You can do some pretty cool things with WW SP, but I feel like working with it really makes me appreciate Linux and the Foss community so much more. WW always feels so proprietary.
You can do some pretty cool things with WW SP, but I feel like working with it really makes me appreciate Linux and the Foss community so much more. WW always feels so proprietary.
Fedora core os (FCOS) vms on XCP-NG with trueNas for persistent storage. With FCOS, vms configurations can stay version controlled and deployed using open Tofu (terraform) and butane/ignition.
One factor is that laptops need a little more design work to build out main boards and validate relative to a desktop, especially considering that you optimizing for power draw and that very little of the design is socketed. As a result a good chunk of the Linux laptop market uses OEM provided designs and then tailors their software around it. Last I heard system76 was working to bring that design work in house.
This is very much a choose your own adventure that depends on a number of factors such as the services you’re hosting, ease of access for other household members, your hosting setup, additional privacy concerns, ect.
Here a couple of resources for different methods:
Techno Tim’s overview, reverse proxy through cloudflare https://www.youtube.com/watch?v=Cs8yOmTJNYQ
Cloudflare proxy straight to the hosted service https://www.cloudflare.com/products/tunnel/
Create a peer to peer vpn sidestepping opening ports: https://tailscale.com/blog/how-tailscale-works/
Staying on top of updates is one of the most effective ways to keep your stuff secure and really should be done regardless of your setup. Updates have the downside of sometimes causing systems and applications to break. I think the question is what frequency do you want to update your applications.
I have been very happy with FCOS and really view it as building a declarative appliance. You can install it straight from an iso and configure it manually similar to Debian. But I really like the butane / ignition method for defining everything about it. Sort of like a more robust cloud init on the Debian side. I typically define this in a
terraformopenTofu project and then transpile it to my hypervisor as a vm so I can just keep fine tuning my config until I have it just right. I set weekly auto updates typically and for the most part rarely touch FCOS vms once they are working.