00:00:01 specialbomb: nope I removed them all lol 00:00:02 mason, I use mpv for command line everything. 00:00:09 either you love it or you hate it 00:00:27 rwp: Ah, I thought of it as not being console-based. Will try it. Thank you. 00:01:45 oh someone please shoot me I cant take this anymore 00:03:53 polarian: I knew you were gonna say that :/ 00:04:09 hah 00:05:38 mason: should be included with multimedia/vlc 00:06:19 rtprio: It's a build option that's off by default. If I build the port I can turn it on. 00:07:35 well, building it by hand is not much effort 00:07:57 but mpg123 is one i used a long time ago 00:08:06 https://bpa.st/KCWA 00:08:08 seen this issue before 00:08:12 its definitely state 00:08:18 but whats causing this... 00:08:22 ugh :( 00:09:08 polarian: what's the problem exactly? 00:09:19 rtprio: stateful packets getting dropped 00:09:22 as they arent stateful 00:09:59 packet goes from a vnet jail, to host, where it is NAT, passed out to WAN via wg0, then the reply comes in on wg0 and then is blocked by "block log" within the firewall 00:10:14 stateful packets are passed without firewall 00:10:24 but as the pastebin shows, the state is not being established 00:13:40 did you share your rules too? 00:13:40 what happens when you do bare minimum and just do the nat rule? 00:15:23 also, what do your routes look like? 00:15:42 rtprio: further up yeah 00:16:08 but theres nothing let, I stripped the config right down, I didnt think any of the extras were the problem but had to make sure 00:16:22 its a basic nat, passing on packets from the epair, and then passing them out 00:16:37 ig I remove wg next 00:17:30 oh yeah I remember, it is wg which is causing the issue 00:17:39 but I fixed it somehow ages ago 00:18:18 mtu on the wg? 00:18:27 rtprio: doubt its mtu being a pain but sure 00:18:39 it defaults to a sane value but its certainly not mtu 00:18:44 MTU is 1300 00:18:52 the default doesn't work :) 00:18:56 I have no clue why 00:18:59 no it does not 00:19:04 1420 is the default and it ends up dropping the packets 00:19:11 I found ~1300 doesnt cause issues 00:19:24 this was ages ago, wireguard as a whole on wireguard is duct tape at best 00:19:53 wait, wg on wg? 00:20:32 does your jail also contain a tunnel? 00:20:39 block log all, blocks in AND out 00:21:00 specialbomb: no 00:21:02 only the host 00:21:16 tf: I am aware... 00:21:29 but pf is a stateful firewall 00:21:59 you usually start pf rules with block all, further rules modify whats allowed 00:22:02 so if you block in, but your device connects to say google.com, there is tcp state 00:22:10 the returning packet matches the state, and doesn't go through pf 00:22:19 polarian: you dont state keep state, are you sure it is? 00:22:31 keep state is default 00:22:33 tf: keep state is the default 00:22:50 no offence, but I have used pf for years... I know my way around the firewall :) 00:23:26 this is an edge case im trying to remember how I solved before :P 00:25:04 so remind me, packets are not getting to the wireguard interface, and its not that decaped packets arent getting to the origin? 00:25:41 specialbomb: wireguard is functioning just fine, everything on the host works fine 00:25:49 the issue is specifically the state when it comes to the NAT 00:26:01 I know this because if I drop the firewall block, the packet is still dropped 00:26:01 rtprio: FWIW, rwp sold me on mpv. It seems to do everything I want. 00:26:06 sorry, the state relating to the nat 00:26:13 if you look at the paste I sent 00:26:16 https://bpa.st/KCWA 00:26:21 this is produced with wireguard 00:26:26 as you can see the state is never established 00:26:38 the state should look like.. one sec lemme grab log 00:27:19 could I ask what your vpn provider is 00:28:27 specialbomb: my router xD 00:28:33 wait, no that shouldnt matter in this case I think... 