triptico.com is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
Switching customers from Linux to BSD because boring is good
https://www.theregister.com/2024/10/08/switching_from_linux_to_bsd/
#RunBSD #FreeBSD #NetBSD #OpenBSD #BSD #EuroBSDCon #EuroBSDCon24 #EuroBSDCon2024 #EBC24
#OpenBSD 7.6 is officially released!
New webzine issue releases as well
OpendBSD 7.6 brings a ton of improvements, but these two caught my eye for immediate use 😊
> Allow users to define tables inside an anchor in the same way they can define global tables in pf.conf(5)
> sshd(8) will now penalise clients that connect without completing authentication, crash the server or perform other unwelcome activities. This behaviour is controlled via the PerSourcePenalties and PerSourcePenaltyExemptList sshd_config(5) options.
OpenBSD 7.6 has been released with support for Qualcomm Snapdragon X Elite, kernel improvements, updated DRM (Linux 6.6.52), support for Meteor Lake, VMM/VMD improvements, better hardware support
Good morning, #fediverse!
OpenBSD 7.6 has been released, and most of my OpenBSD servers have already been upgraded.
Everything's been smooth and linear, as usual.
The 57th OpenBSD release is out there now!
There are tons of fixes, additions and general nicenessess. We, are mostly looking forward to all the VMM/VMD improvements made by Dave, @mlarkin and others!
You can find all the goodies on: https://www.openbsd.org/76.html
Announcement: https://marc.info/?l=openbsd-announce&m=172833332925186&w=2
Start your upgrade engines! OpenBSD Amsterdam upgrades will be scheduled as soon as the first errata is out.
Happy upgrading!!
OpenBSD 7.6 artwork by Sue Doeksen
Get the wearable apparel at https://openbsd.creator-spring.com/
Surprise! #OpenBSD 7.6 is released! 🐡
Announcement: https://marc.info/?l=openbsd-announce&m=172833332925186&w=2
#OpenBSD 7.6 merchandise (t-shirts, hoodies) are once again available on https://openbsdstore.com!
Many thanks to Job Snijders (& artist Sue Doeksen!)
Watch your 4K videos on #OpenBSD 7.6 using VAAPI with an Intel GPU. And much more.
https://www.openbsd.org/76.html
#76HYPE #OpenBSD76 #RunBSD
Special screenshot guest: #WindowMaker.
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟭𝟬/𝟬𝟳 (Valuable News - 2024/10/07) available.
https://vermaden.wordpress.com/2024/10/07/valuable-news-2024-10-07/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
I will never waste time making a unix joke.
#Unix #BSD #OpenBSD #Computers
Reminder: #OpenBSD 7.6 is not released until the announce@ mail goes out.
#OpenBSD 7.6 is out on mirrors!
If it's not available on your usual mirror, check another one :)
This one has the file https://ftp.fr.openbsd.org/pub/OpenBSD/7.6/
I just love #OpenBSD httpd/relayd/acme-client combo, so easy and intuitive to work with, I wish all internet serving technology would be so simple.
Heads up #2: #OpenBSD -currrent snapshots for at least i386/amd64 are broken, wait a few days before trying to upgrade. It might be a good idea to wait for -current packages to start flowing again anyway.
I need to figure out how to get #OpenBSD on a VPS. Support for it on AWS seems poor. Maybe there are better alternatives?
-current
The slides, the video, and the text behind my presentation at EuroBSDCon 2024 - 'Why and how we're migrating many of our servers from Linux to the BSDs.'
https://it-notes.dragas.net/2024/10/03/i-solve-problems-eurobsdcon/
#ITNotes #FreeBSD #OpenBSD #NetBSD #RunBSD #IT #SysAdmin #EuroBSDCon #EBC24 #EuroBSDCon24 #EuroBSDCon2024 #NoteHUB
I'd like to, yeah. I just kinda forgot the beauty of having a machine set up for focus, and not dithering.
I'll have to uninstall toot from it, and I might temporarily remove my authorized_keys entry from my rPi machine so I don't hop over to it to use tut, either.
I've also found that #Alacritty seems to be the perfect terminal for #OpenBSD... nice blend of fairly modern options and decent unicode support. For some reason, unicode just doesn't work right on #lxterminal on that OS.
Sometimes people ask me why I like #OpenBSD so much.
Over the weekend Theo de Raadt the founder of the whole project emailed me and my PhD student to say he liked our paper (and that it was 95% correct). We have never interacted with him before and the paper was published in a tiny workshop and on arXiv. He just stumbled on it.
