A spreadsheet

The Tunnel daemon creates an encrypted tunnel between your origin web server and Cloudflare’s nearest data center, all without opening any public inbound ports.

From https://www.cloudflare.com/products/tunnel/

The good news is that in order to exploit the new vulnerability, the attacker first has to obtain kernel level access to the system somehow - by exploiting some other vulnerabilities perhaps.

The bad news is once Sinkclose attack is performed, it can be hard to detect and mitigate: it can even survive an OS reinstall.

That makes some sense I suppose. What was it about DragonFlyBSD and macOS kernel?

Faster in what sense? Would you kindly point me to the benchmarks used? It’s easy to find the opposite results so I’m curious.

You’re right - I misunderstood the question and thought you meant the distribution images

At least Kali and Arch do

Cloudflare tunnel is an option, you can even scrap your own nginx

I’m a nix noob but I think this is a release of the nix package manager and therefore it’s unrelated to the version of the nix channel with nix packages.

Sounds like you have a pretty okay experience but some specific things don’t work - please take some time to report bugs if you haven’t yet!

Are you confusing security and privacy?

You can try OpenCore Legacy Patcher: https://dortania.github.io/OpenCore-Legacy-Patcher/MODELS.html

Still waiting on the list of those swinging/swiping changes that the other DEs are making

I’ll bite: big swiping changes like what?

Unless you’ve used something secure for formatting or wrote data to the SD after, consider attempting data recovery.

Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites.

I’m running Arch on my RPI 4b+ and quite happy with it.

The installation was pretty simple IIRC - I did run into some issue with uboot which was easily solved by searching for the error on the internet.

Arch Linux ARM ships with a mainline aarch64 kernel and uboot by default, but if you are interested in running the RPI kernel and their boot loader, there’s a custom pacman repo and instruction on the forums: https://archlinuxarm.org/forum/viewtopic.php?t=16144

All in all I don’t think arch needs that much maintenance on a non-critical home server - just make sure to check for config updates every now and then and reboot after kernel upgrades.