00:28:39 no it shouldnt 00:28:45 as the packets pass in and out of the wg interface 00:28:46 theres this weird edge case with OVPN 00:28:53 but thats besides the point 00:29:04 I just for the life of me want to remember how I solved this issue a year ago 00:29:06 so badly 00:30:08 in your state log, what are the addresses? I guess thats whats confusing me. its obvious which is the wg if but its unclear what the rest represent 00:33:39 i think my server issue was bad ram 00:33:57 good time to have ram go bad after its price goes up 400% 00:34:19 I forgot xfce can kinda use wayland 00:34:21 sorry man :( 00:34:30 specialbomb: 192.168.254.1 is jail, 34.160.111.145 is ifconfig.me, 192.168.4.2 is the addr assigned to wg 00:34:31 ty 00:34:35 should make sense now 00:34:46 kerneldove: this is why I keep spares :) 00:34:46 https://share.katzenmue.de:9270/file_share/0691d109-a10b-7144-a610-683db6e3a88d/20251118_193424.jpg 00:34:50 Cursed 00:34:55 ram and disks are useful to have spares 00:35:01 motherboards and cpus sometimes come in use 00:35:22 especially if you have butterfingers like me and drop a disk onto your motherboard and fry it 00:35:23 oh i have lots of spares for my home servers, these are datacenter servers so the hosting company has to eat the cost 00:35:27 polarian: in that case, where is your endpoint wg peer? 00:35:28 im sure they have spares too tho 00:35:34 specialbomb: irrelevant 00:35:44 i have a hoard of sas drives, ram sticks, etc 00:35:45 but 192.168.4.1 00:35:55 on your local network then? 00:36:14 oh I thought you meant the address on the wireguard end 00:36:29 the IP address of the router is 192.168.2.1 :) 00:36:32 because this is local 00:36:45 if I was out of the house it would be the NAT addr of the router 00:37:06 I reserve the other IPv4's I have for statically assigning to servers on separate vlans 00:37:19 something which has been a pain to setup and still not working either :P 00:37:21 so, the encapsulated traffic IS coming back from your router then? 00:37:33 whether encapsulated or not, it passes through the router 00:37:35 yes 00:37:35 just getting blocked? 00:37:38 no 00:37:45 the router has nothing to do with it 00:37:53 as I said, the tcpdump shows the HOST is dropping it 00:38:04 ignore anything else, its exclusively the host 00:38:05 okay good, thats just what I wanted to clarify 00:38:14 no wg, state works fine 00:38:17 with wg, state breaks 00:38:18 im a littlw retarded btw 00:38:33 and I remember having this exact issue, which is why it is pissing me off so much 00:38:36 I literally sloved it 00:38:51 I remember this same suffering before ugh 00:38:54 im trying hard to try and sort out why exactly state isnt being established... 00:39:41 I do know when I was routing traffic between my jails, I had to establish bidirectional rules 00:40:02 theres bidirectional rules dw 00:40:05 but thats in the case of external traffic initiating a connection 00:40:08 "route show" shows all the routes I need 00:40:10 no problem 00:41:36 the host will always know how to get to the jail, but there is a catch which took me ages to figure out, which was if you have a vm within the jail, you need a route for the /29 block to the IP of the epair iface within the jail 00:41:54 this means the host will not know how to reach the vm, but it has a route to pass it back to the jail 00:41:57 and the jail does know 00:41:59 so it routes fine 00:42:15 most people use bridge though, which makes things simpler, but routed is more secure 00:42:56 some people think using cloudflare is secure until it takes down half the internet 00:43:15 cpet: therefore the answer is clear 00:43:42 turn the pc off ? 00:43:45 cpet: lol 00:43:58 and until they realise cloudflare is decrypting (and likely storing) all their encrypted packets :P 00:44:10 sounds like a security vulnerability to me, not a security improvement 00:44:11 cpet: fuck cloudflare!!! 00:44:15 s/improvement/layer/ 00:44:17 polarian: most big companies do that 00:44:17 scottpedia: agreed 00:44:26 cpet: which is why you should avoid them :) 00:44:32 google does it, apple does it 00:44:56 cf is basically a protection fee racket 00:45:00 polarian: does it as well 00:45:13 pay or be denied access 00:45:24 scottpedia: pay me then 00:45:46 anyways back to smashing my head against the table 00:45:59 you cant multitask ? 00:46:02 well you ain't Lee Holloway are you? cpet 00:46:14 polarian: this is partially why I also do routing instead of bridges, but for me its mostly that I think routing gives you much greater control and a lot less overhead than having to worry about l2 specifics 00:46:50 scottpedia: i dont like cloudflare so no 00:47:24 specialbomb: which is why I did it too 00:47:27 I wanted control of the packet flow 00:47:32 but on a basic level, its easy 00:47:42 start slapping different virtual interfaces in, and multiple physical 00:47:44 and shit goes bad :/ 00:47:46 cool theres a bill that would require cursive learning in schools 00:47:47 heh 00:48:03 cpet: where? 