Congrats on launching something (more than most of us will ever manage), but I am struggling to see why I would use this over something with more backing. There are a number of similar projects that have a very similar goal, but have the support of a large community and/or commercial sponsor:

- Flatcar Container Linux: An open-source, immutable OS designed for automatic updates and large-scale container deployments.

- Fedora CoreOS: A, secure, automatically updating operating system designed for running containerized applications, succeeding the original CoreOS.

- Talos Linux: A modern, immutable, security-focused OS dedicated entirely to Kubernetes.

- IncusOS: an immutable OS solely designed around safely and reliably running Incus.

I think you need to more clearly explain how this is different. Again, congrats on the launch though.

I use IncusOS in my homelab. It's a joy to set up and use.

Migrated from Proxmox and manage all my VMs. Heavily use coding assistants to automatically set things up through the IncusOS CLI, translate Docker-Compose images to Incus, write bash scripts to automate launching new containers to use `--dangerously-skip-permissions` without fear of repercussions, etc.

What I love the most about it is that it's possible to manage IncusOS with declarative files, so you always have visibility into networking setups, resource configuration, etc.

Highly recommend checking IncusOS out if you have similar use cases!

What solution do you use for declarative deployments? Last time I looked there was no default option?

I haven't migrated to IncusOS just yet, but I use Incus on a server and have been pretty happy so far.

As long as there is software, you cannot shortcut the need for maintenance. Nothing is bug free, and telling people they will never need to upgrade/patch/maintain a system is a well-paved path to compromised systems.

This OS doesn't says it's maintenance-free! But it skips a whole load of maintenance you'd need to think about with a traditional base system, because 1) there's almost nothing there, and 2) the upgrade to that base is easy, you just reboot and restart your containers.

Obviously the software you run needs upgrades, but (again, but a layer down) it's based on Docker and probably someone else is maintaining it. So you pull that new container, restart and the OS is just making sure your data lands in the same place with the new container.

If you're happy with all your software running from Docker this seems like a step up from a Debian or Redhat, and it has a lot less bureaucracy than something like CoreOS.

Whether it's _usable_ I'm not sure (especially around storage management) but it's a really clear pitch.

I've been telling people this for years. Yes, you can self host, but you'll end up with a SLA on your spare time as well as you working hours.

I've long since thrown everything with a user count > 1 out.

> Nothing is bug free, and telling people they will never need to upgrade/patch/maintain a system is a well-paved path to compromised systems.

Of course nothing is. But there's a reason projects like "Talos" do exist: no terminal, no SSH, no package manager (how do we like package managers like NPM lately btw?), read-only filesystem, definitely no systemd, etc.

And then a minimal number of executables.

This does, definitely, reduce the attack surface.

I'm not speaking about this Show HN's project but there are such things as systems both more secure and requiring less maintenance than others.

Throwing in the towel and saying: "nothing can ever be 100% secure so we'll always need to patch so we may as well YOLO by accepting npm packages modified 3 minutes ago" is not the way to go forward either.

IncusOS is another - read-only root FS, interactions with the system exclusively through the Incus API, no package manager, blue-green OS updates (à la Steam Deck / Home Assistant OS).

Talos on IncusOS is likely a very interesting stack that I intend to play with hopefully in the near future.

https://linuxcontainers.org/incus-os/docs/main/

How would you say it compares to nixOS?

They are vastly different. Incus is aimed at providing a minimal, immutable Os for the hosting of VMs & containers. nixOS provides a full linux OS that is reproducible and declarative.

This exactly. Incus OS is competing on a similar area to Proxmox VE.

Interesting - but how do I patch, upgrade and build my own iso?

The source repository isn't very enlightening?

> The actual repository here hosts the source code for Lightwhale, and is not of any interest for most people.

> https://bitbucket.org/asklandd/lightwhale/src/master/

This is relevant to what I have been learning about recently!

I'm getting ready to launch an online game and I'm dealing with "how do I just run my game server on dozens of boxes without dealing with linux stuff".

I don't really have an answer yet (leaning into "just get one really powerful box" lol), but my investigation into the problem so far has been pretty interesting.

You can conceptualize the "my program + the OS" as a single program. It's not a pretty picture. Lots of global mutable state. (Also it randomly modifies itself??)

The whole point of Docker appears to be "I just want to run my program", in the least painful way possible. Immutable Linux extends the "lean in the direction of sanity" idea. (The programming and OS worlds seem to be learning the same lessons, from different angles.)

And then there's "it turns out the OS solves problems I don't have, while creating many new problems", which leads to Unikernels. Fun stuff ;)

In a perfect world, I wouldn't need the OS at all. Docker gives me two Linuxes to worry about! The number of operating systems I want to worry about is zero!

Which brings us to Unikernels! Just ditch the OS! Technically the right answer, except... now I'm a kernel developer? Maybe that's the least bad option, long term.

I'm a novice in this space I think. I've self-hosted for over a decade and around 2019 I moved over to Unraid, which is generally pretty visual (web portal or configuring and doing maintenance). I find the web portal very easy. How does one interact with your home server OS? I assume it's all via terminal because there are no pictures on the website?

