Yes, for example, syncing on a kernel panic could lead to data corruption (which is why we don’t do that). For the same reason REISUB is not recommended anymore: The default advice for a locked-up system should be SysRq B.

Try perhaps the solution in https://unix.stackexchange.com/questions/648084/docker-interface-tears-down-wifi-internet

Try removing all the superfluous default routes.

Argon2id (cryptsetup default) and Argon2i PBKDFs are not supported (GRUB bug #59409), only PBKDF2 is.

There is this patch, although I have not tested it myself. There is always cryptsetup luksAddKey --pbkdf pbkdf2.

GRUB works just fine with LUKS2 these days. There is no need to switch bootloaders.

This seems right and exactly the way I’ve set it up. On subvolid=5 I have subvolumes @ and @home, in /etc/fstab I mount / as subvol=@, and /home as subvol=@home.

Could you run sudo lshw -C network and post the output for the wireless interface?

I thought about torrents, but found no way to do that privately either.

You can torrent privately using I2P (It’s like Tor but peer-to-peer). The Java router comes with a pre-installed torrent client, accessible from the console. After installing and setting up your browser you can browse the main tracker at tracker2.postman.i2p.

I occasionally experience the same thing. When this happens, it appears the jwt token is not sent with the initial request (thus appearing to be logged out), but it is sent with api requests on the same page (unread_count, list, etc.), so the cookie is not lost (document.cookie also shows it). Sometimes refreshing again fixes it, but I haven’t yet found a good workaround. I’ll experiment a bit next time it happens.

But you can do this.

Memory safety would be the main advantage.