00:48:08 Florida 00:48:11 lol 00:48:29 cpet: they don't teach that by default where I went to school 00:48:40 they did when I was in 00:48:43 40 years ago 00:48:58 why would you want people forced to learn cursive writing 00:49:13 cause its quicker fancier and better 00:49:19 polarian: be sure to let me know your solution if you remember, im pissed I cant figure it out :D 00:49:23 just like your routed approach 00:49:26 that's not a good idea since i can't read a lot of old folks' note 00:49:53 specialbomb: I will prob be braindead by then 00:50:09 if it works leave it alone (TM) 00:50:50 cpet: Florida is a nice place btw 00:51:24 they drive like crap though 00:51:34 drive? 00:52:01 you know large box looking thing with 4 wheels on it that goes zoom zoom ? 00:52:02 as in motoring? 00:52:45 polarian: We are making my kids learn cursive. 00:52:46 hrm 00:52:49 okay hard to figure how "crap" it could be 00:53:31 sometimes cursive should be the first writing to teach a kid mason 00:53:58 look at how things were done a centeury or so ago 00:54:41 i remeber a time when kids went outside and not doing dumb shit on tiktok 00:55:43 and I remeber when I was 9 and some lady called me up telling me she hit my dog and I carried it home and my brother sprayed it with ant spray and it was as stiff as taxodermy 00:55:45 thank god I was the last gen to ever go outside 00:55:50 but now its all social media or tiktok 00:56:10 my cousins and stuff were ph@cked hard by the following wave of crap "apps" 00:56:28 a time when downloading a vidoe took hours 00:57:00 a time when you only had to worry about durnk drivers not drunk, high, texters 00:57:01 heh 00:57:06 Is there a "default/most used" DE/WM in FreeBSD (out of curiosity) 00:57:27 Lumina was the one pcbsd came with 00:57:31 think it died 00:57:39 gnome is popular I hate it 00:57:46 xfce4 and KDE are my personal favs 00:57:53 I heard about something called xenocara 00:58:03 thats openbsd x11 suite 00:58:11 Oh did you see my cursed xfce Wayland pic 00:58:33 nope 00:58:37 mason: why? lol 00:58:46 JetpackJackson: I believe KDE is the most popular 00:58:46 if it snot jennifer connley riding that horse 00:58:49 i dont want to see it 00:58:50 heh 00:59:02 but freebsd is not commonly ran on the desktop 00:59:04 polarian: Why prevent them from being able to read some decent percentage of written communications? 00:59:06 gnome's graphics is over-simplified 00:59:16 cpet: https://share.katzenmue.de:9270/file_share/0691d109-a10b-7144-a610-683db6e3a88d/20251118_193424.jpg 00:59:16 wifi issues, software issues 00:59:17 shit just segfaults lol 00:59:24 polarian: freebsd runs nice as a desktop you just have to pick your HW right 00:59:42 I get i3 and python (gajim) segfault often 00:59:55 gajim is horrible 00:59:58 true 01:00:02 Gajim is garbage 01:00:03 dino segfaulted in the past too 01:00:11 I say as someone who uses it lmao 01:00:15 Linux software written for LInux 01:00:17 not meant to run on BSD 01:00:32 but then again i never liked jabber 01:00:38 i miss gaim 01:00:40 Can't wait until I'm not behind a cgnat, then I can use websockets and use Cheogram web 01:01:05 God I want a framework laptop lol 01:01:13 jabber as in the chat protocol? 01:02:05 last I remeber XMPP is jabber 01:02:15 JetpackJackson: websockets work with CGNAT Lol 01:02:16 last I used gajim was for that 01:02:22 well depends 01:02:27 do you mean the server side, or client side 01:02:33 now i think its a multi chat thing like pidgin 01:03:10 polarian: im connecting to singpolyma's server to bypass the CGNAT so my DNS is set to his server 01:03:34 JetpackJackson: I dont know what you are saying lol 01:03:46 CGNAT prevents you hosting things 01:03:47 it's too complicated a thing... just use IRC if it's not for some extra-important stuff. cpet 01:03:50 it does not prevent you connecting to websockets 01:04:01 websockets are just sockets but HTTP based 01:04:13 if websockets are blocked by CGNAT so would regular sockets 01:04:22 Hmm 01:04:25 https://prosody.im/doc/websocket 01:04:30 I guess I'll look into it again 01:04:33 oh you mean hosting it yourself? 