN: 133.106.160.49 / NRT / 138384 (-)
Download: 23.73 Mbps
Upload:   2.47 Mbps
Idle latency p50/p90/p99: 98.9/110.7/110.7 ms (loss 0.0%, jitter 10.2 ms)
Loaded latency (download) p50/p90/p99: 438.0/578.6/755.2 ms (loss 0.0%, jitter 130.1 ms)
Loaded latency (upload) p50/p90/p99: 654.8/794.1/794.1 ms (loss 45.5%, jitter 144.4 ms)

$ watch -n 3600 -- cloudflare-speed-cli --text

$ watch -n 3600 -- cloudflare-speed-cli --text --auto-save true

│ 3.   2025-12-31 06:30:11 +09:00  DL   20.69 Mbps  UL    4.66 Mbps  Idle p50  103.7 ms  -  (1)
│ 4.   2025-12-31 06:08:33 +09:00  DL   21.73 Mbps  UL    3.16 Mbps  Idle p50  100.7 ms  wlan0  TP-L13💻 (2)

$ sudo ./witr -port 22
Target      : sshd

Process     : sshd (pid 581)
User        : root
Command     : sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
Started     : 4 days ago (Thu 2025-12-25 18:10:39 +09:00)

Why It Exists :
  systemd (pid 1)   sshd (pid 581)

Source      : systemd service (supervisor)

Working Dir : /
Listening   : 0.0.0.0:22
              :::22

Warnings    :
    Process is listening on a public interface
    Process is running as root
    Process is running from a suspicious working directory: /

$ sudo ~/usr/local/bin/witr -pid 10522
Target      : firefox.real

Process     : firefox.real (pid 10522) [high-mem]
User        : matoken
Command     : /usr/bin/firefox.real
Started     : 2 days ago (Sat 2025-12-27 05:39:41 +09:00)

Why It Exists :
  systemd (pid 1) → firefox.real (pid 10522)

Source      : systemd service (supervisor)

Working Dir : /home/matoken

Warnings    :
  • Process is using high memory (>1GB RSS)

$ ./witr -pid 524
Target      : glance

Process     : glance (pid 524) {forked}
User        : matoken
Command     : /home/matoken/bin/glance -config /home/matoken/.config/glance.yml
Started     : 4 days ago (Thu 2025-12-25 18:10:36 +09:00)
Restarts    : 1

Why It Exists :
  systemd (pid 1) → cron (pid 448) → cron (pid 492) → sh (pid 523 glance (pid 524)

Source      : systemd service (supervisor)

Working Dir : /home/matoken
Listening   : :::8080

Warnings    :
    Process is listening on a public interface

$ sudo nmap -p 0-65535 localhost | grep open | cut -f1 -d\/ | xargs -n1 sudo ./witr -port