Windows sandbox is easy.

A gaming focused distro will do everything else well too, so thats probably why.

If Linux is going to be usable by the average person on windows it needs to do something better than booting to a CLI and making the user figure out how to manually downgrade a package.

Sorta, but you run one command to update everything at once, and even though the system knows what GPU you have it still seems to update the driver to one thats not compatible, instead of holding that update back.

Also if it didn’t warn the user when updating, the user had no idea they were pulling any trigger, especially when Linux falls back to CLI after this instead of just falling back to a basic driver.

Surely there’s a way to keep the older driver on Linux, its absurdly easy on Windows.

Windows doesnt drop to CLI and break if the graphics driver is missing. But also GPU driver updates are not forced on you just by updating the system.

It makes me wonder why the package still auto updates if it detects you’re using the driver that would be removed, surely it could do some checks first?

Would be vastly preferable to it just breaking the system.

Windows doesn’t force update your driver and remove support though, and even if it did it won’t drop you to some CLI, it will still work.

Gotcha, that does make it significantly more difficult to block outgoing connections from some new executable, as most are likely to use port 443 like everything else does.

I’ll have to research some more, I have Fedora on my laptop and it would be nice to have a comparable firewall.

Does the firewall on Linux work like Windows where you allow/block by process or executable name? Because that will stop malware or apps connecting to places you don’t like.

Probably worth storing the key in another place as well, like keepass on your phone or just print it out on paper and store it.

Its just ok, winget is much better.

Chocolatey can’t update apps that were installed manually or via other methods, only ones installed using chocolatey.

Its also quite slow a lot of the time, and stores files in weird places for some apps.

I wouldn’t be exposing any management consoles to the internet either way, too much risk with something that has docker socket access.

Komodo is the best portainer alt I’ve found, I read through the Arcane info but it doesnt seem as good. Komodos editor also works great.

My favorite is ‘fast and lightweight’ followed by ‘RAM required >500MB’ for a some kind of basic server.

If you want automatic updates over major versions most images will have the :latest tag for that.

It doesnt actually bypass the firewall.

When you tell docker to expose a port on 0.0.0.0 its just doing what you ask of it.

It feels like Bazzite tells you a million times over that you absolutely should not layer packages, it scared me off for sure since I’m new to immutable systems and don’t really know how they work fully.

Depends what protocols you need?

If you use SMB install the Samba server package. If you use WebDAV install a WebDAV server like SFTPGo, etc…

If you want a google drive like replacement there’s Nextcloud, Owncloud, Seafile, and others.

For the drives themselves you can have traditional RAID with MD, or ZFS for more reliability and neat features, or go with MergerFS + SnapRAID, or just directly mount the disks and store files on some and backup to the others with Restic or something.

Lots of options!

Very very few existing phones allow bootloader unlocking and using your own keys, its why GrapheneOS only works on Google Pixel devices.

I imagine at some point even Pixels will stop allowing that.