The question that I have to ask: what category of CLI apps (or even some examples) exist that are too complex to maintain a few versions simultaneously as native packages but are not complex enough to just use an OCI container for them instead?
We are well beyond the point of a majority of common hardware having built-in kernel drivers and userland software for extra stuff like RGB control that the best advice is rather avoiding Linux, to instead avoid the trash hardware (NVidia for the time being, GoXLR, Broadcom, etc.). My GPU, audio hardware, network interfaces are both popular products and have worked out of the box for years now.
2-2-1 still insinuates having a remote backup. I don’t see how this particular threat destroys a 2-2-1 setup.
If that is the case, the developer should have likely noted otherwise before closing the issue as the final piece of discussion. That is good to know that your experience hasn’t dropped the OS into base Windows 11. If as you say is true, the developer should also really spend some time cleaning up the README and clarify that base Tiny11 can actually be updated in-OS. I will still test in a VM later today to confirm that Tiny11 doesn’t actually erode or degrade on update for myself.
From the Github README:
Also, for the very first time, introducing tiny11 core builder! A more powerful script, designed for a quick and dirty development testbed. Just the bare minimun, none of the fluff. This script generates a significantly reduced Windows 11 image. However, it’s not suitable for regular use due to its lack of serviceability - you can’t add languages, updates, or features post-creation. tiny11 Core is not a full Windows 11 substitute but a rapid testing or development tool, potentially useful for VM environments.
It literally says that it cannot be updated from a built OS install. You need to reinstall tiny11 by rebuilding the install image with a newer Windows 11 base image. Obviously it would be best to do this every time there is a security patch release for Windows 11.
EDIT: Rereading further, the bigger Tiny11 image might be able to be updated in-OS. I’m going to dig through the ps1 scripts to see if the README holds up to that un-noted capability.
EDIT2: I don’t see any registry edits that knock Windows Updater offline. I’ll test it in a VM to see if things work (from prebuilt when it eventually downloads). Though I am unsure at this moment if such an image’s changes will survive a Windows update at all.
EDIT3: VM not tested yet, but an issue on the GitHub seems to corroborate my initial assumption.
EDIT4: VM tested. Things claimed to be patched out (Edge) came back with one of the cumulative updates applied shortly after install. Other cumulative updates are being blocked (error instantly on attempt to install after download) (perhaps unintentionally). Image downloaded claimed to be for 23H2, but Windows 11 22H2 was installed, seemingly with no way to actually upgrade. I think my point stands.
Do note that this system is liable to leave your computer vulnerable as it has no way to update itself from within the OS.
This image would be fine for booting short-term VMs as long as you periodically rebuild and reinstall it, but not ready for consumer use.
I have been utilizing BunkerWeb for some of my selfhost sites since it was bunkerized-nginx. It is indeed powerful and flexible, allowing multi-site proxying, hosting while allowing semi-flexible per-site security tweaks (some security options are forcibly global still, a limitation).
I use it on podman myself, and while it is generally great for having OWasp CRS, general traffic filtering targets and more built on top of nginx in a Docker container, the way Bunkerweb needs to be run hasn’t really remained stable between versions. Throughout several version upgrades, there have been be severe breaking changes that will require reading the setup documentation again to get the new version functional.
Could you elaborate on this? As someone who uses SystemD extensively on workstations and servers for spawning and managing both system-level and user-level services, I do find minimal issues overall with SystemD minus some certain functionalities such as socket spawning/respawning.
Of course some of default SystemD’s housekeeping services do suck and I replace them with others. I would like to see the ability to just remove those services outright from my systems as separate packages since they do remain useless, but it isn’t that big of an issue.
The desired alternative is not Matrix simply because privacy-conscious, open-source ecosystem vs. proprietary solution is not the goal. Matrix would still generally be terrible for support. What people want is publicly searchable content that is ideally indexed like a wiki. Many will happily settle for issue boards or even forums though. Discord has pathetic search capabilities in comparison to any search engine and has no way to properly and publicly backup information that is posted to the platform. With a website of any kind, one could clone the site for mirroring or simply get a web archive service to crawl relevant sections.
Just took a couple minutes to install and setup the fork to try it out. Turns out there is a flatpak on Flathub under the id dog.unix.cantata.Cantata that looks to be maintained directly by nullobsi. I’ll have to see where rough edges show up, but this fork looks good thus far. A full port from Qt5 -> Qt6 isn’t a trivial amount of effort, so mad respect to everyone working on this ported version.