(1/3)
The student has been running around with a massive grin on his face since. He even phoned his mum to boast proudly.
Contrast this with what happened when he found a small bug in Debian and the devs laughed at him.
I love #OpenBSD, but a random act of kindness by its devs like this, giving time and attention to a student is remarkable, and unheard of from any other project.
Dunno what it is but the BSDs are just friendly and I’m happy to be a user of such a friendly OS. Its just fab.
(3/3)
Interesting research paper comparing #sandboxing features found in #Linux, #OpenBSD and #FreeBSD, respectively #seccomp, pledge/unveil and #Capsicum
https://arxiv.org/abs/2405.06447 by Maysara Alhindi
@op you are mentioned there as gmid was studied
via @goblin
Il parait que c'est OctOpenbsd, alors voilà un magnifique tmux.
#openbsd #tmux
.tmux.conf
[...]
set -g status-style fg=black,bg=#E25825
set-option -g status-right "#(~/.tmux/status.sh)"
.tmux/status.sh
#!/bin/sh
load=$(sysctl -n vm.loadavg|cut -c1-4)
temp=$(sysctl -n hw.sensors.ksmn0.temp0|cut -c1-2)
speed=$(echo "$(sysctl -n hw.cpuspeed)/1000"|bc -l|cut -c1-3)
bat=$(apm|head -1|awk '{print $4}')
heure=$(date +"%a %d/%m %H:%M")
echo "$load | $speed GHz $temp oC | $bat bat | $heure"
Is it perhaps time for some #OpenBSD #76HYPE!
#OpenBSD 7.6 has a cool new bootloader feature, configurable in boot.conf(5), "machine idle [secs]", which will poweroff your machine when idling at the bootloader.
https://bsd.network/@brynet/112333726672623664
A longstanding issue with MSI interrupts in OpenBSD's azalia(4) audio driver on AMD chipsets has been fixed!
https://bsd.network/@brynet/112458299293388956
OpenBSD 7.6 will have some support for many Snapdragon X Elite laptops, starting with patrick@'s initial bringup on the Lenovo Yoga Slim 7x ~24 hours after the new hardware launched, also:
• ThinkPad T14s
• Asus Vivobook S15
• Samsung Galaxy Book4 Edge
• HP OmniBook X
https://bsd.network/@brynet/112645328344890243
Hardware accelerated video decode/encode (VA-API) support was added, libva imported.
https://bsd.network/@brynet/112813702107946930
Jonathan Gray (jsg@) backported support for Intel Meteor Lake (14th Gen) graphics, drm drivers updated to Linux 6.6.y/6.6.52, from 6.6.19.
https://bsd.network/@brynet/112952017130589350
System call pinning "pinsyscalls(2)" is now mandatory.
https://bsd.network/@brynet/112997987653463724
Many common USB mice should no constantly detaches/reattach, spamming the console.
https://bsd.network/@brynet/113034445342767163
AMD #SEV encrypted memory guests in #OpenBSD vmm(4)/vmd(8), added by Hans-Jörg Höxer (hshoexer@)
https://bsd.network/@brynet/113119843773088900
It's now possible to get some NVMe controller/namespace information on #OpenBSD using bioctl(8), as well as useful NVMe SMART data, like temperature, available spare sectors, device endurance via sysctl(1).
https://bsd.network/@brynet/113130520504973726
OpenBSD 7.6 has initial suspend-to-idle (S0/S0ix) "s2idle" support on amd64
https://bsd.network/@brynet/113177313717726815
..and much more for users to discover when 7.6 releases this month!
Heads up: #OpenBSD snapshots that are rolling out for several architectures are now post-7.6 -current, be aware. If you upgrade, downgrading to release is NOT supported.
It was great to see everybody again at #EuroBSDCOn2024.
Sorry if we missed you, but there is always #EuroBSDCon2025! :)
29 new VMs were added and 55 VMs were renewed.
We donated €1115 to the #OpenBSD Foundation, €44360 since we started.
Thank you, our users, and OpenBSD developers for an awesome OS!
Stay safe & healthy!
#RUNBSD in 2024
When I'm asked why OpenBSD is good and that I want to reply honestly, I have no argument.
From a technical point of view, I can't tell any strong benefits using OpenBSD, NetBSD or FreeBSD over Linux, although this doesn't mean they are bad.
