Not sure if it is applicable, but wouldn’t it be an option to use the Fedora Workstation Live CD, mount your swap partition into the live system and send it to sleep via SystemD?

This should give you feedback with a fairly recent kernel and Gnome has (at least for me) been the desktop option with the least amount of bugs I encountered.

Before asking for another distro, you should figure out, what is the root cause of the trouble you observe. Usually sleep/wake up under Linux are highly hardware dependent. Even the SteamDeck, which has payed first level hardware support by Valve, has sometimes trouble waking up properly after sleep, at least in desktop mode. Good luck!

Thanks, but could you clarify which extension to move for Gnome? native window placement is AFAIK just for the overview.

Which extensions do I need?

Ah, sorry to read - I like the idea of Bcachefs and would have been happy to have it ready for production eventually.

OTOH it seems the recent years I read more about the drama about Bcachefs commits to the kernel, than about any technical parts of Bcachefs.

Welcome to Linux.

Concerning your questions:

How to keep your system clean?

• Subscribe to the security mailing list/blog etc. of your Linux distribution and for software that you use
• Update your system whenever there are updates available and reboot your system after applying the updates
• Activate the firewall of your system and block all incoming traffic which was not initiated by your own system
• Only install software which is distributed with your operating system or which is well known and you download from the official distribution page (for the sake of an example: If you use Google Chrome download the package/binary for your Linux from Googles Chrome page)
• Use an adblocker for your browser like ublock origin

What not to do:

• Never install software found on the internet or a forum
• Never run arbitrary script from the internet in your shell

Doing the above and applying some common sense should be fairly secure. As a rule of thump: Less software is always better and well known software will usually be better scrutinized and more secure. (YMMV)

As a normal desktop user your chances of getting your system infected when applying above rules are very low and they are your best line of defense.

Securing a Linux system, especially in depth, fills books, and detecting an infection is another topic for specialists. One way to improve your chances of having a non infected system is using an immutable Linux distribution like Fedora Silverblue, which should in theory be more resistant to infections and which should in theory allow to detect infections easily.

Unless you have a reason to expect being personally targeted (in which case: good luck to you ;-)), the answer to infections and similar is having regular full backups of all your data, so in case of an infection you can wipe your computer and recover everything. You should have regular full backups anyway, in case your SSD fails, your computer gets stolen and similar threats to your data.

Fair point, I stand corrected: I didn’t know about their prior practices.

Still, I keep that Stellar Blade itself was one of the best recent game releases I experienced, and the game itself is fun!

Well, the fan service is a factor for sure… (Seriously, I find the discussion quite hypocritical: Sex sells, most actors/singers are quite good looking and most block buster movies have a cast of sexy/good locking people displaying status symbols. That is not even mentioning product placing and other shit going on in popular movies/TV shows.)

• A PS 5 original which is optimized well enough to run on the Steam Deck and some potatoes smoothly
• Responsive controls
• Great enemy design which telegraph their intentions clearly
• No in game purchases or other dark monetization schemes
• A complete game which seems mostly bug free (from what I heard so far)
• Shift Up Corporation seems like a company of gamer which create the games they want to play themselves

Stellar Blade and Shift Up Corporation fully deserve a great start, and I happily payed the full price of admission w/o feeling bad about it.

Sorry, but this post is really, really bad.

State clearly which distro and which versions of Gnome and dash-to-dock and perhaps what other extensions you are running, and there might be a chance someone is able to help you. (Also state clearly the source of your Gnome extensions).

Most of the hints/solutions in answer to this post are also not good. If dash-to-dock triggered the malfunction of the gnome-shell on your system, just login to a terminal and use dconf or gsettings to set org.gnome.shell enabled-extensions to an empty array or to an array w/o dash-to-dock.

I am happily running dash-dock@micxgx.gmail.com on multiple physical and virtual machines w/o any trouble, using the dash-to-dock provided by my package manager on different CPU architectures YMMV.

Using Debian for probably a decade now (before that, various Linux distributions).

IMHO only community driven distributions with great (in size as in quality) communities are worth investing time/energy and learning.

