How Our Server Got It's Groove Back | LINUX Unplugged 524

Can we build an indestructible server that stands up to the test of giving out root login to the Internet?

Can we build an indestructible server that stands up to the test of giving out root login to the Internet?

Sponsored By:

Tailscale: Tailscale is a Zero config VPN. It installs on any device in minutes, manages firewall rules for you, and works from anywhere. Get 20 devices for free for a personal account. Linode Cloud Hosting: A special offer for all Linux Unplugged Podcast listeners and new Linode customers, visit linode.com/unplugged, and receive $100 towards your new account. Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn’t trusted and secure, it can’t log into your cloud apps.

Support LINUX Unplugged

Links:

🎉 Alby — Boost into the show, first grab Alby, top it off, and then head over to the Podcast Index.⚡️ LINUX Unplugged on the Podcastindex.org — You can boost from the web. Once Alby is topped off, visit our page on the Podcast Index.Spokane Linux Love, Sat, Sep 16, 2023, 1:00 PM | Meetup — It's finally happening! Let's get together at Iron Goat Brewing.Best laptops for NixOS - Help - NixOS DiscourseMobile NixOSDevices List — Mobile NixOSIron Goat BrewingLinuxFest Northwest 2023 Sponsorship Prospectus — LinuxFest Northwest 2023 will be held October 20-22, 2023 at Bellingham Technical College. The Fest is a free and open community event dedicated to provide and support educational activities related to Linux and Open Source Software.NixOS friendly hosters - NixOS WikiInstall and Configure NixOS on a Linode | Linode DocsStar-History — We know, you can't fully trust a project's GitHub stars alone. It is, however, a good way to determine if a tool is an adequate one and if it's likely to grow, if you use it correctly.disko — NixOS is a Linux distribution where everything is described as code, with one exception: during installation, the disk partitioning and formatting are manual steps. disko aims to correct this sad 🤡 omission.nixos-anywhere — You can then initiate an unattended installation with a single CLI command. Since nixos-anywhere can access the new machine using SSH, it's ideal for remote installations.Immutable infrastructure for mutable systems — I erase my systems at every boot.NixOS Series 4: "Stateless" Operating System — Here's the question: is it really necessary to store the contents of /etc on the disk drive? They're going to be regenerated on each reboot or config switch anyway.NixOS ❄: tmpfs as root — One fairly unique property of NixOS is the ability to boot with only /boot and /nix. Nothing else is actually required. This supports doing all sorts of weird things with your root file system.Nixos and Erasing My DarlingsImpermanence - NixOS Wiki — Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs /boot and /nix in order to boot, all other system files are simply links to files in /nix. /boot and /nix still need to be stored on a hard drive or SSD.impermanence: Modules to help you handle persistent state on systems with ephemeral root storage [maintainer=@talyz]Example ZFS + tmpfs root configurationNixOS on Btrfs+tmpfsA plan to stabilize the new CLI and Flakes incrementally — Ever since the closing of RFC 49, we've had the new CLI and Flakes marked as experimental, with no clear plan forward.project StratisBackups - Perfect Media ServerPodverse GitHub — Podverse has a bounty out for Android Auto.Jay Sam Bee in Philadelphia NixOS Bounty — Jay has a bounty for getting Wallabag on NixOS.Self-Hosted 102: NixOS is a bit Flakeycompletenoobs.comOpenStreetMap.org — OpenStreetMap is a map of the world, created by people like you and free to use under an open license.OSMand.netOSM is an extensible editor for ​OpenStreetMapOSM is an extensible editor for ​OpenStreetMapStreet­Complete — Help to improve the OpenStreetMap with StreetComplete!nixpkg.py