I’ve looked at a lot of other immutable distros and I might just end up using one of those, but I feel like taking on a bit of a challenge and there’s a few things I’m not very keen on with existing solutions (last paragraph is my idea if you want to skip the context).

Most immutable systems I’ve seen require a reboot in order to apply system changes. What is this, Windows? Yeah, reboots are quick but restoring my windows and getting back into my groove is not quick. Also, every immutable OS I’ve seen wants you to opt-in to a rollback. Rarely do I see the full effects of installing a package or altering a config immediately. By the time I notice an issue maybe it’s too late to rollback to before the change or maybe I’ve done a few other things since and I don’t want to rollback everything. I would much prefer to make “rolling forward” or persisting changes to be a very conscious process.

I started messing with BTRFS and I think I’ve come up with a process that will get me what I want, no matter the distro. Please poke holes in my idea. So I think I can use BTRFS to hold data for the rootfs in three different subvolumes (at minimum): root-A, root-B, root-Z. root-Z is my golden image and it represents what I want root to look like after reboot. root-A and root-B are the active and passive instances of rootfs, but which one is active will flip-flop after every reboot. So if I boot with A, B gets replaced with the contents of Z. In the meantime I can do whatever I want with A. Not sure how I’ll update Z (chroot or “promote” the active subvol to be Z) but without an update every reboot is an automatic rollback.

Thoughts?

  • winterayars@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    ·
    5 months ago

    Basically what it’s doing is booting to an alternate OS configuration to do the install. It’s way easier to just reboot again rather than tear down the installer environment and go into a normal one. That’s basically a reboot in all but name. It’s annoying to have to enter your encryption passphrase twice, though.

    I feel like a lot of Linux behaviors tell me most Linux people don’t encrypt their data, which tbh should not only be the default but should be difficult to opt out of. Apple actually does this one right. Encryption is just the way it works.