01:04:44 are you trying to host on a CGNAT 01:04:47 if so then sure, it wont work 01:04:56 but connecting to a websocket via CGNAT works fine 01:04:57 love it when people on residential want to host crap then get fussy when you just need to get a biz line 01:05:03 Yeah im behind a cgnat 01:05:13 That's why I'm sshing into the other server 01:05:16 JetpackJackson: not the answer to my question 01:05:22 still not the answer 01:05:34 the answer is $@ 01:05:35 I don't understand then 01:05:42 are you trying to host prosody on your home network 01:05:48 or are you trying to connect to prosody on another network 01:06:15 The first one 01:06:34 why dont you get a VPS for 5/m 01:06:37 and host it on that ? 01:06:38 I _am_ hosting it, I just can't do websockets 01:06:55 cpet: because singpolyma lets me use his server and it's free 01:07:08 And I can run it on my own hardware at home 01:07:20 no you cant 01:07:20 Just have to ssh for connection stuff 01:07:32 according to what youre saying about CGNAT 01:07:35 you can not 01:07:50 if you have to connect to server y to connect to server z through sing whatever server 01:07:53 you can't 01:07:58 I use autossh to connect to him 01:08:25 It works. It's how im talking here cause I'm using a xmpp-irc bridge 01:08:27 Lol 01:08:35 man people like you are the reason why ISP's have to do all this crap in the first place 01:08:47 ... what? 01:08:52 not really? IP address exhaustion is why CGNAT exists 01:08:54 What'd I do?? 01:10:09 JetpackJackson: I'm not entirely sure that person's game. But yeah you probably do need to get a VPS, since you don't have a public IP. You can use the VPS solely for tunnelling if you want, but it rmains that you need to do it. 01:10:11 cpet: they used to give up full ipv4 address with all non-standard ports open 01:10:17 us* 01:10:45 my ISP still does that 01:10:45 JetpackJackson: so you are forwarding traffic over ssh 01:10:49 through to singpolyma's server 01:10:52 except for port 25 01:10:53 LxGHTNxNG: oh. I guess I'm using the other server as a tunnel 01:10:56 why the fuck is singpolyma letting you relay off his server 01:11:02 pity 01:11:04 probably 01:11:05 and if you have cgnat, then you obviously cant host 01:11:11 polarian: not without help, no 01:11:13 pay for a VPS, setup wireguard on it, and tunnel through it 01:11:15 but again they limit the upstream speed so it isn't that useful anyways 01:11:20 or, just host everythign on the vps 01:11:21 polarian: because he's nice? 01:11:32 JetpackJackson: its not a very good setup im sorry 01:11:33 if you can't afford 5/m 01:11:38 really heh 01:11:45 5 which? galactic credits? 01:11:52 Lol I wish 01:11:59 JetpackJackson: wish what? 01:12:00 are you allergic to the shift key cpet? 01:12:03 I want a lightsaber 01:12:06 Lol 01:12:18 shift keys are bad 01:12:23 cpet: we used to be on 600Mbps-duplex for 15CAD/m with ALL PORTS OPEN for some reason 01:12:30 well, glad I could be of humour at least. stay safe y'all. *dragon flies away* 01:12:41 Lol 01:12:50 I was floodfilling i2p like crazy these days 01:13:02 See ya later LxGHTNxNG 01:13:55 scottpedia: a ISP shouldnt filter anything 01:14:08 most services are behind a nat firewall which is secure enough for most home users 01:14:09 yes that's ideal 01:14:19 and they should give us dynamic addresses too 01:14:28 I should learn how pf works 01:14:32 shoudn't* 01:14:35 i have a dyn IP but it hasnt changed for 3 yrs heh 01:14:35 And try out bhyve 01:14:45 JetpackJackson: vm-bhyve 01:14:57 Yeah 01:14:59 cpet: yeah some lazy employee might forget to turn the rotation up 01:15:15 I don't know how much ram or cpu it needs though 01:15:35 freebsd will run fine on 1gig of ram and 60gb space 01:16:14 wouldnt recomend running it with zfs but it can be tuned to work with 1gig 01:16:50 Im using ufs cause of the ram issue 01:17:20 I think the CPU is a bottleneck 01:17:23 why dont you just run freebsd over hyper-v ? 