What do you consider to be the “Goldilocks” distro? the one that balances ease of install and use, up-to-date, stability, speed, etc… You get the idea.
I’m not a newb, these last few years I’ve lived in the Debian and derivatives side of things, but I’ve used RH, Slackware, Puppy :), and older stuff, like mandrake/mandriva and others. Never tried Suse or Arch, and while Nix looks appealing, I need something to put in production rapidly. I have tried Kinoite in a VM, but I couldn’t install something (which I can’t remember), and that turned me off.
Oh I’m on Mint right now, because lazy, but it’s acting up with a couple of VMs, which I need, I really don’t have the time or desire to maybe spend two days troubleshooting, and I’m a bit fed up with out of date pkgs.
For me that would be Fedora (preferably KDE). I currently am on Aurora (Kinoite fork), but that’s because I value stability very highly (except for immutable and Debian nothing is stable enough).
Not OP, but can you sell me on Aurora? Every time I’ve tried any of the Fedora Immutable distros they just feel slow and awkward. I have a few tools that need rpm-ostree installs and fighting with flatpak permissions is the bane of my existence
If you had problems with fedora atomic aurora likely isn’t for you. Its main changes are adding stuff like codecs and drivers to the image and making distrobox more accessible. What tools do you use? Aurora-dx comes with brew preinstalled so maybe they are available there. Also using distrobox completely skips flatpak permissions so maybe that would help you
Well that certainly sounds like it’s worth investigating, at the very least. Thanks!
The big problem for me was SSH and IDE tools. Iirc they only worked with stuff installed on the base image (I use 1Password’s ssh agent)
bluefin/aurora co-maintainer here, the 1password ssh agent is a miniboss we haven’t conquered yet, just a heads up.
Thanks for your fantastic work! I actually successfully moved both my laptop and desktop to ublue distros last night!
It turns out Bazzite was the image for me though, far easier to layer VSCode and 1Password onto Bazzite than getting steam working on Bluefin
Quick question: is Aurora dev desktop plus dev stuff, or less desktop stuff?
There are a few improvements in Aurora over Silverblue that you might like.
It ships with homebrew which is perfect for CLI tools.
It ships with distrobox instead of toolbx which is much better. You can install any distro while toolbx is just a Fedora. For example I’m using Arch in toolbox because of the number of packages and the fact that they’re usually up to date (no need to wait for a major release).
So far I never had to use rpm-ostree, and for VSCode I use distrobox precisely because of the permissions.
I’m downloading Bluefin DX as we speak! Definitely gonna play with it a bit
For anyone following this thread, I successfully moved my gaming desktop and my framework laptop to Bazzite last night!
I initially went with Bluefin, but it was easier to layer VSCode and 1Password onto Bazzite than it was to get Steam working on Bluefin
Regular Fedora is more than stable enough for day to day use. I’d start there and then with use see if it’s a good fit.
I’ve enjoyed my time on fedora. It’s recent enough that my hardware works when I upgrade, and stable and supported enough that I haven’t had to go out of my way to get something working.
Debian. I run Stable on servers and Unstable on desktops.
Although I do think OpenSUSE Tumbleweed and Arch are actually better in some aspects, I find Tumbleweed too rough around the edges (it’s a derivative of Leap and that shows). And I just can’t be bothered to install and configure Arch anymore. Fedora and Ubuntu are too buggy on average, Mint is too “stable” for a desktop and I don’t use all the helpers that make it newbie-friendly. Slackware suffers from issues that were solved in the Linux world decades ago, and I dislike derivative distros on principle.I’ve probably tried around 30-40 distros and I always return to Debian.
For years I used Debian. Because it worked, but also because Debian looked to me to be the purest and most solid FOSS distro. That is, it’s not run by a for-profit company, and it isn’t a derivative that will go away one day. It looked - still looks - like the “universal” Linux distro, which I believe is even its motto.
Firstly, is that assessment justified?
