Posts by smortex@mamot.fr
(DIR) Post #9shqr7zq3VgLav4xOK by smortex@mamot.fr
2020-03-05T00:46:03Z
0 likes, 1 repeats
syslog-ng 3.26.1 was released!This version adds support for multi-line timeouts: when parsing log files with messages spanning multiple lines, you had to wait for message n+1 to arrive before message n was processed. For log files with only exception, that was unhandy (e.g. need to trigger the failure twice to see it in kibana). That feature has been expected for a long time!Other cool features are part of this new release, check:https://github.com/syslog-ng/syslog-ng/issues?q=is%3Aclosed+label%3Auser-visible-feature+milestone%3Asyslog-ng-3.26
(DIR) Post #9shzfQPSfX8goZYffE by smortex@mamot.fr
2020-03-05T20:43:00Z
0 likes, 0 repeats
@feld They deliver a new release every ~2 months and contributing is made easy by them providing guidance and assistance.My only concern about syslog-ng is that it can do a LOT of things, and doing advanced things is sometimes tricky. The learning curve is somehwat steep when you want to manipulate messages before sending them to their final destination.
(DIR) Post #9tgTAaVwrIVT55COZM by smortex@mamot.fr
2020-04-04T01:02:43Z
0 likes, 0 repeats
@jeffalyanak Maybe the list of supported OpenWRT devices is a good start ?https://openwrt.org/toh/start
(DIR) Post #9thP0eW8ump3wTFyqW by smortex@mamot.fr
2020-04-04T01:06:06Z
0 likes, 0 repeats
@jeffalyanak And if you really really want pfsense, they have a products page where they list their requirements. Building something that exactly fits your needs with supported devices might be a solution :https://www.pfsense.org/products/
(DIR) Post #9ySUlAu8AB2RunzFaa by smortex@mamot.fr
2020-08-24T20:13:35Z
1 likes, 0 repeats
@raichoo … really depends on your usage. If you have real backups (not based on ZFS clone), it can be okay.If you want reliable storage, mirroring without ECC RAM will behave fine for a long time before you realize it's already too late. When lucky, bit flips happen in unused memory, in application or kernel memory causing a crash / reboot, in cached data causing strange behavior until the next reboot.
(DIR) Post #9ySUlD4U6eVcdUqY0O by smortex@mamot.fr
2020-08-24T20:15:57Z
0 likes, 0 repeats
@raichoo When unlucky, in happen to data before it's written to disk (data loss).Or worse : corruption can happen in ZFS metadata. In that case, you are basically doomed…
(DIR) Post #9zt0mrZPF8KSwXnhjc by smortex@mamot.fr
2020-10-06T05:16:07Z
0 likes, 0 repeats
@fribbledom Good idea! In case you automated this using the GitHub API, consider making this code public, I guess I am not the only one who would be interested in it 😉
(DIR) Post #AA82spyCrWh4aGEzIW by smortex@mamot.fr
2021-08-08T22:12:34Z
0 likes, 1 repeats
Any users of #Puppet on #FreeBSD using the PDK (Puppet Development Kit)?The port has been lagging behind for years, the PDK offering low value in my opinion and being a huge mess to have working.I gave it a look this morning and ended-up with something that _seems_ to work as expected. Still not very valuable in my opinion, but I guess it can help newcomers…It was committed to the FreeBSD ports a few minutes ago and should be available as package soon.Please send feedback is you use it!
(DIR) Post #AAsJu0eh7DarGV1mwC by smortex@mamot.fr
2021-08-31T06:01:09Z
0 likes, 0 repeats
@otyugh C'est un truc en cours, commencé en 2015:https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/TL;DR C'est compliquay…La stratégie c'est de nécessiter https pour les nouveaux machins qui sont supportés de manière à forcer ceux qui veulent en bénéficier d'être en https.En attendant, rien n’empêche les gens qui gèrent des sites web de les rendre accessible en https uniquement, et de faire du HSTS preloading pour que le navigateur accède au site en https même si tu met http:// 😉
(DIR) Post #ACiXeUtlwybeCzU4rw by smortex@mamot.fr
2021-10-25T03:42:32Z
0 likes, 1 repeats
Atlas sonore des langues régionales de Francehttps://atlas.limsi.fr/La même (courte) histoire dans près de 850 langues régionales de France (en incluant les outre-mer) et les environs.Juste génial 🤯 !