01:17:24 Celeron 01:17:25 or KVM 01:17:36 JetpackJackson: zfs doesnt have high ram usage 01:17:46 cpet: a VM on a Linux host? 01:17:50 I wanna run bare metal 01:17:57 is dead | cpets is dead 01:18:11 it uses spare ram for ARC cache 01:18:13 ARC: 5964M Total, 2762M MFU, 2102M MRU, 264K Anon, 38M Header, 1059M Other 4248M Compressed, 6966M Uncompressed, 1.64:1 Ratio 01:18:30 zfs isnt a ram hog my ass 01:18:31 hah 01:18:45 polarian: this is the laptop im running FreeBSD on: https://bsd-hardware.info/?probe=221eed4850 01:19:24 ugh 01:19:27 I cant load the site 01:19:32 its slow 01:19:34 very slow 01:19:36 but it works 01:19:46 Yeah idk why it's so slow 01:20:02 NAT is not a firewall 01:20:12 probably cause they run it off there home DSL service 01:20:13 4GB of memory is more than enough for zfs 01:20:14 ;P 01:20:19 like cpet pointed out 01:20:22 1GB is enough 01:20:27 DSL is olde xD 01:20:29 LxGHTNxNG: never said it was 01:20:30 just you wont get a large ARC cache but thats fine 01:20:34 JetpackJackson: celeron which? 01:20:45 which codename/rlease year? 01:20:50 LxGHTNxNG: I have DSL :) 01:21:18 does zfs cost that much ram? 01:21:20 LxGHTNxNG: https://www.intel.com/content/www/us/en/products/sku/189309/intel-celeron-processor-4205u-2m-cache-1-80-ghz/specifications.html 01:21:33 scottpedia: yeap 01:21:47 you talking about having encryption-enabled 01:21:49 ? 01:21:52 scottpedia: its mainly used for arc cache, I dont see a sizable difference in mem use between zfs and ufs 01:22:07 ARC: 13G Total, 9690M MFU, 2023M MRU, 896K Anon, 173M Header, 1544M Other 10G Compressed, 21G Uncompressed, 2.05:1 Ratio 01:22:15 thats the desktop with 64 gigs of ram 01:22:17 LxGHTNxNG: 2x Celeron CPU 4205U @ 1.80GHz 01:22:18 cpet: ARC only uses SPARE memory 01:22:24 ARC shrinks with memory use 01:22:30 cpet: damn 64GB ram???? 01:22:48 And here I was thinking 16GB was plenty 01:23:01 they had a special one day for veterans day 01:23:06 so i bought some ram 01:23:24 regardless of how zfs arc works 01:23:29 zfs is a ram hog 01:23:58 unused memory is wasted memory 01:24:05 zfs makes good use of spare memory 01:24:59 Alright 01:25:20 imo functionally zfs is not so different from lvm so it shouldn't be a burden on just the typical HW of laptops and servers 01:26:25 I used to do lvm on a t3.micro 01:27:39 zfs can be tuned nicely on systems with less ram, it is mostly arc. you can change that easily 01:27:56 Hmm as long as I don't touch xwayland niri will work, it's when I try to run xwayland it just does not work 01:28:02 Sorry my brain is all over 01:28:11 Zfs and Wayland and websockets 01:28:13 Sorry 01:29:27 I've found that I do need to limit ARC to be able to deal with non-ARC memory allocations. More so on illumos because its memory allocator is broken 01:30:06 Interesting 01:32:59 scottpedia: lvm and zfs are entirely different 01:33:16 just because zfs can do what lvm does, doesnt mean they are similar 01:33:27 lvm is just volumes, its not a filesystem 01:33:49 "functionally" polarian 01:33:59 scottpedia: functioning how? 01:34:13 say im installing an OS, I am not going to slap LVM on it as the filesystem am I? 01:34:20 but if I was installing BSD I would select zfs.. 01:34:25 comparing apples with oranges IMP 01:34:27 IMO* 01:34:39 Apple and orange are both fruit, but that doesnt make them simialr 01:34:41 similar( 01:34:45 I said "functionally" they are not so different 01:35:12 lol well tbh this isnt really worth arguing over xD 01:35:15 nitpicking a little :P 01:35:20 apologies 01:35:41 okay it's alright 01:35:48 but is LVM not a filesystem? 01:35:56 nope 01:36:21 there is a flag for a given partition that says "linux-lvm" as I remember 01:36:36 theres a flag that says freebsd-zfs as well 01:37:02 i would classify LVM like raidframe 01:37:21 scottpedia: it cant store data 01:38:00 I understand that but doesn't lvm dwell under a raw partition and emualates the recognized VGs on loopback? 01:38:01 in my personal use its a buggy pos 01:38:04 but bleh :) 01:38:25 sounds like one-level-above-filesystem things 01:38:53 * polarian shrugs 01:38:59 I am not a Linux developer, I cant say how its implemented 01:39:05 you know wikipedia has a decent article about lvm 01:39:14 yeah lvm doesn't do much to files 01:39:20 lvm bugs me, last time I attempted to use it 01:39:25 haha 01:39:43 the whole linux world bugs me 01:39:45 including lvm 01:39:55 the way lvm does snapshot is mindboggling 01:39:57 I started to feel it, heh 01:40:18 i guess if anything is like zfs, I guess btrfs, but that shits whack 01:40:30 and still very different lol 01:40:34 hammerfs from dragonfly is an interesting beast 01:40:38 I am trying to implement vhd boot environment for fbsd 01:40:58 that might be an evolution even from zfs 01:41:24 alright back to slamming my head on the desk 01:41:46 take some meth so it atleast doesnt hurt 01:41:48 cpet: oh that explains the latest analognowhere comic 01:42:04 Hm, no ungoogled-chromium package, just ports. More reasons to use Poudriere. 