Next: the problem. A few years ago I read a disturbing report about the behind-the-scenes dysfunction at Debian. Specifically:
- a serious dearth of maintainers
- lots of very outdated packages with possible untreated security holes
- silly political wrangling by Debian insiders - one representative allegation was that more time was being spent debating the positioning of a Black Lives Matter logo on the Debian site than on the technical challenges just mentioned
Possibly this was disinformation by someone with a scurrilous agenda. I want it not to be true because I believe Linux needs a flagship FOSS distro and Debian is the obvious candidate.
Can anyone set the record straight? Because when I had to do a new install I went with Ubuntu (LTS), and this was partly inspired by the above. I would really like all this to be wrong and to know that Debian is on the right path.
I looked behind the scenes quite a bit in Debian and what you say mirrors what I saw. The project is very political and does suffer from a serious lack of man-(and woman-)power in many areas. If you do want to help, you’re almost immediately hampered by the community’s Byzantine structure.
If that puts you off, Arch is a more dynamic project that’s easier to get into as a maintainer. But it’s also organized with a more hierarchical and less democratic structure.
Additionally, you’ll find the issues Debian has all over the FOSS world (The Linux kernel is especially bad). And if you work in corporate IT like I do, you’ll soon notice that proprietary software organisations are no better. There’s software many people depend on maintained by a single overworked and struggling person everywhere you look. Yet it still works somehow. Cause wherever there is demand, a solution is found. And Debian at least has a long-established structure with the goal of finding that solution, even though it’s antiquated.
It seems they are prepping to do something about the sea of unmaintained packages
This is great news! Debian is back in contention for me.
Recently Debian developer Helmut Grohne initiated the Debian development discussion around removing more packages from the unstable archive. He argued in favor of more aggressively removing unmaintained packages from the archive given the QA-related costs, additional work/complexities when dealing with major fundamental changes to Debian, and other non-trivial costs
Useful insight, thanks. And somewhat reassuring.
I have no intention of using Arch (btw). I’m the kind of insufferable idealist who wants to use Debian for the high-minded principle of it. I consider Arch a toy distro for gamers. :)
There’s truth to what you’re hearing, all open source software is suffering.
Part of the allure of rolling releases for the places that have to maintain them is less maintaining! Debian does need maintainers.
Debian does ship old packages, that’s the point of “stable”, to be tested and known not to cause problems.
Free software is political. It’s literally not possible for there to have been more time spent discussing what to put on the website than looking for maintainers and updating packages, and part of stability isn’t active testing but instead time spent in active use.
Debian is on the same path it’s always been on, and reports of its imminent demise are exaggerated.
I use the Debian social contract as an example of the an unmitigated good in open source.
That doesn’t mean the org always live up to it, but that’s partially why there are battles for things like representation inside. I wouldn’t extend the benefit of the doubt to canonical, and I prefer rolling as opposed to security ported updates on my own hardware, but they made what you see possible on the internet in large part because people came together to make a free platform.
The orgs dogmas look like product of a bygone age to be, and changes to environment in software is probably as hostile to their approach as ever. I’m amazed they’re not more dysfunctional just from the outside looking, it’s a rock solid implementation.
Tumbleweed is not a derivative of Leap.
Tumbleweed includes the YaST package manager with all the repository priority settings that make sense in Leap, but the TW documentation tells you not to use it.
You can runzypper up
which is a standard updating method in Leap, but the TW documentation tells you not to do that. More than half the zypper options make no sense in TW.
That’s the stuff I mean by “derivative”. They built on a Leap base and modified it into a rolling release.
If it was truly designed as a new, independent rolling release distro, they’d have taken those things out, packaged a different version of zypper or at least a different manpage.I see what you mean now. I thought you meant as in upstream/downstream.
OpenSUSE Tumbleweed.
Up to date and stable. Best of both worlds.
For me, it’s Arch for desktop usage. When I first started using Arch it would not have been Arch, but now it’s Arch. The package manager has great ergonomics (not great discoverability, but great ergonomics), it’s always up to date, I can get a system from USB to sway in ~20 minutes (probably be faster if I used the installer), it’s fast because it doesn’t enable many things by default, and it’s honestly been the most reliable distro I’ve ever used. I used to use OpenSUSE ~10 years ago, and that broke more in one year than Arch has in ten.
