Do you run an image-based Server?

submitted 2024-03-03T17:41:40Z by Pantherina edited 2024-03-03T17:41:40Z

I use Fedora Kinoite daily and find it to be the only OS to make sense really.

I find Fedora CoreOS totally confusing (with that ignition file, no anaconda, no user password by default, like how would I set this up anywhere I dont have filesystem access to?)

But there are alternatives. I would like to build my own hardened Fedora server image that can be deployed anywhere (i.e. any PC to turn into a secure and easy out-of-the-box server).

As modern server often uses containers anyways, I think an atomic server only makes sense, as damn Debian is just a pain to use.

Experiences, recommendations?

Hot Top New

Justin

NixOS works really well as an image based server. Use nixos-generate to create a pre-configured image and put it on a flash drive/PXE share, and you're good to go. Automatic updates are a bit confusing and not really documented, but doable. I have code examples.

Pantherina [OP]

I would be interested in automatic updates on NixOS!

Justin

This wiki page has an example on how to do automatic updates on a normal install of nixos:

https://nixos.wiki/wiki/Automatic_system_upgrades

But this won't work for nixos-generate because nixos-generate doesn't have a configuration.nix file in the booted system.

Here is the code I use for my nixos-generate flake that I use to generate all of the nixos images in my homelab:

https://codeberg.org/jlh/h5b/src/commit/763a873c5bb7a4706ad021ea5ac3634b4efeadce/nodes/common.nix#L113

The way this works is that it includes the flake source code as a folder in the nix store on the booted system, and the nixos-upgrade timer will then use the flake to build an updated version of itself. Note that nixos-generate uses the packages output of the flake, while nixos-upgrade uses the nixosConfigurations output of the flake. I have written the flake so that they build identical systems, but it means there's some code that I had to write twice in flake.nix.

Feel free to try it out yourself, though note that you will probably have to rip out the agenix stuff to get it to build.

Nixos isnt really that user friendly yet, but insanely powerful once you understand how it works. Feel free to ask questions if anything seems confusing.

myersguy

What makes Debian a pain to use on servers?

Pantherina [OP]

Automatic updates are overcomplex and not even preinstalled. Install a package, change some configs, so some more.

I dealt with it and its annoying.

And there is a lot more that is completely manual with no good default presets

-6

Appoxo

cron
run as superuser script.sh apt get updates
apt get upgrade -y
??? profit?

Pantherina [OP]

Why is there apt-get and apt? Also on regular updates there are sometimes package conflicts that need manual configuration. Maybe -y deals with some.

bastion

What monstrosity are you running and calling Debian that there are package conflicts on regular updates?

..or, are you talking early-2000's Linux, where SuSe was the only consistent distro and package management hadn't really been fully sorted out?

Pantherina [OP]

Probably I got none, just this "do you want to use the maintainers version" which is always a bit confusing. VirtualBox also gave issues but just dont use that crap.

d_k_bo

You can use Fedora IoT which is essentially rpm-ostree based Fedora Server. It would be less confusing if it was just named Fedora Atomic Server.

Pantherina [OP] , edited

Omg yes thats true. Thanks!

But CoreOS is also using rpm-ostree, how are they different?

d_k_bo

I didn't try CoreOS as I didn't even get how to set it up. As I understand it, it uses a completely different workflow for administering the system compared to regular distros.

Pantherina [OP]

Yep, and thats all cloud-first I suppose. It sounds cool but you need to create an ignition file (which sounds very possible) but then you need to get that to a server that doesnt yet have a user account.

I dont understand anything of that. I dont think mounting a drive with that file is possible everywhere, and how do you setup LUKS?

Just no. I see if IOT is actually atomic but normal.

Like, just use a cli installer that can load a file to automate it. Or have a backup user password. There is an issue that addressed this, its old and closed, yeah.

bastion

This new distribution of Fedora is FAT!

const_void

the only OS to make sense really

How does it make more sense than Fedora KDE?

Pantherina [OP]

I want a server haha.

And yes, atomic ftw.

Create post

Join

About community

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules: 1) Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon. 2) No spam posting. 3) Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

4) Don't duplicate the full text of your blog or github here. Just post the link for folks to click. 5) Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda). 6) No trolling.

Resources:
* awesome-selfhosted software * awesome-sysadmin resources * Self-Hosted Podcast from Jupiter Broadcasting

Do you run an image-based Server?

16 Comments