01:42:09 https://share.katzenmue.de:9270/file_share/0691d206-f4e4-71a8-a1b0-d9e0297807c6/Screenshot_20251118_204201_Fennec.jpg 01:42:15 polarian: im tempted to recreate your issue at home on my spare laptop to attempt to poke at it myself lol. 01:42:33 I need to set up aliases for the poudriere cmds 01:42:58 From here https://wiki.freebsd.org/VladimirKrstulja/Guides/Poudriere 01:43:45 JetpackJackson: Oh, nice. I'd used a DigitalOcean guide last time. Nice to see ... I was going to say "something maintained 01:43:52 but that appears to be six years old. :P 01:43:57 Oh 01:44:01 I didn't notice 01:44:03 Lol 01:44:21 I guess the guide I was using is a decade old, so that still wins: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-poudriere-build-system-to-create-packages-for-your-freebsd-servers 01:44:25 Well it seems to work, haven't decided what to build yet tho 01:44:55 JetpackJackson: There are some ports where there simply aren't packages ever, for licensing reasons etc. ISTR there was some CUPS-adjacent package that did this for me. 01:45:06 Thinking of making a nerd-fonts symbols-only package and then having yazi depend on it instead of the whole 6GB nerd fonts 01:45:11 Plus, you can tweak options. 01:45:13 specialbomb: I just had a lightbulb moment 01:45:20 I am just gonna check my snapshots 01:45:48 good idea! 01:46:31 mason: yeah I tried options but it won't help cause nerd fonts is in AUXDEPENDS or whatever and I want a smaller nerd font package 01:46:55 make config 01:47:00 remove AUXDEPENDS 01:47:03 make install clean 01:47:22 pkg would complain but then you would add a skip on that package 01:47:30 and problem solved 01:47:36 Doesnt help cause nerd fonts package is droid sans, ioveska, etc. I just want symbols only 01:47:42 no need for a full blown poduriere setup for 1 port 01:48:17 https://archlinux.org/packages/extra/any/ttf-nerd-fonts-symbols/ 01:48:49 specialbomb: its identical to what it is right now... 01:49:03 back when it worked 01:49:54 I gotta look at how thebnerd fonts pkg unpacks the fonts and unpack the ones I want 01:49:55 Ig 01:50:18 Idk I feel jittery. Need to work on HW but also have to log off in an hour 01:50:36 how old are you heh? 01:50:49 I'm in college lol 01:51:04 ill be damned if any one tells me to log off 01:51:08 im in college too 01:51:08 JetpackJackson: is that US or UK college 01:51:10 very different 01:51:12 lol 01:51:17 But I like to make sure I'm off computers an hour before bed cause then I'm all hyper 01:51:25 definition of college that is 01:51:26 Or at least its harder to sleep 01:51:28 US 01:51:30 ah 01:51:34 so university in the uk then 01:51:37 they have meds for that 01:51:43 we cant afford them but we do have them 01:51:44 :P 01:51:48 Yeah I know I take meds 01:51:56 :p 01:52:09 whatcha going to school for ? 01:52:24 Still have to do things in my life to manage my anxiety and adhd combo 01:52:28 Computer science 01:52:40 Cyber Security 01:52:47 Changed my major from mechanical engineering to electrical engineering to cs 01:52:49 Oooh 01:52:50 Nice 01:52:59 lol 01:53:04 someone couldnt make up their mind 01:53:06 graduated in Augist now im with my bachelors 01:53:13 I def wanna get a cyber security related job 01:53:16 polarian: most people with adhd cant 01:53:19 meanwhile I am losing the will to live 01:53:20 Congrats cpet 01:53:25 I dont wanna give up on this damn networking 01:53:32 I graduate in the spring 01:53:41 cpet: or do what I did, drop out and be useless! :) 01:53:44 polarian: bro take a break and come back in the morning 01:53:48 nope 01:53:51 polarian: im already useless 01:53:58 polarian: now i can be useless with a degree 01:53:59 cpet: dont say that 01:54:00 I will eitherf ix it or pass out 01:54:07 oh my egods 01:54:13 polarian: please go to eep 01:54:22 Fr 01:54:52 you know your network issue will be there when you wake up 01:55:02 your switch isnt going to run away 01:55:10 JetpackJackson: will 01:55:13 but not your switch 01:55:48 LxGHTNxNG: 2am and still going!!! 