I personally feel like Arch’s unreliable nature has been overstated. Arch will give you the rope to hang yourself if you ask for it, but if you just read the emails (or use a helper that displays breaking changes when updating like
paru
) and merge yourpacnew
s then you’ll likely have a rock solid system.Again, this is all just my opinion. It’s easy for me to overlook or forget all of the pain and suffering I likely went through when learning how to Arch. I won’t recommend it to you, but I’ll happily say how much I’ve come to enjoy using it.
For me I find endeavoros to be the goat. I realized that when I install arch and then the “essentials” for me - I basically recreated what endeavor does. Except endeavor does it with like three clicks on the installer. So now I just install endeavor. Gnome, nvidia drivers, pacdiff and meld, text editor, yay, you get the idea…. No bloat, no bs, quick install with exactly what I would do manually with arch.
I also know this take is controversial-but I like flatpaks as well. Sometimes you gotta mess with flatseal, and sometimes the AUR package is clearly superior. But they usually get the job done well.
It’s nearly impossible to break arch if you use the AUR as little as possible AND read the arch homepage for manual steps BEFORE doing an upgrade.
I’m a long time Arch user (10 years) and I love EndeavourOS + Pamac (from Manjaro) as a simple install that I can easily maintain on family members computers or on our Laptop if I’m feeling lazy.
+1. Arch is super easy to install, just open the install guide on the wiki and do what it says.
It’s also really stable nowadays, I can’t actually remember the last time something broke.
As a counterpoint, on ubuntu I constantly had weird issues where the system would change something apparently on its own. Like the key repeat resetting every so often (I mean multiple times an hour), weirdness with graphic drivers, and so on.
That said, I also appreciate debian for server usage. Getting security updates only can be desirable for something that should be little more than an appliance. Doing a dist upgrade scares the shit out of me though, while on arch that’s not even close to a concern.
Arch at home debian on the server is a great experience
I started using Linux almost exactly 1 year ago and this is the conclusion I’ve come to. Although I do play around with nix on the server every couple of months, I’ll figure it out someday.
I agree. Arch really won me over with how they do things. Sometimes less is more.
- Not splitting packages as much means that I can compile pretty much any program without thinking about dependencies most of the time.
- Arch doesn’t autostart programs just because I downloaded them.
- While I’m not necessarily attached to having the latest and greatest of every package. There are often times where I do want the latest and greatest of some package and it was out of date on point release distributions. (Before someone comments flatpak. The most important collection of software I want up to date is the Desktop Environemnt and my Desktop Environment of choice is KDE Plasma.)
- Lastly, the pkgbuild format is dead simple and I have actually managed to roll my own packages compared to some other distros.
NixOS. Declarative system management is just so unbelievably simple and reliable that I couldn’t ever see myself going back to a traditional Linux system.
I’m building a batteries included desktop OS based on NixOS. A bit like ZorinOS, ChromeOS or Mint but with NixOS as a base. It’s a bit ambitious and still in an early stage, but it’s been great fun for me using the Nix package manager as a solid tool to build stuff. Check it out at https://nixup.io/ or https://github.com/nixup-io/desk-os if you’re curious. Anyone with the nix package manager installed and flakes enabled can just execute
nix run github:nixup-up/desk-os
to spin up a VM with a demo.NixOS is too different and poorly documented for me to call it the true goldilocks distro, but man am I loving it
For me atomic distributions are the way to go.
You get a rock solid base system that get updated automatically, and every single user has the same image so you can’t get into a bug that’s only reproduced on your system because of your combination of system packages. If for any reason you have a problem with an image update, you can always boot on the previous image from grub.
Then user apps come on top of that, and can’t break the base system.
I know you tried Kinoite and got stuck, but there is always a way to unblock yourself and install what you want. If it’s not in flatpak there is homebrew (for CLI), and if it’s in neither there is distrobox. You can also do a rpm-ostree for native packages if all the others fail.
You can also check universal blue, Aurora in particular if you want KDE. It’s based on Fedora Silverblue but with an improved out-of-the-box experience.
I have yet to successfully install the Private Internet Access client on Bazzite. It does a lot of system modification at runtime, which doesn’t play nice with the immutable system.
