just to check... when you put a bridge (or any other virtual interface) on the physical device, you should move IP configurations to that... aka you put a bridge ontop of the physical interface, the network config should be on the bridge right?

polarian: I am unable to answer your question

but

are you the same Polarian on the ArchLinux mailing lists?

levitating: yes... why are you asking?

no way, it is! I can see you're domain you're connecting through

the internet is a small place I guess

hmmm

I am not around Arch Linux much anymore

I've seen less of you on the mailing lists recently, I guess you've been busy with freebsd?

I have seen you on this channel before but I forgot to ask

btw your website is serving the wrong cert

Its complicated... I became disillusioned with Linux completely but was too lazy to ever make the switch until a few months ago when I decided to pick up a E6430, libreboot it and FreeBSD it

I haven't used my Arch Linux laptop in months

Arch remains my choice when I need Linux, but when I don't Open/FreeBSD is my choicre

How come you've become become disullusioned with Linux

my website is down lol... its nginx trying to redirect it to a different site as it has no entry for it

levitating: Too busy fighting over licencing, and the distro sprawling... Arch for me has turned into a warzone where everyone is trying to prove they are superior

(it was always a little like that, but it feels like its got worse)

I honestly cannot share those concerns

I have never been happier since I moved os

The REAL ArchLinux community is honestly rather small.

Most work is done by a handful of very active and respectful package maintainers

I still stick around the mailing list to help when I can, and I have a friend which uses arch... but considering I was into BSD and their way of thinking for a long time now... I don't plan to hop back

Linux fight over everything, init system, coreutils etc

I also enjoy FreeBSD but it's not something I want to rely on for desktop use.

its actually worked really well on desktop surprisingly

For desktop use I see FreeBSD as my retirement plan, when I can buy hardware that I know suits it, and I have time to write my own drivers.

ah right... yeah freebsd is a little like old-linux... where you buy hardware which is supported, Linux literally can run on almost anything these days

but any old laptop should run FreeBSD easily

To be brutally honest I haven't been that amazed by the freebsd community

(casually insulting the community in the community)

On the forums there's these discussions where vscode is talked about like it's the spawn of the devil

I am not sure what the word for it is

At the end of the day its peoples personal opinion, you got to bare in mind BSDs have a lot of long term Unix fans who are likely obsessed with vim...

I mean it was just an example. What I notice is a lot of judgement towards others based on their software preferences.

I don't dare to bring up systemd on the forums.

And honestly the lack of proper service managements is one thing that really bothers me on FreeBSD.

Though enjoy the more "authentic" unix experience sometimes

I believe people get fustrated at linuxism

But in any case in the forums I see a lot of hate-talk towards other people just for their software preference and that's just not cool

You got to bare in mind Linux and BSD are totally different yet people see them as the same thing

polarian: I have even seen people get mad because "the deskop users" were forcing some ideoligy unto them

what I am saying is that the nature of FreeBSD attracts a certain type of person

I haven't participated within the FreeBSD forums

It's a fun place most of the times

and the nature of Arch Linux attracts a certain type of person

so does gentoo

It definitely does, but in particular ArchLinux attrachts a younger generation

levitating what type of people?

s2r: the type of people who judge others without the ability to self-reflect or accept change

I don't mean to generalize a whole community, but I've seen more bad apples of that particular type in the freebsd community than most others I've visited

levitating: why do you think I left? filled with paranoid corporate-hating kids which don't care about anything other than "fuck microsoft"... people who use BSD are here because they are passionate about what they believe in...

polarian: You were also much to close to the more iffy parts of the community

iffy?

I don't know a better word it's 3am and I smoked a bit

ArchLinux isn't run or developed by the edgy kids you find on the forums or reddit, I must admit that ArchLinux also has a problem with its community

But the IRC channels are generally really nice

I have bad experience with Arch... including abuse from staff members themself

So is the gitlab

I apposed the move to gitlab

and was slammed by a staff member for having an opinion

People can be insensitive but maybe you also took it too harsh, it's hard to see intent over messages over the internet

I have tried the modern git workflow of pull requests and issues... its horrible

The change to gitlab was a massive endeavour of which I think most PMs voted positively for

levitating I've been using FreeBSD since 99 and I haven't dealt with that type of people. Maybe I was lucky.

indeed

but what I was worried about was the aur being brought into gitlab

And the PMs are who primarily have to make actual use of it

which it likely will in the coming year

levitating but you can always find that kind of people anywhere.

