87
submitted 3 months ago by communism@lemmy.ml to c/linux@lemmy.ml

I've only ever used desktop Linux and don't have server admin experience (unless you count hosting Minecraft servers on my personal machine lol). Currently using Artix and Void for my desktop computers as I've grown fond of runit.

I'm going to get a VPS for some personal projects and am at the point of deciding what distro I want to use. While I imagine that systemd is generally the best for servers due to the far more widespread support (therefore it's better for the stability needs of a server), I have a somewhat high threat model compared to most people so I was wondering if maybe I should use something like runit instead which is much smaller and less vulnerable. Security needs are also the reason why I'm leaning away from using something like Debian, because how outdated the packages are would likely leave me open to vulnerabilities. Correct me if I'm misunderstanding any of that though.

Other than that I'm not sure what considerations there are to make for my server distro. Maybe a more mainstream distro would be more likely to have the software in its repos that I need to host my various projects. On the other hand, I don't have any experience with, say, Fedora, and it'd probably be a lot easier for me to stick to something I know.

In terms of what I want to do with the VPS, it'll be more general-purpose and hosting a few different projects. Currently thinking of hosting a Matrix instance, a Mastodon instance, a NextCloud instance, an SMTP server, and a light website, but I'm sure I'll want to stick more miscellaneous stuff on there too.

So what distro do you use for your server hosting? What things should I consider when picking a distro?

(page 2) 50 comments
sorted by: hot top controversial new old
[-] wolfie@lemmy.zip 4 points 3 months ago

Personally, I use Rocky Linux on my servers. It’s stable, and has plenty of support since it’s RHEL-based. It’s supported until 2030 or so, and it doesn’t have any of the cloud-init or netplan stuff that Ubuntu Server has.

It’s also pretty simple to set up docker/podman containers, although you need the EPEL for podman-compose and for a lot of other packages, but once you get your setup the way you like it, it just keeps running and running.

[-] gencha@lemm.ee 4 points 3 months ago

If you are already familiar with one package manager, pick a distro that also uses that package manager.

When deciding on the release track, the harder it is to recover the system, the more stable the track should be. Stable does not imply secure.

As you move up through virtualization layers, the less stable the track needs to be, allowing access to more recent features.

Steer clear of distros that pride themselves on using musl. It's historically slow and incomplete. Don't buy into the marketing.

Think about IaC. Remote management is a lot more comfortable if you can consider your server ephemeral. You'll appreciate the work on the day you need to upgrade to a new major release of the distro.

[-] avidamoeba@lemmy.ca 3 points 3 months ago

Debian but mostly Ubuntu LTS with the free Ubuntu Pro that gives 10-year support. If I get hit by a bus, chances are the self-hosted systems I've setup would continue to work for years till my family can get someone to support or migrate the data. 😅

[-] visone@fosstodon.org 3 points 3 months ago

@communism
I use alpine, but void is a good option too, for me the host should be minimal and lightweight. At the end I have all on containers

[-] Asudox@lemmy.world 3 points 3 months ago* (last edited 3 months ago)

Ubuntu server, though I am thinking of using arch even though it is a rolling distro. It doesn't really matter. As long as docker is supported, I am fine using any.

[-] steeznson@lemmy.world 3 points 3 months ago

I wouldn't personally use Arch on a server. The rolling release could cause a lot of problems, especially since you lack the ability to seamlessly integrate older versions of packages like with gentoo masking.

[-] djsaskdja@reddthat.com 2 points 3 months ago

Do you have a plan on how you’d do version controlling on Arch? It’d be annoying to upgrade, something breaks, and you can’t easily roll back.

[-] rotopenguin@infosec.pub 2 points 3 months ago
[-] Asudox@lemmy.world 1 points 3 months ago* (last edited 3 months ago)

I'll just wait a few days or even weeks before doing any big updates, read the news page of archlinux.org and maybe some forum stuff. Nothing broke so far on my personal laptop, but I also don't tinker alot. All of the data of the containers are also stored in a storagebox from Hetzner so the system breaking wouldn't even mean that much, I'll just restore from a snapshot and everything will be fine.

I also might think of switching to NixOS instead. They say it's hard but pays off well and can be very stable.

load more comments (1 replies)
[-] Procapra@hexbear.net 2 points 3 months ago

Devuan. If you need stable, and you like runit, thats the easiest option.

Debian isn't unsecure because security updates for packages are still received.

[-] prenatal_confusion@lemmy.one 1 points 3 months ago

Seonding the security point. It's probably riskier to use bleeding edge distros because the "old" Debian packages are well cured and don't have a lot of new issues. And as you said also old packages get security updates. Even in debian.

