The FreeBSD-native-ish home lab and network

For many years my setup was pretty simple: A FreeBSD home server running on my old laptop. It runs everything I need to be present on the internet, an email server, a web server (like the one you’ve accessed right now to see this blog post) and a public chat server (XMPP/Jabber) so I can be in touch with friends.

For my home network, I had a basic Access Point and a basic Router.

Lately, my setup has become more… intense. I have IPv6 thanks to Hurricane Electric, the network is passed to my home network (which we’ll talk about in a bit), a home network with multiple VLANs, since friends who come home also need WiFi.

I decided to blog about the details, hoping it would help someone in the future.

I’ll start with the simplest one.

I’ve been running home servers for a long time. I believe that every person/family needs a home server. Forget about buying your kids iPads and Smartphones. Their first devices should be a real computer (sorry Apple, iOS devices are still just a toy) like a desktop/laptop and a home server. The home server doesn’t need to be on the public internet, but mine is, for variety of reasons. This blog being one of them.

I get a static IP address from my ISP, Ucom. After the management change that happened couple of years ago, Ucom has become a very typical ISP (think shitty), but they are the only ones that provide a static IP address, instead of setting it on your router, where you have to do port forwarding.

My home server, hostnamed pingvinashen (meaning the town of the penguins, named after the Armenian cartoon) run FreeBSD. Historically this machine has run Debian, Funtoo, Gentoo and finally FreeBSD.

Hardware wise, here’s what it is:

root@pingvinashen:~ # dmidecode -s system-product-nameLatitude E5470root@pingvinashen:~ # sysctl hw.modelhw.model: Intel(R) Core(TM) i7-6820HQ CPU @ 2.70GHzroot@pingvinashen:~ # sysctl hw.physmemhw.physmem: 17016950784root@pingvinashen:~ # zpool listNAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOTzroot   420G   178G   242G        -         -    64%    42%  1.00x    ONLINE  -

While most homelabbers use hardware virtualization, I think that resources are a tight thing, and should be managed properly. Any company that markets itself as “green/eco-friendly” and uses hardware virtualization should do calculations using a pen and paper and prove if going native would save power/resources or not. (sometimes it doesn’t, usually it does)

I use containers, the old-school ones, Jails to be more specific.

I manage jails using Jailer, my own tool, that tries to stay out of your way when working with Jails.

Here are my current jails:

root@pingvinashen:~ # jailer listNAME        STATE    JID  HOSTNAME              IPv4               GWantranig    Active   1    antranig.bsd.am       192.168.10.42/24   192.168.10.1antranigv   Active   2    antranigv.bsd.am      192.168.10.52/24   192.168.10.1git         Stoppedhuginn0     Active   4    huginn0.bsd.am        192.168.10.34/24   192.168.10.1ifconfig    Active   5    ifconfig.bsd.am       192.168.10.33/24   192.168.10.1lucy        Active   6    lucy.vartanian.am     192.168.10.37/24   192.168.10.1mysql       Active   7    mysql.antranigv.am    192.168.10.50/24   192.168.10.1newsletter  Active   8    newsletter.bsd.am     192.168.10.65/24   192.168.10.1oragir      Active   9    oragir.am             192.168.10.30/24   192.168.10.1psql        Active   10   psql.pingvinashen.am  192.168.10.3/24    192.168.10.1rss         Active   11   rss.bsd.am            192.168.10.5/24    192.168.10.1sarian      Active   12   sarian.am             192.168.10.53/24   192.168.10.1syuneci     Active   13   syuneci.am            192.168.10.60/24   192.168.10.1znc         Active   14   znc.bsd.am            192.168.10.152/24  192.168.10.1

You already get a basic idea of how things are. Each of my blogs (Armenian and English) has its own Jail. Since I’m using WordPress, I need a database, so I have a MySQL jail (which ironically runs MariaDB) inside of it.

