30 open-source projects similar to justenoughlinuxos/distribution, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Distribution alternative.
Bottlerocket is a container-optimized operating system and minimal Linux distribution designed specifically for hosting container workloads. It functions as an immutable infrastructure OS, utilizing a read-only root filesystem and atomic partition swapping to ensure consistent and reversible system updates. The system is distinguished by an API-driven host manager that replaces traditional shell-based configuration with a local REST API for administrative tasks. To maintain security and stability, it employs a dual-runtime isolation model that separates workload runtimes from system operation
Bazzite is an immutable, atomic-image-based operating system designed for gaming performance and handheld hardware. It utilizes a read-only root filesystem and versioned images to provide atomic updates and instant system rollbacks, ensuring a stable core environment. The system is distinguished by its deep optimization for portable gaming devices, featuring dedicated handheld hardware management for CPU undervolting, fan control, and display refresh rate overclocking. It includes a specialized gaming mode that boots directly into a console-like interface with integrated input mapping and a t
Talos is a minimal, immutable Linux distribution designed specifically for deploying and managing Kubernetes clusters. It functions as an API-driven infrastructure manager that replaces traditional shell access with a declarative gRPC interface to control operating system state and configuration. The system is distinguished by its use of a read-only root filesystem and a security-hardened kernel, which removes standard GNU utilities to reduce the attack surface. It ensures environment consistency by distributing the operating system as versioned, signed images and utilizes TPM-backed verified
This project is a Buildroot-based Linux distribution and embedded home server operating system designed to host containerized home automation services. It serves as a dedicated platform that manages the hardware and software requirements of a local smart home hub. The system is built as an immutable operating system, utilizing a read-only root filesystem and image-based updates to ensure consistent versioning and prevent accidental changes. It employs container-based process isolation to decouple applications from the core operating system. The platform provides a supervised container manage
Rancher OS is a cloud-native, container-optimized Linux distribution designed to host and manage containerized workloads with a small host footprint. It functions as a Docker-based operating system that runs core system services and user applications as containers. The system implements an immutable infrastructure workflow by deploying the entire operating system as a set of read-only images. To prevent configuration drift and ensure a consistent boot state, the primary system partition is mounted as read-only, while persistent settings and user data are stored on a separate writable configur
Onion is a custom handheld gaming operating system and retro gaming frontend designed to manage and launch emulators on portable hardware. It functions as a bootable custom firmware distribution and emulation environment manager that replaces factory software to provide an integrated gaming environment. The system distinguishes itself through a modular core-based emulation architecture, allowing for the installation of verified emulator packages, BIOS configuration, and the use of hardware-specific drivers and filters. It also supports the integration of third-party game ports via standardize
Julius is a cross-platform game engine and simulation tool designed for the reimplementation of legacy games. It executes original game logic using the original assets while applying modern resolution and interface updates. The engine features a localization framework for integrating community translations of text, audio, and video, and an integrated scenario editor for configuring gameplay rules and resource requirements within map data files. The project covers a broad capability surface including save game management with automated backups, input mapping for diverse keyboard layouts and t
Holoiso is a tool for building custom, bootable operating system images based on SteamOS 3 for installation on non-Steam Deck hardware. It uses a Linux Archiso base to generate installable disk images that replicate a handheld gaming experience on generic devices. The project enables the creation of a gaming-oriented distribution featuring a gamepad-driven interface and the ability to toggle between a standard desktop environment and a gaming session. It includes high-performance shaders for system-wide image upscaling to balance visual quality and frame rates across the gaming interface. Th
Firejail is a Linux application sandbox and kernel security wrapper that isolates untrusted applications from the host system. It uses kernel namespaces and seccomp filters to restrict filesystem access, drop kernel capabilities, and limit the system attack surface. The project is distinguished by its use of predefined security profiles to automatically apply filesystem restrictions and syscall limits based on the executable being launched. It provides specialized isolation for portable packages such as AppImages and implements X11 display isolation via proxy servers to prevent keyboard loggi
Arch-Hyprland is an automated installation framework and desktop configurator for Arch Linux. It provides a collection of scripts and configuration files to deploy the Hyprland Wayland window compositor and establish a complete visual workspace. The project includes a GPU driver automator that identifies and installs the correct graphics drivers and kernel modules to ensure hardware compatibility. It further automates the deployment of themes, icons, and display managers to create a cohesive desktop environment. The system handles package deployment through shell scripts and template-based c
