I want to run a small VM running a very low-maintenance distro for the sole purpose of running a private VPN (preferably WireGuard).
I do this because I want to access all of my ESXi VMs from WAN.
I’m thinking Fedora Server because it has roling-release, so I don’t have to reinstall, I guess? But I want it to be very stable, because if it fails I lose access to ALL my VMs.
As said by @iii@mander.xyz, bog standard Debian Stable.
You really don’t want a rolling release distro for something like this - major software updates might change the behavior of your software, break your configs, etcetera. Stable distros do as much as they can to make sure that software behaves the same, only porting security fixes.
This way, you don’t really have to touch it except for updates with a nearly nonexistent chance of going wrong (and there’s stuff like unattended-upgrades so updates are automatic) and major upgrades.
You can go several years without a major upgrade just fine - Debian versions are supported for 5 years, and we’re only a few days from getting Trixie, which will last into 2030. New versions come out every two years, and it’s not that hard to upgrade between consecutive ones; I don’t think sitting down on a weekend every two years is that bad.
I kind of hate Ubuntu, but it’s pretty based in this case due to really long support. This might be a really great case for Rocky Linux though, as it also gets 10 years support.
That happens to be my plan. I just started rolling out a few but I will have to bulldoze some servers because CloudStack doesn’t work in it yet. That means it’s upgrade-disco for my 9s in 5 years.
Since 2002 I’ve been doing yum-cron for updates, but just at the side gig with up to 50 boxes. It used to be absolutely rock solid before systemd wrecked it, but it’s still pretty reliable.