s2r: I am sure you simply know you're way around the community better

I then realised life is too short to complain about things I disagree with... especially when BSD aligned better...

polarian: I also oppose the aur moving to gitlab, but I definitely see a chance of it happening

all I had to do was put the effort in to change

But there's some wisdom in the unix community to just settle for something that works for you

I know an individual who spent years and years endleslly dristrohopping, from debian-testing to arch to freebsd to gentoo

Eventually landed on macos and basically gave up

I wonder why

the distros fight with one another constantly... one piece of software packaged one place, another in another place... and flatpak is a horrific idea... so is snap appimages etc

I have been with ArchLinux for 6 or 7 years or so, I don't see myself switch to anything else anyutime soon. Except for my freebsd installation which I love to develop on.

Theres two things Linux can never compete with, 1. ports for additional software, and then a base system... I can update my software without updating the system, they are separate like they should be. 2. A unified port tree which everyone works on...

also BSDs don't sprawl... each one has its own market share

FreeBSD for performance and ease of use... OpenBSD for security and more rigid Unixisms, NetBSD for compatibility and... lets just ignore DragonflyBSD :P

it's not like ports are an actual solution to the compatibility problem though

ports are the best of all worlds

flatpaks and snaps are solutions to a real problem

ports are nothing different from Arch's archive of PKGBUILDs

binary support, source support, different release levels depending on the reliability needed...

on Linux you got to distrohop to get what you want

FreeBSD you can do anything you wantr

Well I'd argue that FreeBSD is essentially more limiting than a Linux due to inferior support, if that is a concern

levitating: flatpak is a huge runtime... not only is it slow but the codebase must be huge... not to mention it breaks the traditional way of doing things

FreeBSD has a linux compatibility layer, not the other way around

snaps have a proprietary backend which Canonical devices how to moderate and run

polarian: Yes but it's an honest solution to a problem that really does exist.

what problem?

I can run anything I want to

try to run systemd

and if there was no port... I could read the porters guide and port it myself

you cannot port it, FreeBSD has no cgroups

why would I run systemd on FreeBSD?

because you said you could do anything you wanted to

the init system is within the src tree

you are thinking of BSD and Linux like they are alike

BSD's are complete systems

the kernel, and the userspace

ports are just additional software

Linux is just a kernel, the userspace (including the init system) are all provided by the distro

I am aware that BSDs have an in-tree userland

so why would you replace it with systemd... systemd FreeBSD would not be FreeBSD

plus systemd is a mess

I will be honest and say I prefer OpenBSDs init system and hostname.if(5) for network configuration, its simpler... having ifconfig arguments in rc.conf is annoying imo

In any case we both enjoy FreeBSD but I am just unsure what you problem you think Linux has that FreeBSD does not have

I already listed them

I prefer the structure of FreeBSD, I agree with their licencing more... I can't cut GPL out of my life (along with proprietary) if I use a GPL kernel can I?

and a GPL userspace

and a GPL filesystem (btrfs)

plus FreeBSD is far more stable

I too prefer the structure of a BSD, I am not sure if I would state that I prefer the license though

personal preference

For my own projects I almost exclusively use BSD or MIT

unless forced to use GPL

but you won't find many GNU/FSF/GPL supporters here

(notice the "forced" part of using the GPL, and that is why you shouldn't use GPL software :P)

polarian: yes on your brdige having the IP rather than the physical interface

s/brdige/bridge

vortexx: thanks, thought so...

just double checking every doubt for my new server :P

But it is easy to underestimate what GPL gave us. Thanks to GPL if you buy an android phone the vendor is legally obligated to give you its open source kernel which could allow you to create your own ROM. Just a modern example

easier to change it now when I am installing it, than when its got live data

Thanks to BSD, MacOS is now proprietary instead of staying open source.

levitating: legally obligated? xDF

you realise that Android has tons of proprietary firmware right/

when a android device goes EOL, its unmaintainable

the firmware, bootloader and some core functions are all proprietary

thats the kernel

Yes

phones are still block boxes

The GPL way of doing things does not work

and I have nothing against MacOS

I personally wouldn't use it...

The android world would be much worse off if the linux wasn't GPL

I doubt it

Go tell that to PostmarketOS which have the hell of mainlining the android devices

they will tell you just how much GPL has helped them

I honestly believe the only reason that we have a strong open suorce community today is because Richard Stallman personally barged into peoples offices at MIT to demand they used GPL.

