I have a similar job, but I have been in the unfortunate position to be swamped with work for the past month or so.

I have had one task that needed babysitting in the past 3 weeks, and I was so busy that I was jumping between tasks at that point.

That’s a fun mistake to make. I had a similar thing happen with Kubuntu uninstalling my GPU drivers. I could never figure out what caused it.

The world is full of creatives who make things without any expectation of income, but people create anyways. Look at open source software, or the many youtubers who don’t get enough views to get paid yet they post anyways. There’s quite a few journalists who operate solely on optional donations.

Fuck IP. Copyright is theft. IP kills.

I work in security, and I’ve seen a lot more EDR killers lately. Every incident I’ve seen regarding ransomware or potential ransomware has used EDR killers while compromising DCs, backup servers, file servers, and the odd workstation used for persistence.

I have tons of experience with enterprise linux, so I tend to use Rocky linux. It’s similar to my Fedora daily driver, which is nice, and very close to the RHEL and Centos systems I used to own.

You are slightly mistaken with your assumption that debian is insecure because of the old packages. Old packages are fine, and not inherently insecure because of its age. I only become concerned about the security implications of a package if it is dual use/LOLBin, known to be vulnerable, or has been out of support for some time. The older packages Debian uses, at least things related to infrastructure and hosting, are the patched LTS release of a project.

My big concerns for picking a distro for hosting services would be reliability, level of support, and familiarity.

A more reliable distro is less likely to crash or break itself. Enterprise linux and Debian come to mind with this regard.

A distro that is well supported will mean quick access to security patches, updates, and more stable updates. It will have good, accurate documentation, and hopefully some good guides. Enterprise linux, Debian and Ubuntu have excellent support. Enterprise linux distros have incredible documentation, and often are similar enough that documentation for a different branch will work fine. Heck, I usually use rhel docs when troubleshooting my fedora install since it is close enough to get me to a point where the application docs will guide me through.

Familiarity is self explanatory. But it is important because you are more likely to accidentally compromise security in an unfamiliar environment, and it’s the driving force behind me sticking with enterprise linux over Nixos or a hardened OpenBSD.

As a fair word of warning, enterprise linux will be pretty different compared to any desktop distro, even fedora. It takes quite a bit of learning, to get comfortable (especially with SELinux), but once you do, things will go smoothly. you can also use a pirated rhel certification guide to learn enterprise linux

If anything, you can simply mess around in a local VM and try installing the tools and services needed before taking it to the cloud.