What's the recommended way to regularly backup the data used by containers running on Lightwhale?

I wish there was something like this or talos or coreos but more generic: - immutable - a/b boot - declarative (like talos) But with choice of workload, like docker, k8s, qemu

Checkout IncusOS which focuses on Linux containers

Indeed, Debian stable with podman/Docker is "immutable enough" for me.

It is also the insurance that I will get help whenever I'm stuck.

Sure it could be smaller ... but when it already runs fine on any hardware, even weird stuff like a BananaPi with a low-end RISC-V processor, then I have a difficult time wanting anything else.

Even if i don't see a personal need for it it's a really cool project! I sent it to a friend who is in the "wants to run their own servers at home but never finds time to tinker" stage

This is a Linux distro, not an OS!

And what is a Linux distro, if not an OS?

Calling a custom Linux build a brand-new OS is like a car tuner claiming they built a new car. You didn't build the engine or the chassis; you just tuned it and gave it a custom paint job. It's exactly like a hairdresser - they aren't creating a new human being, they're just cutting, coloring, and styling an existing one. It's a Linux distribution, i.e., a "distro," not a new OS!

> tuned it and gave it a custom paint job

The way to interact with the OS is significantly different from almost all other Linux distros. There is no shell, no DE. This feels like a lot more than "a custom paint job".

Is Ubuntu an OS? Mint?

Neither have built the package managment system, or the kernel, the DE(s), the utilities (maybe some but certainly not all).

What about CentOS? Or Bazzite? Or even Android?

Is macOS an OS, or "a custom BSD distro"?

And if none of those are OSs, does a Linux-based OS even exist? If not, what's the point of the distinction?

Yours is a distro. Period. When you create your own kernel, then you can make bold claims like "I created an OS," when you haven't. Be humble, and you'll be more successful. Linus Torvalds and DHH are the only two arrogant people in tech, but both have accomplished enough to earn the exception. Hubris has no place in tech!

TBF I went in expecting a novel OS.

I like the idea of something like this for swarm mode clusters; not sure if you’re focused on the home server aspect exclusively, but I’ll be following along.

Kudos to the great project!

Thanks! I'm only announcing it for home servers because that's where most people are willing to try it out. But Lightwhale is already running in production, and it makes an excellent Swarm cluster.

So I’ve just set up my home server with Ubuntu server, installed docker with one line and I’m off to the races. What’s different/ exactly the value prop of this? You mention maintenance, of what exactly? Is your server a slimmed down version to run on less powerful hardware? Genuinely curious as I’m new to setting up a home server so seeing how this would benefit me.

I do the same thing. Being immutable is supposed to be great for updates. New image version and if there's a problem you can boot back to the last version no problem.

But functionally, like you I find Ubuntu server fine. I run apt update and upgrade a couple times a year and its local only with tailscale access.

I find these immutable OS's really nice on laptop or desktop. The home directory is the only thing that can be written to so the OS is supposed to be more stable and can't break easily

If this was built using zfs, it would have zvols and metadata in the fs for persistence. And the states would be perhaps more portable at a cost of .. zfs.

Not a huge criticism, life is about choices.

I noticed the code for the upgrade does not appear to be available. https://bitbucket.org/asklandd/lightwhale/src/master/

Am I missing something, I don't see a single screenshot showing what you're asking people to install

This looks super clean . As a beginner, this is exactly what I need to avoid messing with configs. Definitely gonna try it!

Very cool! I’ve been building something similar with a k8 focus for home serving as well! Excited to check it out.

Is the installation only imperative via the docker cli tool or do you support something more declarative like Docker compose?

This feels not unlike talos linux, but for single instances over k8s containers. Pretty neat.

So how is this different from Fedora CoreOS or bootc/RHEL image mode?

can't imagine a world in which I'd download a little known distro to put on my home network and use as a server. also, doesn't fedora already have something like this already?

Game’s truly gone. I remember when all we did was try to find the most obscure indie band of a Linux distro, form emotional attachments and then argue their merits.

Or use debian slim or Alpine for just enough Linux to run dockers.

if this is Cloud Run for my home lab, i am SO in.

first read looks good, excited to try.

The best way I have found to make something low/no maintenance is to keep it as simple as humanly possible.

And I don't think you can get there via this route. But good luck anyway, I would love to be proven wrong.

Looks like it may not have a package manager like apt or dnf:

> Can you please add wget, nano, $my_fav_app_omg_i_love_it to the root filesystem?

> No, not likely.

I am guessing the way to use software not already in the image is to use `docker run`.

It's immutable and you can't install packages, just docker containers.

I believe for anything home server (or even production), proxmox got you covered, it’s mature, stable, has strong community, and at the end of the day it’s still debian so you can mod it however you like. You can have containers, vms, firewalls, hdd zfs pools, backups, and more. And you can even use something like community scripts for easier installation, although always read the script before you install anything. I have also been playing with BastilleBSD too but I don’t think it’s there yet.