HyDE is an Arch Linux configuration framework and system provisioning tool designed to automate the installation and customization of desktop environments. It functions as a window manager orchestrator and dotfiles management system to synchronize environment settings and deploy custom system configurations. The project includes a desktop environment theme engine that uses a patching tool to apply curated visual styles and color schemes across the interface. It also features hardware-aware driver detection to automatically apply correct bootloader and driver settings during the deployment pro
This project is a comprehensive collection of tutorials and guided laboratories designed to teach containerization, networking, and security using Docker. It serves as a learning path for building portable images and executing isolated processes. The materials provide specific guides for managing container clusters and scaling services through Docker Swarm and overlay networks. It includes a security handbook for implementing image scanning and secret management, as well as laboratories dedicated to modernizing legacy applications by wrapping older software installers into containers. The co
fnnas is a Debian-based network attached storage operating system and deployment framework designed to transform x86 and Arm64 hardware into private storage servers. It provides a custom operating system image builder and a kernel compilation tool for building and packaging specific kernels and device tree blobs for various hardware platforms. The project includes a hardware-specific deployer that maps device models to required bootloaders and kernel tags. It features an eMMC backup and recovery tool to save factory system images from internal storage and restore them to revert system changes
This project provides a standardized Python Docker image, serving as a Linux-based runtime environment for executing Python applications. It is an OCI-compliant container designed to ensure consistent software execution across different platforms. The images support containerized application deployment, enabling environment parity between local development and remote servers. This foundation allows for the creation of standardized build pipelines and the development of microservices architectures. The build process incorporates multi-stage builds and layered image hierarchies to manage image
Bubblewrap is a Linux sandbox runner that creates lightweight, isolated execution environments for running untrusted applications. It combines Linux user, mount, network, PID, and UTS namespaces with seccomp-BPF system call filtering to restrict filesystem, network, process, and inter-process communication access. The project provides comprehensive process isolation by giving each sandbox its own private tmpfs root with selective bind-mounts, a separate network stack containing only a loopback interface, an independent process ID space, and remapped user and group identifiers. It applies secc
This is a custom firmware build for ASUS routers that enhances the stock operating system by fixing known bugs and stability issues while preserving the original user interface. It adds minor feature adjustments and configuration options to the router's web-based administration panel without replacing its core functionality. The project modifies the original vendor firmware source code at the file level to apply targeted fixes and feature additions, using separate code branches to manage different firmware versions and release tracks. It incorporates pre-compiled proprietary drivers and firmw
archinstall is a guided installer for the Arch Linux operating system. It provides a mechanism to automate the partitioning, package selection, and configuration of a system through an interactive menu interface or pre-defined configuration profiles. The tool supports both manual and automated deployment. It can function as an interactive installation guide or as an automated deployment utility that loads settings and credentials from external files to perform installations without manual intervention. The project includes capabilities for disk partition management to support single or dual
This project provides a functional package manager and a reproducible build system designed to ensure identical build inputs always produce the same outputs. It serves as the foundation for a declarative Linux distribution where the entire system state is defined in a configuration file, enabling predictable deployments and full-system rollbacks. The system uses a deterministic functional language and a lazy-evaluation expression engine to manage software dependencies and isolate build environments. It distinguishes itself through a content-addressable store that allows multiple versions of s
Pocket ID is a self-hosted OpenID Connect (OIDC) identity provider that replaces traditional passwords with passkey-based authentication using WebAuthn public-key cryptography. It runs as a standalone service on user-managed infrastructure, eliminating shared secrets entirely by authenticating users through passkeys instead of passwords. The project distinguishes itself through security-hardened deployment patterns, including distroless container images, non-root user execution, and read-only root filesystems to reduce the attack surface. It supports configurable token signing algorithms (RSA
pvetools is a configuration toolkit and suite of scripts designed to automate the setup and optimization of Proxmox VE virtualization environments on Debian. It provides automated toolsets for configuring hypervisors, optimizing hardware, and deploying network file services. The project features a container runtime deployer for installing engines and web management interfaces within isolated environments, and a storage manager for resizing root partitions, managing ZFS RAM usage, and relocating container data across disks. It includes optimization scripts for nested virtualization and PCI pas
