01:11:03 damn martinrame left :/ 01:26:56 Hmm https://vuxml.freebsd.org/freebsd/f4297478-fa62-11ef-b597-001fc69cd6dc.html 01:27:18 patched version pushed to the port tree on the 6th, its now becoming the 9th and still no port compiled for the pkg repo... 01:27:53 but there is a llvm update which was just pushed to the pkg repo, and that had no vulxml entry... surely updates which fix cves should be build first!?!? 01:29:18 I assume its just a normal queue, FIFO 05:09:36 so build it yourself 08:20:26 hm, which recent llvm update do you mean? 09:14:09 I just got a basic nvidia graphics card (MSI 1030) and I'm trying to get it to work 09:14:23 I was using scfb 09:21:22 so far I've uninstalled xf86-video-scfb 09:22:24 cloned the ports git repo - I'm on 14.2 quarterly and afaik that is stiil for 14.1 09:22:49 made and instaled nvidia-driver 09:23:01 stll 09:23:37 kldload nvidia-modeset looks OK 09:23:54 but starting sddm does nothing 09:28:56 might have found it 09:32:04 I hadn't removed 20-scfb.conf but that doesn't fix it either 10:13:38 got it, needed to nvidia-xconfig 15:11:01 I'm having OpenVPN 2.6.13 problems. Server is on FreeBSD 14.2 - all clients on FreeBSD14.1 have a "ETAFssh_ssh_dispatch_run_fatal: Connection to port 22: message authentication code incorrect" problem. Updating the client to FreeBSD 14.2 solves the problem - if I was to file a PR where should it go? Some detail here: https://dan.langille.org/2025/03/09/problems-with-openvpn-when-server-is-freebsd-14-2-and-client-is-14-1/ 15:18:14 dvl: does interactive ssh work or no? 15:22:50 also can you compare the list of `ssh -Q mac` on both the server and the non-working client? 15:53:58 hello 15:56:20 I've set up a poudriere server to build packages for software used on another server. That server has some software installed on the host and additional software running in different jails. Would it be better to create a separate poudriere jail for the host and individual poudriere jails for each jail? 15:57:30 o_O 16:02:19 Yo we heard you like jails so we put a jail in your jail. 16:47:40 I cant figure out how to do a keyfile on a usb stick to autodecrypt a server on boot 16:47:50 the man pages have an example but I cant figure out how to get it working 16:48:22 the example in the man pages seem so store the keyfile on the boot drive, to decrypt secondary disks 16:48:26 or usb sticks 16:48:40 none of it explains how to use a usb stick (unencypted) with a keyfile on it, to decrypt the boot disk 16:49:08 imma mess with loader.conf a little more but how would I give a path to a keyfile when the usb wouldn't be mounted... 16:49:41 hmmm I guess loader.conf will mount anything referenced, and then its the relative path from / on the filesystem 16:50:19 so if the file is in / say "master.key" it would simply be master.key as the path 16:50:30 I assume /master.key would work too 16:53:34 rtprio: yes, interactive ssh is possible over the VPN. I don't usually use that, so it took me a while to test. 16:54:22 [working on the other answers now] 16:56:16 rtprio: `ssh -Q mac` for server, 14.1 client, and 14.2 client - https://gist.github.com/dlangille/576e8c75f7cc984420cbfe3b8abf18bb 16:56:47 TommyC: I do run poudriere in a jail. Love it. 17:25:37 CyberCr33p: When you say separate poudriere jail, do you mean as in `poudriere jail -c`? If it helps, I have many jails, and one poudriere instance. It builds repos for use by all of them. I have one main repo (`primary`) and a list of ports to build for that jail. You could have a different build list, each creating a separate poudriere repo, for each jail. Or as I do it, one repo for use by all of them. `sudo poudriere bulk -j 142amd64 -p default -z primary -f 17:25:37 /usr/local/etc/poudriere.d/buildlists/primary` <== builds the main repo 17:27:30 CyberCr33p: If you have a special jail, which needs different config options for some reason, you could either 1 - one repo just for the packages in that jail, or the simple way. create a new set: `sudo poudriere bulk -j 142amd64 -p default -z SPECIAL -f /usr/local/etc/poudriere.d/buildlists/primary` - then create /usr/local/etc/poudriere.d/SPECIAL-make.conf which has the options specific to that jail. 17:27:47 CyberCr33p: This is an overview... lots more to learn about that. 17:30:35 that's annoying, you can't create a vxlan in a vnet jail? 17:33:19 and if you create it in the host and put it in a jail, you can't configure it :-( 22:05:06 Hi, I'm trying to configure pf to filter packets but, on the same machine I have nginx running as a reverse router for web sites running on other jails running on the same server. So, when a packet enters into the firewall it allows all packets for port 443, this is handled by nginx, then the packet if forwarded (via reverse proxy to, for example 192.168.100.209:4000) and should return to the caller. 22:05:11 My problem is packets enters, but not return... 22:06:19 If I do curl -v "http://192.168.100.209:4000" from the firewall I get the correct results. 22:06:39 that is a longggg ip address 22:07:30 BTW, I can connect to other redirected ports, for example 2222 -> 192.168.100.101:22 without issues. 23:31:09 and he's gone....