Posts by subnetspider@mastodon.bsd.cafe
(DIR) Post #AunBUdeMZsyGA9eBRw by subnetspider@mastodon.bsd.cafe
2025-05-01T15:02:12Z
0 likes, 1 repeats
Today I migrated my private Gitea server from the #FreeBSD VM running on Proxmox VE to a jail running on my FreeBSD NAS, all I had to do was copy /var/db/gitea and /usr/local/etc/gitea/conf/app.ini to the jail, install the gitea pkg and start the service.This is now the 15th jail running on this NAS, and one VM less on my Proxmox VE. πI've also upgraded the router in front of my firewalls (it only does PPPoE + NAT44 + DHCPv6 prefix delegation), the old one with its 256MB of RAM started rebooting randomly, the new one has 1GB of RAM and is already using 33% of it. I just realised how underpowered the old one was. π
(DIR) Post #Aw101nVs12ErpUZnhg by subnetspider@mastodon.bsd.cafe
2025-07-11T06:08:13Z
0 likes, 0 repeats
@shmok PF on modern CPUs barely has any trouble filtering packets at gigabit speeds, more cores do help with routing though - which also depends on your network card, it's drivers, and it's queues. I would recommend Intel i226 NICs when getting a mini-PC, don't touch the i225 NICs though (they suck at stability). Some good-ish 2.5G Realtek NICs also exist, but I never tried them.
(DIR) Post #Aw5q1m1tVHvVTehldA by subnetspider@mastodon.bsd.cafe
2025-07-13T10:31:00Z
0 likes, 0 repeats
I've just installed #Forgejo in a #FreeBSD Jail, but I couldn't find a guide on how to set it up.Luckily, I could get away with using the instructions of @marzlberger 's blog post on installing Gitea: https://bsdbox.de/en/artikel/gitea/gitea-lokal π The steps were basically identical, I just had to replace "gitea" with "forgejo" in all the commands and paths.If I ever want to migrate my Gitea instance to Forgejo, I now know how to do it.
(DIR) Post #AxevUEwrOKa5JhmUEK by subnetspider@mastodon.bsd.cafe
2025-08-29T10:08:18Z
1 likes, 0 repeats
@sysop It depends. If there is sensitive data, I would just censor it (e.g. IP addresses, hostnames...).There is also the pkg "hw-probe", but some people don't like to run it on their system.It uploads a lot more info, but seems to automatically remove sensitive info:https://bsd-hardware.info
(DIR) Post #Ay0U6ifunGtFHHX8qW by subnetspider@mastodon.bsd.cafe
2025-09-08T20:03:29Z
1 likes, 0 repeats
@rubenerd It's alive :)The installer even recommend drivers for the wireless network card and the iGPU.Here is a hardware probe:https://bsd-hardware.info/?probe=0e67b4d9fd
(DIR) Post #AzfvcPVFMoJVu3O25I by subnetspider@mastodon.bsd.cafe
2025-10-28T06:03:33Z
1 likes, 1 repeats
Decided to give NetBSD a try, so far it's working, but reading the guide is a must for me (a FreeBSD user). π
(DIR) Post #Azpm3LAYX0wWJuVi4m by subnetspider@mastodon.bsd.cafe
2025-11-02T11:48:24Z
0 likes, 0 repeats
Don't know if I will regret this, but I've taken the first step in migrating my home network from Sophos Firewall to OPNsense, by creating a 2nd UniFi controller for the WiFi at my parents house. This lets me tear down my network, without their WiFi going down. Currently, if the site-to-site VPN goes down for too long, the UniFi APs will stop working after a while (searching for a new controller?).
(DIR) Post #AzpmtNVL5uOscZ2rLs by subnetspider@mastodon.bsd.cafe
2025-11-02T11:58:23Z
0 likes, 0 repeats
@jae Thanks for the offer, but I know how to handle OPNsense - I ran it for 6 years myself (2017β2023) and I'm quite familiar with it. π I will probably run two OPNsense Firewalls in a HA configuration, which I've last tested a couple months ago.
(DIR) Post #Azpnu71NxnoHk8wrjM by subnetspider@mastodon.bsd.cafe
2025-11-02T12:03:35Z
0 likes, 0 repeats
@jae Not yet, but I could do that if there is enough interest. Most of what I'm going to do requires a static IPv6 prefix though. π
(DIR) Post #B0Egs4ZOPKyOGnoEwy by subnetspider@mastodon.bsd.cafe
2025-11-14T04:48:52Z
0 likes, 0 repeats
@nuintari Reminds me of this...(Source: https://www.linkedin.com/posts/christopherkunz_insecurity-appliance-bingo-sophos-joins-activity-7353364879170232321-A1sJ)No wounder people use OpenBSD to protect their "security" appliances.
