Servers are a different story but for Desktop, OpenSUSE.

Because:

• It’s stable even on their rolling OS (Tumbleweed)
• Gaming works exceptionally well
• CUDA works with little effort
• RPM-based (personal preference)
• zypper is an excellent package manager and my experience has been better than that of yum/dnf
• Extensive native packages and 3rd party repos
• No covert advertising in the OS
• Minimal (no?) Telemetry
• Easy to bind to active directory
• it feels polished and well built
• I do not have to mess with it to make it work

Part of my transition from Windows to Linux was that basic tasks like installing software or even the OS itself shouldn’t be a high effort endeavour. I should be able to point to a package file or run a package manager and be able to go about my day without running “make” and working my way through dependency hell.

I say this as a Linux user of all different flavours for well over 15 years who has a deep love for what it brings to the table. If we want it to be common place with non-IT folks, it needs to work and it needs to be simple to use.

Because prospective customers get shy when the browser says that your site is “insecure”

Because it factually is insecure. It is not encrypted and trivial to inspect.

Because it makes for better google ranking.

No, in this day and age it is permission to play. Firefox has a built in feature to only load HTTPS sites, which I have enabled. This has nothing to do with Google. Your issue is with expensive CAs, to which there is a free solution (Let’s Encrypt). Not HTTPS itself.

So there you go. Mob hype and googlian dictatorship.

Incorrect. It is a matter of safety and security and a trivial thing to implement. You are free to not use HTTPS if you want, just as people are free to not consume your service if you don’t.

Calling it a “dictatorship” is hyperbole and demonstrates that you clearly have no idea what you’re talking about and won’t listen to people that do.

Some do. It depends on the type of certificate. Thankfully now we have LetsEncrypt so that there is a free alternative to the big CAs.

To answer your initial question - yes it is necessary. Without HTTPS or encryption in general, anybody who can intercept your connection can see everything you’re doing.

A real world example of this is let’s say you’re connected to a WiFi network that has no password and are browsing a plain HTTP site. Open wifi networks are unencrypted, as is HTTP.

I can sit across the road in a vehicle, unseen, on a laptop and sniff the traffic to view what you’re doing. If you log into your bank, I now have your credentials and can do what I like, and you don’t even know.

This is why we need encryption. It is an (almost) guarantee that your traffic is only viewable to yourself and the other end of whatever you’re connecting to and not anyone in the middle.

Edit: for Anyone downvoting OP remember this is nostupidquestions. Take the time to educate if you know better but don’t downvote “stupid” questions lol.

Nothing manual required, you can federate with any other instance as long as you’re not on their ban list.

You basically use your instance’s search to search for a community on the remote instance, then your instance requests the top (5?) posts from the community on the remote instance. Once a user subscribes, all new posts going forward will be sent to your server via the federation.

At least I think that’s how it works, haha.

Same here! My background is in systems architecture, so I love this stuff.

Though I run mine on my own “private cloud”. Even though it sounds like an amateur operation I’ve got the proper safety nets in place (backups, redundant power, firewalls, etc). A lot of instances are public cloud which is cool and I have nothing against that, I just wanted to do something a little different.

I have no idea how to get people to join but I hope to have some friends in here some day :D

OP is such a community MVP fr

Also I require cat pics too plzzzzzz

Jumping on the OpenSUSE bandwagon. I use it daily, have been running the same install of Tumbleweed for years without issue. I’m using KDE Plasma which it let’s you choose as part of the installation which fulfils that requirement for you as well.

If you’re familiar with Redhat you’ll feel at home on it. Zypper is the package manager instead of yum/dnf and works really well (particularly when coping with dependency issues.

I’ve worked with heaps of distros over the years (Ubuntu, Debian, Fedora, RHEL, old school Red Hat, CentOS, Rocky, Oracle, even a bit of Alpine and some BSD variants) and OpenSUSE is definitely my favourite for a workstation.

Not a distro but maybe Plasma Bigscreen is in the ballpark of what you’re after?

Authelia is popular, as is Keycloak. I believe Red Hat develops Keycloak or at least has a hand in it.

I’m on this journey as well, figuring out what I’m going to use. Currently most of my services just use LDAP back to AD but I’m looking to do something more modern like SAML, oAuth or OpenID Connect so that I can simplify the number of MFA tokens I have.

Just as an anecdote you may find useful - Personally I used to run an Active Directory for Windows and FreeIPA for my Linux machines and have managed to simplify this to just AD. Linux machines can be joined, you can still use sudo and all the other good stuff while only having one source of truth for identity.