01:56:03 cpet: yeah but more procratination, and its why nothing gets done 01:56:14 im in the zone rn 01:57:05 polarian: lets just say my VA medical record is 900+ pages long 01:57:15 VA? 01:57:23 veterans affairs 01:57:30 dunno what that means lol 01:57:52 the united states way of giving back to the veterans :p 01:58:10 I literally cant see why the fuck this isn't working 01:58:18 then you probbaly need to sleep 01:58:23 or a smoke 01:58:45 personally when I get frustrated over something freebsd i go take a break come back 01:58:54 99.98% of the time i fix it few mins after 01:59:31 LxGHTNxNG: no, its just a scummy problem 01:59:35 and likely a skill issue 02:00:12 i would ask to see your pf.conf but most people modify it to now show IP's or anything 02:00:47 cpet: they sent it already. https://bpa.st/AOGQ 02:00:52 could always go the modern way and paste your config to chatgopt and ask it whats wrong with my config 02:00:55 heh 02:01:14 Cheater! 02:02:01 cpet: I would rather die 02:02:05 so you are VPN'ing your jail traffic ? 02:02:16 cpet: its on my laptop, its an always on VPN 02:02:36 theres extra rules there to block traffic going out on wifi/eth and force it through wireguard 02:02:42 but I removed them for debugging 02:02:54 disable wg, state works, enable wg, state breaks 02:03:06 skills work better if you have slept 02:03:12 no state, means pf drops it 02:03:17 as it sees it as a new inbound connection 02:03:21 not a stateful packet 02:03:24 polarian: ever thought about its not your firewall but wg? 02:03:33 cpet: how would it be wireguard? 02:03:47 20:02 < polarian> disable wg, state works, enable wg, state breaks 02:03:49 come on now 02:03:54 you need sleep man hah 02:04:23 cpet: no sleep needed 02:04:30 thats the facts 02:04:39 the only thing in wg which changed was IPv6 connectivity 02:04:49 and I SEVERELY doubt, IPv6 is the issue here 02:04:58 different routing tables 02:05:01 different state tables 02:06:00 like I said, im motivated to try and do this myself 02:06:39 ill probably fool around with that this weekend if im not busy 02:06:47 def not tonight, my brain feels crusted 02:07:59 polarian: As much as I appreciate the real-time IRC feedback, scrolling through these convos to find out what exactly what is going on is heinous sometimes. 02:08:19 ek: im aware its annoying 02:08:46 by now I usually would have fixed whatever I moan about 02:12:23 ek: line breaking is a bad habit obtained by us gen z folk, and for that I apologize 02:16:16 I apologize as well 02:17:17 JetpackJackson: you are in the US? 02:17:24 because your site is .de 02:17:26 so arent you German? 02:17:49 https://gist.github.com/unixbeer/1bbcdccf0308a617614a33acca76b029 02:17:51 try that 02:18:10 polarian: I am American yes 02:18:19 JetpackJackson: whats up with the .de tld then? 02:18:30 Because I wanted it 02:18:44 cool ig lol 02:18:46 confusing tho 02:18:48 Cause I'm learning german 02:18:57 why/ 02:18:59 And its a whole word 02:19:09 katzenmüde 02:19:41 I mean its a play on the phrase "dog tired" but with "cats (plural)" 02:20:37 Cause I like cats 02:21:20 :3 02:29:53 Hm, is there any simple/quick way to get default audio input from one pcm device while the speakers are on another? 02:32:50 Specifically, I want to use a webcam as input and another pcm device as output. 02:32:54 specialbomb: it's older than that 02:33:20 I said obtained, not created! 02:33:51 wheres ivy 02:34:03 There's https://forums.freebsd.org/threads/audio-play-rec-from-2-separate-sound-devices.72675/ with no answers. :P 02:34:10 ivy is like the saving grace when it comes to networking 02:36:29 I probably need virtual_oss. 02:59:41 cpet: how can I make make install not recompile everything 03:01:10 depends 03:04:12 Like i tried portmaster and it had done it after config with -P I think 03:04:27 Not sure how to have make or poudriere do that 03:05:47 Also what does poudriere mean 03:06:10 Wait I should look at that up instead 03:07:55 I guess I'll use portmaster for this port? Idk I wanna figure out how to not rebuild using poudriere 03:09:29 Idk what are yalls thoughts 03:20:51 JetpackJackson: what are you trying to accomplish, exactly? 