Before Linux and the GPL every operating systems, compiler, versioning system was proprietary

great... he also barges into the OpenBSD mailing list to complain about OpenBSD distrubting non-free software

He thrives in his fame for doing... lemme think... nothing in the past 2-3 decades

well he hasn't exactly been _thriving_

The fsf is extreme... and the board, including stallman, is too

you don't win by the "all or nothing" way of thinking

While the fsf and stallman alienate every company, BSDs work with them...

FreeBSD is sustainable due to corporate investment... Linux is too... However FreeBSD doesn't tend to mind... while Linux community are always up in arms about it

the only reason Linux isn't being dropped like a dead corpse is its adoption and usage

You talk about the "Linux community" like its a singular entity and I think that made be part of the cause of your satisfaction

Theres a reason Netflix invests in FreeBSD

s/satisfaction/dissatisfaction/

polarian: they do so because it's a simple stable operating system with a strong networking stack and a BSD license

exactly

the last point though

GPL derrivative clause is non-free in my eyes

I can sum up very quickly why

Due to the license Netflix could also have an internal proprietary fork of FreeBSD, develop it internally with much more resources and then sell it along with enterprise media streaming boxes

you take a GPL codebase, you write some code using it... that code is yours... but unless you licence it under a GPL compatible licence, you have broken copyright law... that is YOUR code... you should have the right to do anything with it... even keep it to yourself (please don't do this though)

FSF only cares about freedom to the end user, never to all the other parties involved

its why google and apple proactive battle GPL, not due to their hate of open source (well maybe for apple) but because it is a danger to their markets

Google has done a lot of good for the open source communities

coreboot for example... would never be where it is today without google funding and development

I do know coreboot and linux which both were massively funded for the development of chromeos

are GPL

but the point is companies do not need to be forced to adopt, they will do it naturally

levitating: and so what if they do

FreeBSD will always remain free

and modifications to it might not

and thats ok

Yet without ample support it will die like the thousands of operating systems before it

lol... I don't think Netflix plans to abandon FreeBSD

They abandoned whatever they used before it

GPL is basically theft due to it being a manfestation of the communist ideals

and even if they do they aren't the only company funding it

junyx: that's weird take

junyx: to be honest the parallels are there... abolishment of private property could be seen as the ban on making your patches proprietary... you do not have the right to hold code privately

I think before Linux open source software was primarily only found with universities (BSD being a good example)

Open source circles all tend to be left wing... mainly due to imo is lack of funding

Thank to the GPL and primarily Linux, companies were forced to follow open source ideals.

An author of some software risks their capital in hopes of getting a return on their investment so they sell the software for X amount. Anyone can come and give their software away for free or sell it for half the price. That's theft. The original author loses their initial investment and doesn't get compensated

most open source projects are idealists... they have an idea and think everyone will donate and fund it... and when they don't they turn to a governmental agency to fund it... the further left said agency is... the more money they tend to have to give away... but this money isn't free... this is taken from companies and other working class people.

junyx: So the original author is trying to sell his GPL licensed software in this scenario?

levitating yes

However someone else sells it for less?

right

in order for open source to be sustainable, it needs to abandon the fsf way of doing things, such as grooming kids into paying for membership (I know someone who has paid their membership fee since the age of 12!!!!!), and make it economically viable and maintainable

why would he sell open source software?

under GPL?

GPL makes this difficult... as no company wants to touch GPL...

as any modifications must be GPL, or a compatible licence

levitating because FSF said its the only moral things to do

You both need to stop personifying the FSF

Ok. Stallman said*

why is that? their morals are pretty well known

and their hatred for BSD is clear

BSDs are the one being hostile, the fsf is.

BSDs don't stop Linux from taking code... Linux stops BSD from taking its code.

I am so extremely confused why you take all of this so personally

Welcome to BSD circles...

theres one thing most BSD users won't disagree on, and its that GPL is evil

The GPL is a software license, it has no morals

It is up to you to use it or not

theres a reason FreeBSD is trying to purge it from the codebase

so is OpenBSD

GPL is seen as only minorly better to proprietary...

its a compromise...

has no morals... that's... extremely subjective

You complain about how the "linux community" is always at war over licenses but here you are spending 30+ minutes hate talking a license

We did it! gnu.org is down!

lol

levitating: because the GPL causes so many issues

while we're at it, cant someone git to git.freebsd.org/src ?

and with AGPLv3 being pushed now... especially within the XMPP communities I am in... true freedom is low

rtprio: wdym? cgit loads for me

i mean

developers live in a day and age where libraries need to be rewritten as GPL FORCES you to write your code under a compatible licence

rtprio: clone?