There’s definitely limitations like that one, so I’d say there’s a solution for most, but not all cases. Hopefully, that will become a non-issue when
bootc
is fully ready.Private Internet Access
Can you simply get the OpenVPN or Wireguard details from in PIA, and then put them into Gnome/KDE’s built-in VPN app?
Like this: https://helpdesk.privateinternetaccess.com/kb/articles/where-can-i-find-your-ovpn-files
Will be something similar for Wireguard.
Yes and no. WireGuard configs are still not something they offer, despite customers asking for the last several years. They have often said they would do it, but they have yet to deliver on that promise.
OVPN configurations are an option, but the main benefit of the client is the ability to change tunnel configurations on the fly. If there’s something you want to change, such as connecting to a different endpoint, you have to go back to the website to configure that tunnel and generate the config.
So you basically get 40% of the service you pay for if you try to use PIA with an immutable distro like Bazzite (which is not the various distros’ faults).
I’m not sure how it works with PIA, but on Proton I can export multiple configs, let’s say 6 different ones with a combination of countries and other options.
Then I add them all into KDE and I can switch between them at will.
It’s a slight extra cost of time at the start, but after that it’s smooth and easy.
Their OVPN performance isn’t as good as WG, so it’s really just a backup solution in my mind.
But my main point is that there exist edge cases like that where “install it in a distrobox” isn’t a panacea. You either have to learn
podman
and how to forward your network traffic through the container or learn how to pack your own flatpak/appimage/RPM.
Private Internet Access is just a VPN?
I’ve had no issues installing the flatpak for ProtonVPN and using it.
Okay. There’s no flatpak for PIA’s client, so that doesn’t help me, and I don’t know how to create my own (not for lack of trying). Same deal with RPMs and Appimages.
Also, just FYI, the flatpak for ProtonVPN is unofficial, in case you weren’t aware. Make sure to double check the source files.
Just install wireguard and download a wireguard config file for PIA
Doesn’t exist. You’d think that after several years of customers asking, they’d have one.
Fedora. Silverblue if you want even more stability.
Fedora. Specifically I’ve been using Silverblue recently, very stable system for me.
Debian Stable + flatpaks. If I were to install it again, I would probably use spiral Linux.
I’ve moved to cachyOS, I’ve been getting into running local AI, and they offer an optional prebuilt SDK.
(with Debian I would have to install CUDA myself, which would cause issues on kernel updates)
love debian stable but ive veen wanting to try kicksecure
Honestly I’m in love with CachyOS (Arch derivative). Not only have they done a bunch of optimization work, but it’s quite stable (for Arch) and has a graphical way to do just about everything- including the install process
Eh, the way you phrased that I think it’s either fedora or opensuse. The up-to-date criteria basically knocks out everything with a fixed release cycle besides fedora which is pretty bleeding edge since they update certain things like kernel between releases.
Some criteria are non-sensical though imho. Ease of use? Speed? They are all the same, sure pacman works faster than zypper but it’s not like I’m waiting for either, they work in the background while I do stuff. As for ease of use … kde is kde, terminal is terminal. I think you would have to branch into the realm of the BSDs to get real differences there.
Debian is really solid, prefer it over any of its derivatives. You being unable to install something in kinoite is just lack of research on your part, ofc you’re going to have issues with a distro if you don’t know how to perform the most basic stuff. Stay far away from nix if kinoite gave you issues, with nix 90% of your pre-existing Linux knowledge will not only be useless but actively harmful.
Reading between the lines I think opensuse tumbleweed might work for you. Stable, powerful installer, very up to date and most of your pre-existing knowledge should transfer. Fedora is nice but you mentioned the magic word production, I don’t like fast cyclers in production, major version updates are a hassle at the best of times.
You being unable to install something in kinoite is just lack of research on your part,
OFC, That’s what I implied in my post. That I don’t want to tinker more than necessary. I’ve been doing Linux things since the 90s, installing from diskettes, spending hours and hours on the CLI, compiling shit on a 40Mhz 486… Right now I want something that mainly just works, mainly being the key word here. I don’t mind doing the odd tweak here and there, I just don’t want the tweaking to be a main feature.
