LINUX Unplugged - 573: Universal Blue Man Group
Episode Date: July 29, 2024Think Silverblue, but with cloud-native tooling used to build it. From Aurora to Bazzite, our impressions of the ambitious Universal Blue project.Sponsored By:Core Contributor Membership: Take $1 a mo...nth of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:💥 Gets Sats Quick and Easy with Strike📻 LINUX Unplugged on Fountain.FMUniversal Blue — The Universal Blue project builds a diverse set of continuously delivered operating system images using Fedora Atomic Desktop's support for OCI/Docker containers.Universal Blue Architecture DiagramAurora — Aurora is a clean and reliable desktop operating system for every type of user. Many batteries included.Bluefin — Bluefin is a custom image of Fedora Silverblue offering the best of both worlds: The reliability and ease of use of a Chromebook and the power of a GNOME desktop.Bazzite — The next generation of Linux Gaming for all of your devices - including your favorite handheld.uCore — An OCI base image of Fedora CoreOS with batteries included; a lightweight server image including most used services or the building blocks to host them.Bazzite Desktop Environment Tweaks - Bazzite - Docs - Universal BlueInstalling and Managing AppImages on Bazzite - Bazzite - Docs - Universal BlueUniversal Blue Contributing GuideJazz up your Bluefin command line with some bling! [YouTube]Jorge Castro on YouTubeMembership Summer Discount — Take $1 a month of your membership for a lifetime!zap.store — a permissionless app store.Asking AI To Make A Caveman Rock Song - Me Like Rockwinapps — Run Windows applications (including Microsoft 365 and Adobe Creative Cloud) on GNU/Linux with KDE, GNOME or XFCE, integrated seamlessly as if they were native to the OS.The Mooltipass Hardware Authenticator — A Simple Hardware Authenticatorptyxis — Ptyxis is a terminal for GNOME with first-class support for containers.Gearlever — Manage AppImages with ease 📦
Transcript
Discussion (0)
Hello, friends, and welcome back to your weekly Linux talk show.
My name is Chris.
My name is Wes.
And my name is Brent.
Hello, gentlemen.
Well, coming up on the show today, we're going to take a look at the Universal Blue family,
the cloud-native desktops from Aurora to Bazite that caught our attention,
and we wanted to give our impressions of this ambitious project.
And then later in the show, we have got some great boosts, fantastic picks, and a lot more.
So before we go any further, let's say time-appropriate greetings to our mumble room.
Hello, mumble room.
Hello, Chris. Hello, room hello hello hello and shout out
to all of you up there in quiet listening too nice to have you on board today and a big good
morning to our friends at tailscale tailscale.com slash unplugged go there to get it for free on 100
devices and three users not a limited time trial either. It's the plan I'm on.
You can build a simple, flat mesh network
powered by...
Waggow!
...across complex infrastructure.
And when I say that, I mean across your VPSs,
multiple VPSs, your homeland.
You can use it on mobile devices as well.
You can replace legacy VPN infrastructure
for an individual or for a business
and get started at tailscale.com slash unplugged. Think of Tailscale. Now, gentlemen, before we go into the
show, a question for the audience that we wanted to toss out there. We're going to talk about
immutable Linux again today, and we'd like to try to get a sense of your interest in the topic.
Have you tried immutable Linux and bounced off it?
And tell us maybe which distribution you tried or what system you tried out. Tell us a little
bit about that so we can kind of gauge where everybody is in the audience. You can boost
that in or you can go to linuxunplugged.com slash contact. We'd love to get your sentiment
on immutable Linux. All right. Universal Blue, which has
a diverse set of
maybe spins. I'm not sure if that's the right term
in this case, but...
Images. Images, basically.
That they say you can think Silverblue
but with a modern DevOps
for cloud native tooling used to build
it. So that means things like
continuous integration, GitHub actions,
whatnot, things that get defined in a container file.
And then under the tree, like Silverblue, there's RPMOS tree for some of the management there.
Yeah, and really these are all based on Fedora Atomic Desktop, like Silverblue and Kinoite as a base, with a whole bunch of love and attention to detail layered on top.
So the updates get delivered as images for like the big system.
They build those twice a week, I believe.
All the packages are incrementally updated in those images that match Fedora,
sort of like a snapshot.
The images, I think, are saved for 90 days.
I haven't used it for 90 days yet, so I'm not positive.
And then what RPM OS3 lets you do is layer packages on.
So it's immutable, but you can still install like a grub theme
or you can install things like traditional packages, and it will layer them on. So it's immutable, but you can still install like a grub theme or you can install
things like traditional packages and it will layer them on top. In some cases, you might have to
reboot, but there's other ways you can also switch live. And then as a user, you have Flatpak
included and Brew in these universal blue images. So you can install a lot of your applications just
using Flatpak or Brew, which is the recommended path, I think, for users. Yeah, you can kind of think of this as splitting up responsibilities in a way.
You have the Universal Blue project on top of all the work done by the Fedora project,
crafting, shipping, shaping the, you know, the core, the OS, that base layer that gets
versioned and thought of as a hermetic little image that stands on its own
and you move atomically.
And then you have extension points,
explicit extension points
for the user, like Flatpak
and Homebrew, that are not the same system.
Like in a traditional distro,
you have a Debian install.
Well, the people who put together that
release, they used
dpackage and apt to build it,
right? And they have all the granularity, they can control precise versions and which packages
and override and add on external repo, whatever. And then that's the same tooling that you use
as someone operating and administering the system. That gives you a lot of power and you can do ultimate, you know,
all the flexibility we know and love in traditional Linux systems. But it also means you're taking
responsibility for making sure you don't break any of the myriad relationships or promises between
all of those packages that are all mixing and living together. Compare that with something
like Homebrew, which is intentionally designed to run kind of like side-loaded on as a third-party package manager, or Flatpak that ships containerized applications. That's just,
those are very different ways of extending and using your system than installing an apt package.
And the two kind of do go nicely together. The downside is you end up as an end user
trying to do the math of, is this a brew package? Is this something I should flat pack? Or do I have to go RPM OS tree? Like an example where you might have to go RPM OS tree is sometimes
if you want to modify the look and feel of Plasma, you need to get some of that stuff installed at
like a lower layer into the system. But maybe for a web browser or a markdown editor, that's a
no-brainer flat pack for you. And so for me, like say I wanted YouTube DLP, I just brew installed that.
I don't really know exactly where I draw the line every time,
but it seems to me like I'm going command line apps,
I'm using brew for, GUI apps I'm using Flatpaks for.
And then, and I will try to put a link to it in the show notes
if I can remember, I also found an app that they include
or they recommend that you can use to run app images as well.
So if you wanted to throw app images into the pile, you actually can.
Otherwise, not natively supported.
And it is a bit to manage, but the positive side is that say I install YouTube DLP via Brew, that is in my user space, right?
That's totally separate from the rest of the system so if i rebase to say basite or i rebase to plasma or rebase to the
version uh my brew installed packages and flat packs remain they're still there all that is
still available to me after i rebase so there's an advantage in having a little bit separated
now chris you mentioned rebasing
there. There are currently several image offerings. So Aurora, which we've heard quite a bit about,
is a clean and reliable desktop operating system for every type of user, they say,
with many batteries included. Now, this is basically a lightly customized KDE Plasma 6
desktop experience. There's also Bluefin, which is a custom image of Fedora Silverblue, of course,
offering, they say, the best of both worlds,
the reliability and ease of use of a Chromebook
and the power of a GNOME desktop.
There's also Bazite, next generation of Linux gaming for all your devices,
except, I guess, Chris's gaming device,
for all your devices, except, I guess, Chris's gaming device,
which comes ready to rock with Steam and Lutris pre-installed,
Steam Game Mode, HDR support for AMD GPUs,
and numerous community-developed tools for more of your gaming needs.
There's also uCore, OSI-based image of Fedora Core OS with, again, batteries included, lightweight server image
including most used services
and the building blocks to host what you want,
including tools like WireGuard, FirewallD,
Cockpit, TailScale, ZFS support, and much, much more.
That's really a theme throughout these images, right?
Like if you think silver or blue,
you really got to add on a lot of quality of life stuff
like ZFS, like first class NVIDIA support.
It's probably one of the first things that will stand out as you kind of getting installed and set up with one of these images.
Yeah. And also there is some curation, not a lot.
It's not heavy handed, but there's some curation like things like tail scale being there and readily available.
So when they say cloud native, what they're really talking about, Wes, is this whole thing is composed with different containers
layered on top of each other,
but that same tooling is available to the end user
should they want to make their own version of these too.
