These are some recent small happenings, mainly for personal records.
February 25
Cleaning Up MySQL Binlog Files
Suddenly noticed my VPS was running out of disk space. After some thought, I realized I hadn’t installed much on this VPS. Checking the panel, I found MySQL was taking up 60GB of space.
This was the first time I encountered such an issue with MySQL. Upon further inspection, I discovered it was due to never cleaning up the binary log (Binlog) files.
I hadn’t used MySQL 8.4 before and never ran into this issue. Here’s the solution:
| |
1Panel Auto-Cleanup Settings
1Panel → Database → MySQL Settings → Configuration
Add the following under mysqld:
| |
January 29
Credit Card Fraud (Again)
Woke up this morning to WeChat notifications from my bank about multiple failed overseas card-not-present transactions. Luckily, after discovering my card details were leaked a few days ago, I researched how to lock my card and preemptively blocked overseas transactions. Otherwise, these failed attempts might have succeeded, making recovery a nightmare.
This Mastercard + UnionPay dual-currency card was issued over 10 years ago and had never had issues before. But after replacing it late last year, I used the card details for one or two foreign online payments, and somehow the information got leaked.
After the first signs of fraud, I considered replacing the card. However, since it’s linked to AWS and Oracle Cloud, I worried changing the card number might disrupt services.
After some research, I realized it wouldn’t affect anything. Immediately called the bank to request a virtual card replacement. Problem solved.
January 25
Adding an RSS Sidebar Widget to Hugo
WordPress has built-in widgets for easily adding RSS feeds, but Hugo requires a bit more work. However, since my goal was to display my WordPress latest posts on Hugo, I didn’t strictly need RSS—I could directly call the WordPress API. But the approach is similar to RSS.
Add the Module to Hugo’s Sidebar Template
Method A: RSS Fetch
1 2 3 4 5 6 7 8 9 10 11{{ $rssUrl := "https://news.lawtee.com/feed/" }} <!-- Replace with your RSS URL --> {{ $rss := resources.GetRemote $rssUrl }} {{ $items := $rss | transform.Unmarshal }} <h2>RSS</h2> <ul> {{ range first 7 $items.channel.item }} <li> <a href="{{ .link }}" target="_blank">{{ .title }}</a> </li> {{ end }} </ul>Method B: WordPress API Fetch
1 2 3 4 5 6 7 8{{ $url := "https://news.lawtee.com/wp-json/wp/v2/posts?per_page=7" }} <!-- Replace with your WordPress URL --> {{ $posts := getJSON $url }} <h2>Latest Posts</h2> <ul> {{ range $posts }} <li><a href="{{ .link }}" target="_blank">{{ .title.rendered }}</a></li> {{ end }} </ul>
Add Necessary CSS
For simplicity, I reused the CSS from another Hugo sidebar widget (archives).1 2 3 4 5 6 7 8 9 10 11 12 13 14 15<section class="widget archives"> <div class="widget-icon"> {{ partial "helper/icon" "rss" }} </div> <h2 class="widget-title section-title"> <a href="https://news.lawtee.com/" target="_blank">News</a> </h2> <div class="widget-archive--list"> <ul> {{ range $posts }} <li><a href="{{ .link }}" target="_blank">{{ .title.rendered }}</a></li> {{ end }} </ul> </div> </section>
January 22
Preventing Credit Card Fraud
When I first started working, I frequently shopped on foreign platforms like Amazon, GoDaddy, and NameSilo, so I applied for several Visa/Mastercard credit cards. Since online transactions require entering the three-digit CVV code on the back of the card, the details are prone to leaks. Despite being cautious, today my card was hit with a $0 fraud attempt (no amount charged, but the details were clearly stolen).
The root cause, I think, is how deeply buried the “lock card” feature is in banking apps. Previously, after foreign transactions, I’d lock the card via the bank’s app. After changing phones, I found installing banking apps cumbersome and switched to WeChat mini-programs.
But finding the “lock card” feature in mini-programs is annoyingly difficult. I’ve failed to locate it several times before, so I settled for “transaction limits” instead of locking. Only after today’s fraud attempt did I seriously research where this feature hides.
- China Construction Bank (CCB): No lock feature in the WeChat mini-program; only available in the CCB app’s security center.
- Guangfa Bank: Hidden under “Card Management → Card Inspection Center” in the mini-program. Seriously, who’d think to look there?
- China Merchants Bank (CMB): No lock feature in the mini-program; only in the CMB app’s security center.
- CITIC Bank: The mini-program’s “Payment Settings” directly shows “One-Click Lock Card” (the most convenient).
January 21
Watching Trump’s Inauguration
Last night, I inexplicably watched Trump’s inauguration live—curiosity killed the cat, and I had goosebumps the whole time.
