You really only need Storage. Backblaze B2/Wasabi/Cloudflare R2 if you can afford it, or just get a Hetzner storage box, attach it to the VM, run Minio and off you go.

Alright we should use that then

You must be LTT's chaperone

Thanks man. I would much rather give my time than my money for OSS projects, but I have a lot to learn and do not match up the quality of contributions needed in said projects. I'll do what I can.

You do know that you can run SELinux on Debian right?

And MAC isn't the end-all for security arguments

Yeah I will make sure to use OpenLDAP/FreeIPA at home. I'd rather play along with RedHat's bullshit than Microsoft's bullshit

I meant I'm waiting for XFCE to support Wayland haha

SMR vs CMR and drive speeds

I would be really interested in a comparison of Kicksecure and secureblue. I'm interested in running one of them myself

Which book is this?

Those remote access fears can be solved with a wireguard VPN

Running a CA is cool however, just be aware of the risks involved with running your own CA.

All they say that if the private key is stolen then you're screwed. Think about it, if an attacker can:

1. Get into your network.
2. Presumably bypass key-based ssh/container runtime protections
3. Access pod/VM which is running the CA
4. Bypass default MAC settings (Apparmor on debian, SELinux on RHEL)
5. Steal private key without you knowing from your logs

You have a much bigger problem my friend