Installing things on fedora atomic spins is hardly tinkering more than necessary. You either layer the package, install it in a distrobox, use something like homebrew that installs packages outside of /usr, use app images, nix package manager, docker/podman or a flatpak.
These things exist for a reason, because they complement many distros that would be otherwise lacking. They can add a new app to a stable Debian, a stable dev environment to a bleeding edge arch, an isolated environment to use a untrusted app. If you use Linux these days you should be aware of these distribution agnostic options, or you will have issues understanding what is even going on and limit yourself unnecessarily.
I really like the idea of Nix, but the fact that the learning curve is so high and the skillset isn’t really transferable keeps me away. Also, you can make your own declarative build using BlueBuild, the template provided by Universal Blue, Vanilla OS, etc., so its unique use case isn’t so unique anymore.
Popos for me. It’s my daily driver.
Fedora. Installer is a bit rubbish (being replaced soon) but it’s not difficult.
In terms of speed, stability, and being up-to-date it’s been exceptional IMO.
Maybe Fedora?
Personally, though, I’m a Debian guy - Testing on my desktop and stable with Flatpaks and a few backports on my laptop.
If you’re lazy (which I take to mean you like low maintenance) and haven’t tried a rolling release distro, you need to try Manjaro. It’s downstream of Arch (like Mint vs Debian) but with a lot of QoL improvements that take the edge off.
It’s"Goldilocks" for me because it’s rolling and has recent packages but also very low maintenance. I was sick of 3rd-party repo incompatibilies and update issues on Ubuntu.
It’s a curated take on Arch in that it sources packages from Arch but holds them back until they’re in a decent shape. Recent example was the Plasma 6 which they’ve held back a couple of months until most bugs had been cleared, but normally they release packages on a 2 week cycle.
It works out of the box, keeps working indefinitely (5 years going for me), and they have integrated system snapshots if you use BTRFS for root, just in case (automatically takes snapshots before every update, which you can restore from Grub). Never had to use a snapshot (did it only once to see if it works).
Limitations of Manjaro compared to Arch:
- Not as bleeding edge due to holding packages for a while.
- You have to stick to their way of doing stuff, like their tools for graphics drivers and kernel management.
- You have to stick to a LTS kernel or at least keep one installed as backup at all times.
- It won’t change your kernel major version for you, ever. Some people see this as a disadvantage, personally I greatly prefer it.
- You have to stick to their stable package repo. If you use their unstable/testing repos all bets are off (which is not going to be news to someone familiar with Debian).
- You get access to the AUR but the usual warnings apply since AUR is even wilder than Sid. Some people say they’ve ran into trouble installing some AUR packages on Manjaro due to missing dependencies. It’s never happened to me but I can see how it could happen due to the package delay.
- You can’t say “I use Arch btw”. Arch fans tend to hate Manjaro because they see its limitations and hand-holding as antithetical to Arch’s goals.
Regarding that last point, there’s a very vocal minority that will smear Manjaro any chance they get All I can say is, try it for yourself.
I can confirm it works as advertised, has very low maintenance and good performance.
I use it for gaming with Steam, Heroic, Lutris and a bunch of emulators, web browsing, some light development and home lab.
The Manjaro team have had well publicised mistakes in the past which I think the community were right to highlight. However to be fair to them it was like a decade ago they had the PGP one, and they seem to have become a more professional outfit since then.
All distributions make mistakes. It’s a complex job. Debian stable had a local root elevation exploit on for a while a couple of months ago and nobody batted an eye. People would have a field day if that happened to Manjaro.
It’s a double standard borne out of the resentment of a vocal minority and that sucks. The Linux community wastes so much energy on these pointless feuds. (And then they wonder why there’s never the year of the Linux desktop…) Linux and FOSS are not about treating user share as a zero sum game but unfortunately there are people who can only think in terms of “if you use another distro you’re dumb and I must ridicule you”.
It’s an especially narrow-minded take with distros like Manjaro, which is different enough from Arch that its users were never going to use Arch anyway.
Not being able to say “I run Arch BTW” is a dealbreaker.