Do you run an image-based Server?
I use Fedora Kinoite daily and find it to be the only OS to make sense really.
I find Fedora CoreOS totally confusing (with that ignition file, no anaconda, no user password by default, like how would I set this up anywhere I dont have filesystem access to?)
But there are alternatives. I would like to build my own hardened Fedora server image that can be deployed anywhere (i.e. any PC to turn into a secure and easy out-of-the-box server).
As modern server often uses containers anyways, I think an atomic server only makes sense, as damn Debian is just a pain to use.
Experiences, recommendations?
like this
const_void
in reply to Pantherina • • •How does it make more sense than Fedora KDE?
Pantherina
in reply to const_void • • •I want a server haha.
And yes, atomic ftw.
Guenther_Amanita
in reply to const_void • • •Because containers (Distrobox, Flatpak, etc.) are bae.
You can read my post I made a while ago for more information: https://feddit.de/post/8234416
Once you "get" image based distros, you probably never want to go back. Traditional distros just feel... off now for me.
Containerisation is the biggest strength in Linux, we use it all the time on servers, so why not on the desktop?
Atomic OSs just make more sense for me, not only because of security/ bug/ whatever reasons, no, also because they feel simpler and are pretty convenient and robust.
const_void
in reply to Guenther_Amanita • • •d_k_bo
in reply to Pantherina • • •The solid foundation for IoT ecosystems
fedoraproject.orgPantherina
in reply to d_k_bo • • •Omg yes thats true. Thanks!
But CoreOS is also using rpm-ostree, how are they different?
d_k_bo
in reply to Pantherina • • •Pantherina
in reply to d_k_bo • • •Yep, and thats all cloud-first I suppose. It sounds cool but you need to create an ignition file (which sounds very possible) but then you need to get that to a server that doesnt yet have a user account.
I dont understand anything of that. I dont think mounting a drive with that file is possible everywhere, and how do you setup LUKS?
Just no. I see if IOT is actually atomic but normal.
Like, just use a cli installer that can load a file to automate it. Or have a backup user password. There is an issue that addressed this, its old and closed, yeah.
bastion
in reply to d_k_bo • • •myersguy
in reply to Pantherina • • •Pantherina
in reply to myersguy • • •Automatic updates are overcomplex and not even preinstalled. Install a package, change some configs, so some more.
I dealt with it and its annoying.
And there is a lot more that is completely manual with no good default presets
Appoxo
in reply to Pantherina • • •run as superuser script.sh
apt get updates
apt get upgrade -y
???
profit?
Pantherina
in reply to Appoxo • • •apt-get
andapt
? Also on regular updates there are sometimes package conflicts that need manual configuration. Maybe-y
deals with some.FalseMyrmidon
in reply to Pantherina • • •bastion
in reply to Pantherina • • •What monstrosity are you running and calling Debian that there are package conflicts on regular updates?
..or, are you talking early-2000's Linux, where SuSe was the only consistent distro and package management hadn't really been fully sorted out?
Pantherina
in reply to bastion • • •ByteWizard
in reply to Pantherina • • •Pantherina
in reply to ByteWizard • • •Its overcomplex. For sure I could get used to it and maybe this is the way to go.
But you could wrap this tedious process in a function.
Fedora has a distro upgrade command (that totally sucks but okay) since many years, while on Debian I needed to follow some random Guide to get on the hyped Debian 12.
ShortN0te
in reply to Pantherina • • •And sorry but if you have trouble updating your system then replacing the source.list file and then updating your system again, you should reconsider running a server yourself, imho.
Pantherina
in reply to ShortN0te • • •I was looking for such a guide but could not find it back then.
I followed this guide
Which may be overcomplex but it is complete and lots of things where not intuitive at all.
As I said, you could easily automate this step, instead of making it that manual. Or course I can do that, but why need to, if a
sudo apt distro-upgrade
would do it?Anleitung - Update von Debian 11 Bullseye auf 12 Bookworm
Dennis SchröderShortN0te
in reply to Pantherina • • •https://wiki.debian.org/DebianUpgrade
Because those steps need manual review. Things change, packages get removed, packages get upgraded, config files need to get manual reviewed and merged etc.
On a simple System without much configuration that stuff does not matter, but when you use different package repositories and backports you need to be careful. I am not sure how introducing a new command does solve those complex issues. Imo only the system admin can decide what the best steps are.
DebianUpgrade - Debian Wiki
wiki.debian.orgPantherina
in reply to ShortN0te • • •ByteWizard
in reply to Pantherina • • •Guenther_Amanita
in reply to Pantherina • • •I made a similar post a few weeks ago.
I will try uBlue core and give you all a small update about it.
I feel similar about Debian. It's a good distro for sure and I don't have any issues with it for server use, but somehow, I still don't like it somehow. RPM-/ OSTree based distros are more my taste, and I don't even know why.
Pantherina
in reply to Guenther_Amanita • • •I am completely confused about ublue currently, (okay all they did is remove the image list, its the same on Github)
Debian is old and crusty with all its tooling. Apt sucks, automatic updates are strange, there are no snapshots afaik, it uses ext4, its like Fedora was 10 years ago
lemmyvore
in reply to Pantherina • • •People who use Debian servers typically just install Docker on a basic system and then use containers. Which is exactly the same concept that you describe.
What's the filesystem of the server got to do with anything? You can take snapshots in half a dozen different ways, everybody uses the method they're comfortable with.
Handles
in reply to lemmyvore • • •Anders Rytter Hansen
in reply to Pantherina • •i use fedora kinoite and yeah it's really awesome! new packages and a safe system.
I wanted to use Fedora CoreOS on my server but no providers offer it so I ended up installing AlmaLinux instead. But yeah the ignition file setup is really painful. tried in a vm but never managed to get everything i wanted. i'm gonna stick with enterprise linux until they make it easier, i think
Selfhosted reshared this.
Pantherina
in reply to Anders Rytter Hansen • • •I tried IOT too and it the bootloader didnt install.
Then I just installed Atomic Sway (because not that much bloat), and before logging in rebased to secureblue server-main-userns-hardened. It worked but I have no DNS? Damn...
Anders Rytter Hansen
in reply to Pantherina • •Selfhosted reshared this.
Pantherina
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
Anders Rytter Hansen
in reply to Pantherina • •I see. At least systemd-resolved needs to be running and /etc/resolv.conf needs to be 127.0.0.1
Selfhosted reshared this.
Pantherina
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
Anders Rytter Hansen
in reply to Pantherina • •Awesome! Great to hear that it works :)
@Selfhosted
Selfhosted reshared this.