[root@phil /usr/src/RELEASE]# git pull

fatal: the remote end hung up unexpectedly

rtprio: doesn't appear I can clone it..

polarian: what do you mean "live in a day and age", the GPL is much older than you are and has seen less adoption over time

I really think you need to chill around software and licensing

levitating: Linux recently broke 4% market share

Incredible, so still no-one uses Linux because of capitalism

levitating polarian is 320 years old. You know nothing John Snow

lol

the point is more GPL is at a all time high it seems

he is maybe 18 at this point

maybe 18?

a guess

where you popping numbers out from

polarian its the number of software engineers with 5 years or less of experience. That group doubles every 5 years. They tend to be young socialist minded people

You mentioning your age on the mailing list some time ago

Its easy to be a socialist when you have nothing to your name

indeed

but yet I have nothing to my name and yet I still appose the idea

junyx: That's both off-topic and slightly insulting

Also over-generalizing

levitating are you an op of this channel?

levitating: I am in university...

trust me

99% are socialist

at least!

yeah, you kids are way off topic now, move it somewhere else

apologies.

wait who is op in this channel?

who cares, just be civil

levitating you be civil you disorderly uncivil socialist

levitating: junyx you in -social?

polarian what is that?

junyx: it is like this chat, but for socialist ;)

the offtopic chat channel

Oh no I'll pass thanks

SponiX: scaring them away from joining I see

Back on topic. How to install freebsd?

lol

bsdinstall does most of the work for you

also: docs.freebsd.org/en/books/handbook/bsdinstall

Thanks

np

hrm, maybe it's a bad idea to run `pkg update` on five systems at once

How much bandwidth do you have?

50Mbps

That seems like it should be sufficient but it would be more efficient if you copied /var/cache/pkg/ among them.

or nfs server, six systems

5 boxes or 500 boxes..got to think big

500 machines with a cronjob, to check nfs drive periodically for updates..they periodically phone home for instructions.

nis/yp nis+ ldap..you dont have to go crazy, you could keep /etc/hosts passwd shadow services nsswitch.conf resolv.conf and such in sync without going that route just with nfs/cron

docs.oracle.com/cd/E19455-01/806-2904/6jc3d07gd/index.html nis+ was 17 tables by default

all /etc/foobar.. putting /etc on the network

login into any box on network and get the same desktop/env.

SSO ldap/ad

docs.oracle.com/cd/E19455-01/806-2904/6jc3d07gf/index.html 1,000,000 passwd users needs 526.2MB... haha

and that way way old'

rabbit.tech/rabbit-r1 looks cool

Ansible, Chef, Puppet etc. could be what you are looking for to keep configuration files "compliant" over time.

modern day stupid, like google uses..ansible is what just ssh.

python bloat..pypi rooted for pip

i wouldnt look to google for anything, ad company stupid and bunch of failed products..

but hey all the cool kids ..chef and puppet im sure they suck in different ways... why not LDAP/SSO?

cause CI/CD is just rocking..backdoors failures across the board..how many companies just keep getting hacked?

Devops failure

DevOps is a methodology widely used by the software industry to help development and operations teams work together to speed up the software development cycle, reduce unnecessary costs, and lessen deployment failures. Nowadays, many companies have adopted this methodology, and many DevOps tools and platforms have been created. Chef, Puppet, and Ansible are three popular DevOps tools on the market.

Chef

Chef, or Progress Chef, is a configuration management tool that effectively manages your infrastructure. The Chef allows you to use Ruby to create system configurations, which are called recipes, describing the optimal state of your infrastructure, such as which server should be running what service, what software should be installed, what files should be written, and so on. With these configurations, Chef will ensure your

infrastructure is configured correctly and automatically fix any resources not running at the optimal state.

Puppet

Puppet is another popular server configuration management tool allowing you to configure and monitor many servers at the same time. It uses its own declarative language for describing system configurations, and it only requires the user to have a limited amount of programming knowledge to use.

