A lot of that’s still available in AOSP. The devices they actually sell just load a heap of commercial crap on top of that.

Oh good tip!

That’s a pretty righteous set up OP.

Lol not me. I’m not the author. Just saw the article and thought it was an interesting conversation starter.

or a recipe for an insecure mess that could become difficult to maintain

The concept, or the specific setup the author of that article has? If you mean the latter, I’m not going to argue. But the concept? It shouldn’t have any effect either way on security, but the whole advantage of it is that it’s less of a mess. The same way that running a whole bunch of services on bare metal can quickly become a mess compared to VMs or Docker/LX containers, declared state helps give a single source of truth for what all the services you might be running are. It lets you make changes in repeatable and clearly documented ways, so you can never be left wondering “how did I do that before?” if you need to do it again.

If everything you run is a Docker container, there’s a good chance Terraform is overkill; a Kubernetes config will probably do the job. But depending on your setup there are a whole bunch of different tools that might be useful.

What’s your preferred approach to defined state in your home servers?

It’s funny cos when I was young I recall it being called (at least sometimes) ADD. So the H has been added (or made mandatory in the name) at a time when we’re realising that hyperactivity is not a necessary symptom.

Oh, I used HA to mean high availability. I was not aware people also abbreviated Home Assistant.

Sorry for the late reply. I’m just disorganised and have way too many unread notifications.

LXC containers sound really interesting, especially on a machine that’s hosting a lot of services. But how available are they? One advantage of Docker is its ubiquity, with a lot of useful tools already built as Docker images. Does LXC have a similarly broad supply of images? Or else is it easy to create one yourself?

Re VM vs LXC, have I got this right? You generally use VMs only for things that are intermittently spun up, rather than services you keep running all the time, with a couple of exceptions like HomeAssistant? What’s the reason they’re an exception?

Possibly related: your examples are all that VMs get access to the discrete GPU, containers use the integrated GPU. Is there a particular reason for that distribution?

I’m really curious about the cluster thing too. How simple is that? Is it something where you could start out just using an old spare laptop, then later add a dedicated server and have it transparently expand the power of your server? Or is the advantage just around HA? Or something else?

Sorry for the late reply. I’m just disorganised and have way too many unread notifications.

LXC containers sound really interesting, especially on a machine that’s hosting a lot of services. But how available are they? One advantage of Docker is its ubiquity, with a lot of useful tools already built as Docker images. Does LXC have a similarly broad supply of images? Or another easy way to run things?

and MacOS

Oh that’s interesting. I wonder why they do it that way, considering macOS is a Unix OS.

Yeah I’m interested in how that works too.

I’ve recently been looking at the Nextcloud “all in one” Docker image. It works by mounting the docker.sock file into the master container, which allows that container to stand up a whole bunch of other containers on your machine.

How would that work on Windows, if the Docker socket isn’t a file handle?

That might be part of it, but I was thinking it was more how things we don’t think of as files, like sockets, are accessed with a file descriptor.

Oh yeah, the “run headless” tip too was great! I would never have used a desktop environment, and would in effect have been using it headless. But had you and others not specifically suggested running it as headless it would probably not have occurred to me that that’s a setting change I’d need to make while installing it.

Absolutely!

Tux’s right eye being occluded by the guy’s black hair, and his left eye being partly shaded into a more angular shape makes it look like he’s giving an evil smirk.

Thanks! I genuinely wasn’t sure how much RAM would be necessary, and would have probably seriously considered 8 GB enough if I hadn’t gotten the feedback.

I’ve no comments on RISC-V, but I agree that a move towards ARM in the Windows & Linux worlds would seem sensible. I would guess it hasn’t happened for the same reason IPv6 hasn’t taken over. Too much momentum. Too many developers still working in an x86 world, too many legacy apps that won’t easily run on ARM, too many hardware manufacturers each making the individual choice to keep making the current-popular option. Apple could transition because they’re the single gatekeeper. They make the decision, and everybody else who wants to use a Mac has to follow along. I’m going to guess that the control they have over the hardware and the software also means Rosetta 2 works a hell of a lot better than Microsoft’s Prism. (I can’t say for sure, having never used an ARM-based Windows machine or an ARM-based Mac.)

In terms of heat, what kind of room do you have it in? Somewhere with good natural airflow, or away in a closet somewhere?

I guess I have the same question for you as I did for curbstickle. What’s the advantage of doing things that way with VMs, vs running Docker containers? How does it end up working?

Interesting. I’ve never really played around with that style of VM-based server architecture before. I’ve always either used Docker (& Kubernetes) or ran things on bare metal.

If you’re willing to talk a bit more about how it works, advantages of it, etc., I’d love to hear. But I sincerely don’t want to put any pressure and won’t be at all offended if you don’t have the time or effort.