Yeah, absolutely.
If you want to really go heavy with getting a pre-setup environment
or applying a lot of customization,
that's probably the route you want to go.
You mentioned RPM OS tree under the hood, and that's kind of what handles, right,
building these particular trees, which act like immutable images that you can then switch atomically between.
So you can go from, you know, the previous version to the updated version and roll back if you need to.
Well, RPM OS tree added support for containers as a mechanism of handling, you know, the bits on disk.
So much like we talked about that some of the RHEL image mode stuff is looking to take advantage of with that and projects like Bootsy, Universal Blue is doing the same thing.
Yeah, they're very much skating to where the Red Hat puck is going.
So that's another advantage to looking at this is you're looking at the future of Red Hat, I think.
What some of the way they're building and composing systems like this.
And it is a DevOps way to build a system as opposed to a system administrator's way to build a system.
And so if you're used to using container first tooling, then a lot of this will be very familiar, right?
So they've got container files that ultimately are what build the bits that you pull down.
container files that ultimately are what build the bits that you pull down.
So RPM OS tree goes and talks to a container registry and pulls down that container and then, you know, configures it up so that you can boot into that OS tree that was contained
inside.
And on the flip side, they publish images, base images, both of, you know, things like
Bluefin, but also just like their minimal version of Silverblue customized to work in
this environment.
So you can bring that into your own container file.
And, you know, just like we all know and love the from command where you're just like, well,
from this image, start there.
And then you can do whatever stuff you want to do on top, whether that's, you know, installing
brew packages or adding core bits to the OS or whatever else.
You're modifying that container file.
You're kind of like describing the system.
And then you can go build that using this whole set of technology. And you don't have to be like a whiz bang kernel developer to figure out how to put this thing together.
No, right. You build your customized container, which might just be adding a couple files into the image or whatever, adding your SSH keys or I don't know. Then you just go push that to a container registry. And then you go on to whatever system you want. you want and you rebase and point it at that container registry. From where I sit, this version
of Immutable Linux seems really appealing to
the crowd that already lives and breathes a container-based lifestyle
for maybe work, for their enterprise deployments, because you're able to utilize
that skill set here. To me, it feels like it brings
complexity, but I think to them it brings order to chaos.
So I think that's the perspective they have with it.
But get ready for your drink, boys, because here it comes.
I'm going to make the first Nick's mention of the show.
Thank God it's not me.
All right.
Get your drinks.
We try not to mention Nick's every episode, but if we do,
we have to take a drink. And Wes has got us a maker's mark here. So cheers, Wes.
Cheers.
All right, Brentley, do your drink or do your pushups, one or the other.
How many pushups again?
Oh, that's got some heat.
Next generation Linux, here we come.
I think it's a little bit of an apples to oranges comparison.
And I'm a little disappointed that it is.
Because one of the bits of feedback that we've gotten is that we talk about Nix so much that we are not paying attention to the other really awesome things going on out there.
And in this assertion is the implicit idea that the two things are comparable, that these are alternatives or competitors to each other.
And I'm really disappointed to learn that that is not the case and that so many people that have written to the show have had a bad take after listening to the show for a long time.
So it's a failure on our end.
But just based on how much pushback we've gotten, I expected this to be an apples to apples comparison.
just based on how much pushback we've gotten,
I expected this to be an apples to apples comparison.
I do see some comparisons,
but Nix is a much different beast, right?
This, the universal blue stuff is a lot of really great technologies
layered on top of each other,
like the Bootsy stuff and the OSTree stuff
and Brew and Flatpak
and a lot of technologies that are really well understood.
And then they have, and we'll talk more about in a little bit, created some really great tools
to kind of orchestrate all of that and to make things a little more accessible,
like to get to a large language model really quick or to make your terminal look badass
really quick. So they've created a bunch of tools to help you optimize the experience.
And then they have a bunch of mission specific images to help you get things up and going on
the very particular type of hardware you might be trying to use. And it's curated. But that's not
Nix. Nix is a system that is designed to construct a comprehensive build of an entire system where
you predefine the settings for the components and their output ahead of time, and then use one single tool to orchestrate and manage
all of the whole, the entire whole from the ground up.
In a way, uBlue feels more like a top-down approach to managing things in some ways,
more so in the tooling way.
And I guess I'm a little disappointed that so many people seem to be missing the point
of the two systems,
and then they come after us for not giving supposed equivalents the same airtime,
when they're both solving different problems, and they're both kicking ass in their own way.
And to compare the two is silly.
In fact, if anything, I think Universal Blue would be made even better with a little bit of Nix in there.
You know, why not? You got your Brew, you got your flat pack, and you got your Nix. Why not?
Because it's a package manager that lets you preset up the software before you install it.
That's really it. Think of it that way, if that's how you have to think about it.
They're not comparable systems like this. I think I can see where on some level,
the outcomes are comparable. And so if you're focused on those, if you're not interested or care or whatever else about the underpinnings,
and maybe the potential and the flexibility and the scope,
if you look at stuff like, you know, sort of designing around a whole system as an end product that you can atomically switch between,
if you look at things like, oh, I can just sort of transparently change out my desktop environment without having, you know, destroyed my package
manager and OS with all the cruft that I left behind. The reliability, various aspects of what
you get at the end, I think are the same or accomplishing very similar goals. So from that
level, I understand how you might see it. But there's so much more going on under the hood.
It is probably a more approachable type of Linux immutability if you're more familiar with
containers and the DevOps workflow. And so it may be the first introduction for a lot of people
is that more Universal Blue might be more of a appealing introduction, but also you could see
how something like you could take your own Universal Blue built system and deploy it for your own staff
and manage it internally and kind of just use all these mechanisms to do that.
And how that would be really appealing to like an IT department. Oh yeah, definitely.
Where Nix has been more of a Wild West when it comes to that, I suppose.
So that all said, we did give it a test drive and we have
some thoughts we want to share.
1password.com slash unplugged.
Imagine your company's security is a bit like the quad of a college campus.
Now, stick with me.
You know how they have those nice brick paths between the buildings that look really great?
That's where you're supposed to walk.
That's like company-owned devices.
Those are the IT-approved apps, managed employee identities, things like that.
But then there's the pass that everyone actually uses, the shortcuts where you have worn grass or in Texas.
You'll see the Texas off-ramp where they'll just drive through the grass, take a shortcut.
Enough people do it.
Yeah, well, guess what?
That's like unmanaged devices.
That's the shadow IT.
That's like no employee identities tracked.
And I've been there. You've got contractors. You've got BYOD.
Problem is, that's really where all the kind of problems are.
It's all those little shortcuts. That's where 1Password Extended Access Management comes in. It's the first security solution that brings all of these unmanaged
devices, apps, and identities under your control. It ensures
every user credential is strong and
protected. Every device is known and healthy, and every app is visible. 1Password Extended
Access Management solves the problems of traditional IAM and MDMs that they just can't
even touch. It's security for the way we actually work today, and it's coming later this year to
Google Workspace and Microsoft Entra. So go check it out and support the show. You just go to 1Password. That's the number 1Password.com slash unplugged.
Check it out. See their demo. 1Password.com slash unplugged.
Well, while I've been out in the woods motorcycling through the Canadian Rockies,
Mr. West, you gave this a deep dive. How'd it go on your end?
Yeah, I installed Bluefin DX,
which is Bluefin right there.
It's Gnome on top of Silverblue.
And then the DX is supposed to be the developer edition.
And now this is stuff you can just turn on
and get to from the regular Bluefin image.
The DX one just comes with this kind of out of the box.
And since, you know, I like containers and toys and all kinds of nerdy stuff, like, yeah,
let's go for that.
Chris, I think you'll touch on this as well, but to get it installed, you got to go kind
of a traditional-ish Anaconda Fedora install experience, which is not my favorite.
No, not anymore.
It feels like a mismatch
with the power of this distribution
and the way it's put together.
It feels a bit like a mismatch.
Yeah, it's definitely like an older setup.
And then I think it might be worse than the stock one
just because they've had to change it to work with,
I assume this happens on the Silverblue layer,
but to make it work with RPM OS tree.
And so you get less output and feedback as it's installing.
And when it breaks or doesn't install, you don't get that much error output.
Yeah.
And the progress bar just like hangs out at like one fourth for a really long time.
I was.
So admittedly, it was a slightly challenging install environment because I was trying to install it on this ThinkPad along with other distributions like I normally do.
But I do this with pretty much every distro we talk about.
