I’ve only ever used desktop Linux and don’t have server admin experience (unless you count hosting Minecraft servers on my personal machine lol). Currently using Artix and Void for my desktop computers as I’ve grown fond of runit.

I’m going to get a VPS for some personal projects and am at the point of deciding what distro I want to use. While I imagine that systemd is generally the best for servers due to the far more widespread support (therefore it’s better for the stability needs of a server), I have a somewhat high threat model compared to most people so I was wondering if maybe I should use something like runit instead which is much smaller and less vulnerable. Security needs are also the reason why I’m leaning away from using something like Debian, because how outdated the packages are would likely leave me open to vulnerabilities. Correct me if I’m misunderstanding any of that though.

Other than that I’m not sure what considerations there are to make for my server distro. Maybe a more mainstream distro would be more likely to have the software in its repos that I need to host my various projects. On the other hand, I don’t have any experience with, say, Fedora, and it’d probably be a lot easier for me to stick to something I know.

In terms of what I want to do with the VPS, it’ll be more general-purpose and hosting a few different projects. Currently thinking of hosting a Matrix instance, a Mastodon instance, a NextCloud instance, an SMTP server, and a light website, but I’m sure I’ll want to stick more miscellaneous stuff on there too.

So what distro do you use for your server hosting? What things should I consider when picking a distro?

  • asap@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    edit-2
    5 months ago

    uCore spin of Fedora CoreOS:

    https://github.com/ublue-os/ucore

    • SELinux
    • Supports secure boot
    • Immutable root partition (can’t be tampered with)
    • Rootless Podman (significantly more secure than Docker)
    • Everything runs in containers
    • Smart and secure opinionated defaults
    • Fedora base is very up-to-date, compared to something like Debian
    • Fliegenpilzgünni@slrpnk.net
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      How did you set up the intial system?
      From what I’ve seen, FCOS needs an ignition file and has no Anaconda installer. I would like to set it up soon too, but it looked like a huge hazzle…

      • asap@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        5 months ago

        Yes you need an ignition file, but you just need to put it on any web accessible (local) host.

        I used a docker one-liner on my laptop to host the server:

        docker run -p 5080:80 --name quick-webserver -v "$PWD":/var/www/html php:7.2-apache
        

        And put this Ignition file in the directory I ran the above command from: https://github.com/ublue-os/ucore/blob/main/examples/ucore-autorebase.butane

        You could equally put the Ignition file on some other web host you have, or even Github.

        That’s it, that’s the only steps.

      • barsquid@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        If you want atomic Fedora but don’t want to deal with the ignition file stuff, check out Fedora IoT.

        • Fliegenpilzgünni@slrpnk.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          Thing is, uCore has some very neat things I want, and FIOT doesn’t provide me such a great OOTB experience compared to the uBlue variant.


          I’m also not sure if I even should decide for Fedora Atomic as a server host OS.

          I really love Atomic as desktop distro, because it is pretty close to upstream, while still being stable (as in how often things change).

          For a desktop workstation, that’s great, because DEs for example get only better with each update, and I want to be as close to upstream as possible, without sacrificing reliability.
          The two major releases each year cycle is great for that.

          But for a server, even with the more stable kernel, I think that’s maybe too unstable? I think Debian is less maintenance, because it doesn’t change as often, and also doesn’t require rebooting as often.

          What’s your experience with it?

          • asap@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            5 months ago

            doesn’t require rebooting as often.

            You have to reboot to upgrade to the latest image, so you’ll have to get rid of the ideal of uptime with years showing on the clock.

            Rebooting is optional, and so far it’s been rock solid. Since your workload is all containerised everything just comes up perfectly after a reboot without any intervention.

            I think Debian is less maintenance

            Arguably that’s the best feature of an atomic server. I don’t need to perform any maintenance, and I don’t need to worry that I’ve configured it in some way that has reduced my security. That’s all handled for me upstream.