{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreicjfwkkwirzgixodfoavzmkvmyvnl2zsmwjzuw5bg5inzouiwrmvu",
"uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mpnxakktjfn2"
},
"path": "/t/what-is-your-base-system-in-your-home-server/38649#post_21",
"publishedAt": "2026-07-02T08:22:42.000Z",
"site": "https://discuss.privacyguides.net",
"textContent": "Link:\n\n> MicroOS with Podman seems amazing! You can enable automatic updates for both the server and pods/containers\n\nSomething you can do easily on any OS. Auto-updates are easy. What’s more work is implementing secure automatic decryption of user data during boot with attestation or something like clevis/tang.\n\nLink:\n\n> Podman containers are rootless so way less attack surface\n\nCan also be done on any OS. Also I would rather use gvisor for untrusted containers, which is more painless to use with other solutions like Docker.\n\nLink:\n\n> it even rolls itself back if an update makes it not boot\n\nNice goody, but not as important as it sounds. I haven’t had an unbootable Linux system in years, despite doing automatic updates.\n\nI really don’t see what microos has to offer.\n\nIf I was using an immutable OS, I would rather use one with strong integrity guarantees via UKI plus verity protection for everything important, including security ciritical config files.",
"title": "What is your base system in your home server?"
}