And it took me a little bit of fiddling to figure out that it needed me to make a separate slash boot ext4 partition as well as then the root partition and then also the EFI partition and get those all kind of set
up just right in the customized disk installer before I would actually get it to complete
without kind of just an error that I didn't know.
Ultimately, I installed it in a VM just to see like, what do you do if I put you on automatic
and I'll just make sure I replicate that.
So that that that experience was a little bit disappointing just on the outset.
And it feels like you're limited by Anaconda when this is going on.
I had a I also had a similar experience where i know i got a fancy boy workstation but i got
seven hard drives oh you know you you wouldn't think it's such a big deal but like one of them's
an mvme few of them are sata and the rest are all uh sata ssd and so it's like a mix of spinning, SATA SSD, and MVME,
and seven of them, and man, does it throw
at least half the Linux distro installers out there
for quite the loop.
And the only way I can get it to work
is if I go ahead and manually partition ahead of time
and keep it really simple, really basic,
and then after the distro's installed,
finish out the partitioning.
And when you start hitting walls in Anaconda,
you start having to bail out to lower and lower maintained bits of the installer.
And when you get into the Velvet or whatever, Guided or GUI,
it's like you're really going back in time, boy,
and nobody does partitioning like that anymore.
And you're like, man, it's so weird that I'm using this absolutely cutting-edge Linux distribution
or whatever you want to call it, Linux desktop experience,
and I'm using something that feels like it's from 1997.
And no disrespect to the Anaconda team, because I really do think it's overall a pretty helpful installer,
but I'm not exaggerating.
I'm not exaggerating.
I did a speed run of Aurora and Nix from scratch
and I got, after I went through all of the prompts
of the Aurora installer and got the images expanding
I got an entire Nix system from scratch installed from the old ISO
rebooted into that system
and then rebuilt all the packages to the current release
rebooted again and system, and then rebuilt all the packages to the current release,
rebooted again, and got logged into my desktop before the Anaconda Aurora installer was finished.
It's just a massive, massive difference.
And it's like, if I was going to live this lifestyle,
I think I would pretty quickly learn how to automate this process to not use this installer.
I saw some folks saying, you know, you could use like a kickstart file that you fed to Anaconda.
I just didn't, you know, for this experience, I just didn't feel like that's what I wanted to spend my time doing.
Yeah.
But if I were going to get serious about this, I think I would do that. It makes me wonder, there's probably like if I knew this tooling better, you know, the rest of it's so modern.
You're shipping these container images that have all the stuff you need.
Like, can I just download the container image and then run some insert magic command that like
if i if i format it you know and then i just say like install this container image to this partition
that'd be killer yeah yeah really especially if you know if you could just do it from the
command line they have some really nice command line yeah. So if they just created one or two more... That's always the solution.
Yeah, right?
Well, you know,
and this is all, I mean,
fairly still early.
Like, for a long time,
the container stuff in RPMOS tree
I think was thought of
as fairly experimental.
So maybe some of this stuff
does exist.
Maybe as the Bootsy project matures,
this will be functionality
that's built in.
Or it might be already.
I know there's, like, there's an upgrade command, and then there's like a upgrade NG command
that's sort of predefined on the system.
And in the NG version, I saw it was using boot C, but it had some limitations around
not working if you had custom RPM OS tree layers.
Anyway, I think there's a lot of tooling and promise around making that better, but it
was kind of a distracting start to the whole thing.
But after that, I wonder what you think of this, Chris, but it really reminded me of when we were playing with Omikube.
Oh, okay. Yeah, I can see those vibes. George Castro kind of started, having spent a long time working on Ubuntu, came up with a sort of customization environment and scripts on top of Fedora and Silverblue as the start to Universal Blue before in some ways it's, you know, it is just like a curated, well-worn environment, modern Linux environment set up for you.
It really depends on your perspective.
I think George would argue that it's not very opinionated.
Just maybe I'm wrong, but watching his YouTube channel, I think he would argue that.
And I would argue it's extremely opinionated, much like Amacube is.
But my baseline would be Fedora Workstation, which seems very unopinionated with the exception of maybe like the Fedora logo in the background.
Yeah, if that's like a bland beige 90s PC, then Bluefin is like an Alienware.
Yeah, totally.
Yes.
Yeah.
And sometimes they make really good decisions.
I mean, I actually have no complaints with any of the chosen defaults.
I don't know about you, but I, just to jump ahead, I decided to go with Aurora because that's Plasma 6 experience.
And, you know, I'm crushing on Plasma 6 these days.
And it's not bad.
It's not bad.
But the default terminal is a GTK app for good reason.
And, you know, I love console. And I just didn't feel – it felt new still, and I think it is.
I think it's the newer of the spins.
So I did what you can do with these types of systems.
I rebased to Bluefin.
And, man, is that just not a fantastic experience.
I just love being able to totally rebase.
And unlike, say, an app or our traditional RPM-based
distribution, there's no remnants of the past system. You couldn't even tell I started as a
Plasma 6 desktop. It is as if I installed an ISO that was GNOME only from the beginning.
And that's always how the system has been, with the exception of my user-installed apps
still persisted. Yeah. And the experience for folks, right? You go on the command line, and
well, actually, they have a little helper for it. Did you use the helper? Yeah, it's great. Oh, okay. Yeah, well, maybe you should say it.
Yeah, I did, but not for the rebasing. The rebasing, I went on the forum
and was looking through some questions and saw just like, it's like one
RPMOS tree command to rebase. Yeah. So I just used that. I didn't use like
the built-in tooling, but they do have really great tools built in
that do make it possible to do some of the switching.
Yeah, they have like a rebase helper
that will point you at some of the common options,
like, oh, did you want to be on the developer version?
Or did you want to be on the stable version
or the latest version?
I thought about trying that,
but I also wanted to see what it was like
to do it with an RPM OS tree command.
Yeah, and for that, you just,
it's RPM OS tree rebase and then because
it has the container support built in
you point it at a
container registry and give it
the owner of the registry
and then the container
name and then the version. So it's just very much like
pointing it at a Docker image, right? Because it is.
Well, and that's also
what it's like to use. For good
or for worse, I'm on Starlink so I don't have the fastest internet in the world, but about 100 megabits, 180 megabits.
And it takes a minute for all these images to download, much like a large Docker compose that I have that might be pulling multiple projects and doing multiple layers.
This is now what it feels like a bit to update.
It's kind of slow.
It's not horrible.
It's not the worst I've ever experienced.
It's definitely not gen too slow.
So, I mean, I'm not really complaining, but it's definitely not the fastest.
Part of that, my understanding is that traditional RPMOS tree has better diffs and there's an in progress or soon to be merged or like there's something on
the near term horizon that will improve diffs specifically for the container version of rpm
osray support that's gonna be nice yeah because yeah right now i think you basically have to
download a lot of the layers whole cloth even if only a little bit has changed right right and i
guess i was surprised after i installed it immediately had to do like a whole bunch of
updates which i you know okay okay. It makes sense.
You were removing the image from the ISO image.
And again, if I was actually going to really, you know, spend a lot of time with this, I would probably figure out a way to deploy the freshest stuff immediately when I do my custom deployment.
Right.
Yeah, that makes sense.
I am forced to agree that, yeah, updates, RPM OS tree interactions in general, I think, are just kind of slow.
I mean, this ThinkPad's not the fastest, so it's not like it's, you know, a great system to really benchmark on or anything.
But it felt like the tooling was reliable and the custom tooling on top, like they've added some scripts orchestrated through a Just file that they ship by default.
And they've aliased it to UJust.
So you just run UJust.
And then they've got like a graphical chooser, which is neat, or just a whole bunch of commands and the sources.
And it's a very nice little experience.
Those are all pretty snappy and great.
And they've got like a, I'm blanking on the name, but they've got the just update everything scripted out and installed for you.
So it'll go update Homebrew, it'll update your Flatpaks.
That is nice.
But RPMOS3 itself feels slow.
So I started playing with Blue Build, which is a build system kind of designed around building your own version of UBlue stuff.
It features a compiler written in Rust that turns a recipe,
which is a YAML file, into a container file,
which is then how you get back to the whole container and Universal Blue world.
And on one hand, I really like that this stuff is, you know,
at this time now, standard tooling.
It's easy to work with. You probably have it installed already. You've seen it before. that this stuff is, you know, at this time now, standard tooling.
It's easy to work with. You probably have it installed already. You've seen it before.
Yeah, you've seen it before. It's especially easy, like,
you know, GitHub has their container registry.
It's all very well
integrated.
But that stuff is also
slow. I mean, admittedly, I've
never built one of these before, but I was trying to play
around and, like, just build a customized image.