I also have a Git server, running gitea, which is down at the moment as I’m doing maintanence. The Git server (and many other services) requires PostgreSQL, hence the existence of  a PostgreSQL jail. I run huginn for automation (RSS to Telegram, RSS to XMPP). My sister has her own blog, using WordPress, so that’s a Jail of its own. Same goes about my fiancée.

Other Jails are Newsletter using Listmonk, Sarian (the Armenian instance of lobste.rs) and a personal ZNC server.

As an avid RSS advocate, I also have a RSS Jail, which runs Miniflux. Many of my friends use this service.

Oragir is an instance of WriteFreely, as I advocate public blogging and ActivityPub. Our community uses that too.

The web server that forwards all this traffic from the public to the Jails is nginx. All it does is proxy_pass as needed. It runs on the host.

Other services that run on the host are DNS (BIND9), an email service running OpenSMTPd (which will be moved to a Jail soon), the chat service running prosody (which will be moved to a Jail soon) and finally, WireGuard, because I love VPNs.

Finally, there’s a IPv6-over-IPv4 tunnel that I use to obtain IPv6 thanks to Hurricane Electric.

Yes, I have a firewall, I use pf(4).

For the techies in the room, here’s what my rc.conf looks like.

# cat /etc/rc.conf# Defaultsclear_tmp_enable="YES"syslogd_flags="-ss"sendmail_enable="NONE"#local_unbound_enable="YES"sshd_enable="YES"moused_enable="YES"ntpd_enable="YES"# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disabledumpdev="AUTO"zfs_enable="YES"hostname="pingvinashen.am"# Networkingdefaultrouter="37.157.221.1"gateway_enable="YES"ifconfig_em0="up"vlans_em0="37 1000" # 1000 -> WAN; 37 -> Home Routerifconfig_em0_1000="inet 37.157.221.130 netmask 255.255.255.0"ifconfig_em0_37="inet 192.168.255.2 netmask 255.255.255.0"static_routes="home"route_home="-net 172.16.100.0/24 -gateway 192.168.255.1"cloned_interfaces="bridge0 bridge6 bridge10"ifconfig_bridge10="inet 192.168.10.1 netmask 255.255.255.0"## IPv6ipv6_gateway_enable="YES"gif_interfaces="gif0"gifconfig_gif0="37.157.221.130 216.66.84.46"ifconfig_gif0="inet6 2001:470:1f14:ef::2 2001:470:1f14:ef::1 prefixlen 128"ipv6_defaultrouter="2001:470:1f14:ef::1"ifconfig_em0_37_ipv6="inet6 2001:470:7914:7065::2 prefixlen 64"ipv6_static_routes="home guest"ipv6_route_home="-net 2001:470:7914:6a76::/64 -gateway 2001:470:7914:7065::1"ipv6_route_guest="-net 2001:470:7914:6969::/64 -gateway 2001:470:7914:7065::1"ifconfig_bridge6_ipv6="inet6 2001:470:1f15:e4::1 prefixlen 64"ifconfig_bridge6_aliases="inet6 2001:470:1f15:e4::25 prefixlen 64 \inet6 2001:470:1f15:e4::80 prefixlen 64      \inet6 2001:470:1f15:e4::5222 prefixlen 64    \inet6 2001:470:1f15:e4:c0fe::53 prefixlen 64 \"# VPNwireguard_enable="YES"wireguard_interfaces="wg0"# Firewallpf_enable="YES"# Jailsjail_enable="YES"jailer_dir="zfs:zroot/jails"# DNSnamed_enable="YES"# Mailsmtpd_enable="YES"smtpd_config="/usr/local/etc/smtpd.conf"# XMPPprosody_enable="YES"turnserver_enable="YES"# Webnginx_enable="YES"tor_enable="YES"

The gif0 interface is a IPv6-over-IPv4 tunnel. I have static routes to my home network, so I don’t go to my server over the ISP every time. This also gives me the ability to get IPv6 in my home network that is routed via my home server.

As you have guessed from this config file, I do have VLANs setup. So let’s get into that.