It would be easy for me to be "cargo-culting" facts, being a "fanboy" or enumerating features that are exclusive to one (and they are rare, except if you are looking for the very very same feature!).
The truth is that what one OS will do better than an other, it will also do worse in another area.
It's important that we keep the BSD systems as relevant Linux alternatives: for software diversity, innovation and freedom of choice.
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟬𝟵/𝟯𝟬 (Valuable News - 2024/09/30) available.
https://vermaden.wordpress.com/2024/09/30/valuable-news-2024-09-30/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
After dinner, I decided to fire up my desktop computer, which has been shut down for months and primarily focused on gaming. I installed an old 500GB SSD, a 1TB spinning disk, and set up FreeBSD and OpenBSD. With my Nvidia graphics card, FreeBSD showed better video performance, and I had everything I needed installed in just over ten minutes. Even the suspend function from the Plasma menu works, and the system resumes correctly.
Tomorrow, when I have some free time, I’ll try another project: installing FreeBSD on an old PC I salvaged and prepping it for my father-in-law. He only uses Firefox (max two tabs at a time), a printer, and LibreOffice. I think that will be enough. I'm considering whether to go with FreeBSD or OpenBSD for that.
Has anybody ever tried a PreSonus AudioBox USB 96 2x2 with #FreeBSD ? I currently have a Focusrite Scarlett 6i6 which is detected but doesn't work and others in the forums say it doesn't work too. So I wondered whether stay with Focusrite and get a Gen 3 2i2 or go with the PreSonus AudioBox 96 which would give me midi in and out too.
Anybody ???
#RunBSD #OpenBSD
@solene WIP to add it in #OpenBSD ports :)
I hope to commit it soon in OpenBSD ports WIP https://github.com/jasperla/openbsd-wip
BSD PEOPLE! Been kicking around an idea for a blog post for a while, thought it’d be fun.
I’ve noticed a lot of us run more than one. For example, I use #FreeBSD and #NetBSD depending on what I want/need. ❤️🧡
Do you overwhelmingly run one? Or do you mix and match? Happily counting #illumos here too :)
Poll is going to be open for a week this time, then will write a post with the results.
(Forgot to tag #OpenBSD #DragonflyBSD too… actually hmm there are a lot, I didn’t think this through).
I run one BSD, and am happy: | 116 |
I run one BSD, but have been meaning to try others: | 47 |
I run two or more BSDs (I’d love to hear why): | 61 |
For many years, my mobile devices have automatically connected via Wireguard to my external OpenBSD VPS when I'm away from home. It's typically configured to route only my main VPNs (allowing remote intervention if necessary) and to set the DNS, similar to what I've described here: https://it-notes.dragas.net/2023/04/03/make-your-own-vpn-wireguard-ipv6-and-ad-blocking-included/
The goal is to have complete access to my networks and to use DNS that filters out unwanted content and ads.
It works very well, and the browsing experience is optimal.
In Dublin, I decided to route all traffic through that VPS. Since I often connect to open Wi-Fi networks (in hotels, at conferences, in pubs, etc.), I preferred to keep everything active. Moreover, at that point, I was still appearing to websites with my Italian IP, which reduced issues with streaming, etc.
Everything worked perfectly, and I didn't notice any significant increase in battery consumption. The hotel had all Ruckus equipment (with excellent Wi-Fi coverage), while the conference used Cisco, and the coverage there was also generally good.
The Wireguard implementation on OpenBSD has proven to be, as always, extremely stable and reliable.
OpenBSD is running great on the Orange PI One. Performance is quite good, too, considering the hardware - and the boot time is short.
I'll be using it for a couple of days for a specific task, then...who knows?
Still waiting for the FTTH, with the /48 ipv6 - that will change a lot of things, here.
My blog is hosted and served from three different locations: an httpd and relayd stack on OpenBSD, a FreeBSD jail, and a Raspberry Pi Zero W powered by NetBSD - and they all contain all the files.
The VM on OpenBSD is located in the Netherlands at OpenBSD Amsterdam, a provider offering OpenBSD VMs on OpenBSD hosts, contributing a portion of earnings to the OpenBSD Foundation. Their setup is transparent and well-documented, enabling full understanding of the underlying infrastructure.
Varnish is configured across the various hosts to use all three resources as backends, ensuring that data remains accessible to the reverse proxies even if two of the servers go down.
And, in the event that all three go down, the reverse proxies will continue to serve the cached versions for days.