And I got Blue Build installed locally,
as well as replicating their template project on my GitHub.
And, I mean, it's very nicely done in the sense that
they've got all the stuff spelled out in terms of you go and
clone their template repo into your own project,
rename some stuff,
and then they have you set up code signing of your container images,
which is cool, and they kind of walk you through that
and generating a secret and filling it in in GitHub,
and they've got the action all templated out for you.
So you can customize your recipe, push that into your repo,
and then GitHub Actions will run,
and then if it succeeds, it'll then publish that image
to GitHub's container rebows.
I mean, that seems like not a ton of work.
Yeah, right.
So you can change, I think, in the ideal workflow, right?
You're like, oh, I'm on my Bluefin DX here,
and I've got my dev containers running in VS Code,
and I've modified my YAML, and then I hit git push,
and then 10 minutes later, the cloud's done running and then
i can do a rebase onto that fresh image and i've got all my stuff and it's like it's a pretty it's
a pretty nice workflow and that's what makes it a cloud native system right there yeah right right
um but it's also i mean it was slow locally and it's even it's probably like somewhere between
five and ten minutes to get like that image built which probably once i was used to the system
wouldn't be that big of a deal.
However, I was trying to do it. Ended up being that my changes were
towards the end of the whole process. So I would, which is why I ultimately ended up even installing
Blue Build locally, right? Was because like, I got to figure out how to run this faster so I
could figure out what I'm doing wrong to make it work at all. Because there's like a lot of
restrictions around like what you can do around user stuff and how you how you have to work within the parameters of the extension points available to you during
this build process you know like there's limitations around because the system isn't
running so you don't have the full extension of doing stuff to a running system you have to do
stuff somewhere in their docs they say think like a distro yeah right so you're
setting up like defaults and templates right not necessarily the the instantiated version of the
running system yes uh and that i think is really what crystallized a lot of this where i do think
this approach is works really well and especially for like appliance like setups is is that split
right it's the ublue folks and Fedora below them
are thinking like a distro.
And then UBlue's adding a lot of the
stuff that Fedora just kind of can't.
Right? With a lot
of craft and a little bit of opinion.
You've got all that mixed
together. You get something that's very curated.
That's what you end up with.
Right? You get something that's
either very curated by yourself
or curated by the
Universal Blue Team.
I could see this tooling working
nicely. You know, I think
I do think splitting the responsibilities out
where you have folks thinking like
a distribution and then
more intentional extension
points for users. It almost
reminds me of GNOME plugins versus KDE plugins.
Oh, really?
Well, just because, you know, the problem we have with...
I was listening to a YouTube video.
If you're curious, George Kastner's got a YouTube channel
with a lot of exposition on uBlue and stuff he's working on.
And they mentioned that one of the things they install
in the RPM os tree sort of
lower part of the build process is some of the gnome extensions they ship out and that's so that
they can lock them against the gnome version right and that the reason is that right because there is
no explicit sort of extensions api for gnome plugins to use right yeah and so you there they
get to do all the internals of GNOME,
which means they can do really neat stuff,
but then they can also break when GNOME changes something.
Versus Plasma widgets,
which might last for multiple releases of the Plasma desktop
because they're more writing towards an API.
Right, and that's the same thing here in a way, right?
So you've got GNome plugins are managing your system with the full tooling to put together the base distro.
Using app, you're like, oh, I'm going to integrate this user space package at the same level that I
integrated OpenSSL into my distribution. And if you're doing something here in a composable Linux
like uBlue, those are separated and the user stuff, as you noticed, right, it's compartmentalized in a composable Linux like UBlue, those are separated and the user stuff, as you noticed,
right, it's compartmentalized in a way that can both persist and can't interfere with the lower
levels, right? But you also then get the ability with the container support to layer things as you
like. So you do still have a lot of flexibility in terms of extension. Now there are limitations
I mentioned, right? It's not a running system. It's also kind of difficult. I don't know if you can easily remove stuff
from the base OS tree.
Like if it's been baked in in a layer above you,
if it's stuff that's totally auxiliary
and not in OS tree,
I think you could just remove that.
But if it's in the OS tree stuff,
I think it's pretty difficult to remove.
So they've intentionally kept
a lot of the base images minimal,
but there are some limitations to the flexibility of the setup.
And so if you don't mind, I would like to touch on where I think
immutable Linux goes sideways for a lot of folks that try it,
is this version of immutable Linux doesn't universally solve the cruft issue,
especially when you consider you're installing a lot of things
with the brew
package manager as well. And if we zoom out for a moment, Joseph of Earth wrote on Mastodon,
and he considers this a good thing, and I consider this a bad thing. And it's just a
different perspective, and neither one I think is necessarily gospel. But Joseph of Earth writes,
when I use Aurora by Universal Blue, it doesn't just feel like they make an OS that I use.
It feels like they're actively maintaining my experience in the OS.
It's like having a personal, proactive IT department to make things easy and fix problems quickly.
I really feel the community support in a way that I don't feel from other OSs I've used.
That's not a good thing for me,
but it could be great for Joseph of Earth there.
Is the idea here to provide stability
through this mechanism?
And is that working?
I mean, that's definitely one of the goals.
Yeah.
Yeah, the problem is that,
so one is a system that's been built for you
that's going to be curated
as long as the team decides they want to maintain it or the community around it keeps it going.
And other systems give you the ability to build your system and maintain it yourself with minimal overhead.
And it just depends on where you sit, right?
that, like I was saying, the core problem that isn't quite addressed here is there is this kind of, I'm sometimes afraid to remove stuff, either at the RPM OS tree layer or at the brew layer
because of dependencies and I don't want to break things. And it kind of isn't as clean as I would
like it to be. In the case of, say, Nix, if I remove a package from my configuration and then
I rebuild the system, that system is built as if that package never existed.
There is no cruft. There is no package creep.
There is no massive spiral of complexity that builds over time that we've seen predominantly on apt and RPM distros.
And it's not that Universal Blue systems suffer from it entirely, but there is this area where this version of immutable Linux doesn't 100% solve that problem.
Additionally, and I think I agree, people complain often that they have to reboot.
Well, you don't always have to reboot, but there are times.
And so now you're also rebooting a lot to be able to do simple things like, say, use Emacs.
So now you're also rebooting a lot to be able to do simple things like, say, use Emacs.
And there's more complication to do some of the things that you would normally not have to get that complicated with on a standard Fedora system.
So there's absolutely pros.
You know, the read-only root file system, image-based rollbacks is great.
Separating user land from OS, absolutely a winner here.
But it is a more frustrating experience of immutability, in my opinion,
because of these limitations that I've just outlined. When it works, it's great. Like I said,
rebasing, it's fantastic. It's clean. It was actually nice to have my brew applications still there. The documentation, fantastic. It's really obvious and clear how to begin to contribute
to this project. That's something I think other distributions and projects could really learn from.
begin to contribute to this project, that's something I think other distributions and projects could really learn from. And then George, he's very engaged with the community.
You know, he has a YouTube video on how to jazz up your Bluefin command line with some bling,
and it's fun. It's nice. It's quick. It feels like you got somebody out there who's on the
cutting edge watching this stuff and integrating it quickly into the distribution and messaging
it to the community. And I really respect that. But that's not a 20
year plan for my system, right? That's really cool for like the next five years. But then
doesn't eventually Fedora just kind of do this inherently? I think the advantage to this approach
is then you could probably rebase, I guess, to the Fedora stuff. Yeah. And then as long as the
container technology doesn't go away,
you'll still have the same, right?
You change your from line,
but you can still do the same type of extension.
I think there's also use cases
where this is a real winner.
Bazite seems like maybe what Valve
should have done from the beginning.
You know, maybe they could have done it with Arch,
I don't know,
but it just seems like a great way
to ship an end user experience.
And Bazite's really focused on gaming.
It's really popular, I think, because they were one of the first to support the Asus ROG.
But I've just seen the community talk about Bazite a lot more, which is a real gaming optimized version of Universal Blue.
And I think that shows you where this sort of curated composing of different layers and immutability gives you a real SteamOS-style competitor that's available to everybody.
And it's filling a gap, too,
that SteamOS is apparently just leaving open.
Well, that kind of seems like, at least right now,
what it's really optimized to target and shine in, right?
Instead of folks who like to mess with computers,
it's kind of the opposite, right?
It's people, maybe you want to be on a Linux system,
but you don't really care about dealing with a bunch of the stuff.
Or even if you're a developer.
You're a developer on your TypeScript application,
but do you know how to program the underpinnings and debus?
