Might be worth looking into immutable distros (nix, guix) and their home management systems, or containerised apps (flatpak, where you can inject config). A lot of tools are hardcoded to non standard locations so it’s kind of a losing battle by default. A similar strategy would be to use permissions or mount certain folders as read only.
Yay more options
Wow, was pretty heavily bombarded by domains ads just a few weeks ago!
Oh I used to play starfighter on PS2 as a kid, that would be pretty nostalgic! In any case very kind of you to do this.
Mostly remember looking at the printer in a game shop thinking I’ll never afford this. Very cool result.
Yep podman is FOSS. It was developed by redhat originally, which might be concerning to some given the recent news about RHEL, but that’s probably not relevant. Use it for homeassistant, etc and it can be less ready-out-the-box than normal docker but works well on the whole. Mind you if you have an issue with docker-the-system rather than any docker.io controversy, then it probably isn’t for you either.
Have you also tried nix, if so did you have any particular reason to stick with guix (maybe the Foss aspect)?
Yeah new to guix here but I think flatpak is the suggested and reasonable approach to combine with immutable desktops