got Syncthing working on my play-around-with #OpenBSD machine. Painless. Installed the package, then ran it manually and got it configured. Wondered how to make it auto-start, like I would do with systemd; turns out I just needed to edit the startup script in /etc/rc.d/ so it used my own user instead of a dedicated Syncthing user; then enable/start it with "rcctl" (which works pretty much like "systemctl" on linux).
I need a decent VPS host that specialises in #BSD, specifically #OpenBSD based hosting. One that has a good track record for reliability, also good customer support, and general security practises.
I can google this, but I have a lot of BSD people following me, so I'm asking this here, because my followers will know better.
I'm moving all my self-hosted servers over to OpenBSD but some of it is intentionally outsourced, for a few reasons. If people can reply with suggestions that'd be super.
How can I be up-to-date with current developments of all #bsd without following their mailing lists? I'd love to know what they are cooking (got or graphical installer for example) but without following dev discussions, as those are too low-level for my needs.
And here is more I learned on the same subject: 'lock' is not implemented under Ubuntu or #slackware so 'tmux lockc' does not seem to work either. The utility 'vlock' does the same thing, but is not installed by default.
But installing 'vlock' does not make 'tmux lockc' work under Linux. ☹️
Under #OpenBSD and #NetBSD 'lock -p' uses your default password, but 'tmux lockc' work as expected (meaning, it asks for your login password). No '-p' means entering a separate password for unlocking.
How do my (now) fellow #OpenBSD users use Mastodon/Fedi? The website? A client application? A PWA? CLI client?
I'd really like to use the PWA but the problem is that Firefox doesn't support that anymore. There's only one GTK client and it's libadwaita so that's a no-go too.
We become what we behold
We shape our tools and then
our tools shape us
~ Marshall McLuhan
That quote struck me :flan_aww: I have been using #OpenBSD for little over two decades. Back then, it wasn't love at first sight as documented on a blog. It did grow on me, right to the point where I could say that I truly loved it. I still remember socially engineering my mother for permission to get a Puffy tattoo (which was a requirement before turning 18). Much to my surprise, she was not only okay with it, but offered to give it as my birthday present :flan_heart:
Over the years, OpenBSD and the community have been shaping my views on computing, security and privacy. I am incredibly grateful to Theo, to OpenBSD, to the developers, to the contributors and community at large.
You - collectively and without exception - have been a bless. It has been (and continues to be) an honor. I am forever grateful to you all :heartcyber:
"There’s a multitude of Operating Systems to choose from. You may have been using something like Windows or MacOS and be perfectly happy with it. You can step up and use Linux, Haiku or even Amiga OS. So, why do I think a BSD system may be a great choice?"
Hello everyone! I wanted to share some exciting updates about the development of BSD Mail, our privacy-focused email service designed with robustness, security, and transparency in mind. Here’s a deep dive into the technical choices I've made, focusing on my use of open source solutions and open protocols:
🌍 Servers & Location
We're running on two physical servers:
One hosted by OVH in France
Another by Hetzner in Germany
Both servers operate on FreeBSD with NVMe drives in a ZFS mirror configuration for speed and data integrity.
🔒 Virtualization & Security
We utilize jails on both servers to ensure isolated environments for different services, managed via BastilleBSD. On one server, jails are set up directly on the hardware, whereas the other server employs nested jails.
Each server hosts a bhyve VM running OpenBSD with OpenSMTPD for handling SMTP duties securely.
🔗 Networking
A Wireguard setup connects the two servers, facilitating routing capabilities so that jails and VMs can communicate seamlessly, supporting both IPv4 and IPv6.
📧 Email Services
Dovecot is configured for maildir replication across the servers using Dovecot sync, ensuring email availability and redundancy.
Rspamd instances are tied to local KeyDB jails, set up in master-master replication for consistent and reliable spam detection and greylisting.
ClamAV runs in corresponding jails for virus scanning, maintaining a high level of security.
SOGo provides a web interface for email management, connected to MySQL databases in master-master replication to handle sessions and authentication smoothly.
💾 Data Management
Email data is stored on separate, encrypted ZFS datasets to secure emails at rest.
MySQL databases are used for storing credentials and managing sessions for SOGo, also in a master-master replication setup. Importantly, all passwords are securely hashed using bcrypt, ensuring they are salted and safe.
🔎 Monitoring & Reliability
Our DNS is managed through BunnyNet, which continuously monitors our server status. Should one server—or a specific service—become unavailable, DNS configurations are dynamically adjusted to avoid directing users to the affected IP until full service is restored.
🌐 Commitment to Open Source and Open Protocols
Every component of BSD Mail is built exclusively using open source software and open protocols. This commitment is crucial for ensuring data freedom and the reliability of the solutions we use.
This setup not only emphasizes our commitment to privacy and security but also our dedication to maintaining an open and transparent platform.
We're excited to bring you a service where your privacy, data integrity, and freedom are prioritized. Stay tuned for more updates!
Trying to setup a computer without internet (not for security reasons, distraction from working on stuff reasons) is far harder than I thought it would be. This computer is on another location away from wifi and ethernet and I don't want either.
Several distributions work live from cd DVD USB or microwave-- but none install to this 2018 Dell XPS desktop.
Again, this "air-gapped" computer isn't for security reasons.
So far, void linux and knoppix work the best live.
I relate. My machines at home are a 2021 Pinebook Pro (basically the CPU of a 2016 chromebook), a 2010 thinkpad, a 2012 dell laptop, and a raspberry pi 4, all running Linux or #OpenBSD.
#wayland on #OpenBSD seems to be pretty damn solid. I ported my #sway configure over after installing a handful of apps and it just damn works. Though I can not find a wayland native terminal emulator in the repos but just getting started here. I just need to compile #waybar and hope it works than I'm all set!
Agreed. I was skeptical of the decision to include non-free drivers by default, but it made Debian 12 really awesome to use. I've got it on all my x86-based machines except for one #OpenBSD box. :)