No, and you don't really care, do you?
You just need a Linux system that works well, that is reliable,
that is up-to-date, that can respond to bugs and issues quickly.
And regardless of the specifics of the team and the project, like this methodology, I
think can deliver that type of app, that type of image.
I agree.
And I think if I were to rebase my kids' computers right now, I think Bazite is a serious
consideration.
And they've got different, so they'll ask you, what's your hardware?
You know, this is good
and bad but you know so you have like a long list of different hardware types and you also just
generic desktop pc then what's your video cards and then do you want it in game mode automatically
or do you want it in desktop mode and you get to pick through all of that and then you download an
iso image and you're good to go they got a plasma and a gnome version gnome and i think if i were
to reload my kids machines right right now, Bazite seems like
a really solid contender for that type of system. And it'd give them a nice, solid,
reliable Linux experience. Yeah, I think that, I mean, it might shine kind of as a default there
too, right? Like if you want a Linux in the Fedora family, you know, or on that side of the fence,
it'd be hard to argue against one of these as just like a full featured modern
kernel, good hardware support, you know, lots of functionality, pretty easy extensibility.
Yeah. If you don't have a, if you are not a, you know, I use the package manager to like modify my
system and I expect that workflow to work person. I don't, I don't know why you wouldn't use one of
these. Yeah. I'm, I'm really going to have to ask myself if i want a fedora but you know just recently we were
doing something i went with fedora so i i'm still one of my go-to distributions and now i'm gonna
have to ask myself well maybe actually do i want bluefin maybe i want bluefin because when i
rebased a bluefin i was really impressed it's it's just curation. It's really a nice GNOME desktop. And I think,
yeah, I think at least eight out of ten times I'm going for Bluefin in the future instead of
Fedora Workstation. Linuxunplugged.com slash boost. Yeah, you can boost from the web now.
You can boost from the web, and that's an awesome way to support the show.
Direct peer-to-peer, open source stack, no company behind it, no middleman that's taken a percentage.
We have a system called the splits.
We get to determine the percentages.
So we split it between Brent, Wes, and myself and editor Drew and the network.
And then we also give a little percentage out to the podcasting 2.0 ecosystem, sometimes to other developers.
It kind of depends on what's going on, but it's a great system. And we just define it in our RSS
feed. Anybody can view it. It's transparent. I love it. Now you can boost from the web. And
I'd love to hear from you if you're a small business owner. Send us a boost with your
business, what you do, and a URL to it. Let's get a little circular economy going. JB members
buying from JB members, supporting each other in the community.
I think it'd be beautiful.
Use the Boost space as a way to tell us about your business.
Just go to linuxunplugged.com slash boost
and send us a little message in.
We'd love to hear from you.
And of course, you can support us directly every month
by becoming a member.
That's at linuxunplugged.com slash membership.
That is really sweet because I really am proud of what we've done with the bootleg version.
Of course, you can get this lean and mean fully processed and edited version with no ads.
Drew does that, and it is great, especially if you want something really tight.
But if you want something a little longer, we have like almost double the content sometimes in the bootleg version.
It really is something.
I sometimes wonder if we haven't put our best stuff in the member version.
So go give it a listen. I'm not going to say everyone's a banger, but
we try to make them all good, and I think you're going to love it. Either as a member or as a booster, you're going to love it.
It really feels good to give back and keep the show going.
LinuxUnplugged.com slash boost and LinuxUnplugged.com slash membership.
Well, we have some pretty special
baller boosters this week,
and one special baller, well, several boosts from Martin De Beurre
for a total of 50,000 sets.
Hey, rich lobster!
Now, these are spread across five boosts total,
and I think, Chris, you're going to like this series.
The very first one
1, 2, 3, 4, 5 Satoshis
so the culmination is
1, 2, 3, 4, 5
hi
Brent, Chris and Wes I recognize the update
issues Brent was having on OpenSUSE
Tumbleweed recently this is related to
the RPM dependencies
sometimes a certain dependency is only available
from another repo,
and OpenSUSE is suggesting to switch all dependencies to that particular repo.
I actually find this a strong point of the distro,
and I can imagine it is difficult for new users.
I can actually choose to install a program and all of its dependencies from the same repo.
Oh, I feel like this is actually, he says high Brent, Chris and Wes,
but this is really high Brent.
This is very high Brent.
I find it hard to believe that this is a nice feature
because in my experience, at least,
it just kind of breaks everything.
And I've got update fatigue, as I mentioned.
I talked about this in detail in Linux Unplugged 571
to the point where
I'm just not updating the system anymore, which is the opposite of what we suggest everybody does,
right? And part of that problem is just having too many repos to solve these weird edge case problems.
So your mileage might vary, I think, is maybe my advice here.
It does begin to feel not like ancient history, but it does begin to feel, not like ancient history,
but it does begin to feel, as you do play
with more of these new modern distributions, like
the old way of managing software on Linux.
And you are suffering from that. If this
was an image-based system and you could just
update a few images and
everything would be okay, or you just reboot
and go into the other instance, you might be more
inclined to update, maybe? I think I saw
OpenSUSE's Aeon has an RC3.
Yep, yep.
Maybe we just roll Brent right over to Aeon.
Now, Martin did continue here with another boost on the topic.
One, two, three, four, five Satoshis.
Yes, that's amazing.
I've got the same combination on my luggage.
Now, Martin suggests that you can use YAST
to look at which packages are coming from which repositories in Tumbleweed and suggest that using the download.opensusa.org repositories is a good way to go as they're built by the OBS.
And that the Pac-Man repo is great in terms of software availability, which I do have installed on mine, but it generates most upgrade dependency
problems. So yeah, I bet I could see that. I could see that.
Now Martin sends in another boost here. I think this one is about 12,345 Satoshis.
We're going to have to go right to ludicrous speed.
Now on the dedicated PCs's topic i find that
on any of my pcs my downloads and documents folders are slowly growing in stored files
yeah sense i like to keep all my files in one central place so every os upgrade i copy everything
to an external ssd and move it over to my main pc i probably should have a nas at this point but
that needs maintenance as well find it annoying
that on my laptop i need to store a copy of my music collection and my favorite wallpapers but
with only two pcs remains manageable oh martin you are so on the cusp of becoming a self-hoster
home labber you need you know like one little o droroid or something that's running a few Docker containers.
It's just one more machine.
I don't know.
I kind of like this external hard drive approach because imagine eventually your downloads just gets, you know, so polluted and full of nonsense.
You just toss the whole hard drive away.
You know, our buddy Noah, he has a go-to like detective way to determine how seriously somebody uses a computer.
And what he does is he goes and checks your downloads folder.
And depending on how old files are in there and how busy it is,
he knows if you're really using the computer or not.
And that's stuck in my memory, and that's one of my go-to moves now.
Oh, the downloads folder.
You need, like, garbage collection or something in there.
So anything, like, six months or older just goes away.
Little systemd user.
Yeah, I need systemd llm-files.
And it's a large language model that figures out what files are important to me and saves those and deletes the rest.
Clearly, that's what I need.
The ephemeral file system.
Yeah.
You let it watch you delete files for long enough.
It'll figure it out.
Yeah, you train it.
Now, Martin, second to last boost is, I think, what is this, 12,345 sets.
The hell was that? Spaceball 1. They've gone to plaid.
I used to love bare-bones PCs like the Nux and B-Linx because of their small size.
However,
I now prefer quote unquote real PCs with better components, motherboard, cooling components,
power supplies, dedicated GPUs, et cetera, and then build me a mini ITX or micro ITX PC. However, that is not really a portable solution. So keep us updated on your experiences.
I get that. I think I'm in the same place. Like
if you can think of the NUC or the B-Links as a disposable sort of like atomic unit that you
swap in and out, you don't really, you know, it's just there to serve a purpose, then it works well.
Yeah. And then if you want to have something, a system that you can remediate, that you can
swap things out, that you can take care of, that you can access the internals, then skip that.
And if you just look at the longevity,
the systems that last the longest are the full desktops.
They're like the big rigs.
They got the proper cooling and, you know,
maybe even overfanned a little bit.
Like, they're the systems that really last the longest,
if you're really going to trust.
The ones that get the hawk strike.
And Martin just completed the series here
with 620 Satoshis to say boost to get to 50,000 in total.
Smoke if you got him.
Thank you, Martin. That's a great series of boosts.
Hybrid Sarcasm comes in
with 30,000 sats.
I hoard that which your kind
covets. And they write, I recently switched
to Fedora 40 on my Framework
13. Nice! Congrats!
As I mentioned in the previous
boost, I'm running Plasma 6. I'm enjoying
the curated environment of Fedora.