Ansible

Ansible is a relatively newer product, but it has gained significant popularity since Red Hat acquired it in 2015. It allows you to automate software provisioning, configuration management, and application deployment. Ansible uses YAML to create system configurations, describing the optimal state of your infrastructure.

In this article, we will compare all three platforms in detail to help you find the best option for your DevOps team. The comparison will be based on the following criteria:

Architecture

Set up and configuration

Ease of use

User interface

Scalability

why are you copying that here?

Cross-platform support

Configuration management

Compliance and security policy management

Documentation and support

Pricing

Overview

Feature Chef Puppet Ansible

Architecture master-agent master-agent agentless

Easy set up and configuration ✕ ✕ ✓✓

Ease of use ✕ ✓ ✓✓

User interface ✓ ✓ ✓

Scalability ✓✓ ✓✓ ✓✓

Cross-platform support ✓✓ ✓✓ ✓✓

Configuration management ✓✓ (advanced features) ✓✓ (advanced features) ✓ (easier to use)

Compliance and security policy management ✓ ✓✓ ✓

Documentation and support ✓✓ ✓✓ ✓✓

Pricing require custom quote require custom quote require custom quote

✕ - does not support

✓ - partial support

✓✓ - full support

1. Architecture: tie

When it comes to architecture, the three platforms go in a similar direction. They all have a main server, several nodes, as well as backup/secondary servers. The main server is a central repository that stores configuration data and manages the state of the entire system. The nodes are the servers and virtual machines managed by the main server. And the backup servers are copies of the main server, which step up if the main server

runs into problems.

Master agent architecture

For Chef, there is a main Chef server, and if there is a failure, a backup Chef server will take its place.

For Puppet, it follows a multi-master architecture. If the active Puppet Master goes down, another one will replace it.

Ansible has a slightly different architecture but has the same idea. Instead of a primary server, Ansible is installed on nodes. Only one instance will be running when it is working, called the active instance. In case of failure, a secondary instance will take its place.

This architecture is designed to provide a simple and robust solution for managing infrastructure, ensuring that your infrastructure can withstand occasional server failures. There is no way to say which architecture is better than the other, as they all work similarly.

2. Set up and configuration: Ansible wins

To set up Chef, you need first to configure a main server, which runs the Chef software, as well as a backup server. Then you have to install an agent on every server that Chef manages. The agent allows Chef to manage the node server directly. This process could take a lot of effort, especially when you have many servers to manage. And there is an extra layer in Chef called workstation, which stores the configurations, allowing them

FFS

to be tested before they are pushed to the main Chef server. Overall, Progress Chef is not easy to set up.

As for Puppet, the setup process is also not easy, as it follows a similar architecture. You must create a main server and install agents on the node servers. And you also have to configure certificate signing between the main server and the agents to ensure the security of communications. As a result, Puppet is challenging to set up too.

Lastly, Ansible uses SSH to connect to the node servers, making it a lot easier to configure. You only need to set up the primary instance and create an SSH connection between the primary instance and the nodes.

Overall, Ansible is the easiest option to set up and configure.

3. Ease of use: Ansible wins

Compared to the other two platforms, Chef has a steeper learning curve, as it requires the user to have programming skills as well as a deep understanding of Ruby. However, if you already fit this requirement, you will find Chef to be a very robust and flexible tool for managing complex infrastructure.

Puppet is relatively easier to learn, as it utilizes a declarative language called Puppet DSL, which is easy to read and write.

Ansible is considered the easiest to use among the three tools, thanks to its agentless architecture and the use of simple, human-readable YAML syntax. In addition, it doesn't require strong programming skills, making it accessible to users of all skill levels.

4. User interface: tie

Chef user interface

Image from chef.io

Chef Automate is a web-based UI that allows you to visualize infrastructures, create dashboards, and manage the nodes and their roles. You may also analyze and remediate compliance problems and troubleshoot issues through the user interface.

Puppet user interface

Image from puppet.com

Puppet also comes with Puppet Console, allowing the users to manage nodes, classes, and environments through a graphical interface. The console also provides a dashboard that displays the status of nodes, errors, and warnings.

Ansible user interface

...

Image from ansible.com

Lastly, Ansible also comes with a well-designed UI, allowing you to manage how automation is deployed, initiated, delegated, and audited. For example, you can view the status of jobs, manage credentials, and access audit trails through the user interface.

