Openmediavault on Mac mini https://youtu.be/t_mdBjwV2uws

Well yes they are a bank. Lol. I moved regular accounts to a credit union because I was sick of the bank’s problems. But still have a disability retirement fund with the bank because its a special government account for my child.

There are other criteria like account number, etc. But the voice they ask you specific question live. But I get it. Thats why I have a hardware key for platforms that support it.

One country was already setting up copyright on your voice so AI can be served takedown notices. Voice are quite unique, its how my bank verifies who I am. If somebody clones my voice via AI it could fool that login system

The isolation can be anywhere, they are pointing out the stages. Linux community is not immune.

Yeah, all good choices.

I have openSUSE on my main machine, with SELinux. They are more security focused by default than some other distros.

Firewall on by default, SELinux enforcing by default, sudo needs root password-not just passwordless or same user password like some distros. There’s a YAST GUI hardening App so you can see what passes best security practise and what needs attention. Zypper has various patch commands so you see a list of what patches are available, their critical/recommended status, and weather they are installed or unneeded for your setup. Also ability to apply patches by CVE numbers.

SELinux can be frustrating initially, until you get used to how it works. I.e. I setup shared network folders but couldn’t see data in some folders, it was because copying files into the folder to be served doesn’t automatically give access over the share, there needs to be SEL policy assigned to the files which you establish the policy and then can apply to all files in the folder.

Yes, I bought a rocketfish drive enclosure years back, so dropped a drive in that, and attached vias USB. Never had issues with it.

Assign as data drive in Openmediavault.

Openmediavault had some plugins and settings to set folders2ram so that the initial SDcard OS is writting to RAM instead of constant writes to the SDcard.

MicroOS is a decent choice, because it can cold boot off a configuration that uses ignition and combustion files. https://microos.opensuse.org/

And they have this file configurator so you don’t have to manually type all the syntax for your configs.

https://opensuse.github.io/fuel-ignition/edit

There are some sites dedicated to suggestions, or if you download the pi image burner tool it has a bunch of OS suggestions in the menu, like Pihole, Kodi media box, home assistant, etc.

I have a few running. One was setup as NAS and dlna music server using OpenMediaVault, one is a Volumio music player, my other one is Home assistant.

If you like old 80s-90s games there is RetroPi.

Too many choices really :)

If you want it that way, but then I’d have a mix of synced folder and regular folders inside Documents.

I like to keep if completely separate, for backing up user documents via dejadup differently than the synced stuff.

Hardware folder (synced via sync thing). All hardware PDFs, notes images etc get subfolders by manufacturer. It is helpful for keeping track of use manuals, firmware or config settings for each piece of hardware.

Not sure about the distro being used, opensuse makes a docker zone to put docker interfaces on, those have their own ports and rules separate then the Ethernet assigned zone ports/services to allow. For me I had the opposite issue, I couldn’t reach my docker containers from my lan, onky from the local machine because the Ethernet was on an internal zone and Docker was on its own zone. I’m not a superskilled networker dude so I just turned on forwarding and masquerade so the incoming LAN zone would forward to doocker zone and pretend to be the local machine connecting and not a LAN or remote IP. I guess if you moved your dockers too the public zone you could get in trouble

Could be signing, if removing secure boot changed behaviour. The proprietary nvidia kernal module needs you to enroll the key in MOK interface at boot after an install or some updates.

You should have gotten a blue screen at boot that said options like, continue or enroll MOK, delete MOK, cancel, etc.

Hardware raid is fine as long as you can still get the same hardware RAID card or Motherboard.

With OpenSUSE are you using the open source nvidia driver, or did you add the nvidia hosted repo and install their proprietary drivers?

The nvidia owned repo did work better for me.

But could be memory leak.

For anyone with laptop, and onboard graphics and nvidia RTX I had to install an opensuse swicher package to ensure appa start on the right GPU (right click option on the app) I forget the app name at the moment, it wanst the bumblebee or optimus, it was something else, Switcheroo maybe.

Yep, it is helpful for corporate applications, where nothing can introduce possible behavioural changes, that affect users, program function or the application development.

Stable will still get security patches and bug updates, just no new major kernel jumps or new features.

Wireguard between you and remote device like a pi. Set pi to portfowarding and masquerading on. It will then let you be on say a 10.x.x x network remotely but will send info on the remote LAN like it came from that pi local IP

Its the short thumb being the issue, I buy the smaller phone screens on purpose