Today, something odd happened to me, slightly concerning but which, fortunately, ended on a positive note and with deep reflection.
They're doing some renovations in my office, so I sat down at a café table to work. I had with me an old HP laptop running FreeBSD. Ferrara is generally a peaceful city, but lately, some groups of youngsters have been causing trouble, going around bothering people, and in extreme cases, starting fights.
Today, it was my turn.
As they roamed around trying to provoke others, two of them approached me and began touching my laptop. They mocked me, jesting (not so playfully) about how ancient my computer was and how "they needed a computer," picking it up and examining it. Politely, I told them I needed it for work and it had all my files, so I couldn't just hand it over. It was broad daylight, but no one else was around at that moment. One of them noticed something unusual - "Where's the Windows menu? Is this Linux?"
"No, it's FreeBSD. Have you ever heard of it?" Their surprised expressions said it all. The entire group gathered, sat on the ground, and listened intently for about 15 minutes. I stalled, hoping for other people to arrive, so I wasn't alone.
Eventually, they got up, told me I was "old" but cool, and that they would immediately try out the BSDs (they were particularly intrigued by OpenBSD's security features - which they didn't grasp fully but saw as "professional hacker stuff"). They gave me a high-five, peacefully, without bothering anyone further.
Now, I'm left wondering: did they leave me alone because they learned something intriguing from me, because other people arrived, or are they just bored teenagers causing issues to pass the time - and got engrossed in something new, hence shifting their focus temporarily? All I know is I was relieved to get back to my office and from there, hear the rain outside, which usually deters these boys from troubling others.
I can say that today, FreeBSD saved me from very different problems than it usually does 😃
#BoxyBSD is a non-profit VM & service provider for the open-source community with a focus on BSD based Systems like #FreeBSD, #OpenBSD and #NetBSD. BoxyBSD also provides additional services like webhosting, git, email and DNS solutions for #opensource projects to give valuable things back to the community.
I've just finished reading "Relayd and Httpd mastery" by @mwl and it cemented my plan to move to #OpenBSD. https://test.sapka.me is already working and https://michal.sapka.me will soon follow. I like the Relayd + Httpd + acme-client setup much better than whatever #nginx tries to achieve by trying to be everything.
It's the first book of his I've read - "Absolute FreeBSD" and "Ed mastery" were also great. I don't know of any other indie tech writer but I dig his writing so much! The fact, that he may be the only writer treating #BSD (my recent love) seriously makes it even easier. After finishing "Relayd.." I've instantly bought his "Tarsnap mastery". Highly recommended!
I've been thinking about an adventure with #selfhosted#email and guess what? MWL is working on a book about it!
In the meantime (so: yesterday) I migrated my personal laptop from #FreeBSD to #OpenBSD. I had to force legacy UEFI and disable Nvidia but everything just works. WiFi, hibernation, even media keys. I am floored!
The packages for this version are downloaded from mirror.laylo.nl to facilitate faster testing. This server is sponsored by @laylo
It includes all #OpenBSD security improvements up to November 10.
The artwork by Banshee is based on Mictlantecuhtli, which means "Lord of Mictlan" in Aztec mythology. This god is associated with the dead, artwork includes augmented reality. You can download the app from https://apps.apple.com/mx/app/banshee/id611466539
And, the most crucial aspect is that this project is made with love, and it wouldn't have been achievable without the support of an incredible team: @OpenBSDAms@h3artbl33d@bsdbandit@x0darkpadr3@Banshee and 0xdeadbea7.
I vividly remember when, less than 20 years ago, they used to ask me, "Why do you want to do this with Linux|Free|Open|NetBSD when it can be done with Windows? Everyone uses it!" Today, the question is similar but different: "Why do you want to do this on Free|Open|Net|DragonflyBSD when it can be done with Linux? Everyone uses Linux for this!"
The problem is precisely this: if everyone is doing it, do we really take it for granted that it's the best solution? I stay informed and have everything in production: all the BSDs and many Linux distributions, choosing the best tool each time, in my opinion, to achieve a result.
Why people always feel the need to conform to everyone and everything, and continue to decide what's better based on trends, personal beliefs, or social conventions, will forever remain a mystery to me.