Should I give Aurora
a try? Right on
topic. Yeah, I feel like
if you're okay with it still
being a new-ish experience
that's developing, and you're going to have some
GTK tools, which we're going to talk about more
later in the show, in your
Plasma, if you're okay with that,
then yes, I like
where they're going with it, and it's fresh, man.
It's fresh. Just give it a quick rebase. Why not?
I would love to hear a report hybrid,
so boost in if you do it,
and if anybody else has been given Aurora,
try boost in and let us know how it goes.
I'll grab the next two. VTTelnet comes
in with 2,500 sats.
Coming in hot with the boost.
Short and sweet.
Greetings from Chile.
Hello.
Thank you.
And then Kenneth Renner is in with a row of ducks.
Kenneth's been a Garmin Fenix 7 solar user for a while now.
Love it.
Yeah.
Just set up Garmin Pay last week and used it for the first time.
Hey.
I hope that was inspired by us.
It is a nice, you know, if you're
going to use a wireless payment, I think it's a decent one.
The Solar is such
a cool watch.
I think you're going to see in the next
few years Apple pivot to compete
with these more low-feature Garmin's
that have weeks of battery life
and do a couple of things really, really
well. I think
you're going to find out that Apple has to compete with that
because I think Garmin's on to something here.
Hey, I'm noticing this boost came in from the podcast guru.
I think that's a nice special boost.
Yeah, it's a good app.
Hydragium sent in 5,000 sats.
You're so boost.
From Fountain Web.
If people want a boost from the web, where should they go?
Linuxunplugged.com slash boost.
They say,
finally get around to sending the boost.
I said I would at the meetup.
It was great to meet Chris and Brent,
and, well, not quite Wes.
Also found out about the lug nearby
that I'll probably start going to,
and it was a great time.
And for Brent,
the diet is still going great. It definitely makes it easier. And for Brent, the diet is still going great.
It definitely makes it easier that I like most of the food I eat on it.
Ah.
Ah, yeah, yeah.
That is easier.
As happens, we always get into food.
Yes, we do.
Also, Wes was there.
He was just in disguise.
And you know what I love to hear, Hydrum, is that you got into a lug afterwards.
That's a very common thing, I think, when people go to JB meetups.
They're like, I got to find a lug nearby.
We hear that a lot.
It's just too fun talking about, you know, talking with people about Linux.
Yeah, and thank you for setting up and getting that first boost in here.
Appreciate you taking that journey.
Exception comes in with 4,444 sats.
This old duck still got it.
That's a double duck.
At my previous job, disk encryption was
mandatory, and I used
Lux with an enterprise distro.
It was painfully slow.
Then I moved to a
consultancy job using my own laptop
with Ubuntu 22.04.
Unfortunately, at least I thought at the time,
the military and customer VPN connection required
encryption, so I reinstalled with Lux, and it was a lot faster.
I kept just forgetting I had Lux.
I realized that you guys can't read my mind from my previous boost.
My per-disk encryption, if I had a choice, I'd still go for it personally.
But maybe if I could, I'd go for just encrypting the home directory.
Yeah, that would be my route, if I could.
And that's where I'm excited about the future of BcashFS.
Or maybe you could do it with ButterFS or CFS,
but I'd love to be able to do it in BcashFS
and just encrypt slash home,
or just really slash home slash Chris.
What, you're not encrypting my home, Der?
No, no, no, no.
How else am I going to read what's in there?
Obviously, I've got to read that journal.
Jordan Bravo comes in with $5,555.
Everything's under control. For all my machines, full disk encryption with Lux is table stakes. I set it up once when installing
the OS and then just don't think about it after that. If my laptops are ever lost or stolen,
I know my data won't be leaked. That is nice. For my home servers, yes, it's less likely that
they'll be stolen, but if they ever are stolen, I'd feel better knowing the drives are encrypted.
Hmm. Hmm. You know, I'd be, yeah. See, one of the nice things about doing a small little Odroid is you can hide it in places people would never expect to find a server.
But what if they steal your whole rig?
Oh, no!
Yeah, right.
You know, I would SSHN because you'd probably still be online in Tailscale.
Yeah.
But Jordan, I would.
Shred, shred, shred.
Yeah, right.
Oh, my gosh.
Oh, my gosh.
Beach Blit.
Jordan, have you ever tried the same system without disk encryption?
And have you noticed a performance difference?
Yeah, that's getting me thinking about my systems.
I've always just encrypted by default.
Now I'm thinking, hmm, what's the performance hit here?
Right?
Now, Moon and I boosted in with 4002 sadoshis boost no disk encryption for me
i don't want to deal with the fallout when i inevitably screw things up all my important
files are encrypted in nextcloud anyways if you're looking to get more reliability on your
lightning node the best practice these days is set up a hybrid
clear net tor exposing your ip is obviously a no-go but you can always spin up your own vps
to connect your node or use a solution like pleb vpn or tunnel sets my node has been rock solid
and fast ever since i installed pleb vpn on it will say, you know, with encryption, I do get the screw things up.
Yeah.
It is a layer of complexity.
And then there's some comfort knowing.
I mean, obviously these fancy file systems
are a little complicated in their disk layout,
but, like, at some level,
you know that the bits of your file
are pretty much identically sitting,
not with compression, mind you, but just sitting on disk in a recognizable format that you could
find.
And with compression and encryption and more of these fancy features, that is just not
true.
That's always in the back of my mind a little bit.
Oh, Chao Wing Wang comes in with a row of ducks.
Another graphene Android app store option is zap.store.
Heyo. Great zap.store. Heyo.
Great episode.
Cheers.
Knights 62 comes in with 12,100 sats.
1.21 gigawatts!
I want a plus one the Linux desktop coverage.
My daily driver is Linux both at work and at home.
Over time, I rid myself almost entirely of Windows.
It is now relegated to a virtual machine running on my LibVert KVM HomeLab mini PC.
I still use macOS as well because I support users on that, but Linux is where I live most of the
time. As Ron Burgundy said, 60% of the time, it's Linux every time. Also, this is a 1.21 gigawatt boost, because
I think we need more Doc Brown in our lives.
Hey-o!
21 gigawatts!
Please add to the soundboard, which it looks like you've done.
Add it!
We had 5,000 sats come in from PC Null Ref.
You're so boost!
Once upon a time in a galaxy far, far away, I installed Gentoo. Don't remember exactly the computer.
Feel it was a Pentium?
Want to say 2005 to 2009 era?
Heck yeah.
Anyway, I just remember building the kernel and booting and saying, yes, yes, yes.
And X11 started to build and build and build overnight.
I remember saying to myself, why is this so slow to compile?
It's not a 486.
Looking back, I feel I should apologize to our computer overlords for my verbal abuse to my poor computer.
It, of course, didn't last long.
The compile time for each thing was like watching grass grow.
It lasted a few months before switching back to BOS and experimenting with Debian.
Heck yes, PC NullRef also.
Smart. and experimenting with Debian. Heck yes, PC Null Ref also smart.
Getting on the record right now,
making up with the computer overlord,
so that way when they index this podcast in the future,
PC Null Ref, just to make sure it's clear,
PC Null Ref apologizes for all the cursing.
And I'll go on record and say I'm also sorry.
I didn't appreciate the magic of Gen 2.
And I wonder if PC Null Ref, if like me, you dream of an alternate reality where BIOS was successful.
I don't know.
Have you boys ever played with it?
Only a little bit.
It's really, really fascinating. multi-core database-based file system, 64-bit before anybody else, windowed file manager and desktop that was just pretty slick.
And you can still find themes based on it, but it was so cool.
And it did a lot of things Linux does.
It was a really neat operating system.
Rotted Mood comes in with 10,000 sets.
B-O-O-S-T.
I'm pretty sure I sent those boosts through my member feed with no real message, just value for value boosts.
But if you see this, then we will know.
Yes, it works for Castomatic.
Good job, Castomatic.
Yeah, Castomatic does work so you can boost the member feed from Castomatic because they are reading the value split directly from the XML file that is our RSS feed.
they are reading the value split directly from the XML file that is our RSS feed.
Fountain, although they will probably work on it soon,
is looking up each feed via the podcast index API,
and the member feeds are unique to each individual,
so it returns basically a go-screw-yourself status.
And so it's a technical limitation at the moment,
but something that should be solved at some point in the future.
Deleted comes in with 12,345 sats.
So the culmination is 1, 2, 3, 4, 5.
Smoke if you got him.