However, it's worth noting that even though these user interfaces are handy and very well-designed. They do not replace the command line tools, which are still the primary way to interact with the platforms, especially for advanced usage and automation.

5. Scalability: tie

All three platforms are highly scalable due to how their architectures are designed.

With Chef, you can scale horizontally by adding more main servers in order to handle more node servers. Or you can split your infrastructure into multiple Chef organizations, each with its own set of users, policies, and cookbooks.

Puppet is also highly scalable and can handle large-scale infrastructures. It works similarly to Chef by allowing you to add more primary servers or splitting the infrastructure into multiple groups.

Ansible is designed to be lightweight and agentless, which makes it highly scalable and ideal for managing large-scale infrastructures. All you need to do is define a primary control node, and Ansible will be able to manage thousands of servers from there.

All three tools are highly scalable and can handle large-scale infrastructures. Their approaches and capabilities may vary, but it is impossible to say which is better under all scenarios. It depends on your specific requirement.

6. Cross-platform support: tie

Progress Chef's main server can only be installed on Linux/UNIX operating systems, but the agents can also be installed on Windows. With the right plug-in, Chef can also manage cloud services such as AWS, Google Cloud, or Microsoft Azure.

The Puppet primary server can only be installed on Linux systems, but the agents can operate on Linux, Windows, or macOS. And just like Chef, it is also able to manage cloud platforms.

And lastly, Ansible can work with Linux, Windows, macOS, cloud platforms, as well as Docker and Kubernetes.

7. Configuration management: Chef and Puppet wins

Next, let's compare how these platforms manage the configurations.

Chef and Puppet both go with the centralized approach, meaning that the configurations are stored in a centralized place, and then the nodes will pull the configurations from the main server. They also offer more advanced features for managing configuration data, such as version control, dependency management, and rollbacks.

On the other hand, Ansible uses the decentralized approach, where the configurations are distributed across multiple servers. However, it focuses more on task automation and orchestration and does not offer many advanced features.

Overall, Chef and Puppet have many more advanced features for more experienced users, but Ansible is much easier to set up and use, making it more suitable for smaller teams that don't require many advanced features.

8. Compliance and security: Puppet wins

When managing an extensive infrastructure, security, and compliance configurations are crucial to the safety of your infrastructure and organization.

Chef offers InSpec, an auditing and testing framework capable of defining and automating security and compliance policies. In addition, it allows for custom test creation and supports infrastructure testing at various stages of development.

!ops

Puppet also provides an open-source tool called Puppet Remediate, which can help you identify and remediate vulnerabilities in your infrastructure. Puppet Enterprise also comes with the Compliance Automation tool, providing a centralized interface for managing compliance policies and ensuring that nodes are configured correctly.

Lastly, Ansible comes with Ansible Tower, which is also a centralized place for managing security policies. It can also integrate with third-party vulnerability scanners and automate remediation tasks.

Overall, Puppet has a more comprehensive solution for managing compliance policies and enforcing security standards.

9. Documentation and support: tie

All three platforms offer various types of support for their users, such as online documentation, community forum, online courses and training. You may also contact their teams and purchase additional one on one support if you want.

10. Pricing: tie

Lastly, as for the prices, all three platforms require you to contact them and get a custom quote based on the size of your infrastructure and usage.

haha $ ?

nah..dont need to pay money..

for Enshittification

Understanding Ansible, Terraform, Puppet, Chef, and Salt im sure redhat can sell me that

i tried to cut paste small but the browser stuid grabbed it all

more a chord failure on mouse and firefox

what are you ranting about

everyone just keeps getting hacked at this point..and its Devops failures across the board. and the bloat is just amazing.

can anybody else with firefox tell me if this url crashes a brower tab? or is it just me freebsd-ec2-dist.s3.amazonaws.com

it's a very boring XML Access Denied message from AWS.

it seems *any* application/xml does this, including feeds.fireside.fm/smartlogic/rss

dch: My firefox manages to open api.sr.se/api/rss/pod/19424

|cos|: thanks, that dies here for me, so it seems like a local issue

14.1-RELEASE, firefox-127.0_1,2

what freebsd version / firefox version do you have?

^ thanks :-)

I'm on 127.0_1,2 as well, but on 15.0-CURRENT I'll try it out with 14.1-RELEASE and see.

