I knew that Bazzite was supposedly good for gaming but never looked into it any more than that. When I eventually learned about Bluefin, I was surprised to find that it, Bazzite, and all the other Universal Blue “distros” are built with the same container-native tech that I use every day at work. Needless to say I was immediately sold.
I have been very impressed so far. I don’t find the immutable OS limiting in my day-to-day work at all. I guess I’m all about that “defaults lifestyle” now.
Bluefin even includes stuff like built in propietary controller support and such
If on desktop I'd probably keep to Bluefin (Gnome) or Aurora (KDE) mostly because those have better defaults for it
Distrobox and custom podman containers get you a long way on an immutable system. It's actually a huge deal that podman supports rootless containers as a first-class feature.
I truly believe that updates are seamless not just because of all the buzzwords about the underlying technology but because its made for people who actually use the system daily. They gate the fedora kernel and track breaking changes so you don't get them, and generally care about the user experience. If you want sensible gnome defaults and extensions they are there (or there to be disabled at the click of a button). If you want remote desktop streaming (sunshine/moonlight) its there. On the flip side, their distribution model also means no more need to keep track of out of tree kernel modules on upgrades (zfs, nvidia, waydroid even on Bazzite).
Now onto the post specifically: LTS from a CentOS Stream base seems interesting. Fedora is nice, and the universalblue team tames it 99%, but its edge can be a bit too bleeding sometimes. My only reticence with CentOS Stream though is that it is veering dangerously close to Red Hat proper which I am unsure how to feel about. I am eagerly awaiting when non-rpms distros will be able to use the same underlying technology Bluefin uses, and see how the space evolves. A debian base especially seems interesting in theory. There has recently been some progress on that front: https://github.com/bootc-dev/bootc/issues/865 https://github.com/bootcrew/debian-bootc
I think they have some improvement to do on supply-chain though. A lot of random COPRs and kernel patches pulled in from various random third- and first party repos that I think should get consolidated before I can consider it mature and really ready for prime time.
Similarly it would also be nice to see end-to-end builds being reproducible locally. (Things are currently hardcoded to github.com or tied to GitHub Actions in a few places. The patching required for that is nothing crazy - Good First Issue material :))
https://github.com/ublue-os/akmods/blob/9946c17373b1a49e60a0...
https://github.com/ublue-os/bluefin-lts/blob/84cac6e9a063ec5...
How about jreilly1821? Looks like nothing's really preventing them from sneaking in a malicious version of glib2..
https://github.com/ublue-os/bluefin-lts/blob/84cac6e9a063ec5...
Bootc is and will change things, images will be tested as an integrated experience and we'll continue to strive to pull from as far upstream as we can.
Negativo17 is Simone, an NVIDIA employee who has been instrumental in packaging nvidia drivers for linux for years. I don't know for certain, but I wouldn't be suprised if they are also doing the official packaging for nvidia drivers as well. Needless to say they are very trusted and a known entity in the Linux community
When I install a more corporate product such as Ubuntu or macOS, sure, it's also mostly middlemen repackaging other people's code. But it is clear what and who belongs to the company or team, and the team has a shared interest in protecting its reputation, and hopefully pwning or buying a single individual's accounts cannot infect everything else.
To that end, I agree that "consolidation" would help - sometimes that might mean controlled mirroring of things into the Bluefin org or so - but that is exactly what distros do, and I understand that Bluefin does not want to be a distro.
I agree, I hate all of this too. The wolfi version will be much better.
Again "vetting" is a source of contention here as I'm not sure how the quality of official rpm sources compare to those outlined in an sbom
I don't even do language model stuff I just want a gold computer
In spirit I would love to support this, someone with one of these would need to PR in support, but it's usually taking the enablement instructions from NVidia and putting it in a dockerfile. Bluefin is already working well on on the Ampere ARM workstations that System76 sells. Getting it on one of these would be awesome.
I’m not saying there isn’t a reason; I’m genuinely looking for it
Here are some of the changes:
- We add all the codecs, and drivers in the build step so the user never has to care.
- We turn on automatic updates by default, these are silent
- We remove Fedora's broken flatpak remote and go full Flathub out of the box
- We handle major version updates for you in CI, there's no "distro release day" update that's just a normal update that day
- Since we use bootc it's easy for people to FROM any of our images and make a custom build, and we ship a template for anyone to do so: https://github.com/ublue-os/image-template
- You can turn on "developer mode" which gives you vscode with devcontainers, docker, incus, etc in addition to podman.