I've been behind catching up on episodes, so forgive me. This is about an old episode.
He's boosted into 571 multi-machine lifestyle.
If the U.S. declared war on flop floppy disks the floppy disks would win yeah it's you know they're out there we got some floppy disks at
the spokane meetup with a highly compressed linux unplug spread across two floppy disks
highly highly wow and i was thinking about buying a us USB floppy disk reader just so I could see like
what format is it in? We've got to play them
on the air. Yeah. Okay. All right.
I think you're right.
I can just imagine like a
nuclear sub
being run off floppy disks, you know,
down there in the ocean. That's probably
happening, right?
Unfortunately. You're joking. Just to tell
you, the German army still has ships that are using
floppy disks oh boy and they have just decided this year's that they will virtual virtualize
the drives oh honestly can we hit the pause button and can we just if they're still working in 2024
let's lean into it i mean we for a lot of really like like
your keys and logs and markdown files 1.4 megabytes which is really 1.2 megabytes in practice
plenty yeah plenty spoiled portable the technology clearly works across decades across generations
kind of handsome too right like a nice looking it is and there's usefulness with portability
and if star trek the original series taught taught us anything, they're still using portable storage mechanism constantly.
So instead of pulling floppy drives out, I think this show's official position, boy, you can vote no, but I hope you're with me on this.
I think our show should become pro-floppy disk and we should advocate for more floppy disk
use, not less floppy disk use. Because just look at the history. Just look at the data. It's clearly
been useful. It's a good technology. There's still usefulness. And I don't like USB thumb drives.
Are you on board? Can I get a plus one from at least one of you? Yeah. Let's buy that floppy
drive after the show. All right. Yeah. I'd like my next purchase to be a floppy-based security key.
So if someone can help me get that working, let's do it.
Definitely.
Yuba floppy, yeah.
The hell was that?
Spaceball 1.
They've gone to plaid.
Thank you very much, deleted.
Now, Southern Fried Sassafras came in with 5150 Satoshis.
The traders love the ball.
Boosting in with a non-technical pick for you, though tangentially topical,
Seth Drums, a drummer for Brent and Alex,
who drums along with AI-generated songs sung by AI.
And most of them are pretty hilarious, such as the rock ballad Me Like Rock
and the country song Glue Balloons.
Hope you get a laugh as hard as I did.
Me Like Rock, huh?
All right.
Me Like Rock, caveman rock song.
Me like rock, me make roll, me take rock, put on pull.
Get rock sharp, sharp as heck.
Throw rock at big T-Rex.
But rockness, time to run.
And then he just has to start drumming to that random song.
Throw rock at Big T-Rex, Chris.
You know, you always should.
Thank you, Southern Friday Sassafras.
I think you're on to something.
Mr. Pibb comes in with 5,510 sats.
Making show.
I use Lux on my personal devices.
My work includes personal health information.
So USB drives is what I go with plus VeriCrypt.
A strong passphrase is always used so I don't have to fuss over a lost USB stick.
That is a little bit of a nice piece of mind.
Again, I mean, a floppy disk could probably be better.
But if you're going to use a USB drive, a little VeriCrypt and a strong passphrase is pretty good.
Yeah, floppy disk is like defense in depth, right? Because no one can read them.
They can read the bits.
They just can't get the bits.
We're a big fan of the onion approach.
Amorphous Phage comes in with a row of ducks.
I want to say thanks for the FOSCOM recommendation from last week.
Unfortunately, it's quite far away for European standards
and seems very national. But thanks to this tip, I found FOSS.events with tons of things around
Europe. It's really amazing. I was also super surprised with your accurate Swiss-German
translation of my town's name from the zip code boost last week. So here's another challenge for
you. Brent, will you read this part for me? Merci want to read this part for me no i can't do that
i'm swiss so merci vielmal so that's the first part okay which means thank you which means thank
you and then it goes on i'll try again here and moked wheat or so and just continue doing like Und mochet Wietersau? Und mochet Wietersau.
And just continue doing like that.
Or just continue doing so.
Continue, yeah.
Continue on kind of thing.
Man, I have to meet that guy because he's in Brook.
He's like 20 minutes from my place.
Yeah, he's...
We have to meet.
Boy, give me a hint.
If you listen to that show, give me a hint on Element, Minimac,
and then we can meet one day.
Make a JB connection.
Please do. High five, Connoisseur
is back with 5,000 sets.
You supposed! Follow up on the
Microsoft Office problem. I ended up using
WinApps to get it running on my
Archbox, WinApps
org on GitHub. So far, it's working
near flawlessly. Also,
thank you for the Fudo keyboard recommendation.
It's the best Gboard alternative I've tried. Chris, you can try swiping onto
the spacebar as you put your finger down. That's how I do it, and then I don't trigger
the language selection. I've been practicing. It's still
like, I think three out of five times I'm triggering the language
selection menu. Oh, that's terrible. Did you look for a setting? Yes, and
it's not there. Which language do you choose?
You should just learn
a secondary language so you can just toggle between them.
That's the worst thing, is it's just the one
language. It's like, I wish it was smart enough to know
he's only got one language. Skip it.
I don't need to show an option, yeah.
From an anonymous Podverse
booster, we got 6001
Satoshis. Fun will now
commence. Being able to pay privately and
anonymously with cash is a precious thing, but fading quickly in our society. I disagree with
Brent's statement that paying with a debit card number stored on a Garmin watch instead of
additional piece of plastic is the so-called modern cash. It does sound like an improvement
for people using
Google or Apple Pay, though. Hopefully enough people keep using the cash privilege so we don't
lose it. You know, on this motorcycle trip that I was on, we tried to set up my Garmin watch with
pay so I can just like, you know, not have to take all my gear off to try to get to
traditional money. Right. And it turns out in Canada, there aren't very many options.
So I didn't even recognize the banks that were accepted in the government pay.
So if you're Canadian, womp womp.
But also I did bring cash and I used it.
So there you go.
At least it might not be modern cash that I used,
but I still use some old cash.
So keep some around.
Well, our dear Blank went on
to say, I encrypt all my drives
with Lux. I use
Multipass, an open hardware device
as a password manager to
store and enter the key for the boot drive. Oh, neat.
Yeah, it's M-O-O-L-T-I-P-A-S-S.
For the curious, all other
drive keys are stored on the boot drive
and referenced in the Crypt tab for automatic decryption.
Functionally, this means I turn my PC on, pick up my multipass, and enter my four-digit
PIN into it.
By the time my PC is ready for the Lux password, I use my multipass to supply it, which is
recognized as a keyboard device.
Drives unlocked.
Very nice.
Sounds like quite a sophisticated setup.
I'm sorry I'm busy looking at this multipass. It's cool. I think we're going to link to this thing. Oh, we sure will.
Zack Attack came in with a 11011 Satoshi's. On encryption, I use Lux on my laptop in case they
are stolen. I've played around with getting to where I don't have to enter a key, but at this
point, I don't really care. As for encryption horror stories,
all of mine come from Windows BitLocker
and range from a simple loss of the key
to an update causing BitLocker to fail
and not allow you to enter the key.
All I can say is backup everything
that is important to you.
That is always sage advice, right?
Thank you very much.
And we should all pass that around one time.
Double check your backups
this week, everybody. Zach Attack is right.
Double check your backups. One is none.
Disroast2 comes in with
a Jar Jar Boost, 5,000 sats.
You're so boost! You asked if
we use disk encryption. Well, I always
encrypt my disks. However, I'm actually
moving away from encrypted backups.
My concern is recoverability. Not just for me, but for my family, should they need it.
80% of my data is family photos, videos, MP3s, which frankly, I'd love if someone wanted to keep.
For these, I back up with rSnapshot, which is like a copy.
No apps or decoding is needed for recovery.
Then I use Borg for encrypted backup
of the docs and the financial stuff. Yeah, that makes sense. I mean, it probably depends too,
right? Like maybe you want encryption if you're uploading certain things, especially to like
a big cloud provider storage. And maybe you have different concerns if, you know, you've got a box,
a backup box at your house and then at a friend's house or a family member's house, and just the threats are different.
Yeah, I think, and it's also hard and difficult, but important to remember what a family has to recover this data when you're not there to help them.
And what can you do to make that more straightforward for them?
And what tradeoffs are you willing to accept?
So that's an important thing to consider.
Thank you, Distro Stew.
Showmaska the Golden Dragon,
comes in with 6,666
sets.
The Golden Dragon! Across
three boosts.
On disc encryption, I haven't
been able to mess with it, really. Maybe
one day, though.