I don’t know if this helps anyone but here are some crisis resources:

🇺🇸 United States 🇺🇸

Emergency: 911
National Eating Disorders Association: https://www.nationaleatingdisorders.org/help-support/contact-helpline
National Domestic Violence Hotline: 1- 800-799-7233
National Suicide Prevention Lifeline: 1-800-273-TALK (8255); www.suicidepreventionlifeline.org
Suicide Prevention, Awareness, and Support: www.suicide.org
Lifeline Crisis Chat: https://www.contact-usa.org/chat.html
Crisis Text Line: Text REASON to 741741 (free, confidential and 24/7)
Self-Harm Hotline: 1-800-DONT CUT (1-800-366-8288)
Family Violence Helpline: 1-800-996-6228
Planned Parenthood Hotline: 1-800-230-PLAN (7526)
American Association of Poison Control Centers: 1-800-222-1222
National Council on Alcoholism & Drug Dependency: 1-800-622-2255
GLBT Hotline: 1-888-843-4564
The Trevor Project: 1-866-488-7386 or text “START” to 678678. Standard text messaging rates apply. Available 24/7/365. (Provides crisis intervention and suicide prevention services to lesbian, gay, bisexual, transgender, queer & questioning—LGBTQ—young people under 25.)
Veterans Crisis Line: https://www.veteranscrisisline.net/
International Suicide Prevention Directory: http://suicideprevention.wikia.com/wiki/International_Suicide_Prevention_Directory

🇨🇦 Canada 🇨🇦

Emergency: 911
Hotline: 1-888-353-2273
YourLifeCounts.org: http://www.yourlifecounts.org/need-help/crisis-lines

🇬🇧 UK & Republic of Ireland 🇮🇪

Emergency: 112 or 999
Hotline: +44 (0) 8457 90 90 90 (UK – local rate)
Hotline: +44 (0) 8457 90 91 92 (UK minicom)
Hotline: 1850 60 90 90 (ROI – local rate)
Hotline: 1850 60 90 91 (ROI minicom)
YourLifeCounts.org: http://www.yourlifecounts.org/need-help/crisis-lines

🇦🇺 Australia 🇦🇺

Emergency: 000
Lifeline.org: https://www.lifeline.org.au/Get-Help/Online-Services/crisis-chat
LifeLine Australia: 1-300-13-11-14
YourLifeCounts.org: http://www.yourlifecounts.org/need-help/crisis-lines

🇳🇿 New Zealand 🇳🇿

Emergency: 111
Lifeline 24/7 Helpline: 0800 543 354
Suicide Crisis Helpline: 0508 828 865 (0508 TAUTOKO)
YourLifeCounts.org: http://www.yourlifecounts.org/need-help/crisis-lines

Zabbix can do everything you’re asking and can be connected to Grafana if you want custom visualisations. Most importantly, it contextualises what you need to know on the dashboard, as in it only tells you about things that require your attention.

You’re of course able to dive into the data and look at raw values or graphs if you wish, and can build custom dashboards too.

I’ve used it in both home lab and production scenarios monitoring small to mid size private clouds, including windows and linux hosts, docker, backups, SAN arrays, switches, VMware vSphere, firewalls, the lot. It’s extremely powerful and not terribly manual to set up.

If metrics is all you want and aren’t too fussed on the proactive monitoring focus, Netdata is a great option for getting up and running quickly.

Thanks everyone! I think what I’ll end up doing here is posting the guide directly into lemmy as a condensed version of the full article, then link to the article which will have screenshots and more background.

Incredible shots dude, well done!

I think that’s what got me too, I was expecting sci-fi and whilst I technically got it, I also got traumatised in the process lol. Credit where it’s due, it’s a fantastic movie because of the horrors I never imagined possible, but I watched it once more as an adult and that’s enough for me

I came here just to say this but wasn’t expecting to see it at the top of the thread, I’d seen scary movies before but holy hell this one chilled me to my core and even as an adult I still squinted when I watched it

Can’t argue with you there :P but I guess what I mean is from a service standpoint, Gmail is mail, ISPs provide internet.

For me personally, Google is not my friend and I run my own mail server on my own domain and have for years. It’s quite involved though if you want good deliverability.

I think Proton is probably the happiest medium between privacy-respecting and all-out DIY mail server. Though I’m sure there are many others too :)

Well it’s just an example of course 😂 but to be fair, mail is the core business of Gmail.

Mail is a value-add for ISPs. You could argue any mail provider could up and change things and the only true way to get around that is hosting your own mail server, but I was trying to be semi-realistic.

Whilst I agree and sympathise with people on how difficult it is to change your primary email address (been there), the outcome will be better for them. They are no longer wedded to an ISP purely because all their mail goes there.

To liken it to something more tangible; when you move house, you need to change your mailing address. For renters, that can be often and is just as painful. Or when your phone number changes and you have to update your contacts. The difference here is who is pulling the trigger; the end user vs the provider.

Gmail is a great option, as is Proton Mail for the security conscious and tech savvy.

This isn’t to excuse the ISPs; it’s a shitty move on their part and the people using these mail accounts will likely be older technically challenged folks, but it is a logical one from a technical perspective. They may have also inadvertently taken the only thing away that’s creating stickiness between them and their customer and driven them into the arms of another ISP.

This dude kernel panics

Not that I’m advocating for Apple’s inexcusable behaviour, but as someone who’s worked in IT managing fleets of hundreds of Thinkpads (among others like Apple, Dell, Acer, HP), respectfully, they are far less reliable and durable than a MacBook. The only devices I had with higher failure rates than ThinkPads were Acer laptops.

They are certainly more repairable, but so are others like Dell and HP. Lenovo were one of the earlier manufacturers to pull some anti-repair moves such as soldering memory to the mainboard (on the Yoga models).

I think your statement is far more accurate in the days when IBM owned the ThinkPad brand, but unfortunately Lenovo have run it into the ground as far as quality goes.

All that said, I certainly hope we see more projects like Framework so that these big manufacturers can get some sort of reality check.