First of all, here’s a very cheap diagram

I have the following VLANs setup on the switch.

Here are the active ports

The home router, hostnamed evn0 (named after the IATA code of Yerevan’s Zvartnots International Airport) runs FreeBSD as well, the hardware is the following

root@evn0:~ # dmidecode -s system-product-nameAPU2root@evn0:~ # sysctl hw.modelhw.model: AMD GX-412TC SOC                               root@evn0:~ # sysctl hw.physmemhw.physmem: 4234399744root@evn0:~ # zpool listNAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOTzroot  12.5G  9.47G  3.03G        -         -    67%    75%  1.00x    ONLINE  -

The home router does… well, routing. It also does DHCP, DNS, SLAAC, and can act as a syslog server.

Here’s what the rc.conf looks like

clear_tmp_enable="YES"sendmail_enable="NONE"syslogd_flags="-a '172.16.100.0/24:*' -H"zfs_enable="YES"dumpdev="AUTO"hostname="evn0.illuriasecurity.com"pf_enable="YES"gateway_enable="YES"ipv6_gateway_enable="YES"sshd_enable="YES"# Get an IP address from the ISP's GPONifconfig_igb1="DHCP"# Internal routes with pingvinashenifconfig_igb0="inet 192.168.255.1 netmask 255.255.255.0"ifconfig_igb0_ipv6="inet6 2001:470:7914:7065::1 prefixlen 64"static_routes="pingvinashen"route_pingvinashen="-net 37.157.221.130/32 -gateway 192.168.255.2"ipv6_defaultrouter="2001:470:7914:7065::2"# Home Mgmt, Switch Mgmt, Home LAN, Home Guestifconfig_igb2="up"vlans_igb2="42 99 100 69"ifconfig_igb2_42="inet 172.31.42.1 netmask 255.255.255.0"ifconfig_igb2_99="inet 172.16.99.1 netmask 255.255.255.0"ifconfig_igb2_100="inet 172.16.100.1 netmask 255.255.255.0"ifconfig_igb2_100_ipv6="inet6 2001:470:7914:6a76::1 prefixlen 64"ifconfig_igb2_69="inet 192.168.69.1 netmask 255.255.255.0"ifconfig_igb2_69_ipv6="inet6 2001:470:7914:6969::1 prefixlen 64"# DNS and DHCPnamed_enable="YES"dhcpd_enable="YES"named_flags=""# NTPntpd_enable="YES"# Router Advertisement and LLDPrtadvd_enable="YES"lldpd_enable="YES"lldpd_flags=""

Here’s pf.conf, because security is important.

ext_if="igb1"bsd_if="igb0"int_if="igb2.100"guest_if="igb2.69"mgmt_if="igb2.42"sw_if="igb2.99"ill_net="172.16.0.0/16"nat pass on $ext_if from $int_if:network to any -> ($ext_if)nat pass on $ext_if from $mgmt_if:network to any -> ($ext_if)nat pass on $ext_if from $guest_if:network to any -> ($ext_if)set skip on { lo0 }block in allpass on $int_if   from $int_if:network   to anypass on $mgmt_if  from $mgmt_if:network  to anypass on $sw_if    from $sw_if:network    to anypass on $guest_if from $guest_if:network to anyblock quick on $guest_if from any to { $int_if:network, $mgmt_if:network, $ill_net, $sw_if:network }pass in on illuria0 from $ill_net to { $ill_net, $mgmt_if:network }pass inet  proto icmppass inet6 proto icmp6pass out   all   keep state

I’m sure there are places to improve, but it gets the job done and keeps the guest network isolated.

