Depends on the admin.

Arch servers are just fine. Just be sure to pay attention to Arch News to watch for manual interventions on certain updates. If anything, the older Debian packages can cause headaches occasionally. I personally use both distros as servers for different use cases.

1.) Check the jellyfin logs and see what kind of errors youre getting when adding media folders.

2.) check your firewall rules on the jellyfin server, as well as your local router/switch and make sure you’re allowing access to the jellyfin port

Firmware update utilities, host OS file system encryption packages, HBA management tools, temperature monitoring, and then a lot of the packages had bugs that were resolved with newer versions, but proxmox only provided old versions.

I thought about running something like proxmox, but everything is too pooled, too specialized, or proxmox doesn’t provide the packages I want to use.

Just went with arch as the host OS and firejail or lxc any processes i want contained.

PinePhones are fairly cheap linux phone devices

Surprised Google Meet isn’t on there

Its more about the hardware than software.

• Able to have enough processing power to utilize the max speed that my ISP provides, while having IDS/IPS and other services enabled.
• Port segregation so that each port can be on its own network with a full speed backplane.
• PoE capabilities
• SPF ports to utilize both fiber and copper connections
• Multiple networks across many wireless access points

I freakin love OpenWRT. I used it for a solid 5-6 years on some consumer grade routers and learned a lot about managing networks.

Ive since moved to more powerful enterprise network gear because OpenWRT opened that door for me and taught me what is possible. I might not ever go back to it, but I will always recommend OpenWRT to people who want to rice out their routers and get the most out of it.

Obviously AMD and Intel don’t include HDMI on their cards.

/s

Check out SyncThing, which can sync a folder of your choice across all 3 devices

[edit] oops, just saw you don’t plan on using it

In that case, if you use KDE, you can use Dolphin to set up network drives to your local network machines through SSH

Huge

Turning off secure boot wont turn off your TPM, it just turns off all the signature verifications. Your TPM still stores the decryption keys and you can still decrypt your data.

Now if you do a UEFI/BIOS update without disabling your encryption while using a TPM, and dont have password decryption as a backup, yes, you could potentially lose access to your data.

I wish all the firmware for every motherboard was made public and open sourced. Even if a company has proprietary firmware/drivers, I would hope that once that product reaches end of life that they do in fact open source that code so that someone else can pick up where they left off.

I 100% agree that they should not brick their hardware once it reaches end of life. There might be someone out there who would take on the task of maintaining it, which is better than nobody maintaining it.

Sounds like the devs have spoken then.

Its funny because the release notes for their December '21 BIOS update says:

Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest.

And many of their release notes say that they fix security issues. I would say that supercedes the footnote at the bottom that says to update your BIOS only if you’re having issues.

Plus, doesn’t Gigabyte have A/B BIOS updates? So if you have a failed flash, you can switch to the previous BIOS that was working?

No.

You want it, build it yourself. Or pay devs to do it.

Some vendors still have a red flag on their support page discouraging uefi updates unless you’re actively experiencing problems.

I dont know which vendor you are referring to, but that is a horrible practice. There should be active support and release notes stating that “This release is a security fix” at a bare minimum. If your motherboard manufacturer does not offer that, then I could never recommend them to someone. They need to be held to a higher standard.

At least from my experience, ASUS, Dell, and Apple will publish that information.

Even if the code is there, you will need someone to maintain that code. Easier or not, even in a git repository, those individual components will eventually not have the support necessary to patch it.

If an eight year old usb controller has flaws, and the manufacturer is not maintaining that git repository anymore because they cannot possibly afford to hire someone to look at that code after so long, then it is going to keep those flaws. It wont matter if that code is proprietary or open source and included in coreboot. Its just simply not feasible to support hardware properly once most of the world has moved on to other products.

Generally, motherboard manufacturers source their components from other companies. They do not manufacture the entire board themselves. This includes CPUs, Wifi cards, USB controllers, bluetooth, audio, display controllers, etc. Each and every one of them create new products, maintain their own firmware for all those new products, and push updates to the motherboard manufacturers when there are updates.

Coreboot/libreboot do not update those components themselves. They also must be provided that source code.

Just for coreboot alone, the last release had more than 120 contributors push over 900 commits. One person is not able to maintain that piece of software, as it is an enormous task.

AMD are generally quick with providing microcode updates. Once they have them, they provide them to your motherboard manufacturer to include in a firmware update. This is the part that usually takes a while, if done at all.