How locked down are the Chromebooks?

Remote VM seems overkill if you can just enable “Linux for Chromebook”, which gives a sandboxed terminal at which point you can setup and install software like Blender, PrusaSlicer, etc.

It won’t be the fastest because they are thin clients, but even modern thin clients do decently for ‘light’ work.

I went ahead and made a few small edits to hopefully better explain things for most desktop environments if anyone else stumbles upon this thread.

Scrolling through their Discord, that particular mod doesn’t work on the latest version of the game as it’s long out of date. You aren’t likely to find another client or server that is hosting it with it actually working. Checking the mod listing page, it just claims untested on latest version.

Unfortunately a lot of the more useful information for the RaftModding ecosystem is all gated behind Discord.

I had written about this in their Discord in a thread:

using this shim script I made, do the following:

1. Install Raft with Proton 9.0-# prefix
2. Place the shim file into the game directory
3. Mark the shim as executable
4. Set Steam launch options to: WINEDLLOVERRIDES="winhttp.dll=n,b" ./shim %command%
5. Launch Raft once
6. Place RMLLauncher.exe into Raft game directory
7. Look for a plaintext target file that should be created in the raft directory
8. Copy the location of the RMLLauncher.exe (exact folder and filename) (right click > Copy Location in KDE / Steam Deck desktop mode)
9. Paste this location into the target file and save
10. Launch Raft
11. Go through RMLLauncher first-time steps
12. Press Play
13. Stop the game and add mods into Raft mods folder
14. Launch the game and load the mods in-game
15. Play Raft modded through Proton

(Instructions adapted from both mine and Discord user YumiChi’s)

This method doesn’t require custom installations, messing with bottles, nor wine runtimes other than Proton.

I’m currently going through a similar situation at the moment (OPNSense firewall, Traefik reverse proxy). For my solution, I’m going to be trial running the Crowdsec bouncer as a Traefik middleware, but that shouldn’t discourage you from using Fail2Ban.

Fail2Ban: you set policies (or use presets) to tempban IPs that match certain heuristic or basic checks.

Crowdsec Bouncer: does fail2ban checks if allowed. Sends anonymous bad behavior reports to their servers and will also ban/captcha check IPs that are found in the aggregate list of current bad actors. Claims to be able to perform more advanced behavior checks and blacklists locally.

If you can help it, I don’t necessarily recommend having OPNSense apply the firewall rules via API access from your server. It is technically a vulnerability vector unless you can only allow for creating a certain subset of deny rules. The solution you choose probably shouldn’t be allowed to create allow rules on WAN for instance. In most cases, let the reverse proxy perform the traffic filtering if possible.

The game was under exclusivity contract for Epic Games, but they were still allowed to sell copies of the game on their own website. Now that the contract is up, the game can be sold on Steam. Granting players who bought the game from the website free Steam keys is a nice touch.

Ocis/OpenCloud can integrate with Collabora, OnlyOffice but don’t currently have things like CalDAV, CardDAV, E2EE, Forms, Kanban boards, or other extensible features installable as plugins in Nextcloud.

If you desire a snappy and responsive cloud storage experience and don’t particularly need those things integrated into your cloud storage service, then Ocis or OpenCloud might be something to look into.

Under what means? The target is public sector and the OS to replace (Windows 10, Windows 11) would be a relatively compatible release target. Fedora is a competent leading edge (Wayland, Pipewire, BTRFS) distro that runs as a 6 month point release. I wouldn’t see many reasons to not go with Fedora Workstation as a base unless going for an immutable base or a different core distro (OpenSUSE or Debian mainly).

EDIT: Missed that this is going to be immutabe, so it is likely being based on Fedora Kinoite, meaning there really aren’t many alternatives besides OpenSUSE’s offerings.

Ah yes, did mess up looking at the specs table for bitrate modes. Correcting root comment for anyone else who views this thread.

You will need either an Intel discrete GPU or NVidia GPU if you want to use HDMI 2.1 to render at 8k@60. The Intel discrete GPUs have physical hardware that convert to HDMI and Nvidia uses proprietary drivers. If you can use displayport, any GPU (AMD, Intel, Nvidia) supporting displayport 1.4 is suitable for up to 8k@31 (limited to 8bpc). A displayport 2.0-capable card with a cable suitable for UHBR 13.5 should be able to handle 60 hz (8bpc) or a UHBR 20-rated cable capable of 60 hz at 10bpc.