Here’s rtadvd.conf, for my IPv6 folks

igb2.100:\  :addr="2001:470:7914:6a76::":prefixlen#64:\  :rdnss="2001:470:7914:6a76::1":\  :dnssl="evn0.loc.illuriasecurity.com,loc.illuriasecurity.com":igb2.69:\  :addr="2001:470:7914:6969::":prefixlen#64:\  :rdnss="2001:470:7914:6969::1":

For DNS, I’m running BIND, here’s the important parts

listen-on     { 127.0.0.1; 172.16.100.1; 172.16.99.1; 172.31.42.1; 192.168.69.1; };listen-on-v6  { 2001:470:7914:6a76::1; 2001:470:7914:6969::1; };allow-query   { 127.0.0.1; 172.16.100.0/24; 172.31.42.0/24; 192.168.69.0/24; 2001:470:7914:6a76::/64; 2001:470:7914:6969::/64;};

And for DHCP, here’s what it looks like

subnet 172.16.100.0 netmask 255.255.255.0 {        range 172.16.100.100 172.16.100.150;        option domain-name-servers 172.16.100.1;        option subnet-mask 255.255.255.0;        option routers 172.16.100.1;        option domain-name "evn0.loc.illuriasecurity.com";        option domain-search "loc.illuriasecurity.com evn0.loc.illuriasecurity.com";}host zvartnots {    hardware ethernet d4:57:63:f1:5a:36;    fixed-address 172.16.100.7;}host unifi0 {    hardware ethernet 58:9c:fc:93:d1:0b;    fixed-address 172.31.42.42;}
[…]subnet 172.31.42.0 netmask 255.255.255.0 {        range 172.31.42.100 172.31.42.150;        option domain-name-servers 172.31.42.1;        option subnet-mask 255.255.255.0;        option routers 172.31.42.1;}subnet 192.168.69.0 netmask 255.255.255.0 {        range 192.168.69.100 192.168.69.150;        option domain-name-servers 192.168.69.1;        option subnet-mask 255.255.255.0;        option routers 192.168.69.1;}

So you’re wondering, what’s this unifi0? Well, that brings us to

This laptop has been gifted to me by [REDACTED] for my contributions to the Armenian government (which means when a server goes down and no one knows how to fix it, they called me and I showed up)

Here’s the hardware

root@t480s:~ # dmidecode -s system-versionThinkPad T480sroot@t480s:~ # sysctl hw.modelhw.model: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHzroot@t480s:~ # sysctl hw.physmemhw.physmem: 25602347008root@t480s:~ # zpool listNAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOTzroot   224G   109G   115G        -         -    44%    48%  1.00x    ONLINE  -

The T480s has access to VLAN 100, 42, 69, but the host itself has access only to VLAN 100 (LAN), while the jails can exist on other VLANs.

So I have a Jail named unifi0 that runs the Unifi Management thingie.

Here’s what rc.conf of the host looks like

clear_tmp_enable="YES"syslogd_flags="-ss"sendmail_enable="NONE"sshd_enable="YES"ntpd_enable="YES"# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disabledumpdev="AUTO"zfs_enable="YES"hostname="t480s.evn0.loc.illuriasecurity.com"ifconfig_em0="up -rxcsum -txcsum"vlans_em0="100 42 69"ifconfig_em0_100="up"ifconfig_em0_42="up"ifconfig_em0_69="up"cloned_interfaces="bridge0 bridge100 bridge42 bridge69"create_args_bridge100="ether 8c:16:45:82:b4:10"ifconfig_bridge100="addm em0.100 SYNCDHCP"ifconfig_bridge100_ipv6="inet6 auto_linklocal"rtsold_flags="-i -F -m bridge100"rtsold_enable="YES"create_args_bridge42=" ether 8c:16:45:82:b4:42"create_args_bridge69=" ether 8c:16:45:82:b4:69"ifconfig_bridge42="addm em0.42"ifconfig_bridge69="addm em0.69"jail_enable="YES"jailer_dir="zfs:zroot/jailer"ifconfig_bridge0="inet 10.1.0.1/24 up"ngbuddy_enable="YES"ngbuddy_private_if="nghost0"dhcpd_enable="YES"lldpd_enable="YES"