Been running Debian on my server for 10+ years.

[-] DarkMetatron@feddit.org 2 points 3 months ago

I use arch on my servers. It is the distro I am most used too, because I use it also as my daily driver.

[-] minnix@lemux.minnix.dev 2 points 3 months ago

Used to be CentOS until the stream debacle. Now Debian.

[-] blackstrat@lemmy.fwgx.uk 2 points 3 months ago

Been running Ubuntu LTS releases on all my server VMs for 8 years and haven't had a single problem. Absolutely solid as a rock. Fantastic support, loads of guides to do anything. Plus you can get 10years of support as a home user with a free Ubuntu Pro subscription.

[-] chrand@lemmy.ml 2 points 3 months ago

I always use Rocky Linux or Alma Linux, since I have extensive experience with enterprise Linux and RPM packages. I have Fedora on my main desktop computer. Both Rocky Linux and Alma Linux are rock-solid and are ideal for any kind of workload.

Also, Debian is a good choice if you know how to manage DEB packages and you feel comfortable with APT.

Fedora is a good choice if you want fresh packages and are willing to upgrade your server every 6 months (following the Fedora release cycle).

Rocky Linux and Alma Linux follow a similar slow release cycle of RHEL, wherein you can install your server and not have to worry for years (as long as the packages are updated with dnf update) Debian is also a slow release distribution, which makes it good for servers.

load more comments (2 replies)
[-] 30p87@feddit.org 2 points 3 months ago

Arch. With testing repos. And somehow, it also just works.

[-] ray1992xd@lemmy.world 2 points 3 months ago

Mint on the Desktop, FreeBSD on the server. Amazingly stable.

[-] Nomecks@lemmy.ca 2 points 3 months ago

Red Hat, because it's free for developers and used by a lot of enterprises.

[-] corsicanguppy@lemmy.ca 3 points 3 months ago

Red Hat, because it’s free for developers

Not really.

and used by a lot of enterprises.

Not really. We're moving to a surprising alternative, but the source for a paid enterprise Linux is drifting away collectively from RedHat. It started with 7 - ironically people choosing a 7 equivalent from a clone, like a paid centos almost, just because they were so pissed at the quality free-fall that began with 7. In short, paying a competitor for their clone of a bad release because they're so pissed at RedHat for making that release. Really weird.

Now that RH is starting to wobble and falter, these also-rans are trying to get into the lead as flagship. If RH post-Lennart can't get its quality back up to EL6 level, the cracks will get noticeable. As they keep on pitching every product under the sun except linux, we worry their focus won't get back to it in time and they'll lose the flag - if not already - to someone else.

It's not SuSE. That combination of Slackware and (I wanna say SLS) is an experience, but not a joy. It seems like a good idea, but their culture is still weird for the west.

load more comments (1 replies)
[-] corsicanguppy@lemmy.ca 2 points 3 months ago* (last edited 3 months ago)

I won't say which one, but I'll give you a hint as to why:

rpm -Vp https://...

It's what got me off Slackware, and it's true today. If the distro can't support that kind of check, it's dead to me.

[-] fruitycoder@sh.itjust.works 2 points 3 months ago

Rocky and now moving too OpenSuse leap micro to move into immutable OS deployments.

Its all RKE2 (a k8s distro) on top anyways, so its very minor mods underneath, and base updates so I really want to maximize reproducibility and minim8ze attack surface.

[-] heythatsprettygood@feddit.uk 1 points 3 months ago

openSUSE Leap - YaST is the greatest thing since sliced bread, and works great on command line over SSH. Yes, sometimes installing some software is difficult, but generally most stuff you would want is there and a lot of stuff runs on Docker anyway now. Very stable too, have had nearly zero issues.

[-] Findmysec@infosec.pub 1 points 3 months ago* (last edited 3 months ago)

I guess you could use something like those new immutable distros to move away from state and related vulnerabilities. TBH there are plenty of hardening guides for Debian.

Or you could use any hardened version of Fedora which gets security fixes quicker, and then harden it some more yourself. The good part about Debian is that you are free to use SysVInit, I do not know if you could do that on Fedora. I do not think Systemd is a massive risk (if they have reached Systemd you have many other, bigger problems to think of).

I think I should study some more about Fedora. I run k3s on top and will go through their CISA hardening guide at some point to round things out.

load more comments
view more: ‹ prev next ›
this post was submitted on 16 Aug 2024
87 points (100.0% liked)

Linux

48375 readers
1263 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS