Our great sponsors
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
Gitea
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
-
ArchiveBox
🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
I use a Windows 10 VM to download Visual Studio and extract the installed compiler to generate a linux docker image with wine and MSVC C++ compiler:
https://github.com/madduci/docker-msvc-cpp
For GUI applications, firejail might be easier to use. It too isolates applications from your system, but comes with a bunch of pre-configured profiles for many popular applications (including proprietary ones), thus requiring zero configuration.
Some of its more interesting features (in addition to the obvious path/privilege restrictions):
- putting the application into a separate network namespace with its own firewall rules/network interfaces
- using a separate X server for each application (works pretty much transparently)
- setting resource limits (network bandwidth, memory, CPU, I/O; although not as flexible as systemd limits, they can be combined)
https://github.com/netblue30/firejail/
My main workstation runs Linux. It has a second GPU (NVIDIA RTX 2080 Super), USB 3.1 card, and an NVMe drive passed to a guest via PCIe passthrough.[1] I have a 2x2 DisplayPort 1.4 KVM to drive my monitors with the host GPU on one side, and the guest GPU on the other side. The peripherals are connected to the host through any open USB port, and the guest through the PCIe add-in card.
Audio is handled with Scream[2] mostly so I can get >65536Hz sample rate. (Really terrible things seem to happen if you try to boot a qemu guest w/ the emulated audio attached to pipewire-pulse when the DSP graph has a 96/192KHz sample rate. I've also had latency issues in the past w/ bonafide pulseaudio and the emulated audio card)
I do all my gaming and most of my browsing inside the Windows VM, which is bridged to my usual data VLAN. The linux host is where I do development work which lives on a separate experimental VLAN.
Other than that I run a few LXC containers for various services needed for running the LAN. (DNS, mail, VPNs, etc.) - I just want that stuff logically separated so that they can either (a) be moved to my new workstation in 2024, or (b) if one breaks it can just be rebuilt from scratch without affecting the others. It's also nice because I can use whatever distro works best for that particular package.
[1]:https://wiki.archlinux.org/title/PCI_passthrough_via_OVMF
[2]: https://github.com/duncanthrax/scream
This is basically traveling salesman type of problem. Plenty of library in this space if you want to learn more, like OR-Tools: https://developers.google.com/optimization
What prevents changing the distro in the Qubes components? See this: https://github.com/QubesOS/qubes-issues/issues/1919.
* https://photoprism.app/ - self hosted photo, video application (used to store my family photos); I also use https://www.photosync-app.com to sync directly from my iPhone to PhotoPrism
