I know might never happen, but interesting about possible or maybe things. I have long time immutable user and I love those btrfs, self healing etc, but the thing that I don’t like is how far flatpaks have now to be actually working ones on immutable systems.
Main issue is in flatpaks is the system integration way too strict and can’t fully use there true power and it makes me angry and made me use only containers and RPM packages and that is actually really really working.
The idea came today when I was testing some setups can I get nordVPN and 1password working without messing base image and no it can’t nordVPN I got installed, but then there came permission issues with systemd and base 1password again almost works, but then need to tweak xdg-portals to open container apps rights to host… It made messy pretty fast
What if there is CachyOS immutable that doesn’t offer flatpaks? Immutable that uses there own optimizing repos and containers only approach? Distrobox example hardening, selinux, systemd
This approach could actually work since there is no flatpaks in middle and no layering or tweaking base…
Imo AppImage is the best way of handling applications on an immutable system. System integration is much easier vs flatpak and applications can use the existing xdg spec for user data. Yes it arguably adds bloat by having each app package its own dependencies, but arguably this is a benefit, as developers know exactly what goes in to each build, without having to worry about differences between distros and multiple versions etc. Besides, hard drive space and bandwidth is cheap enough that I don’t think many people would really care that some random application is 50MB instead of 10.
I totally agree about appimages, but most of the immutable distros I have used/tested/using don’t support appimages and some are never will so Flatpaks and distrobox it is and with appimages the integration would be so much easier and better
There is currently not much interest from our side, yet.
Also, we dont would like to go the manjaro way by copying another project and then using it. I dont know, if there was between these linux projects consence tho.
We want to generally make the CachyOS Expierence for polished, as well as working on another architecture, in the future.
I have used Silverblue and Bluefin on my other laptop for a while now.
Flatpaks work pretty well on these immutable distros but they are still in need of the full working portal system to make them integrate better. But most of the “normal” apps work fine as a Flatpak.
The problematic ones are indeed VPN clients which either need to be layered on the base image (and some of them still won’t work) or run them through container.
There are of course other options available like homebrew but that is mostly CLI apps. AppImages do work on “immutable” distros.
Or you can run everything through containers/distroboxes. I usually have just one Arch distrobox created where i run some of the apps that are not available as a Flatpak (or appimage). With distrobox they are super easy to export to the host OS, atleast for the GUI apps.
But I don’t really know what extra could this bring for CachyOS. I haven’t really looked at the “manjaro project” but it sounds even messier than normal.
Yeah VPN is needed mostly layer or straight base install same as Nvidia drivers, but when it comes apps that manages passwords, cli, ssh, secrets, browser auto fill and so much more the flatpak way just won’t work anymore since those needs to talk together and distrobox way is almost managed one now days if you run all in one container, but if you have multiple containers and need those you need to export binaries to host that other containers can see those and this starting to be nightmare… I had as in fedora silverblue year and it was good just liking the openSUSE AEON way much better day and night compared to silverblue on my thoughts…
Future is fine for CachyOS immutable systems since it is the future even in corporate side. Immutable Alp systems are coming next year on enterprise Linux and making things polished is good thing
Cant you just run distrobox an set it up with the catchy repos an do nothing on the main system unless you have to? Then your system is portable if you install the box to its own folder. “so it doesn’t litter all over”
could even set it to clone itself so you have a backup
The problem of distrobox, is that your main system still originally uses the libaries installed by the system. It wont benefit much from any optimization.
Thats vary true, I guess I only see it as a way to have a system an have one more layer to keep you from corrupting the main install. if you install something weird.
I’ve been testing it in a non arch system using arch since i like that haha. Main system is still arch though.
Immutable distros aren’t exactly all they are cracked up to be. Trust me, as someone who uses a chromebook + laptop, if something goes wrong with an update, it can be an absolute bastard to fix. A bad update is supposed to be contained to one half of a boot partition but it can slowly creep its way into the one that is not messed up. It has a lot of growing pains to go through before immutable distro’s are more common or popular.
Immutable distro’s aren’t immune to corruption problems. It is meant to behave like a band-aid solution in the event that something is broken by updates. I have a chromebook and it can be rather frustrating when you keep getting bounced between a broken kernel and a non broken kernel. Things can end up leaking into one another depending on the severity. If you get two broken updates in a row, good luck fixing it.
thatswhy there is transactional-updates etc with snapshots and if something is F up just revert or is installer isint succesfull on update it reverts back automatically and yes there can be still messed up stuff but then comes backups especially all home backups so it can be easily recover from recovery part and just roll all back from backups.
there has been lots of improvments on “immutable” now days they call it atomic since you can manipulate still the base so it isint fully read only and development takes time and how that has grown is really good