No I actually prefer GNOME, but have to use KDE because I need specific features (kiosk mode), but yes I feel like Gnome is so much better integrated with its defaults apps!

Crypto - wall street on steroids Bitcoin - an actual alternative to the collapsing monetary economy

That doesn’t take into account privacy coins like monero, which have different purposes, but most crypto is bullshit.

Glad to know xfce has a kiosk mode, I wonder if it’s easier to set up than KDE or GNOME…

UFW definitely and maybe also selinux or apparmor to give internet access only to applications that need access!

I thought about Nix, it is indeed cool to declaratively install stuff and it would indeed be very helpful to set system settings all from one file so that you control everything there, but I don’t think that’s what I need, I think I’d need a more focused desktop environment maybe?

Kiosk environments could be a solution, because once the UI is limited, you can install software in any way you like and from any distro really, I think the focus is to keep it minimal under the hoods and very simple on the surface!

How is the user experience compared to matrix? Is it easy to gateway towards matrix or other services? Can I easily join matrix or other communities servers?

I see a lot of people are now using matrix but not so many xmpp, but yeah it hoggs resources on my server too. Also I feel like it’s still pretty buggy…

Yes, sorry, not a native English speaker

Didn’t think about the 2 machines thing. But yeah it looks definitely easier than setting a transparent proxy… But I guess all of this has to be on the same network, I cannot use an external server to which I connect to via wan because at that point the connections would be already need to be unproxied going out right?

But can’t your setup be done on the same machine with a firewall?

Yes DNS and pihole were never thought as content filtering tools

I need to block IPs and unauthorized connections that are not http/https as well, I know about DNS filtering but it’s not what I am trying to achieve.

Didn’t know about CENO, it looks super cool! Might have to dig more into TOR as well

Maybe search engines idk, something like Yucy?

Exactly! I don’t see why we have to rely on the old internet infrastructure for a completely differently conceived type of distributing content!

There’s stuff like ipfs, and I’m sure there are many ways to make self hosting easier…

We normalize everyone has a modem/router/access point at home: we should normalize everyone having his own server hosted, bitcoin node, ipfs node etc etc…

And your right, these services have to be super easy to deploy… I think containerization might be helping with this… Think about docker or Nixos… Make a nice GUI and simplify docker even more and you get packages that can run on any distro in any OS, that even a complete noob could spin up! Maybe paired with repos that host most of the self hostable stuff.

But yeah I think the whole structure might be have to be rethought, from the way we host to the way we can connect to each other… We got to give everyone the possibility to decide which web they want to be part of, and federation definitely allows this!

Do you think a Proxy would be better in this regard compared to a firewall? I was trying to watch the logs of ufw today and see if I could do something there but the incoming and outgoing connections are A LOT, and I would essentially like to whitelist both per domain and per IP.

How much maintainance would this require? I wonder how often IPs change today, but with all the NAT, dynamic DNS and CDNs there around maintaining a whitelist only with IP addresses looks like a nightmare…

Squid proxy with squidguard could be a better option than trying to work with a forewall maybe?

Any suggestions on the how?

It looks really complicated, very different from Linux! I cannot understand properly all the sandboxing thing… But I guess it’s years of development and policies enforcement… Now I can see why Android it’s much more closed compared to a normal Linux distro, I guess this provides a lot of security but less customization. I also have to understand the role of the device manager in all of this. Is there any Linux distro that behaves similarly?

Why so much effort into securing it? Isn’t the Linux behaviour with users etc enough?

No it’s more a user management thing, I would need users to access a certain list of whitelisted websites only…

Maybe proxy or dns? I’ve been looking in squid proxy but it looks fairly complicated, especially if I wanna be able to access it from wan… But Idk if with DNS I could block ips as well. Setting up an hosts file seems like a lot of continuous work since I would have to specify entries for each ip address associated with domain… Maybe firewall?

Yes it’s more something like that, making certain type of content a lot less accessible.

I think it’s all a problem of time: if we have more time to carefully think about what we are doing on our devices, we usually make better choices.

We need better tools to give us more time to actually evaluate and decide.

I’ll make an example: I installed an android device manager which let me set a block timer for each new installed app, that means that whenever I install something new I will have some time to reflect on whether I actually need that new app or not, and most often than not, the answer is no.

And that would be enough to bypass root settings?

If someone wants to prevent users to mess with the system should he just disallow downloads entirely/confine the user into an intranet?

Enough focus to read documentation.

That’s really it. If your purpose is just self hosting learning bash could also be helpful. And yeah Linux would be a great choice.

But mostly, if you want to self host an instance of Nextcloud correctly and without having to deal with too many unexpected things, you have to read the documentation and do not rush. Most self hosted stuff isn’t “install and use”, because you’ll be your own server manager, and everything requires attention to be managed.

Docker or not docker you will have to deal with configuration, settings, requirements and updates.

So understanding how to read the docs/search and open github issues and taking time to read everything would be the most important skill for me.

Also writing down what you are doing would indeed be helpful too, in order not to lose track of what you’re doing on your server. (Check out Ansible).

Most apps out there simply need you to know about permissions, systemctl services and package managers.

Try to always find a specific package for your distro for everything you install (eg. .deb for Debian), and have strategies when this is not possible (aka using a Python venv when installing python programs).

Absolutely Debian stable, the first thing i wanted in Linux was stability, coming from windows you want something that “just works” and I think Debian stable + Gnome is the perfect choice for this!