I wouldn’t say it’s “better,” but merely different. Until immutable distros can easily solve installing certain software that requires system-level access (like VPN clients without a Linux package or repo), there will always be a place for mutable distros.
And I say that as a proponent of distros like NixOS, Bazzite, and blendOS.
Yep, and it’s one of the only VPNs with a flatpak. It works great when the software can be easily layered. Meanwhile, Private Internet Access comes as a .run executable tarball.
I haven’t really looked at that one, so I’ll have to take a look and see what it can do (and what its limitations are). I saw that it containerizes software by default, and something like VPN software can’t usually run in a simple container, since it usually tries to manage network connections, and would need unique permissions.
AFAIK it’s based on Distrobox, which allows you to work in containers with access to key host services that you need, which I think should be sufficient for a VPN.
(In fact, for VPNs specifically Flatpaks are sufficient as well - I’m using Mozilla VPN via a Flatpak.)
Private Internet Access doesn’t come as a flatpak, deb, or rpm, unfortunately. I’d have to build my own and come up with a way to automatically build it so I don’t have to manually do it each time PIA releases a new update.
Podman containers via distrobox don’t work well for PIA, for whatever reason, so if I decide to pursue that, I’ll likely have to learn podman. I’m currently trying to install PIA during the build process of a custom uBlue image, and that has its own challenges.
Basically, PIA is making me consider switching to another provider just to be done with it. 😅
I’m aware of the controversy. I haven’t had issues, and neither has anyone else that has mentioned they use it (I would think if they were logging and selling user data, the Movie and Music industries would be customers #1 and #2, and we’d hear about ISP letters more often). Still, it’s a factor to consider in one’s threat model, and I would be lying if I said I was completely comfortable with their past.
I can, actually, but I’d rather use WireGuard for the improved throughput. There’s no “enabling” Private Internet Access’s client, though, because it’s a self-executing tarball and install script, and that’s the only way to access their WG endpoints.
They have a manual connection client through the command line, but that hasn’t been updated in over two years, and I don’t feel comfortable using it.
I wouldn’t say it’s “better,” but merely different. Until immutable distros can easily solve installing certain software that requires system-level access (like VPN clients without a Linux package or repo), there will always be a place for mutable distros.
And I say that as a proponent of distros like NixOS, Bazzite, and blendOS.
I’m running ProtonVPN on Bluefin from a flatpak with zero issues.
Yep, and it’s one of the only VPNs with a flatpak. It works great when the software can be easily layered. Meanwhile, Private Internet Access comes as a
.run
executable tarball.So… it’s easily solved then?
Not currently. Unless you have a good guide on how to build a flatpak that has more examples than launching a “Hello world” bash script.
I haven’t used it myself, but from what I’ve read VanillaOS has that covered pretty well with APX?
I haven’t really looked at that one, so I’ll have to take a look and see what it can do (and what its limitations are). I saw that it containerizes software by default, and something like VPN software can’t usually run in a simple container, since it usually tries to manage network connections, and would need unique permissions.
AFAIK it’s based on Distrobox, which allows you to work in containers with access to key host services that you need, which I think should be sufficient for a VPN.
(In fact, for VPNs specifically Flatpaks are sufficient as well - I’m using Mozilla VPN via a Flatpak.)
Private Internet Access doesn’t come as a flatpak, deb, or rpm, unfortunately. I’d have to build my own and come up with a way to automatically build it so I don’t have to manually do it each time PIA releases a new update.
Podman containers via distrobox don’t work well for PIA, for whatever reason, so if I decide to pursue that, I’ll likely have to learn podman. I’m currently trying to install PIA during the build process of a custom uBlue image, and that has its own challenges.
Basically, PIA is making me consider switching to another provider just to be done with it. 😅
You might want to reconsider PIA anyway: https://restoreprivacy.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/
I’m aware of the controversy. I haven’t had issues, and neither has anyone else that has mentioned they use it (I would think if they were logging and selling user data, the Movie and Music industries would be customers #1 and #2, and we’d hear about ISP letters more often). Still, it’s a factor to consider in one’s threat model, and I would be lying if I said I was completely comfortable with their past.
You can do that with fedora Atomic tho, just enable it, also why install a VPN? Why you can’t use OpenVPN?
I can, actually, but I’d rather use WireGuard for the improved throughput. There’s no “enabling” Private Internet Access’s client, though, because it’s a self-executing tarball and install script, and that’s the only way to access their WG endpoints.
They have a manual connection client through the command line, but that hasn’t been updated in over two years, and I don’t feel comfortable using it.