Yeah, but then you have to use Evolution.

Maybe, after a few months (or a year, as I may or may not have experienced) of “communication” you’ll be allowed to use Thunderbird. Only for it to be suddenly blocked again later because some dude didn’t understand why can’t everyone just use Outlook.

And don’t even dream of having a script to, say, sort and preprocess your mail.

gentoo with openrc works just fine for me (for docker/podman there is a separate debian machine though, as I don’t want untraceable blobs from the internet in my LAN)

and/or getting your games from places like gog.com

I’d go for HLS due to its simplicity: just files over http(s). VPN or not - depends on your network. If your machine is accessible from the internet, just putting the files into a webserver subdirectory with a long random path and using https will be secure enough for the usecase. Can be done with an ffmpeg oneliner.

The downside of HLS is the lag (practically – 10s or more, maybe 5 if you squeeze it hard). It is in no way realtime. Webrtc does it better (and other things too), but it is also a bigger pain to set up and forward.

Also, just in case, test that the webcam works fine if left active 24/7. I had (a cheapo) one that required a powercycle after a week or so…

For me it’s GOG first. Using lgogdownloader and wine directly (in a custom apparmor profile). No DRM, no forced updates, no annoying client that takes forever to start. Games are also dramatically much easier to isolate and sandbox this way.

If the game is not there, then yes, Steam (as a separate unix user).

Whatever works for you. Just do it. It is convenient as f when you are just starting. You can always improve incrementally later on when (if) you encounter a problem.

Too much noise/power costs to run a small thing - get a pi and run it there. Too much impct on your desktop performance - okay, buy a dedicated monster. Want to deep dive into isolating things (and VMs are too much of a hassle) - get multiple devices.

No need to spend money (maybe sponsoring more e-waste) and time until it’s justified for your usecases.

Better dependency control. I strongly prefer software that only depends on the stuff I can get from the package manager. This lowers the chance of supply chain attacks. Doesn’t prevent them, but I expect repo maintiners to do a better job looking at packages, than a developer who just puts another pip/gem/npm install in a dockerfile.

Also if something is only available in a container, it sort of screams “this code is such a mess, we don’t even know a simple way to run it” to me.