Mastodawn

Artur Manuel Aug 10, 2025

I recently had to do some Docker related things which meant that it was time to retry Linux. My first idea was to install Debian SID and Void Linux - using dm-crypt and LVM on a spare laptop, and I wanted to tell the story of my time using each, as maybe you can get something out of it. Let'a get on with the story now.

# 1. Setting up Debian

I had no idea if the GUI installer for Debian was going to cause an issue, so I went for the next best thing: a KDE image and debootstrap. I was pretty confused by a lot of things, examples of which being setting rd.luks.uuid, locales, and I thought I install systemd in the initramfs as if it were Arch but I eventually gave up and used /etc/crypttab with it working. I had a Debian with full KDE setup in 2 days.

# 2. Setting up Void

I also set up Void while booted into Debian because I had prepared LVM for that when setting up Debian. I had to variate from the Void Linux disk encryption setup because using LUKS1 just felt weird. But I did borrow the crypttab setup from Debian which worked with a caveat: I had to decrypt twice. This was fixed by someone in the voidlinux libera channel thankfully. I had a nearly fully working Void with KDE setup at the end.

# 3. Issues with Void

With everything setup so that PipeWire could start with D-Bus, it did not start. I had another issue related to wireplumber and pipewire-pulse because I forgot to link their configs to `/etc/pipewire/pipewire.conf.d`. Other than that, no notable issues with Void.

# 4. Issues with Debian

I really like packaging things, and thought of adding a package I really wanted to Debian, but I really cannot wrap my head around packaging for Debian. I get it somewhat, use the `dh-*` set of tools to make a package for Meson, cargo, etc. but I'm still kind of stumped outside of that. I really like FreeBSD ports, NixOS packages and XBPS templates from Void as they are really simple to work with. I won't say that it's awful to work with Debian's packaging as I really have not had enough time to understand it.

# 5. Next stop, NixOS

I was previously a NixOS user, and I really need to revisit it as I used to really like it and haven't used it in a while. Additionally, I am also a maintainer for a few nixpkgs packages myself, so it would probably be a good idea for me to use NixOS to have the nicities of it while also contributing back to nixpkgs more. I like it for the same reasons as everyone else.

# 6. Why not FreeBSD

I love FreeBSD, and would like to put it on everything I own, but I had to use Docker. Installing Docker in FreeBSD looks really messy. I had no choice other than to set up Linux, on thankfully a spare laptop and not my main machine. I'll be honest, if I didn't need Docker, I would just use FreeBSD on that laptop.

# 7. The End

That's my chaptered semi-rant about my journey with 2 Linux Distributions, and any options I may also pick. Honestly, FreeBSD is not as complicated in my opinion due to documentation, tooling and ease of use of said tooling. Jails, bhyve and other nicities are also pretty cool. Thanks for reading.

#voidlinux #debian #linux #lvm #luks #freebsd #nixos

Show thread

Zeki Çatav 🤔 ☕ 🕯️🎶Aug 10, 2025

@amadaluzia Would you consider trying Podman instead of Docker on Freebsd?

Show thread

Jared Jennings Aug 11, 2025

@catavz @amadaluzia To tie a few of these threads together: there was a Docker port, years ago, and I think it didn't progress. #Podman is what runs #OCI containers on #FreeBSD, these days, and i think FreeBSD has been added to their CI jobs, a better integration with the dev process than was achieved with Docker. Jails are simpler and imo easier to patch; but you can't magically make someone instantly familiar with FreeBSD. You gotta do what you gotta do, and you don't gotta apologize :)

Show thread

Artur Manuel Aug 11, 2025

@jaredj @catavz Sad to see Docker couldn't achieve good support on FreeBSD. However, podman will likely be what I'm using for containers there. I kind of disagree with how pf.conf is written to directly, and might just write a code commit to the OpenBSD project to solve it, as I believe a pf.conf.d directory would be much cleaner.

I remember having to use jails for poudriere and I am quite the fan. Though, I have to agree that I can't adapt whoever I want to FreeBSD just like that. Podman containers will just have to be. Additionally, thanks for the reassuring comments. :)

Show thread

Jared Jennings

@amadaluzia @catavz pf.conf.d ... could be a good idea, but you'd have to have priority numbers. ipfw just has those on the rules themselves; this seems like a more complete working out of the idea. That way your software can insert rules in different places while still having all its rules in one file. (although i don't know if ipfw.conf.d exists, or whatnot.)

More generally, though, this is changing the firewall under programmatic control, and that's part of the intrusion of dev into ops that's implicit in modern usage of the word "container." Hmm, so you... turn on multilevel jails, start a jail with a VNET behind a bridge, and run #podman in the jail, whereunder it starts child jails. podman gets a pf.conf to mess with, and you get a pf.conf it can't touch. :) or... what if someone makes a #CNI that uses #netgraph instead? hmmm