One reason to ditch Debian would be that the software I need to run would not run anymore on it or that there would be a too strong commercial influence on the project. Another reason is for play/entertainment where better options exist (SteamOS) or if I need up to date hardware support (Fedora).

After more than two decades with Linux, I will not play around with non mainstream distributions anymore. Have seen too many come and go, and in the end I would rather do something interesting with my computer than playing around with the Linux distribution of the week.

I care how much taxes I pay for several reasons (Germany):

• Rich people are taxed less than working people
• Given that we have one of the highest tax rates in the world, a big part of my taxes go into corruption, incompetence or the pensions of civil servants (pensions for civil servants are way higher than for normal people, especially for some pencil pushing)
• It gets even more fun, when I think about how many big companies are getting subsidized by my taxes with billions (speaking about companies which are making billions for their stake holders)
• In our system, costs for health care system and workers pensions are also mandatory deducted from my income (they don’t call it tax)… Given, what an average worker pays, we get not enough out of it, neither from health care nor when thinking about the pensions
• A final tax, which is not called tax, is for public TV/state propaganda. There were more scandals about that money recently than anything else: The higher ups in that system earn more money than the president of Germany (no kidding), people get special pensions for the rest of their life which are obscenely high (after working like a few months, again, no kidding)

Don’t get me wrong: I would happily pay taxes if the biggest parts would go towards services, infrastructure, public transport, health care, people in need and smart/strategic investments of the economy.

As it is right now, my taxes are siphoned into the pockets of the so called elite instead , so I care.

If you don’t care about paying taxes, you are either mostly happy about were the money goes or have too much money to care.

Thanks a lot!

Yeah, if I go down that road, I’ll probably just add a git commit hook on the repo for the Raspberry Pi, so that I’ll have a ‘push to deploy’ workflow!

You are asking exactly the right questions!

I have an Ansible playbook to provision the Pi (or any other Debian/Ubuntu machine) with everything need to run a web application, as long as the web application is a binary or uses one of the interpreters of the machine. (Well, I have also playbooks to compile Python/Ruby from source or get an Adoptium JDK repository etc.)

Right now I am flirting with the idea of using Elixir for my next web application, and it just seems unsustainable for me to now add Erlang/OTP and Elixir to my list of playbooks to compile from source.

The Debian repositories have quite old versions of Erlang/OTP/Elixir and I doubt there are enough users to keep security fixes/patches up to date.

Combined with the list of technologies I already use, it seems to reduce complexity if I use Docker containers as deployment units and should be future proof for at least the next decade.

Writing about it, another solution might simply be to have something like Distrobox on the PI and use something like the latest Alpine.

Thanks for the idea! I try to keep as little ‘moving’ parts as possible, so hosting gitlab is something I would want to avoid if possible. The Raspberry Pi is supposed to be sole hardware for the whole deployment of the project.

Wow, thanks a lot! Your answer is exactly what I hoped for when posting on Lemmy: I didn’t even know the docker-tarball thingy is a thing, it fits my problem space very nice in combination with cross building and it seems as easy as it can be. Excellent! :-)

Thanks, didn’t know about buildx, but it looks exactly like what I need to solve cross compilation.

AFAIK Podman only supports quadlets from version 4.4 and later, I am on version 4.3… so, technically you are right and it would work (for me end of the year or next year, when Raspbian gets an update to Trixie), I am mostly interested how people achieved this and automated this and if there are different/better approaches than the ones outlined by me above.

My development machine is an AMD64 and the Pi is an Aarch64… I have no clue how complicated cross-building images for a different architecture is?!? (I am thinking about using something like Erlang/Elixir, so I honestly don’t know at all.)

I am not totally opposed to use a registry (free or payed), but, correct me if I am wrong: If I just build the image on the Pi, it is already exactly at the one spot where I need it, so what problem is solved for me by using a registry?

Edit: Someone above mentioned docker buildx, so seems cross compilation is solved.

Thanks for the link!

Exactly, this is what I am doing right now (just for binaries, not execute Docker or Podman).