This set of ducks, here's the next ducks,
this set of ducks is for
Brantley's Gen 2 fund.
Yeah, here we go.
Oh, here we go.
When it happens, somebody will need to let me know, as I'll give it a shot, too.
See, it's not just Brent.
Yeah.
We got a crew assembly.
Yeah.
And a support row of ducks here at the end, plus one for more immutability.
Thank you, Golden Dragon. Nice to hear from you.
Hopefully this episode fills that slot for you.
Sounds like there's a demand out there for a Brent Gen 2 challenge.
I think there is. It's growing.
Or at least co-suffering. Co-suffering with the community.
Yeah, co-suffering Gen 2 together.
Now Gene Bean boosted in two boosts, one a row of ducks and another 10,000 cents.
That's not possible. Nothing
can do that.
I was just listening to the part about Cleavis
you mentioned last episode. It got me curious
about using a YubiKey instead of the
TPM, and it turns out
the ArchWiki has a guide. Seems like
you could solve for someone stealing a laptop
by keeping the YubiKey on you instead
of leaving it plugged in when
away from home.
You ever thought about the YubiKey there, Wes?
Oh, yeah, totally.
Yeah?
I even have a couple.
Yeah, I think I have one myself.
We should do something with that.
Something.
Yeah, it does seem.
There's a lot of stuff you can do.
I've used them for some things.
Yeah.
Used them for work.
Yep.
But there's a lot more than we've taken advantage of.
Now, Gene's been second boost here.
Hey, Brent, not only will I contribute to your doing Gen 2 with this 10,000 sats, but I'd happily be your support system too and do it along with you.
You know, he'd probably even do like a matrix chat with you and help you out.
I mean.
So cool.
So we got the dragon and Gene Bean on the, what do we call this, like the Gen 2 team.
So I'd like to know if anybody else would like to join us.
This is sounding a little bit more fun now that we have this going on.
What if you ended up really liking it?
Well, do you think I will?
You're forever distro.
I don't know.
I actually think it is possible.
I do think it is possible because it's like, it's like really good home cooking where
it's all ingredients that you have control over and you put together just in the amounts and
capacity that you like. Right. So I was just thinking that, right. Like Brett loves stuff
like that. Yeah. So in a way it might be perfect for you. You might really like it. Okay. Well,
I would love to, in the future discuss or hear from the audience what is the best path to success here
you know how do you get in how do you gen 2 properly what's what's the way to win shout out
to everybody who also boosted in below the 2000 set cutoff we get your messages we read them and
we include them in the doc we just do the 2000 set cutoff for time but we really appreciate it we had
30 boosts this episode and we stacked 233,760 sets.
Not bad at all.
Thank you, everybody.
We really appreciate that.
That not only supports the show, but it goes to each one of us directly, plus the podcasting 2.0 community.
And it's a nice way to get your message into the show.
And this show is down a sponsor, and the community between the members and the boosters
have been picking up the slack and keeping things viable.
So we really appreciate it.
And also thank you to everybody out there who streams those sats.
As they listen, we see you.
We appreciate you too.
If you'd like to send a boost and you're not ready to switch apps,
LinuxUnplugged.com slash boost, or try out Fountain.
They're playing around with Nostra and doing some really cool things there
on the back end that really make just a lot of sense.
Podverse is GPL and cross-platform.
Castomatic is like the Cadillac of podcast apps on iOS.
Lots of good options for you to choose from.
Thanks to everybody who sends their message in.
We really appreciate it.
I know what that sound means.
That means it's time, Mr. Westpain, for ZPix.
You've been busy this week.
Yeah, well, actually, this one just seemed like it made a ton of sense.
This week we had to mention Tixis, which is P-T-Y-X-I-S.
And it is the terminal that is default in some of the universal blue images, like Bluefin and also Aurora.
It's a terminal for GNOME with first-class support for containers,
and they're using Flatpak as the intended distribution mechanism.
So you get baked-in container support right there in the terminal tab.
It's a nice little quick terminal, too.
It fires right up.
So I thought, you know, you don't have to be on Universal Blue to enjoy this.
You could use this on another system as well.
It's just a flat pack install away.
Yep.
And if you're playing around with containers on your system, it's like a terminal built with container support in there.
But if that's not your speed, then I wanted to mention Gear Lever.
I mentioned this a little bit earlier in the show that I found this app to help you manage.
Oh, now you're revealing your secrets.
Works on Nix as well and any distro, really.
If you want something to help you integrate app images into your desktop's app menu,
if you want to be able to organize all of them into one folder automatically, manage the updates for them,
then that's where Gear Lever comes in.
This is a flat
pack that manages your app image this is what we've got with desktop linux package for me you
got it this is the world we live in now this is it but the beauty here is that when you're on an
immutable system you can install flat packs really easily and most of them have flat pack support out of the box so then you install gear
lever and then that gives you a really nice first class app image experience okay i gotta try this
it's actually kind of nice even on non-immutable distros it's kind of nice just to have like all
my app images automatically go in this directory i just drag and drop a new app image into this
app window and it just sorts everything out, puts in the right direction,
creates the desktop file entry.
It's actually kind of nice.
And then it helps you manage updates too.
gear lever and Texas P Y T Y X I S a terminal for genome with first class support for containers and gear lever manager app images with ease.
So there you go.
That's it.
I really enjoyed our time with Universal Blue.
I'm super impressed with where they're going.
And I think they are showing us the future probably of the Fedora project in a lot of
ways because they're taking Silverblue to the next logical conclusion, I think.
And then after attending the Red Hat Summit, it's obvious that some of the core fundamentals
they're using to build this, Red Hat is extremely invested in.
Yeah, right.
It seems like some undercurrents to continue pushing on
integrating image-based deployments and container technology.
Yeah.
And the reign of the DevOps engineer continues, right?
It's a container's world out there now.
First they took your virtual machine.
Yeah.
Now they're building your distro.
Please do boost and let us know if you've tried Immutable Linux Distro
and bounced off it and why, or maybe it stuck for you. And also if you've got a small
business, I'd love to hear about it. We'll share it with the community. You're also welcome to join us
next week. We'll be live at Sunday at noon Pacific, 3pm Eastern over
at jblive.tv. We've got that mumble room and don't forget
See you next week.
Same bad time, same bad state.
You can only subscribe and just get the show in your podcast player
whenever we release it.
Powered by open technology.
That's right.
From top to bottom.
Links to what we talked about are at linuxunplugged.com
slash 573.
You'll also find our RSS feed link over there,
the contact page, the boost page,
the mumble info, the matrix info,
all the accoutrement
to a nice protein-packed love dinner.
Thank you so much for joining us
on this week's episode of the Unplugged program.
See you right back here next Tuesday,
as in Sunday. One thing we didn't get into the show, but I have to imagine some people listening to this episode is just a general sense of container fatigue.
I think I feel it.
Now I'm biased, right?
Like I've huffed the next glue and I don't know if there's any coming back from that.
And I've been using containers and deploying with containers for a long time.
And there's a lot of stuff I like about them.
Kind of done with them too.
Yeah, they're kind of as light them, too. It's like... Yeah, there's just... They're kind of...
For as light as they are...
They're not light, though.
They feel heavy-handed.
Yeah.
One thing I noticed looking through some of the issues
over on the U-Boot project was,
let's keep all the container stuff in the DX version.
There's definitely an audience that loves this brew-first setup.
And after trying every combination,
this one is the one that feels like the sweet spot.
I've also totally moved to this model.
I keep the dev containers as part of my IDE, and then I have everything else.
It feels like we might be over-rotating on the need to learn containers.
It's supposed to be invisible anyway, lol.
And that's George in a comment on...
I think George is right there.
And, you know, the key thing that they've hit on that users have loved since desktop Linux was first put together is the curated desktop experience where certain pain in the asses are solved.
And like NVIDIA drivers or easily deploy, you know, a tool that you use for your job. And they've done that. People love that. I mean, that's what Amacube offers. That's really if you think think about what really set Mint apart from Ubuntu, is they solve things like drivers and a few other
problems, and now look where Mint is at. And I think he's right. I think most users
that are looking for that type of distribution that just is solving these problems
so I can just get started, they're probably more of a brew audience
than they are deploying my software with a container audience. And they don't really care how the
underlying system is put together.
Yeah, brew, I think, is much closer to a traditional escape hatch of,
oh, yeah, you just do brew install and the package name,
and it works kind of like a regular package manager.
And I think you're right to worry that it does introduce a lot of the same problems
and complexity and state that a traditional package manager.
But the one difference is it won't mess up your Bluetooth.