(DIR) Post #AFqJYae2T040iggVZw by smortex@mamot.fr
2022-01-26T20:08:05Z
0 likes, 0 repeats
@selea OMG! A sun v880! I used to have one at home 😃 About 80kg, almost everything redundant (2 layers of fans, 3 power supplies), it takes almost 20mn for POST, then the OS boot in a few seconds (i used FreeBSD).As a friend once told me: « the computing power of a washing machine… with the power consumption of a washing machine ! ». He was jealous I bet!
(DIR) Post #AMPFfGw5QWzx0yJNgG by smortex@mamot.fr
2022-08-11T02:14:49Z
0 likes, 0 repeats
In 5 letters: a webserver with broken defaults and lacking basic features available in a non-free "Plus" (read "Enterprise™") version 😒.
(DIR) Post #AOnZNCHAxVVppaiY2y by smortex@mamot.fr
2022-10-21T17:08:59Z
0 likes, 0 repeats
@feld All this look like expected YAML behavior 😜.The real question IMO is: why do people rely on YAML to store complex and error-prone data structures?This look like a bad choice from the developers of docker-compose: why would you want to pass environment variables as a sequence of strings (where splitting the name and not handling quotation from the value is the responsibility of the code that process the YAML file) when you can use a simple mapping of variable name / variable value?
(DIR) Post #AT98WbzMCzmnfSn5dY by smortex@mamot.fr
2023-02-28T04:52:58Z
0 likes, 0 repeats
I updated my main system from #FreeBSD 13.1-RELEASE to 13.2-BETA3 which include fixes in the USB stack (bin/263995) that basically prevented usage of #ssh ed25519-sk keys (those relying on hardware security keys, e.g. #Yubikey).A whole new world is opening, one where you can forward your agent to remote systems you only marginally trust and where #sudo can be configured to use this forwarded SSH agent to authorize users.w00t!
(DIR) Post #AT9Af6FJnPAVjbQou8 by smortex@mamot.fr
2023-02-28T18:27:25Z
0 likes, 0 repeats
@feld It is about using ed25519-sk / ecdsa-sk keys where the private key on disk is not enough to get access, and you need the associated Yubikey and a user interaction to confirm the operation (i.e. touch the key).https://undeadly.org/cgi?action=article;sid=20191115064850
(DIR) Post #ATbpesvnVyOZDES5WC by smortex@mamot.fr
2023-03-14T01:19:04Z
1 likes, 0 repeats
Currently building #FreeBSD kernels with the assistance of git-bisect(1) to find out which commit in the upcoming 13.2-RELEASE break resume on my Pursim Librem 15 v3 🙄.Last commit in releng/13.2 is bad.13.1 was fine so git-merge-base(1) helped to find the last common commit in the releng/13.2 and releng/13.1 branch. A kernel build for this commit is verified good.Now, proceeding with git-bisect to find the culprit…
(DIR) Post #ATbpeudRBCtgUrsSB6 by smortex@mamot.fr
2023-03-14T02:00:06Z
0 likes, 0 repeats
After testing 16 kernels, the culprit is found: 6fddab804a17762d4f77bc92725ded7bbee5789aamd64: Reload CPU ext features after resume or cr4 changesLet's try to revert this patch on top of the branch and see if it help…
(DIR) Post #AUCD2S7FTMcu5uVzwO by smortex@mamot.fr
2023-04-01T03:05:40Z
0 likes, 0 repeats
@feld I never saw a POE splitter with USB connector.Here is my proposal for you: this POE to USB "cable" has (limited) computing capabilities and runs FreeBSD!This is why we can't have nice things.
(DIR) Post #AZOLJ7XXkCQ8aW7FlQ by smortex@mamot.fr
2023-09-03T04:32:28Z
0 likes, 0 repeats
@feld Bacula. Not user friendly, far from trivial to deploy, but predictable and consistent in its behavior, and I hate surprises… particularly those related to backups!
(DIR) Post #Al0aBlVkLK59RIAa9I by smortex@mamot.fr
2024-08-15T22:39:29Z
0 likes, 0 repeats
@anubhav Not exactly what you are looking for, but in order to manage the firewall rules of both Linux and FreeBSD nodes with reusable configuration blocks and a pf-like syntax I created puffy:https://github.com/opus-codium/puffy/I does not support all pf syntax and commands, but provide extra functions. Some documentation is missing, but acceptance tests in the `features` directory may help you to determine if this can help or not.