Proxmox has no desktop by default. You can install it, add a desktop environment, but it will be less hassle to just use Debian as the desktop and install proxmox on top of that.

Ultimately, it’s all Linux or Unix. You can install qemu/KVM and libvirt on just about anything.

You can pretty much just pick your distribution and then add KVM on top of that, it will get you a long way before you need to use anything with more features.

A lot of people like to keep their hypervisor separate from their daily driver, but you can totally just fire up VMs and containers on your dd if that works for you.

Proxmox

• based on KVM
• relatively easy to install
• big community and lots of how-to guides
• well-documented hardware pass through
• minimal install (no cups, no extraneous software)

Notes from the last release mentions that the docker repo is unmaintained.

Really great article.

I was a bit critical of your last post on kernel init stuff, but this one is well laid out and gets quickly to the material at hand: all applications make the same system calls.

Keep it up, I’m going to follow this.

Ohhhhh, I’d forgotten about this. Good one.

I’m agreeing with you. Is there something unclear in my comment?

deleted by creator

I agree, personally.

And the absence of as many formal modding tools is, I believe, a reflection that many other Linux gamers think this as well.

Incus and ansible

Unbound is just an alternative to bind. Pihole does not handle full-fledged DNS functions like zone transfers and start of authority records.

Fascinating. How does this help op?

You’re talking about modding in general, which is pretty similar in Linux to windows, besides some obligatory learning about Wine/Proton contexts. Hint: just use protontricks and install your windows mods that way.

But what you are actually asking is “why hasn’t someone else made a nice, easy tool for modding like I had on windows?”

And the answer to that is:

No one is stopping you from making it.

Welcome to Linux. You wanted freedom, you got it.

It unfortunately means that if you misconfigure a key then your packets get silently ignored by the other party

After ipsec troubleshooting phase 1 & 2, WG is still a blessing.

No worries. But you’re talking about zone transfers?

What do you mean by “recognition”?

We would need more info to help confirm, but watching ids traffic will show you lots of misconfigurations as well as actually suspicious traffic, so this might be a POS device doing stupid stuff.

Is suricata listening on an internal subnet interface? If you are listening on a public interface, your job sorting through the trash traffic will be difficult because determining source is nearly pointless and your external interface should not know anything about the internal subnet.

I think wallabag is the self-hosted go-to for this, but I’m not sure of the extensions for it.

I used to use pocket because it allowed me to sync to my Kobo reader. Kobo have struck a deal with Instapaper and it works in a similar way.

The official instapaper plugin doesn’t do what In My Pocket does, unfortunately.

My LDAP PTSD is coming back…

I’ll make the following LDAP assumptions:

• LDAP directory is configured and available
• LDAP uri is configured and a lookup on system level is working and returns the correct POSIX uid/gid with LDAP query
• no POSIX conflicts on the client (no object in passwd has uid/uid 11004) I can assume this because the fail over is root
• LDAP search base is configured and returns expected POSIX values

And I’ll make the following postgres assumptions:

• pg_hba.conf is configured for LDAP server address, port, and search base
• postgres can instantiate and connect to its dbs using LDAP with ldap

Finally, I’ll assume that your nfsv4 mount is active and that POSIX operations work at Pam - level tests.

The line

group:      files [SUCCESS=merge] sss [SUCCESS=merge] systemd

Seems weird to me; either you add success clause to both uid and gid, or none, but not one and not the other.

This would also hint that Pam has not been updated to use LDAP.

That’s where I’d start.

Side note: LDAP is by default unencrypted on the wire, so to complete this exercise, you may want to setup secrecy on the server. This is especially important for db creds.

Yes. Proxmox isn’t doing anything magic another Linux machine (or windows for that matter ) can’t do. A router, for instance, is a good example of this.

Sorry, that was presumptuous of me. ‘TCP stack’ just means each container can have its own IP and services. Each docker, and in fact each Linux host can have as many interfaces as you like.

I imagine you would get a conflict when you try to go to 192.168.1.2:8000 or even localhost:8000.

You’re free to run a service on port 8000 on one IP and still run the same port 8000 on another ip on the same subnet. However, two services can’t listen on the port at the same ip address.