Honestly Fedora is not all nice and sunshine… I would suggest Opensuse Tumbleweed over Fedora anytime nowadays.

What did you end up with then? Just curious. Every Linux distros or even any system at this point suffers that problem.

Why is tumbleweed to much of a Hassel to keep updated? You can update it once a decade and still be up and running.

I love my Tumbleweed install. It is rolling and new while also being rock solid. But I do have the itch to try new stuff which j do sometimes

Instead of a VPN just route everything true tor. And block anything that tries to get around it.

Well yes but if you are migrating almost anything to Linux. this might be worth while over expensive windows infrastructure.

That is with any piece of software. their will always be some vulnerabilities that are very bad. so by your definition using any piece of software is a concern.

For such a setup I think it Is a good idea to look in to freeipa/idm. Would make management a load more easy. centralized account control and being able to sit at any PC and login with your own credentials is one of the many benefits.

A load of those so called vulnerabilities are way overblown and in most cases require you to be logged in anyway.

I mean blow out of proportion nowadays yes. But this wasn’t the case just a few years ago. We have come such a long way to make it almost a simple click install. But dont forget where we came from.

So their is some truth to it although its mostly outdated now.

I do use the proprietary drivers with a GTX 1080TI. Just the default kernel though so that might change it a bit in your case then.

Mmm interesting. I have not hat any issues with rolling back and snapshots. Even though I do use nvidia. Configuring flathub shouldn’t be too difficult I think. But I don’t use a DE eather

Can I ask which rolling distro that was. I presume arch?

For me Tumbleweed is rock solid even though it is rolling. But if you don’t like subtle changes it might not be fore you.

Most likely Tumbleweed. As it is the most modern of them. Because it is rolling.

Or a openwrt to make it L3

Can you elaborate why you think you need much more PCIe network cards? Technically you can do with 1 single LAN port with all your VLANs.

You configure the VLANs on the router then make a single trunk port to a switch. then have that switch divide the VLANs on the ports you desire. this can be a L2 switch.

What is holding you back in regards to VLANs?

Configure the firewall with a IP whitelist to only allow connections to ssh be made from your home IP.

Other then that, disable password logon for ssh and setup up key based authentication.

I don’t really agree with you here. If you take the time to set things up properly. And prepare for IF something would happen. Your fine. Been running a exposed jellyfin server for years now. Never hat a security issue. And even if I would, not much harm could be done anyway due to how it is setup.