(DIR) Post #B0LF9wP84IM7Y0SaFk by subnetspider@mastodon.bsd.cafe
2025-11-17T16:11:33Z
1 likes, 0 repeats
TIL that you can backup PlayStation 4 files to external USB media, after learning that the internal HDD of my brother's PS4 broke and it stopped booting. π© When I connect the HDD to my FreeBSD server, I can see the drive and partitions, but can't access the data inside them, because they're all encrypted...Cloning the HDD to a SSD with dd / ddrescue also didn't work, because at some point the HDD becomes unresponsive (too many read errors) at some point. SMART status shows a high reallocated sector count, for what that's worth.As a last effort, I installed the PS4 OS on the SSD, and am now overwriting the user partition with the data from the old HDD, as hopefilly the broken sectors are at the start of the disk. I have no Idea if this will work, so wish me luck. π
(DIR) Post #B0aQ23TTqD6xLO4diy by subnetspider@mastodon.bsd.cafe
2025-11-24T23:54:14Z
1 likes, 1 repeats
Does anyone know when the #Tor package for #FreeBSD will be upgraded from 0.4.8.20 to 0.4.8.21?It's been almost a week since 0.4.8.21 was released due to a critical security fix, but nothing's happening... :(
(DIR) Post #B0kb2oJQjzgLgZXEm0 by subnetspider@mastodon.bsd.cafe
2025-11-29T21:44:16Z
2 likes, 1 repeats
Decided to set kern.securelevel on my FreeBSD test VM from -1 to 3, and well ... it did not disappoint.Nothing permanent, but still funny to see even root unable to e.g. disable the PF firewall or load kernel modules at all. π
(DIR) Post #B0qtVyje23ZSX5c9Ds by subnetspider@mastodon.bsd.cafe
2025-12-02T22:39:48Z
3 likes, 1 repeats
Who knew that reading man pages can be useful? Found out that you can do the following in rc.conf to generate an EUI64 v6 address on a FreeBSD host with static addresses (no SLAAC):ifconfig_re0_alias0="inet6 2001:db8:: eui64 prefixlen 64"It will then generate the last 64 bits of the IPv6 address from the MAC address, e.g.:inet6 2001:db8::921b:eff:fef9:da26 prefixlen 64Don't know if I will ever need this, but interesting nonetheless.
(DIR) Post #B0yOGS9JMSMBoKPqgC by subnetspider@mastodon.bsd.cafe
2025-12-06T13:27:21Z
1 likes, 1 repeats
Hey FreeBSD people :)I have a particular service in one of my (many) jails, which I need to run as root, so it can manage the jailed ZFS datasets properly.To achieve this, I guess editing the rc script in /usr/local/etc/rc.d/ would be the easiest option, but is it the best one?As I don't know if the rc script could get overwritten in the future by pkg update, I would probably edit a copy and create a symbolic link to it.Is this something that you would do as well?
(DIR) Post #B0ylmcWEdkMCBURhuS by subnetspider@mastodon.bsd.cafe
2025-12-06T17:42:26Z
0 likes, 0 repeats
@utrenkner @gumnos I am aware, but I forgot (I even use it for zfs replication). π© I'm just a little skeptic if it will actually work, when I read this (from the zfs-allow handbook). π€It says "Linux", but does it mean "ZFS on Linux" which FreeBSD now uses, or e.g. "ZFS on Debian"?
(DIR) Post #B12pUnMwjmoV4WhG7c by subnetspider@mastodon.bsd.cafe
2025-12-08T16:51:16Z
2 likes, 4 repeats
Over the last couple of days I visited my parents and used this opportunity to migrate my fathers PC from Windows 10 to Linux Mint (take that, Micro$oft), as this machine is only used for web browsing and light office use.Instead of spending Money on a license, I upgraded the Fujitsu i5-4690 8G RAM PC to a Lenovo m720q i5-9400t 16G RAM PC, which ironically used to run Windows as well.To migrate - and more importantly - back up all his files, I installed UrBackup, which now runs in a bastille jail on the local FreeBSD NAS. It's now automatically backing up all the files, backed by (the amazing) OpenZFS.And to allow remote access for remote assistance, I also installed Rustdesk in another bastille Jail, but this time on the FreeBSD NAS at my place. This now allows easy access without having to rely on the benevolence of TeamViewer anymore.Thanks to FOSS software, I only spent a little over β¬120 on the new hardware and a couple of hours of time, half of which was spent talking to family. It was all well spent, in my opinion. ππ
π
(DIR) Post #B14J4V0LaLfiMxSmFE by subnetspider@mastodon.bsd.cafe
2025-12-09T08:53:18Z
0 likes, 0 repeats
@goetz If there are so many drawbacks to using EUI-64, is there a RFC which presents alternatives or a recommendation on how to generate v6 interface identifiers? π€ All the information I can find are how not to do things (sequeltial addressing, e.g. 2001:db8::1, 2001:db8::2, 2001:db8::3, ...), IPv4 to IPv6 matching (10.0.0.254 --> 2001:db8::254) or EUI-64.
(DIR) Post #B1kBlr1jDA7sb1LLai by subnetspider@mastodon.bsd.cafe
2025-12-29T14:47:54Z
0 likes, 1 repeats
So... I had planned to upgrade my FreeBSD NAS from LGA1150 (2013 Supermicro) to AM5 with an ASRock Rack board, but due to the price hike of DDR5, that is no longer feasible.Since I still have dozens of 8 GiB DDR3 ECC RDIMMs collecting dust, I'm considering upgrading to a LGA2011-3 board from 2016 so that I can upgrade the RAM from 32 to 64 GiB.There's no way I'm going to pay over 1800β¬ just to have a bit more RAM so I can run bhyve VMs on my NAS, in addition to all the jails I already run.
(DIR) Post #B1kD2rQZ4iIaiQdLJg by subnetspider@mastodon.bsd.cafe
2025-12-29T14:57:57Z
1 likes, 0 repeats
@matthew Oh you're right, LGA2011-3 is already DDR3, so I has to be a LGA2011 without the -3... Feels like yesterday when they came out.