I used Jailer to create the unifi0 jail, here’s what the jail.conf looks like

# vim: set syntax=sh:exec.clean;allow.raw_sockets;mount.devfs;unifi0 {  $id             = "6";  devfs_ruleset   = 10;  $bridge         = "bridge42";  $domain         = "evn0.loc.illuriasecurity.com";  vnet;  vnet.interface = "epair${id}b";  exec.prestart   = "ifconfig epair${id} create up";  exec.prestart  += "ifconfig epair${id}a up descr vnet-${name}";  exec.prestart  += "ifconfig ${bridge} addm epair${id}a up";  exec.start      = "/sbin/ifconfig lo0 127.0.0.1 up";  exec.start     += "/bin/sh /etc/rc";  exec.stop       = "/bin/sh /etc/rc.shutdown jail";  exec.poststop   = "ifconfig ${bridge} deletem epair${id}a";  exec.poststop  += "ifconfig epair${id}a destroy";  host.hostname   = "${name}.${domain}";  path            = "/usr/local/jailer/unifi0";  exec.consolelog = "/var/log/jail/${name}.log";  persist;  mount.fdescfs;  mount.procfs;}

Here are the important parts inside the jail

root@t480s:~ # cat /usr/local/jailer/unifi0/etc/rc.confifconfig_epair6b="SYNCDHCP"sendmail_enable="NONE"syslogd_flags="-ss"mongod_enable="YES"unifi_enable="YES"root@t480s:~ # cat /usr/local/jailer/unifi0/etc/start_if.epair6b ifconfig epair6b ether 58:9c:fc:93:d1:0b

Don’t you love it that you can see what’s inside the jail from the host? God I love FreeBSD!

Did I miss anything? I hope not.

Oh, for the homelabbers out there, the T480s is the one that runs things like Jellyfin if needed.

Finally, the tiny 

I found this in a closed, so I decided to run it for TimeMachine.

I guess all you care about is rc.conf

hostname="tm0.evn0.loc.illuriasecurity.com"ifconfig_DEFAULT="DHCP inet6 accept_rtadv"sshd_enable="YES"sendmail_enable="NONE"sendmail_submit_enable="NO"sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"growfs_enable="YES"powerd_enable="YES"# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disabledumpdev="AUTO"zfs_enable="YES"rtsold_enable="YES"samba_server_enable="YES"

And the Samba Configuration

[global]# Network settingsworkgroup = WORKGROUPserver string = Samba Server %vnetbios name = RPi4# Logginglog file = /var/log/samba4/log.%mmax log size = 50log level = 0# Authenticationsecurity = userencrypt passwords = yespassdb backend = tdbsammap to guest = Bad Usermin protocol = SMB2max protocol = SMB3# Apple Time Machine settingsvfs objects = catia fruit streams_xattrfruit:metadata = streamfruit:resource = streamfruit:encoding = nativefruit:locking = nonefruit:time machine = yes# File System supportea support = yeskernel oplocks = nokernel share modes = noposix locking = nomangled names = nosmbd max xattr size = 2097152# Performance tuningread raw = yeswrite raw = yesgetwd cache = yesstrict locking = no# Miscellaneouslocal master = nopreferred master = nodomain master = nowins support = no[tm]comment = Time Machine RPi4path = /usr/local/timemachine/%Ubrowseable = yesread only = novalid users = antranigvvfs objects = catia fruit streams_xattrfruit:time machine = yesfruit:advertise_fullsync = truefruit:time machine max size = 800G  # Adjust the size according to your needscreate mask = 0600directory mask = 0700

That’s pretty much it.

I love running homebrew servers, home networks and home labs. I love that (almost) everything is FreeBSD. The switch itself runs Linux, and the Unifi Access Point also runs Linux, both of which I’m pretty happy with.

While most homelabbers used ESXi in the past, I’m happy to see that most people are moving to open source solutions like Proxmox and Xen, but I think that FreeBSD Jails and bhyve is much better. I still don’t have a need for bhyve at the moment, but I would use it if I needed hardware virtualization.

