If you just wanna use it as a backup, and not access stuff from it directly, it'll be easier to forego rclone_mount and just use rclone directly to backup stuff on a schedule. That's what I do.
Everyone has listed a lot of reasons, and there's also https://manjarno.pages.dev/ which pretty much sums up all the technical reasons.
I'd just like to add why I switched. I used Manjaro for a couple of years, and suggested it to friends and family for a while. It was fine when it worked. But when it didn't, it was a pain to figure out wtf was wrong. Their forum wasn't helpful, and you can't get help in the Arch forums, because it's just different enough. Also, whenever something broke, their logic was always backwards. Like SSL broke for the 5th time, just roll back your clock guys. It felt like being in an abusive relationship with a distro.
I finally switched to EndeavourOS some 4 years ago, and it's been very smooth ever since. In fact, I've had a good experience with pretty much every distro that I've used long term (e.g. AlmaLinux, Debian, Fedora, and even Ubuntu), except for Manjaro.
I like EndeavourOS because it's pretty much vanilla Arch, just with a nice installer. (Although we do now have the archinstall script.) After installation, there's pretty much no difference. Also, I like the logo. I only installed Arch once for the bragging rights lol.
I'd recommend using bare metal. Containers only make sense for deployment. Otherwise, they're just extra abstractions.
Yes. https://neovim.io/doc/user/remote.html#_remote-editing
But I honestly prefer to ssh into the remote machine and use the Neovim installation there. It's usually more responsive, and nicer to move around several files.
I've installed Fedora on my sister's laptop, and I barely have to do any maintenance. She's not very technologically minded, but it's been solid nonetheless. I don't use Fedora on my machines, but for someone else, it is what I recommend.
It seems that I'd still need to modify net.ipv4.ip_unprivileged_port_start=80 in sysctl, which I don't want to do. If I do it, the socket isn't even strictly necessary.
Just a couple of friends use it. But I'd like to use this as a learning opportunity and do it the proper way. It seems that if I turn of masquerade in general, and use firewalld fine-grained rules to enable it when I actually need it, I might be able to achieve what I want. I'll post an update to the original post if I can get it to work.
I think it's the masquerade that's causing problems for me. I have to keep it enabled since I'm running a tailscale exit node. But maybe I can selectively disable it here.
Masquerade was enabled. I need to keep it enabled, since I use it as a Tailscale exit node. Can I just disable it for incoming connections to 443 and 80? I don't want the client to see the internal network.
If you just wanna use it as a backup, and not access stuff from it directly, it'll be easier to forego
rclone_mountand just userclonedirectly to backup stuff on a schedule. That's what I do.