There is a subtle, almost sadistic pleasure in what I’m doing right now: I open boxes of brand-new ThinkCentre PCs, unpack them, hook them up to a monitor, keyboard, and network cable.
-
@stefano Nice! I do the same, but instead of a "gold image", I'm using the stock installer with a pre-seed config file, and then a script to configure / update etc., so that it ends up full up to date.
@neil this is a good approach. In this case, these PCs will be used in a youth center, so access to them is managed by a remote FreeBSD server (connected via VPN) that handles logins, access time, and so on. The server sends commands (via SSH) to a MikroTik router/firewall/access point to open or close NAT rules, firewall rules, and similar as needed.
Users log in and, after authentication, an X session (with the MATE desktop) is launched via Docker, which they can use freely for the assigned time. At the end of the session, the container is destroyed and recreated.
This setup was originally based on virtual machines, but since 2019 it has been managed this way. I am now working on a new setup based on FreeBSD, using jails instead of containers. It works quite well, I just need to fine-tune a few things, but given the urgency here, I used the already prepared and well-tested setup on Debian 13.
I am preparing 8 PCs, and I have around a hundred deployed overall. From time to time I update the “desktop” Docker container and, via a private registry, the machines download the updated image on the next boot, making it available to users.
It has proven to be very reliable, requiring very little intervention over the years, aside from occasional hardware failures.
-
@passthejoe I've configured one of them, then via sftp copied it into my internal server.
-
@stefano always enjoy nuking a fresh Windows install!
@RootMoose it's such a joy!
-
@neil this is a good approach. In this case, these PCs will be used in a youth center, so access to them is managed by a remote FreeBSD server (connected via VPN) that handles logins, access time, and so on. The server sends commands (via SSH) to a MikroTik router/firewall/access point to open or close NAT rules, firewall rules, and similar as needed.
Users log in and, after authentication, an X session (with the MATE desktop) is launched via Docker, which they can use freely for the assigned time. At the end of the session, the container is destroyed and recreated.
This setup was originally based on virtual machines, but since 2019 it has been managed this way. I am now working on a new setup based on FreeBSD, using jails instead of containers. It works quite well, I just need to fine-tune a few things, but given the urgency here, I used the already prepared and well-tested setup on Debian 13.
I am preparing 8 PCs, and I have around a hundred deployed overall. From time to time I update the “desktop” Docker container and, via a private registry, the machines download the updated image on the next boot, making it available to users.
It has proven to be very reliable, requiring very little intervention over the years, aside from occasional hardware failures.
@stefano Impressive!
-
There is a subtle, almost sadistic pleasure in what I’m doing right now: I open boxes of brand-new ThinkCentre PCs, unpack them, hook them up to a monitor, keyboard, and network cable. I boot from USB and replace the preinstalled Windows 11 (never even started) with my Debian 13 golden image, using Clonezilla.
As of today, the setup is based on Debian 13, but I’m already working on a variant based on FreeBSD and jails.
@stefano How many boxes are you talking about here? What are they going to be used for?
I just bought a used PC and put Proxmox 9 (trixie based) onto it. I'm not sure what to do about that Windows 10 sticker. There has got to be something fun to do with it. -
@neil this is a good approach. In this case, these PCs will be used in a youth center, so access to them is managed by a remote FreeBSD server (connected via VPN) that handles logins, access time, and so on. The server sends commands (via SSH) to a MikroTik router/firewall/access point to open or close NAT rules, firewall rules, and similar as needed.
Users log in and, after authentication, an X session (with the MATE desktop) is launched via Docker, which they can use freely for the assigned time. At the end of the session, the container is destroyed and recreated.
This setup was originally based on virtual machines, but since 2019 it has been managed this way. I am now working on a new setup based on FreeBSD, using jails instead of containers. It works quite well, I just need to fine-tune a few things, but given the urgency here, I used the already prepared and well-tested setup on Debian 13.
I am preparing 8 PCs, and I have around a hundred deployed overall. From time to time I update the “desktop” Docker container and, via a private registry, the machines download the updated image on the next boot, making it available to users.
It has proven to be very reliable, requiring very little intervention over the years, aside from occasional hardware failures.
-
-
@stefano How many boxes are you talking about here? What are they going to be used for?
I just bought a used PC and put Proxmox 9 (trixie based) onto it. I'm not sure what to do about that Windows 10 sticker. There has got to be something fun to do with it.@boyd you can find some replies here: https://mastodon.bsd.cafe/@stefano/116319286467381626
-
@stefano How many boxes are you talking about here? What are they going to be used for?
I just bought a used PC and put Proxmox 9 (trixie based) onto it. I'm not sure what to do about that Windows 10 sticker. There has got to be something fun to do with it.@boyd oh, for the Windows sticker I have an idea. Look at my old post: https://mastodon.bsd.cafe/@stefano/115991015050157016
-
There is a subtle, almost sadistic pleasure in what I’m doing right now: I open boxes of brand-new ThinkCentre PCs, unpack them, hook them up to a monitor, keyboard, and network cable. I boot from USB and replace the preinstalled Windows 11 (never even started) with my Debian 13 golden image, using Clonezilla.
As of today, the setup is based on Debian 13, but I’m already working on a variant based on FreeBSD and jails.
@stefano nothing sadistic about it. if anything, it is the responsible thing to do! have fun!