Most homelabbers would consider the lack of Web/GUI interfaces as a con, but I think that it’s a pro. If I need to “replicate” this network, all I need to do is to copy some text files and modify some IP addresses / Interface names.

I hope this was informative and that it would be useful for anyone in the future.

That’s all folks… 

Reply via email.

https://antranigv.am/posts/2024/06/freebsd-server-network-homelab/

#Containers #Dell #DellLatitudeE5470 #FreeBSD #homeServer #HowTo #Jailer #Jails #macOS #Networking #pf #Samba #Unifi #Unix #VNET

The FreeBSD-native-ish home lab and network

https://antranigv.am/posts/2024/06/freebsd-server-network-homelab/

#FreeBSD #homebrewserver #homeserver #Networking #IPv6 #Jails #Jailer #Samba #Homelab #server #containers ##

Fun #containers #docker

https://www.dockerstatus.com/

I created some ready-to-use container images for #RV64:
* #Debian Trixie
* #Ubuntu Jammy (22.04)
* Ubuntu Mantic (23.10)
* Ubuntu Noble (24.04)
* #Fedora 39

https://gyptazy.ch/misc/riscv-container-images-for-podman-docker/

#riscv64 #rv #risc #docker #podman #images #containerreg #registry #userland

I feel like not enough people fully grasp how awesome Image Mode RHEL and bootc are. Seriously this is next Gen awesome and I think will become foundational to how immutable/atomic Linux distros are built in the next few years. SO COOL. ❤️

https://developers.redhat.com/products/rhel-image-mode/overview

https://containers.github.io/bootc/

#RedHat #RHEL #CentOS #Fedora #Containers #bootc #immutable #atomic

Open Container Initiative

@samuelkarp @emaste @dch @dfr noted with thanks:

<https://github.com/opencontainers/wg-freebsd-runtime?tab=readme-ov-file#mission-statement>

— Define changes to existing specifications and new specifications needed to support the OCI runtime on the FreeBSD platform.

#FreeBSD #OCI #containers @FreeBSDFoundation

Happy 10th Anniversary, Kubernetes!

Here's a little "happy birthday" video from Red Hat to #Kubernetes. Enjoy!

https://www.youtube.com/watch?v=7d2QWbEF3zk&t=1s

#containers #CloudNative

Ok #homelab and #selfhosting friends, I would like some advice (boosts welcome). Most of my infrastructure, frankly, is SPOFaaS (single points of failure as a service). But lately I've run into too many things banging away on the same #MariaDB instance.

If the database is down, everything is down:

• email
• git
• nextcloud
• a wordpress web site
• a network forum I run

I want to spread it out to 4 or 5 distinct database instances, so that if one of them needs upgrading or is down, only 1 service (or a small number of services) is affected. But I'm trying not to create lots of maintenance work for myself.

Today, it's MariaDB on a #FreeBSD VM. I see a few possible choices:

1. Multiple VMs, each with a #database on it
2. A container host with multiple database containers
3. Some blend of those 2

If it's all one container host, that (to me) feels like having it all in one VM. If it's 5 VMs, then that's 5 operating systems and MariaDB instances I have to keep up to date. So I'm trying not to simply multiply my work by 5, even though I know it will go up some.

I'm self hosting, and today there's basically a single host. So all VMs / containers ultimately run here. There's a single power supply, a single network connection, etc. I'm not running an additional VPS somewhere, an additional cloud something somewhere, etc. It's about the design here on this hardware. I have all the RAM, disk, and CPU I need to make as many VMs, databases, or #containers as I need.

I'm not trying to make this resilient to unexpected problems like power cuts, internet disruption, server crashes, etc. I'm mostly trying to make it easier to do routine maintenance. And maybe backup/restore. Because today I backup the whole thing, which is 12G uncompressed. And about 6G of that is just one site. Many databases are a few megabytes. But restoring only one database out of a gigantic 12G SQL file is a pain. Also load is not really much of a problem. I don't need more capacity or speed. Just more flexibility and less interdependence.

