fedorafan

joined 1 year ago
[–] [email protected] 1 points 9 months ago

Staying on top of updates is one of the most effective ways to keep your stuff secure and really should be done regardless of your setup. Updates have the downside of sometimes causing systems and applications to break. I think the question is what frequency do you want to update your applications.

I have been very happy with FCOS and really view it as building a declarative appliance. You can install it straight from an iso and configure it manually similar to Debian. But I really like the butane / ignition method for defining everything about it. Sort of like a more robust cloud init on the Debian side. I typically define this in a ~~terraform~~ openTofu project and then transpile it to my hypervisor as a vm so I can just keep fine tuning my config until I have it just right. I set weekly auto updates typically and for the most part rarely touch FCOS vms once they are working.

[–] [email protected] 1 points 9 months ago

You can do some pretty cool things with WW SP, but I feel like working with it really makes me appreciate Linux and the Foss community so much more. WW always feels so proprietary.

[–] [email protected] 1 points 9 months ago

Fedora core os (FCOS) vms on XCP-NG with trueNas for persistent storage. With FCOS, vms configurations can stay version controlled and deployed using open Tofu (terraform) and butane/ignition.

[–] [email protected] 1 points 1 year ago

Interest rates seem slightly correlated with spending sentiment, but I have mostly just seen folks reigning in excessive project spending and trying to manage project cash flow a little more aggressively. Might depend on the subset of mfg you are involved with.

[–] [email protected] 4 points 1 year ago

One factor is that laptops need a little more design work to build out main boards and validate relative to a desktop, especially considering that you optimizing for power draw and that very little of the design is socketed. As a result a good chunk of the Linux laptop market uses OEM provided designs and then tailors their software around it. Last I heard system76 was working to bring that design work in house.

[–] [email protected] 1 points 1 year ago

This is very much a choose your own adventure that depends on a number of factors such as the services you're hosting, ease of access for other household members, your hosting setup, additional privacy concerns, ect.

Here a couple of resources for different methods:

Techno Tim's overview, reverse proxy through cloudflare https://www.youtube.com/watch?v=Cs8yOmTJNYQ

Cloudflare proxy straight to the hosted service https://www.cloudflare.com/products/tunnel/

Create a peer to peer vpn sidestepping opening ports: https://tailscale.com/blog/how-tailscale-works/

[–] [email protected] 6 points 1 year ago (3 children)

OpenWRT is good option another that could be worth looking into might be Vyos. As far as I can tell the big issues in this space is comprehensive hardware support.