127.0_1.2 looks like some sort of glitch ip address

rtprio: i think you're the only one who noticed that ;)

I have 2 jail postgresql and caddy. the problem is that jails cant resolve hostnames. when caddy tries to contact acme.zerossl.com/v2... it timeouts. also ping of IP 1.1.1.1 is slow or dont even starts. My pf.conf file pastebin.com/N45TZYH2 any tip what should I do ?

What does firewall_quiet=YES actually do?

tercaL: runs ipfw -q rather than ipfw

Gurar_: does any networking work in that jail?

when I try ping 8.8.8.8 it works but in 3rd time or so. when I run it for the first time or second time it does not work. very strange

gist.github.com/silenius/d074a3bcece0411f2a19663b49694d99 looks like a bug in pkg

maybe just strangely defined, so that pkg unlock --all is a bit useless if not all your packages are locked

rtprio: Thanks, and what it actually does?

I would guess make it quiet, like a -q flag often does, did you look it up in the man page?

hello guys, is it normal that I don't find a packege in pkg repo but the same software is in ports ?

can happen if there is a build issue with the port

ok

which port is this?

mitmproxy

freshports says BROKEN: incorrect depends: depends on package: py38-asgiref>=3.2.10<3.5, py38-wsproto>=1.0.0<1.1

ok

tercaL: /etc/rc.firewall

Notice: I was hosting VimDiesel bot here (and another channels) but bot is broken now. I lost access (can't identify to services/nickserv).

This is a issue I can't fix myself because bot nick is registered alongside @freebsd namespace within Libera chat.

Besides this notice here I sent a email with this subject to irc⊙fo yesterday.

So get in touch with me please, in the case the continuity of this bot services is of interest.

Alternatively I can restart bot with another nick (not tied to @freebsd namespace)

Bot was mainly doing basic tasks here and bug reports at #freebsd-bugs. Thanks!

hi when recording the .img file to a usb drive in MacOS, does it really matter how you erase -or if you erase at all- the usb driver? by how I mean file system type

i don't really see a point in erasing personally for our images specifically, we'll be clobbering stale partition tables and whatnot so you shouldn't see any weird artifacts

something like whole-disk ZFS could maybe be funky if there's a stale label past the image you're writing, but that's not something we do

I am talking about the installation .img

now I am in doubt if I shall have partitions of apply dd to the raw "disk"

'

uskerine, see the example in docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-usb

Is anybody running a selfhosted replacemente for Google Photos? I found many interesting projects but many of them run on docker. Right now manually copy my pictures to a jail that is running syncthing.

s2r: that's more or less what i discovered; too many use docker

well, "depend on" and "run in" are diffrent things

take for example Immich "immich.app/docs/overview/quick-start" -> "Install and Launch via Docker Compose"

PhotoPrism: docs.photoprism.app/getting-started -> "We recommend running PhotoPrism with Docker Compose when hosting it on a private server. It is available for Mac, Linux, and Windows."

I need to try to build Immich in a jail again.

fwiw Pixelfed runs well in a jail. I don't federate. just a private instance

for Immich, I nfs mount a zfs dataset from a FreeBSD box so my photos are stored safely

scoobybejesus And you run immich inside a vm?

uskerine: yes those are the only .img we produce

oh, I guess we have VM or raw .img maybe, but those also don't do anything hinky

yeah, seems like they have pretty brocken install procedures, because they only consider distribution other than via docker, but it doesn't look imposible to reverse-engineer how that stuff get installed inside the docker images

I run Immich in docker on another host. reluctantly. I want to try to manually build again

I prefer freshports.org/www/piwigo

lts has anything to send from devices?

lts it seems it

just a web gallery.

kevans, ping

Does nextcloud work inside a jail?

jbo: yo

kevans, how's pkg ecc going?

well, just finished up one of my larger $work projects so I should be able to finish that up soon (it's in pkg(8), but pkg(7) is WIP and maybe 80% done)

libstdc++ continues to be a little shit

:((((((((

so you knew exactly why I was asking about pkg ecc then >:D

I have, on occasion, some mind-reading facilities

never when it'd be really useful to have, though

you'd probably have some life threatening things to worry about if that was different

s2r: Regarding Nextcloud, of course! In a jail is perfectly fine.

ek That would be an overkill but would fulfill Google Photos replacement.

ek Will try installing it on a jail right now. Thanks!

s2r: (almost) anything should run inside a jail

AFAIK the only thing which can't is something which needs hardware access