this post was submitted on 20 Nov 2023
136 points (77.9% liked)
Privacy
32013 readers
1163 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Podman is better, but believe my words, try nixos. It's like a docker-compose file, but for a system, this is really something groundbreaking
You specify all the system and services passwords, usernames, all the stuff, your wallpapers, directories, keys, everything
And all basic configurations are already unified, so to enable some service you just need to add a line in your main config like
services.nginx.enable = true;
and it just works with all the bells and whistles (kind off, you can add much more. Even more than in containers)The services are usually not sandboxes, but you can sandbox them, can even run the same containers
Sorry if you're really not into it, it just nixos feels like a whole new lvl after podman
edit: even like that, I manage all my machines as a fleet with nixos, all from one configuration So I can basically press a button and change all the usernames on all machines and everything will continue working
Instead of adding each machine separately to a vpn, I just press a button and it deploys all the machines with wireguard and connects them all
No nix is super cool! I really like the idea that guix and nix in having that system as code from build to deployment. I am not sure yet on how I feel about it for fleet/cluster deployments, k8s schedulers, network patterns like service meshes, ETCD, and operating on labels and cluster state are all super powerful.
I have looked too into using nix to make OCI containers and OCI containers to make flatpaks as well. All where they make sense of course.