As far as KDE vs. GNOME is concerned: KDE contains a lot of customizable features as an expectation and thus has great support for a wide array of customization. Both KDE and GNOME are extensible, with third-party extensions to extend or change functionality available. What makes GNOME less customizable, albeit supporting stylesheets and extensions, both are not expected to be used in any form (outside of defaults provided via Adwaita), and neither do many independent apps written in GTK3, GTK4. GNOME offers fairly minimal customization options without resorting to GNOME Tweaks, third-party extensions, and unsupported customized themes: all things that can break GNOME as while the customization does exist, the developers don’t embrace it and have no expectation to not break it with any update.

KDE has had ICC support implemented for a while now in Wayland. The necessary protocol for ICC support/color management in Wayland recently got merged, so the next release of many popular compositors (plasma 6.3 for KDE) will be protocol-compliant.

Without getting into more outright malicious possibilities as I don’t use Windows and cannot inspect how the application behaves on the platform, you could have things as simple like:

• EA didn’t see Linux users as profitable enough to support long-term
• EA/Respawn wanted an attempt to garner good will from the community by dropping support for a minority platform

It’s funny how EA is attributing their statistic to something can be strongly disproven. When looking at the given statistic they provided, they don’t specify the raw count of cheaters banned, but simply the rate. Even giving the generous assumption that EA’s statistics aren’t significantly flawed, they show an alleged large drop in cheaters bottoming out in the week of Nov. 4, 2024, before starting to rise up again. Does something else coincide with the rate of cheaters dropping in the week of Nov. 4? There is in fact something that does. Season 23 was released the fifth with a large spike of players being brought into the game. Without a more comprehensive statistic graph over several months, it looks like EA is trying to just capitalize on the fact that a large influx of players joining the game will drop the rates of cheaters momentarily, and then passing it off as evidence that Linux cheating was rampant. Quite disingenuous.

I started playing Dying Light for the first time recently. Compared to the Windows version, it looks like Techland completely abandoned the Linux native version of the game. Is this update fixing the Linux native version to be on par with Windows?

I can only guess the previous BIOS wasn’t enabling every virtualization extension necessary for some applications for some reason then, given that GNOME Boxes did work. Glad you’ve found a solution.

I did accidentally type the relevant command incorrectly, forgetting that sudo swaps the user before subcommands like whoami will resolve. So that command attempted to add the kvm group to ‘root’ rather to your user. I have fixed the command in the relevant comment for anyone else reading this thread. You can try sudo adduser "<username>" kvm, manually substituting <username> for your username. As normal, restart after adding the group to your user. Additionally, I have added a warning to the solution in the original comment of why you may not want to keep this solution enabled forever as well as a way to disable it later if desired.

Based on using a local installation without elevated permissions (outside of /usr/(local)), I can only guess of two things happening:

The first is GNOME Boxes asks for elevated permissions when running or otherwise uses Polkit to gain those permissions. Your user by default likely isn’t granted access to /dev/kvm and running userland software without additional permissions will inherently not allow KVM access.

To allow this sanely, you can add your user to the KVM group to allow userland KVM access. It can be done via sudo adduser "<username>" kvm and then restarting your computer. To note, this is something that can allow any application to access virtualization without special permissions. If you don’t want this change to remain forever, the command sudo usermod -r -G kvm "<username>" followed by a restart can revert this change.

Alternatively, installing Android Studio via the Flathub Flatpak may handle permissions without needing to modify user groups in this case.

The second (unlikely, but possible) problem is the AppArmor profile blocking KVM access for userland. I don’t have particularly any experience with creating modified profiles for AppArmor, if this is the cause. I could only offer terrible advice for AppArmor (disabling AppArmor or switching to warn-only, both things I do not recommend doing). Again, it might be worth trying to install Android Studio via flatpak to see if things work better if this is the cause.

I am testing this currently to ensure correctness, but if you’re using Android Studio via Flatpak, you may need to enable kvm permissions for the application to have hardware-accelerated VMs. This can be done using Flatseal. The relevant permission (device=kvm) is under the Device section labeled as Virtualization.

Additionally, if problems are occurring outside of Flatpak, you might need to enable certain hardware virtualization technologies from your computer’s BIOS (AMD-V, VT-x, VT-d, Intel VT, Virtualization, or some other similar term depending on CPU and motherboard).

EDIT: Doing testing, it seems the default permissions provided for Android Studio’s Flathub Flatpak includes device=all. No permissions edits are necessary by default. If there are problems with the /dev/kvm device not being reachable, it is almost certainly due to the necessary extensions not being enabled in the BIOS, or your CPU doesn’t support virtualization. Pop! OS 22.04 has the necessary components in software for KVM to function pre-installed, so nothing should be wrong on the OS side.

Superior over what exactly? Most workstation/desktop distros have a graphical software manager and handle drivers in a similar manner.