*I* am not even sure how to do system administration anymore with all these new technologies.

if I were an AI bot trying to mimic what I see currently, I'd be blending together random buzzwords into a blender and pouring the soup on top of linux

"grafana and prometheus on the kubernetes cluster to manage our docker containers on the AWS EC2 instance"

replace yourself with ai

I mean, if they want to do that, good for them, they can have their tech stack. Meanwhile i'm stuck in the year 2005 with FreeBSD/Nginx/Postgres/PHP or python or something

and more mentally stable because of it

well it all kind of sucks indeee

indeed

where's security in 1000 js libs from github?

it's in Rust

if you rewrite it all in rust, it'll be flawless

good for hackers :p

the issue is those memory corruption buggers

we can trust 4000 randoms on the internet whose libraries we depend upon

it's not like there were ever any backdoored npm modules before

wait

there are also examples how you could get libs easily installed with curl | sh

:p

awesome

increase libraries and other peoples great work and in the same time increase copmlexity with liability.. fun times

sshd patch appeared, fyi

polarian: ?

:p

o/ braindumped what it takes to develop elixir on freebsd. might be useful to some, if there are glairing issues, shout. mh.8by3.net/posts/elixir-bsd

for GigaByte GeForce RTX 4090 OC, can I get something like nvidiafb with small text--what would I need to install? I installed nvidia-driver, nvidia-drm, but it's very large text, and the 4K monitor sets to something like 1024x768 and the other two monitors don't turn on, in XFCE

looks like I need a USB-C <> NVMe M.2 adapter

doesn't need to be fast, just needs to work. Is it likely most anything will be fine?

sbr: I'm the lang/elixir (and related ports) maintainer, and also responsible for the tailwind monstrosity

post looks great to me, sbr, thanks for sharing the BSD love :D

Nice, didn't even consider to check channel members to see if that dch was here ;-). I knew I had to thank you for tailwinds, didn't realise it was elixir on fbsd in general! I owe you beer or non alcoholic beverage of choice next time I am in Austria (not likey soon). Really appreciate the effort to make FBSD a first class elixir platform.

ketas: yeah the patch hit this morning

I saw the security advisory hit my email

only took them like 3 days longer than *Linux distros and OpenBSD :P

also I assume the ? was about my previous message, you geli can do passphrase on its own, keyfile or both, I am setting up a server which needs to boot unattended, I believe TPM was recently merged into geli but there is no docs on this nor does the hardware support it, so that leaves keyfile (a 64 byte random key on a usb stick which is used to decrypt the server disks.

problem is, I am not sure keyfile is supported within the installation media, if it is I cant figure out how to do it

I know how to do it manually using the command line, but that means doing the entire freebsd install manually then

which is fine, just not too sure how to do it (does anyone have a guide on this they can share?)

Hello. I have a question about amdgpu driver on FreeBSD; did anyone tried to undervolt a Navi2 GPU? I was trying to look around how to pass amdgpu.ppfeaturemask param to the kernel, so it would be possible to adjust voltages. Anyone tried that?

polarian: afaik there should be a way in the installer to just setup the disks manually and then let it continue

nimaje: I will look into it

Meanwhile another issue, i915kms still is broken in 14.2-RELEASE :/

trying to load the module causes a black screen

14.1-RELEASE works just fine but will hit EOL in a few months :/

wait I think its next month

I wonder if it could be due to libreboot

it is because kernel abis aren't completly stable between minor versions and so the kms kmods have to be build for the exact kernel version they are to be used for, building on 14.1 and using on 14.2 doesn't work

nimaje: I was told that the kmod would be starting to be built on 14.2 after a month or two

its been months since 14.2 why is it still being built on 14.1?

also better question is why the ports aren't release-specific... too much storage/compute needed to build them for each version?

Hey, im new to freebsd and struggling with a custom .rc file for a webdav server. I create an executable /usr/local/etc/rc.d/webdav, made it source /etc/rc.subr, added name="webdav", "rcvar=webdav_enabled", load_rc_config "$name" and run_rc_command "$1" along with command and pid file definiton. Now when i use 'service webdav start' it works as intended, however after enabling it with 'service

webdav enable' it doesnt run on reboot.

kentoj_: you do have $servicename_enabled="YES" in the rc.conf file right?

nimaje: so if I manaully compile i915 from the ports it should work, right?

yes, just compile it from ports

polarian: well its 'webdav_enable="YES"' but yes

oh yea i mistyped the message here, mb

polarian: abis are stable between minor releases, so building ports for each minor release would unnessesary multiply compute and storage, just some kernel intern interfaces aren't stable and some ports (like drm-kmods and vbox-kmod) use them, so those few ports should get build for each minor release and afaik someone works on making that happen, iirc it will likely land together with pkgbase

Problem resolved, turns out pid file is not automatically managed so it reported wrongly as i didnt create it

nimaje: maybe there should be an additional flag introduced such as "verdep" or something which is a version dependency, and all ports are assumed to be "any" unless this flag is set in which case the remote has a different version for each of the port to fetch

although that would be a major change the port system and would need a lot of development

but it would be useful to be able to differentiate between version specific ports, and version inspecific ports (the majority of ports)

well, pkgbase already needs something like that I think, but maybe it is just another repo per minor version there and pkg has no idea about the minor versions, I didn't look how it is implemented

WTF do I have an 800MB ~/.cargo/ directory tree?

I know that .cargo is a rust thing, but that doesn't answer why that file is there.

s/file/directory

why is block log all does not block the outbound connections as it should?

It does the incoming ports except the ones I specifically allowed

but outgoing is free roam

~/.cargo should only be there if you used cargo, did you build anything as your user?

I'm about to grab the bogons file for pf... I feel like this should be a port. install the port, add the rules, done.

telnet: Unable to connect to remote host: No route to host

hmmm

this is how the pf blocks?

like no route to host lol

not timeout or something

or maybe its doing this cos i blocked icmp alltogether

it can drop or reject depending how it is configured

this is actually quite smart compared to linux if you setup stateful inbound rules for some ports with flags S/SA keep state then you dont need any stateful allow for tcp on outbound its automatic

isnt there a way so root cannot change the gateway period? like in securelevel 2 you cannot change the fw rules

not that i recall