#ITNotes #RunBSD #FreeBSD #OpenBSD #NetBSD #Varnish #VarnishCache
OpenBSD now enforcing no invalid NUL characters in shell scripts
https://www.undeadly.org/cgi?action=article%3Bsid%3D20240924105732
Discussions: https://discu.eu/q/https://www.undeadly.org/cgi?action=article%253Bsid%253D20240924105732
**BSD Mail Project Update!**
Hello everyone! I wanted to share some exciting updates about the development of BSD Mail, our privacy-focused email service designed with robustness, security, and transparency in mind. Here’s a deep dive into the technical choices I've made, focusing on my use of open source solutions and open protocols:
🌍 **Servers & Location**
- We're running on two physical servers:
- One hosted by OVH in France
- Another by Hetzner in Germany
- Both servers operate on FreeBSD with NVMe drives in a ZFS mirror configuration for speed and data integrity.
🔒 **Virtualization & Security**
- We utilize jails on both servers to ensure isolated environments for different services, managed via BastilleBSD. On one server, jails are set up directly on the hardware, whereas the other server employs nested jails.
- Each server hosts a bhyve VM running OpenBSD with OpenSMTPD for handling SMTP duties securely.
🔗 **Networking**
- A Wireguard setup connects the two servers, facilitating routing capabilities so that jails and VMs can communicate seamlessly, supporting both IPv4 and IPv6.
📧 **Email Services**
- **Dovecot** is configured for maildir replication across the servers using Dovecot sync, ensuring email availability and redundancy.
- **Rspamd** instances are tied to local KeyDB jails, set up in master-master replication for consistent and reliable spam detection and greylisting.
- **ClamAV** runs in corresponding jails for virus scanning, maintaining a high level of security.
- **SOGo** provides a web interface for email management, connected to MySQL databases in master-master replication to handle sessions and authentication smoothly.
💾 **Data Management**
- Email data is stored on separate, encrypted ZFS datasets to secure emails at rest.
- MySQL databases are used for storing credentials and managing sessions for SOGo, also in a master-master replication setup. Importantly, all passwords are securely hashed using bcrypt, ensuring they are salted and safe.
🔎 **Monitoring & Reliability**
- Our DNS is managed through BunnyNet, which continuously monitors our server status. Should one server—or a specific service—become unavailable, DNS configurations are dynamically adjusted to avoid directing users to the affected IP until full service is restored.
🌐 **Commitment to Open Source and Open Protocols**
- Every component of BSD Mail is built exclusively using open source software and open protocols. This commitment is crucial for ensuring data freedom and the reliability of the solutions we use.
This setup not only emphasizes our commitment to privacy and security but also our dedication to maintaining an open and transparent platform.
We're excited to bring you a service where your privacy, data integrity, and freedom are prioritized. Stay tuned for more updates!
#BSDMail #OpenSource #Privacy #FreeBSD #OpenBSD #EmailHosting #Email
It's official: the new email hosting service I'll be launching will run on OpenBSD as well. The two OpenSMTPD SMTP servers will operate on two OpenBSD installations.
Sharing some technical details about how I'm setting up the hosted email service. It will not be a service of BSD Cafe but tied to my own business. It will run entirely on BSD systems and on bare metal, NOT on "cloud" VPS. It will use FreeBSD jails or OpenBSD or NetBSD VMs (but on bhyve, on a leased server - I do not want user data to be stored on disks managed by others). The services (opensmtpd and rspamd, dovecot, redis, mysql, etc.) will run on separate jails/VMs, so compromising one service will NOT put the others at risk. Emails will be stored on encrypted ZFS datasets - so all emails are encrypted at rest - and only dovecot will have access to the mail datasets. I'm also considering the possibility of encrypting individual emails with the user's login password - but I still have to thoroughly test this. The setup will be fully redundant (double mx for SMTP, a domain for external IMAP access that will be managed through smart DNS - which will distribute the connections on the DNS side and, in case of a server down, will stop resolving its IP, sending all the connections to the other. Obviously, everything will be accessible in both ipv4 and ipv6 and in two different European countries, on two different providers. Synchronization will occur through dovecot's native sync (extremely stable and tested). All technical choices will be clearly explained - the goal of this service is to provide maximum transparency to users on how things will be handled.
#BSD #FreeBSD #OpenBSD #NetBSD #emailHosting #encryption #ZFS #dovecot #opensmtpd #rspamd #emailSecurity #techTransparency #ipv6 #Europe
#OpenBSD may introduces Word into the base system