Bubblewrap is an unprivileged sandbox execution utility for Linux that isolates processes from the host system. It creates secure environments by leveraging Linux namespaces to separate system resources, including network, PID, and IPC stacks. The project distinguishes itself by enabling the execution of untrusted software without requiring root privileges on the host machine. It prevents privilege escalation by disabling the execution of setuid binaries and uses user identity mapping to isolate process permissions from the host operating system. The tool manages a comprehensive security sur
iStoreOS is an embedded network operating system and router firmware based on OpenWrt. It provides a specialized Linux distribution designed to manage routing, switching, and device-level configurations on network hardware. The system includes a web-based management interface for configuring network settings and installing software packages. It enables the customization and extension of network appliances through a writable filesystem and integrated package management. The project covers home network administration and embedded network management, allowing for the provisioning of specialized
Docker is an OCI container engine and runtime orchestrator used to build, run, and manage isolated applications. It functions as a container image builder for creating portable snapshots of applications and a registry manager for storing, versioning, and distributing those images across environments. The platform provides a centralized daemon to control the creation, execution, and termination of containerized workloads. It allows for the assembly of modular container systems by combining build tools, registries, and runtimes. Its core capabilities cover container image creation, registry ad
Home Manager is a declarative framework for managing user-specific packages, dotfiles, and services. It serves as a tool for maintaining reproducible home directory setups and user environments across multiple machines using the Nix package manager. The system functions as a declarative dotfile manager, defining application configuration files from a central source to ensure consistency. It allows for the management of user-level software packages and the automation of background processes and services that start upon user login.
This project is a collection of shell-based automation scripts designed to automate the deployment and configuration of Linux containers and virtual machines on Proxmox VE hosts. It provides toolsets for the scripted provisioning of virtual machine infrastructure and the creation of pre-defined containers for various applications. The toolset includes specialized utilities for Proxmox host management, such as automating post-installation setup, managing system backups, and cleaning up old kernels to reclaim disk space. It further provides automated configurations for hardware passthrough, ena
This project is an API documentation management platform and mocking server. It provides a central system for organizing API specifications and managing metadata to maintain consistency across the development lifecycle. The toolset includes a mocking engine that generates simulated backend responses, allowing frontend development to proceed without a live backend service. It also functions as a static documentation generator that converts dynamic API specifications into offline files for distribution and archival. The platform is delivered as a containerized toolset, packaging the server and
Steamtinkerlaunch is a game launch wrapper and Wine prefix orchestrator designed to manage the execution environment of games on Linux. It functions as a compatibility layer manager that downloads and organizes custom Wine and Proton versions, while creating isolated filesystem hierarchies and registry hives to prevent configuration conflicts between games. The project specializes in automating the installation of mod managers and script extenders within these isolated environments. It acts as a post-processing shader injector, managing the installation and dynamic library overrides required
ChatGPT-CodeReview is an AI-driven code analysis tool and bot that uses a large language model to automatically review pull request diffs and post feedback on code changes. It functions as a system for detecting bugs and suggesting improvements in source code. The tool provides a containerized runtime for deployment as a background process or through a GitHub Action. Users can customize the analysis behavior, style, and technical depth by adjusting model parameters and system prompts. The system handles automated code review workflows by triggering analysis via webhooks and CI pipelines, upd
backend-cheats is a comprehensive backend engineering reference guide and a collection of technical cheatsheets. It serves as a knowledge base for server-side development, networking, and computer science fundamentals, delivered as a markdown-based static site. The project provides detailed handbooks for API design, specifically covering REST and GraphQL interfaces, and software architecture patterns such as Monolithic, Microservices, and MVC. It includes a database architecture overview comparing relational and NoSQL paradigms, as well as a web security reference for identifying vulnerabilit
This project is a wireless hotspot management interface for Debian devices. It provides a web-based controller for managing wireless access points, wireless repeaters, VPN gateways, and DNS ad-blocking filters. The system includes a captive portal framework to intercept network traffic via customizable splash pages and a VPN controller that supports WireGuard and OpenVPN with kill-switch functionality. It further differentiates itself with a DNS ad-blocking filter using curated blacklists and the ability to operate in multiple network modes, including bridged access point and wireless repeate