- We integrate homebrew out of the box for package management for the CLI, flathub handles the GUI packages - we don't want to be a distro, in this world the base image is a base image and my relationship is with brew and flathub. I don't need or want to have a relationship with my OS.
- We gate kernel versions to avoid regressions, so we can avoid certain releases or "ride it out" until fixes are published.
- We ship [Bazaar](https://github.com/kolunmi/bazaar) - which is a flatpak only store designed for performance. Since the OS is a different layer we can throw away all those packagekit jankfests and start from scratch.
As for the desktop, I worked on Ubuntu for about a decade and wasn't happy with the direction Ubuntu was going at the time. Fedora had rpm-ostree/bootc but didn't know what to do with it so they were just sitting on the tech. So I just combined them, the desktop has an Ubuntu-like layout and vibe.
The clear benefit is that you have one image for everything, whereas local layering in Silverblue doesn't really make sense to me anymore, if you want to handle a bunch of local packages just use a traditional distro. Because doing that in Silverblue breaks just as often as it does in package distros. Pure image mode is the strongest benefit. It's 2025 I refuse to do "post installation crap" that should be automated, bootc lets me do that!
More info here since I'm leaving out a bunch of stuff: https://docs.projectbluefin.io/introduction
Fedora still uses rpm-ostree, when you do an update it's pulling from an ostree remote served from a server. bootc replaces that with just an OCI registry. We ship the `rpm-ostree` binary on the systems still. It's still used for things like adding kernel boot arguments.
Here's their diagram: https://bootc-dev.github.io/bootc/filesystem-storage.html
Generally speaking new users can skip the rpm-ostree parts and just start with bootc. I am not an expert in this, there's a rust library in there somewhere. Hopefully someone can help fill in the blanks.
Like the dino theme.
It looks like Debian equivalents might be VanillaOS, EndlessOS, and (though not as similar) StarlingX, since all are OSTree-based for atomic updates.
I’m curious what others’ experience is with developing on these- do drivers work out-of-the-box and is it easy to configure, similar to macOS stability with something like brew to get latest packages and apps?
Eventually I’ll probably have to go back to free OSes because things don’t seem to be getting better.
It's just OCI images, like any web-scale project.
Maybe https://github.com/ublue-os/image-template is the way to go when I do my setup next time.
But I think I'm beginning to understand. Please correct me if I'm getting any of this wrong:
- Bluefin is, fundamentally, a container image that you run with your preferred container runtime (Docker, Podman, whatever).
- But where most containers are slimmed-down to run just one app, Bluefin is a Linux desktop in a container.
- Bluefin includes Podman in its image, so you can run other containers inside your container. (Yo dude, I hear you like containers...)
- Because Bluefin is a container image, updates are all-or-nothing, i.e. atomic. You download the updated image, then reboot into it next time you're ready to reboot.
- Installing other apps once you're running Bluefin is done via flatpak, rather than snap or apt or dnf or pacman. And there's a graphical app store that connects to Flathub. (I don't yet know what the offically-recommended way is to install software that isn't yet on Flathub).
Anything incorrect in that list? Anything major that I left out?
(Edited only to add a newline between bullet points, because I didn't realize that Hacker News doesn't implement that part of Markdown. The fact that asterisks around words gives you italics fooled me into thinking that more of Markdown than italics was implemented.)
The underlying project in question for the next conceptual layer down is rpm-ostree:
Nope, you don't execute it like a container. Although it is an OCI-compatible container image and can be built using Docker/buildah/etc, it's "executed" (well, deployed) using bootc (boot container). This is a technology that basically blasts the container out to a filesystem tree using a technology called OSTree. OSTree is the same technology behind Flatpaks.
The older, pre OCI-based version of this tech is called rpm-ostree.
>Because Bluefin is a container image, updates are all-or-nothing, i.e. atomic. You download the updated image, then reboot into it next time you're ready to reboot.
Key word being atomic, you can layer packages onto the container image. This gives you some flexibility without needing to rebuild the entire container. For example, I use Kinoite and I depend on zsh which isn't shipped in the image. If I `rpm-ostree install zsh` and reboot, I now have zsh layered and it'll be automatically re-layered after every upgrade.
It's very much having your cake and eating it too. You get all the benefits of an atomic system's stability and ease of upgrades but you don't trade much flexibility for it.
MrDrMcCoy•4mo ago
MattPalmer1086•4mo ago
I prefer Gnome because it does what I need but mostly just disappears and gets out of my way.
I used to love fiddling and customising everything. Plenty of options for that if that's your thing, like KDE.
baobun•4mo ago
https://github.com/ublue-os/aurora
https://getaurora.dev/
mnmalst•4mo ago