upvote
This OS doesn't says it's maintenance-free! But it skips a whole load of maintenance you'd need to think about with a traditional base system, because 1) there's almost nothing there, and 2) the upgrade to that base is easy, you just reboot and restart your containers.

Obviously the software you run needs upgrades, but (again, but a layer down) it's based on Docker and probably someone else is maintaining it. So you pull that new container, restart and the OS is just making sure your data lands in the same place with the new container.

If you're happy with all your software running from Docker this seems like a step up from a Debian or Redhat, and it has a lot less bureaucracy than something like CoreOS.

Whether it's _usable_ I'm not sure (especially around storage management) but it's a really clear pitch.

reply
I've been telling people this for years. Yes, you can self host, but you'll end up with a SLA on your spare time as well as you working hours.

I've long since thrown everything with a user count > 1 out.

reply
[dead]
reply
> Nothing is bug free, and telling people they will never need to upgrade/patch/maintain a system is a well-paved path to compromised systems.

Of course nothing is. But there's a reason projects like "Talos" do exist: no terminal, no SSH, no package manager (how do we like package managers like NPM lately btw?), read-only filesystem, definitely no systemd, etc.

And then a minimal number of executables.

This does, definitely, reduce the attack surface.

I'm not speaking about this Show HN's project but there are such things as systems both more secure and requiring less maintenance than others.

Throwing in the towel and saying: "nothing can ever be 100% secure so we'll always need to patch so we may as well YOLO by accepting npm packages modified 3 minutes ago" is not the way to go forward either.

reply
IncusOS is another - read-only root FS, interactions with the system exclusively through the Incus API, no package manager, blue-green OS updates (à la Steam Deck / Home Assistant OS).

Talos on IncusOS is likely a very interesting stack that I intend to play with hopefully in the near future.

https://linuxcontainers.org/incus-os/docs/main/

reply
> blue-green OS updates

First time I heard someone call it blue-green OS updates instead of A/B OS updates.

reply
Heh fair enough!

Same concept, I guess. I'm a platform engineer / SRE, and blue/green is a more common way of describing that way of deploying applications so I didn't even consider it could have a different name on the OS layer.

reply
How would you say it compares to nixOS?
reply
They are vastly different. Incus is aimed at providing a minimal, immutable Os for the hosting of VMs & containers. nixOS provides a full linux OS that is reproducible and declarative.
reply
This exactly. Incus OS is competing on a similar area to Proxmox VE.
reply