• 0 Posts
  • 4 Comments
Joined 1 year ago
cake
Cake day: June 3rd, 2023

help-circle
  • Just SSH. Every public facing piece of software (I.e. a web interface) adds more complexity for misconfiguration or security vulnerabilities.

    You can mount you remote filesystem locally and use your local file manager and text editors to manage most tasks. If you use ansible you can make changes to a local configuration and deploy the state to the server without needing to run anything special on the server side. It is especially effective if you also run docker.

    And for monitoring I usually just have a tmux with btop running. Which is fine if you don’t need long term time series data, then you might want to look at influxdb/grafana - but even those I would run locally behind a firewall, with the server reporting the data to the database.




  • I’ve come around to liking Flatpak.

    • I don’t have to deal with dependency hell I sometimes get with third party packages (AUR/PPA)
    • I don’t have to worry about make dependencies
    • I don’t have to deal with clutter in my home directory, they are mostly encapsulated in ~/.var and easy to clean, discover even asks me. Especially if I try the app for 10 minutes and device it wasn’t for me. Espexially for apps that don’t follow XDG base directory specifications (which is too many, but that’s another post)
    • I get some (imperfect) sandboxing and control over what an app can access, especially with proprietary things like Discord …

    Anything I need to get into a desktop environment should come from the distribution’s repositories and package manager. For user applications, Flatpak is great.