Matrix (Synapse with Element) can be self-hosted for free, though they have optional paid plans for enterprises. The main goal of Matrix is federation (connecting with other servers), though this can be turned off completely. This is probably the most “business” look/feel you can get fully FOSS, if that’s what you’re looking for.

XMPP has more clients/servers, and is more for the technically oriented end user. I can’t really give recommendations here, as I haven’t extensively used XMPP.

Spacebar (formerly Fosscord) is a Discord clone (API compatibility as a goal) that can be selfhosted.

I use whatsapp for communicating with a few groups of people who are refusing to switch over. I’m not getting them to move, they’re a mix of tech illiterate, ignorant, or just unwilling. These groups have important annoucements in them, that I’m unable to receive any other way. Sometimes there’s just no way around services like these.

I do my best to protect myself (no proprietary facebook code ever runs on my main device), and keep personal information I provide to a minimum (as I don’t trust Facebook’s E2EE claims). There’s not much more I can do besides not receiving important announcements.

CachyOS has a structure that’s much closer to Arch than Manjaro, but they still replace the majority of Arch repos with their own. I’ve seen both their repos and the optimizations they apply being the root cause of issues on some friends installs.

Use whatever you’re comfortable with, and what you know works.

On that note, Manjaro and CachyOS don’t work. You should avoid them. They both make changes that harm reliability, and both frequently make avoidable mistakes (especially Manjaro). If you need something like those two, EndeavourOS is a better option, or just base Arch Linux.

Arch Linux itself is a good distro, but made for a specific target audience. If you want to tinker with your system and learn along the way, it may be a good option for you. If you want to “set and forget” your media center PC, a stable-release distro like Debian or Rocky might be better options for you.

This website has some good resources for Linux VR and links some support channels: https://lvra.gitlab.io/

A device driver needs access to the system to control a device. There’s a couple ways of going about it, but GPUs are effectively required to use a kernel driver. A kernel driver runs as part of your system, and crashes have different effects from normal programs. If a normal program crashes, the system handles that, the program closes, too bad. If the kernel crashes, nothing can catch that, and your whole computer crashes.

That being said, with this little info on the crash there’s nothing anyone can do except speculate on the cause. It could be hardware, it could be the kernel. Whatever it is, you’d need more information (journalctl -b -1 after a crash and reboot) to diagnose this issue.

Though important to note; if holding the power button for an extended period of time (30s) doesn’t shut down the computer, it is most likely a hardware fault.

It depends heavily on headset. From what I hear, standalones with WiVRN or Steam Link work fine ootb, not much different than desktop gaming with Proton. I have a Valve Index, a PCVR headset. Getting it to run (properly) is a pain. Monado is making it easier, but it’s not 1 to 1 the same experience as on Windows.

Been using it for a couple years, my main ones currently are:

• VR. SteamVR is a broken mess, Monado is pretty much functional, but I haven’t switched yet. Mesa or the kernel sometimes forget about VR and break it in an update.
• QT5 to QT6 transition for my favorite Matrix client, Nheko. Scrolling is a pain, and the clipboard randomly stops working.
• Wayland freedom and featureset is nowhere close to X11. I can’t choose a window manager without locking myself in to a specific featureset on my display server. Stuff like global hotkeys isn’t supported in most applications. I’m still on the godawful GNOME desktop portals, which is most annoying for file picking. I have no HDR support because my window manager isn’t from KDE or GNOME.
• GTK4 apps looking like shit (there are patches luckily), I try to avoid them just because of libadwaita and GNOME’s awful design.

On the note of Wayland, I have switched, and for good reason. Besides unimplemented features, things “just work” a lot better than X11. Still wish I could have effectively bspwm window management with kwin featureset though. (Plugins for tiling are not the same experience)

I’ve seen many default docker-compose configurations provided by server software that expose the ports of stuff like databases by default (which exposes it on all host interfaces). Even outside docker, a lot of software, has a default configuration of “listen on all interfaces”.

I’m also not saying “evil haxxors will take you over”. It’s not the end of the world to have a service requiring authentication exposed to the internet, but it’s much better to only expose what should be public.

UFW works well, and is easy to configure. UFW is a great option if you don’t need the flexibility (and insane complexity) that manually managing iptables rules offers,

The job of a reverse proxy like nginx is exactly this. Take traffic coming from one source (usually port 443 HTTPS) and forward it somewhere else based on things like the (sub)domain. A HTTPS reverse proxy often also forwards the traffic as HTTP on the local machine, so the software running the service doesn’t have to worry about ssl.

