Casey's picture


I love the idea of what you are doing, especially the backup solution.

I'm wondering if it might make sense for you to only distribute the 'core' and make every other specialised machine a 1-click download / install. This would allow you to keep the core fresher and more updated with bug fixes and support for your packages. Imagine now if you have a problem with the core you have to re-roll all the other specialised machines.

You could incorporate into the first-boot setup of the core via webmin (or command line) a selection screen of what type of TKL machine the user wants to turn that core into.

Just seems more maintainable to me, from your point of view. 

Liraz Siri's picture

If you have the network infrastructure to support it, you could indeed distribute a Debian type network installer that can complete the build process for each appliance on it's own, getting all of the required components off the network. We could use something like TKLBAM to do it.

It's something to consider for the future I suppose, but it would be a pretty radical departure from our current way of doing things. Many things would have to change simultaneously (e.g., the website structure, the documentation). So before it would get better, it would get worse. Also, I'm not sure it would be worth it. Building and distributing the images only takes a few days. The bottleneck is the integration and testing, which is labor intensive. Going down the 1-click installer road may require more testing, not less, as there are more elements involved and more things that can go wrong.

Also, coming from a security background myself I would be suspicious of a distribution that assembles itself from over the network and can change at any time. It's harder to understand, there is no audit trail, etc. There's a trust issue here. With the way we are doing things right now, a signed release implies responsibility. Our reputation is at stake.

Jeremy Davis's picture

While on face value it sounds like a nice idea, I think it would add to the complexity and IMO that is generally a bad thing, more room for problems.

And also I don't think it really adds a lot of value to the end user so unless there was a clear labour saving then I don't see any real advantage.

Add new comment