Skip to content

[Debian] Old is new again

September 26, 2023 | 12:08 AM

I know what you’re thinking, 🤦🏻‍♂️ another distro? Yeah, I get it… I’ll talk a bit about why, my thoughts on other distributions, and ultimately highlight a key feature that makes Debian just right.

Table of contents

Open Table of contents

Wait, it’s been a year

Over the last year there have been a number of changes in my life and the tech I use to work and tinker. While I’m not a committed blogger by any stretch, I do feel some sense of regret having not kept up on my goal of documenting my experiments and projects. I still won’t commit to that not happening again, but I’m going to try and put up some new content over the next month because I’ve been doing quite a bit of undocumented experimenting that I want to write about.

New PC new Me

My power supply died, I think. I didn’t really bother doing any sort of diagnostic or repair of my old PC because, well, I wanted a new one and it was a good enough excuse for me. I didn’t bin the thing though, it’s just over there 👉🏻 next to a bookshelf, waiting to be resurrected.

Here are the new 🖥️ specs for completeness:

CPU: AMD Ryzen™ 7 Processor 7800X3D 8-core/16-thread 4.2GHz
FAN: Thermaltake TOUGHLIQUID Ultra 360mm with LCD display
HDD: 2TB SAMSUNG 990 PRO (PCIe Gen4) NVMe 2.0 M.2 SSD
MEMORY: 64GB (32GBx2) DDR5/6000MHz Dual Channel Memory
POWERSUPPLY: 1,000 Watts - EVGA SuperNOVA 1000 GT 80 Plus Gold
VIDEO: AMD Radeon™ RX 7900 XTX 24GB GDDR6

I moved over to AMD top to bottom, not because I don’t like Intel or nVidia, but strictly because I like the support for AMD GPUs in Linux. Anyone who runs Linux on an nVidia GPU knows it can sometimes be a hassle, or frustrating when features aren’t fully supported.

Why Debian, what happened to Gentoo?

I may have mentioned this in the past, but I’ve been using various flavors of Linux and GNU for over 20 years. I landed on Gentoo a few years ago because I believed it was a superior distribution given the scale of customization it allows. I still feel that way, it’s one of, if not my favorite distribution; albeit impractical. Gentoo offers so much, and anyone reading this that was considering using Gentoo and might be looking for some starting tips can go back and read my prior post about my experience with it.

I left for one reason, build times.

In order to take advantage some of the great customization features offered to you in Gentoo, you need to build the software from source, which it makes dead simple. However, it can be a lengthy process depending on how many, and which packages you need to update. Some people have worked around this by setting up dedicated build servers that build their configuration either entirely remotely or in a parallel and distributed manner across multiple computers. I’m just not that dedicated to go through all of that. So I decided when I received my new hardware, I’d be starting from scratch with a new distribution.

NixOS …wait, what?

I bet that caught you off guard. I didn’t originally start out with the intention of installing Debian, which had been running on a home server of mine quietly for many years. I had done some experimenting with NixOS in the past both running on a VPS in the cloud and on my desktop PC.

NixOS is something special, it really is. If you don’t already know about Nix or NixOS, it’s worth investigating. A declarative and highly reproducible system is ideal, let’s be honest. I believe we’ll see more headway in that direction in due time. Nix is a smaller project and it’s still ramping up in popularity. Though it’s not ideal for the dynamicism of a personal computer, at least not in this era of software and the state of open source.

After getting NixOS up and running on my new hardware, I abandoned it in less than a week for the same reason I did so the year prior. Despite the elegance of declaring which packages I want, I ran into pieces of software that weren’t already packaged, which required me to make a decision.

[ 🔨 ] Ignore Nix and “purity”, and just modify my system imperitavely, entirely outside the purview of the Nix environment. i.e. introduce side effects.

[ λ ] Do it the right way, and create a nixpkg myself.

I spent a lot of time trying to craft a pure solution for the packages I needed. Unfortunately some of them weren’t built in a way that was conducive to some of NixOS’s goals. They made assumptions about write permissions and didn’t conform to the way home-manager was intended to be used.

I hope to see NixOS mature over time, and lead the computing industry in the direction of its charter. For now, I’ll simply bow out and respect it for what it is, a rock solid server distribution where you don’t expect much to change.

Honorable mentions

I am no stranger to Debian, I’ve used it plenty of times in the past and as I mentioned it was my preferred home server distribution. Though my mind didn’t immediately jump to it as my long term desktop OS. So here is the very short list of what I considered.

NixOSSee aboveSee above
ArchFast and minimalBleeding edge breakage does happen
All of the packagesI think the community has made it cringey
OpenSUSELong history of stabilityLack of packages
Rolling release optionDid not play nice with my GPU*
FreeBSDI love FreeBSDNo support for Widevine (poor multimedia experience)

* I did try and fix this, and believe I was successful by setting drm.vblankoffdelay=0. Details here.

So really, why Debian?

Here was my criteria.

  1. Stability, I use this PC for everything, every day.
  2. Security, I want some security professional oversight of the packages I install.
  3. Package compatibility, I want to be able to install almost anything without having to build it myself.
  4. Access to bleeding edge, I want the option of the latest bleeding edge software.
  5. Binary packages, I want faster installs, coming from Gentoo this should be no surprise.

But isn’t Debian software ancient?

Yes and No. You can opt-in to bleeding edge packages by using the testing or unstable branches. Don’t let that scare you, what do you think you’re getting in Arch?

I want tried and true 👴🏿, stable 🪨, and secure 🔒 system packages. There is practically no benefit to exposing my system to potential breakage or exploitation every time I run an update.


Generally, I try to install everything I can through a package manager, like apt. If I download something that isn’t managed by my system package manager, that software never makes its way outside of my home directory. The one exception I have made to this rule is for Linux Firmware, which I’ll cover in another post.

Apt is great, everyone knows it’s a perfectly functional package manager that behaves how you would expect, managing dependencies, and preventing you from doing harm to your system.

You are probably aware that you can add additional repositories to your /etc/apt/sources.list file(s). This is sometimes useful when a vendor supplies a package for Ubuntu, but is otherwise entirely compatible with Debian, e.g. Signal Desktop.


In case you are not aware, pinning is the method you can use to pin 📌 (i.e. lock) a package to a specific version, or source.

Here is an example of what I mean.

[strangeloop:/etc/apt] $ cat preferences.d/99emacs 
Package: *
Pin: release a=unstable
Pin-Priority: 65

[strangeloop:/etc/apt] $ cat sources.list.d/emacs-unstable.list 
deb unstable main contrib non-free

/etc/apt/preferences.d is a fragment file directory enumerated in alphanumeric ascending order. It provides the means to pin any number of packages to a version, an origin, an archive, or a combination with a priority.

You could accomplish the same in /etc/apt/preferences, but I find this to be a cleaner and more self-documenting method

/etc/pat/sources.list.d is a fragment file directory enumerated in alphanumeric ascending order. It provides additional repositories to sync. Again you could accomplish this by appending lines to /etc/pat/sources.list if you prefer.

There is a method behind to the Pin-Priority which is thoroughly documented.

Here is the manpage with everything you need to know.

The best of both worlds

I believe using this method provides everything you could want. The safety and security the stable branch of Debian is famous for, and access to the latest user-land packages you might want to skip ahead and start using before they are included in a future major release.

I have this exact setup running on my desktop and 10 year old ThinkPad and I intend to keep it that way for the foreseeable future.

Nothing is perfect