After many years of exploring potential production quality base operating systems to replace Raspbian (including porting WebThings Gateway to Ubuntu Core and balenaOS and researching many others) I have reluctantly concluded that we should just bite the bullet and create a custom Linux distribution.
With the help of the community I have put together a proposal to explore using mkosi from the systemd project to create a minimal host OS image which runs the WebThings Gateway Docker image - similar to balenaOS but with a pull rather than push update model. You can read the full proposal here, and a member of the community has already started work on a proof of concept. I would be interested to get your feedback.
Previously it was possible to just flash a pre-built OS image onto an SD card and plug it into a Raspberry Pi and start using it. Now users have to install their own host OS, install the Docker engine and install the WebThings Gateway Docker image with their chosen configuration. The user is then responsible for manually keeping both the Docker container and host OS up to date. The Docker container also doesn’t always have access to certain features of the host OS such as network settings, clock settings and power, and any USB devices that are plugged in have to be manually mapped into the container.
If all of that is OK for you then that’s great, you can keep on using the Docker image.
The idea of a custom Linux distribution is to provide a pre-built OS image that can be flashed onto an SD card with the Docker engine and gateway Docker image already pre-installed*, has the access to hardware it needs already pre-configured, and provides automatic over-the-air updates of both the gateway application and the host operating system, with automatic rollback upon failure. The host OS would also ideally be immutable for improved security (like with Ubuntu Core and belenaOS).
Does that answer your question?
*I’m not 100% sure yet that a custom Linux distribution would use the Docker image as there may be other ways to provide better security and automatic updates, but that is my current thinking.