So what do people recommend?

Overall, I think I'm just disappointed that as a community, we've all decided to promote 'runs everywhere' over 'is secure and stable' to our own detriment.
#packageManager #software #security #containers #Linux #sysadmin #paranoia #stability #oldManShakesFistAtCloud

The May 14th, 2024 Jail/Zones Production User Call

https://youtube.com/watch?v=WEf3JBrzl_c

We discussed BSDCan, Jail Descriptors, the ifconfig CIDR proposal, FreeBSD forwarding overhead and workarounds, Jan's ZFS layout, WAN TCP buffer sizing, net-mgmt/netsnmp, and more!

#FreeBSD #illumos #Containers

Introducing Podman AI Lab: Developer tooling for working with LLMs

https://developers.redhat.com/articles/2024/05/07/introducing-podman-ai-lab

#Podman #Containers #Linux #RedHat #Fedora #AI

From this week's Linux Update: Matthias Wübbeling shows you how to protect your data and operating system from prying eyes with @veracrypt https://www.linux-magazine.com/Issues/2024/279/VeraCrypt #encryption #VeraCrypt #security #privacy #containers #TrueCrypt #data

The April 23rd, 2024 Jail/Zones Production User Call is up:

https://youtu.be/kyRMerj1yyw

We discussed Jan's impressive use of jail.conf and.include, Netgraph, Doug's OCI work, and much more!

"Don't forget to slam those Like and Subscribe buttons."

#FreeBSD #illumos #Containers

Anyone have a 16GB/512GB Apple Silicon Mac Mini to contribute to this effort to speed up rendering times?

Doug shares a bit of the history of Jails vs. #Containers, and talks about porting #Podman to #FreeBSD.

#ContainerPlumbing #OSSNA

Yesterday's Jail/Zones call recording is up!

We discussed upcoming events, anti-FreeBSD FUD, @dch's OCI container progress and container registries, IPv6 networking and more!

https://youtu.be/DVXRq77BcU0

#FreeBSD #illumos #Docker #Containers

The April 2nd #FreeBSD Jails / #illumos Zones Production User Call:

https://youtu.be/30lCuMg8Rt4

We discussed automatic epair allocation, block cloning, PkgBase jails, the xz backdoor, OpenBGPd, OCI container repos, and more!

"Don't forget to slam those Like and Subscribe buttons."

#Unix #Containers

New 𝗧𝗶𝗻𝘆 𝗨𝗻𝗱𝗲𝗿𝘃𝗮𝗹𝘂𝗲𝗱 𝗛𝗮𝗿𝗱𝘄𝗮𝗿𝗲 𝗖𝗼𝗺𝗽𝗮𝗻𝗶𝗼𝗻𝘀 (Tiny Undervalued Hardware Companions) article on vermaden.wordpress.com blog.

https://vermaden.wordpress.com/2024/03/21/tiny-undervalued-hardware-companions/

#adapter #angle #bluetooth #cables #containers #handle #headphones #hub #USB #organizer #power

New 𝗧𝗶𝗻𝘆 𝗨𝗻𝗱𝗲𝗿𝘃𝗮𝗹𝘂𝗲𝗱 𝗛𝗮𝗿𝗱𝘄𝗮𝗿𝗲 𝗖𝗼𝗺𝗽𝗮𝗻𝗶𝗼𝗻𝘀 (Tiny Undervalued Hardware Companions) article on vermaden.wordpress.com blog.

https://vermaden.wordpress.com/2024/03/21/tiny-undervalued-hardware-companions/

#adapter #angle #bluetooth #cables #containers #handle #headphones #hub #USB #organizer #power

That Old NetBSD Server, Running Since 2010

https://it-notes.dragas.net/2023/08/27/that-old-netbsd-server-running-since-2010/

#NetBSD #Xen #Virtualization #SysAdmin #Containers #BSD #BSDs #IT