Hello everyone! I wanted to share some exciting updates about the development of BSD Mail, our privacy-focused email service designed with robustness, security, and transparency in mind. Here’s a deep dive into the technical choices I've made, focusing on my use of open source solutions and open protocols:
🌍 Servers & Location
We're running on two physical servers:
One hosted by OVH in France
Another by Hetzner in Germany
Both servers operate on FreeBSD with NVMe drives in a ZFS mirror configuration for speed and data integrity.
🔒 Virtualization & Security
We utilize jails on both servers to ensure isolated environments for different services, managed via BastilleBSD. On one server, jails are set up directly on the hardware, whereas the other server employs nested jails.
Each server hosts a bhyve VM running OpenBSD with OpenSMTPD for handling SMTP duties securely.
🔗 Networking
A Wireguard setup connects the two servers, facilitating routing capabilities so that jails and VMs can communicate seamlessly, supporting both IPv4 and IPv6.
📧 Email Services
Dovecot is configured for maildir replication across the servers using Dovecot sync, ensuring email availability and redundancy.
Rspamd instances are tied to local KeyDB jails, set up in master-master replication for consistent and reliable spam detection and greylisting.
ClamAV runs in corresponding jails for virus scanning, maintaining a high level of security.
SOGo provides a web interface for email management, connected to MySQL databases in master-master replication to handle sessions and authentication smoothly.
💾 Data Management
Email data is stored on separate, encrypted ZFS datasets to secure emails at rest.
MySQL databases are used for storing credentials and managing sessions for SOGo, also in a master-master replication setup. Importantly, all passwords are securely hashed using bcrypt, ensuring they are salted and safe.
🔎 Monitoring & Reliability
Our DNS is managed through BunnyNet, which continuously monitors our server status. Should one server—or a specific service—become unavailable, DNS configurations are dynamically adjusted to avoid directing users to the affected IP until full service is restored.
🌐 Commitment to Open Source and Open Protocols
Every component of BSD Mail is built exclusively using open source software and open protocols. This commitment is crucial for ensuring data freedom and the reliability of the solutions we use.
This setup not only emphasizes our commitment to privacy and security but also our dedication to maintaining an open and transparent platform.
We're excited to bring you a service where your privacy, data integrity, and freedom are prioritized. Stay tuned for more updates!
If you too have #BSD (#OpenBSD, #FreeBSD, #NetBSD or related) material you want to present and would like to go to #Ottawa end May to start of June to do that and hang out with other BSD people, go to https://www.bsdcan.org/2024/papers.php and follow the submission instructions until Monday February 12th.
It was just an email, rather than an issue or bug and someone took some efforts to look up my mail and to write me. It made me very happy & we should much more honour the work of others! It reminded me of how much we now take software for granted in our daily life. Things we do and handle our daily business... Even if we don't donate anything or only small amounts, we should always show respect for the time and effort of the author and maintainer. Even a small personalized email can bring great joy :)
Hey #BSD friends. I want to try some bsd as my daly driver. Work and everything and I need some help to find live systems to try on my hardware. Any recomendation? #freebsd, #openbsd, #netbsd will work for me.
🐡 OpenBSD 7.5 Released - Faster Performance For Many-Core ARM Servers | Phoronix
「 Theo de Raadt has released OpenBSD 7.5 as the newest version of this security-focused BSD operating system. With OpenBSD 7.5 there is a number of improvements for ARM (AArch64) hardware, never-ending kernel optimizations and other tuning work, countless package updates, and other adjustments to this popular BSD platform 」
BSDCan 2024 will be held 31 May - 1 June (Fri-Sat), 2024 in Ottawa,
at the University of Ottawa. It will be preceded by two
days of tutorials on 29-30 May (Wed-Thu).
Also: do not miss out on the Goat BOF on Tuesday 28 May.
For the safety of speakers and attendees, this conference will again
follow the mask policy outlined at https://bsdcan.org.
Migrated one of my #OpenBSD VMs to @OpenBSDAms . Super fast setup process, well documented and works like a charm. 100% in line with OpenBSD's sane defaults.
Hi there, folks. I've moved back to #Fosstodon yet again.
I'm a #DevOps guy, who used to be a Linux #sysadmin for many years before that. I run #OpenBSD :openbsd: and #GrapheneOS :GrapheneOS: on my personal devices.
I post random thoughts and dumb jokes. And I think up unlikely #infosec vulnerabilities.