- Hierarchy on Display: The Capitol’s main hall was packed with elites—a gathering of nearly half the world’s top 100 richest. On the left side of the podium were Trump’s allies and wealthy supporters; the right side held several Democratic ex-presidents and party heavyweights. The Chinese delegation was also placed on the right, subtly implying some adversarial stance. The adjacent hall seemed reserved for mid-level bureaucrats, far more disciplined than the main hall—during prayers, they all bowed their heads solemnly, while the main hall crowd was noticeably indifferent. A separate stadium hosted the MAGA faithful, but the live feed only showed them briefly. This fits my impression of capitalism: elites at the center, loyal underlings on the periphery, and ordinary folks left to cheer from the sidelines. It’s just a show—why not invite some civilians? But no, the elites brought their families, while regular citizens weren’t even given token representation.
- Professional Performers: American democracy has its quirks—behind-the-scenes bloodshed, but on stage, it’s all “gentlemanly conduct.” The main hall crowd appeared calm, especially the Democrats, showing no signs of “defeat.” Even as Trump lambasted their “four years of sins,” the Clintons managed to smile. While Trump axed Democratic policies one by one, the party leaders remained unflappable—veteran actors indeed. No wonder my teacher said, “Politics is performance art.” In contrast, some Supreme Court justices seemed detached but betrayed subtle discomfort, likely due to Trump overturning their TikTok ban with an executive order. Staying neutral in partisan battles is hard.
- Full Retreat: The highlight was Trump’s speech, delivered in a deceptively casual tone—soft words, hard actions. His agenda—border control, gender issues, energy, urban crime, education, healthcare, trade protectionism, the Panama Canal, Gulf naming—all signaled America’s retreat. The world order may reshape dramatically in these four years.
January 16
Signing Up for Xiaohongshu (Little Red Book)
I always thought Xiaohongshu was a social platform for refined young women. Links shared from it on WeChat reinforced this impression. But unexpectedly, as TikTok faces a potential ban, Xiaohongshu suddenly went viral abroad. So I registered an account with Gmail to check it out.
- This influx of users is a rare opportunity—I hope Xiaohongshu leverages it well. The U.S.-China divide, especially between ordinary citizens, is artificially widened by elites. Amid ideological hostility, having so many Americans flock to a developing country’s platform is a windfall.
- Some U.S. media describe Xiaohongshu with ideological labels like “Mao’s Little Red Book” to scare Americans. But anyone who downloads it can see how disingenuous this is, breeding distrust in U.S. media manipulation.
- Strategically, the U.S. is losing here. Banning TikTok solves nothing. Live commerce + short videos are uniquely scalable in China—manufacturer livestreams are the endgame.
January 15
Self-Hosting RSS with FreshRSS + FeedMe
Inspired by “Netizen Xiao Song,” I decided to set up my own RSS service, mainly for mobile reading. As we know, the popular “Follow” lacks a mobile app, and its mobile web version is feature-limited, often requiring desktop mode, which is clunky. Also, since Follow only has an official web version (with unclear proxy rules) and uncertain sustainability, self-hosting RSS remains a practical solution. That said, as long as Follow exists, I’ll keep using it on PC browsers.
This time, I used FreshRSS. Compared to TinyRSS, it’s more feature-rich, with multiple themes and PWA support (can be installed as a quasi-app). But I opted for a third-party app, FeedMe, for better aesthetics and smoother operation. Thanks to FreshRSS’s Google Reader API, syncing with FeedMe is seamless—even translated content stays consistent. Perfect for my needs.
January 14
Ignoring Specific Updates in GitHub Actions
Add the following to your workflow deployment template. For example, I wanted to skip auto-deploys for WebP image commits or minor edits by including “webp” in the commit message.
| |
Link Blog in a Static Site
This article by Redowan addressed a long-standing pain point of mine—how to publish simple thoughts and updates on a static blog like Hugo, where most of the content would likely reference other sources. I initially considered using a Moments page under the article category to achieve this, but this method was still cumbersome. Moreover, I didn’t want these updates to clutter my RSS feed or disrupt the coherence of my blog posts. To mitigate this, I even configured the “Moments” pages to display only two entries on the homepage. Unfortunately, this still didn’t fully meet my needs.
I went with a dead simple approach that has worked for me for the past 5 months:
- Detail view: Have a single markdown page dedicated to each year and add the links there.
- List view: Cluster the detail pages in a list view named “feed.”
It wasn’t until I read this article that I realized I could create a standalone page for updates. After considering the technical implementation, I finally went ahead and added this page.
Given that I’ll mostly be updating this page from my phone, I set the file for this page in the GitHub repository as a browser shortcut for easy access and quick updates.