Be sure to get yourself a firewall on that machine. VPSes are usually directly connected to the internet without NAT in between. If you don’t have a firewall, all internal services will be accessible, stuff like databases or the internal ports of the services you host.

Most likely yes, and if it works, this is one of the easier options (without needing to develop anything or change workflow). However, not all devices work properly with this. iPhones on iTunes are particularly difficult, as (iirc) they sometimes change device ID immediately after connecting/initializing. If you pass through a specific “USB Host Device”, an iPhone connected to a Windows VM with iTunes may not work.

If you pass through an entire USB controller, like an extra PCIe card or one from your motherboard (if it has multiple), this method should work on any USB device with any Windows tools/drivers.

If a Linux native method exists (which it does according to other comments), that is usually easier to set up than a VM with USB passthrough, but it might change the workflow.

You need a couple things:

• The kernel driver (dkms)
• Userspace component
• Kernel headers (for dkms)

First get your kernel headers, this is easy enough, but varies based on which kernel you have installed. The format of the package name is {kernel}-headers. If you have the linux kernel, get linux-headers. If you have linux-lts, get linux-lts-headers. If you’re not sure on this, the command pacman -Q | grep linux searches for installed packages containing linux in the name. If you have multiple kernels installed, get the headers for all of them.

Then install (from AUR) at least nvidia-580xx-dkms (display out) and nvidia-580xx-utils (Acceleration, like 3D and video decoding). If you have Steam or play Windows games under Wine, be sure to get lib32-nvidia-580xx-utils too.

Also of note is the order in which you install things. Having the kernel headers installed is important for the DKMS modules to install succesfully. If you already have nvidia-580xx-dkms but were missing your kernel headers, you should reinstall it after installing your kernel headers.

It’s an old blog post, but this doesn’t look very good for System76. At the same time, GNOME (and GTK) is refusing to implement basic features. Stuff like server side window decorations, because they can’t “tolerate” SSD. The hard enforcing of Adwaita theming might make sense in GNOME, but on devices not 100% in the GNOME ecosystem, libadwaita apps have awful UX. I do not want shit like Zenity to take up 50% of my screen space for 3 words and 2 buttons, yet libadwaita enforces it.

As long as you use an AUR helper to update your system (replace pacman -Syu with yay -Syu), and keep the kernel EOLs in your calendar, it shouldn’t be constant babysitting. Updating a (non -bin) kernel from the AUR requires compiling the kernel, which makes updates take way longer, but doesn’t require extra manual maintenance.

You can find when a kernel is EOL on kernel.org. When your chosen LTS goes out of support, you should update (for security reasons). You’ll have to hope the 580 nvidia drivers still support the newer kernel version you move to.

This path allows you to run your setup for as long as possible on Arch, when you run into issues with nvidia support, so does every other distro.

Unless Arch’s lts kernel switches to a newer lts (in a year or two?), you can run nvidia 580 dkms modules and the lts kernel with basically no maintenance.

After that, you can consider something like linux-lts66 from AUR, or switch to another distro if desired. The first option requires compiling the kernel (no maintenance, just processor time), and will keep your system security patched until the last LTS kernel supported by nvidia 580 modules stops being supported.

Whatever kernel you choose, ensure you have the -headers, like linux-lts-headers. That way, the nvidia-580xx-dkms package can install properly.

If you haven’t yet, look into an AUR helper like yay or paru. These significantly improve quality of life when using AUR packages.

There’s always the option of gathering device info first, then using the appropriate driver. Either the SSD is in a “known supported models” list, or it reports support for whatever feature the new driver needs.

It’s technically possible that straight up trying an unsupported driver can cause physical damage, but this can be avoided by carefully selecting the driver. From MS pov, they’d have to extensively test this driver on a bunch of SSDs and configurations, but it would lead to a performance improvement.

And obviously, there’s been no possible way to try loading the modern driver and if that fails, falling back to the legacy one.

This is once again Microsoft refusing to improve performance, because that doesn’t directly increase profits.

There is a way, but no point in doing so. As such no OSes offer such an option out of the box. For file encryption to be of any use, you need there to be some kind of authentication before being able to access those files (like a password).

The easiest method would be to encrypt the entire drive, as modern Linux and Windows both support using the TPM for automatic unlocking. With that, set up standard user autologin and you’ve made the drive encryption useless.