03:21:00 build a port, or more than that? 03:21:42 I want to make it either that nerd-fonts only pulls the Symbols TTF files or that yazi does not depend on all of nerd-fonts 03:21:50 Whichever is easier or better 03:23:08 you know, you can just copy the ttf into the fontsdir and not fuck around with all this 03:23:54 i don't see why having a few extra font files is any cause for a bunch of fucking around with ports, espically if you're relatively new to freebsd 03:29:24 I swear I tried that but I don't think it worked. Maybe I skipped a step. I'll try that again tmrw and see 03:29:44 Plus the auxdepends with make config 03:29:55 Or else yazi will pull in the files again 03:30:23 yazi? sysutils/yazi ? 03:30:37 again, what's the problem with having a few more font files that nerdfonts installs? 03:33:24 It's 6gb 03:33:48 It just seems like a lot that I don't/won't use 03:33:55 I guess it's fine though 03:34:53 I don't want to go crazy like I did with gentoo cause then I wanted to "debloat" things and then realized that it would be a waste of computing especially for firefox 03:35:26 Actually I guess it makes sense that it pulls in the other fonts so that you end up with a font installed 03:36:05 Had to install a monospace font before foot terminal would open when I was doing post install stuff 03:36:57 q 03:37:21 well shit, i didn't realize it was that big 03:40:04 typefaces... 03:40:58 wtf did you just call me? 03:47:19 rtprio: yeah 04:30:36 JetpackJackson: pkg's 04:30:41 ports is all compiled 04:31:08 as for rtprio he is right why 6 gb of fonts is such a big deal 04:31:54 chris@beastie:~ % pkg info | grep font|wc -l 62 04:34:31 hodapp: typefaces 04:37:55 JetpackJackson: do you want me to make you a pkg without all that font crap ? 04:39:11 JetpackJackson: im bored and drinking beer so today is your lucky day 04:42:07 i do find it interest how many different building systems there are now compared to when there was one 04:43:11 and what a pain in the ass it was to debug m4 04:46:53 JetpackJackson: on a celeron building rust would probably take a few days 04:48:00 Random update, for some reason after randomly thrashing around Firefox ended up starting to show me pcm devices in the microphone pop-up. I'm unclear why it didn't do it from the start. 04:49:00 JetpackJackson: https://unix.beer/~chris/yazi-25.5.31_5.pkg 04:49:33 mason: firefox does weird thing as the system gains uptime 04:50:10 cpet: This was through reboots, but I wonder if it was the Firefox build. I switched to "latest" midway as I realized there was no Chromium package in "quarterly". 04:50:22 I bet the new Firefox is the variable that mattered. Guessing anyway. 04:50:40 i run latest 04:50:54 as long as it plays youtubes im happy 04:51:59 Yeah, that works, although I tend to just use yt-dlp. 04:52:20 mason: is it still working? 04:52:35 it's been a while since I looked into that issue 04:52:36 scottpedia: yt-dlp? Yeah. 04:52:53 but last time I tried youtube-dl was kind of blocked 04:52:57 I need to check it out on the new box, but I've been running it straight out of git. 04:53:12 youtube-dl might be abandoned at this point - unsure. 04:53:38 okay so what's with yt-dlp? the successor? 04:53:54 It appears to be the project currently getting attention. 04:54:08 okay alright thx for the ping up mason 04:54:20 sure 04:56:32 deno: A full installation of Xcode.app 15.0 is required to compile 04:56:34 this software. Installing just the Command Line Tools is not sufficient. 04:56:36 Xcode 15.0 cannot be installed on macOS 11. 04:56:47 ------------------------------------------------- 04:57:02 another indication that I need to do the migration out of macos 05:00:51 or upgrade HW 05:01:38 already did. just not a mac this time 05:01:52 i sold my mac book and mac mini 05:01:57 given it up already 05:02:00 to get a newer mac book pro 05:02:07 apple is trashing us 05:02:24 big companies are trashing us 05:02:37 it's not worth it bro. eventually it comes a burden to take care of because of the increasingly closed and bloated software 05:02:43 becomes* 05:02:54 scottpedia: its a nice laptop for school 05:02:57 ;/ 05:03:03 you in college? 05:03:08 yeah 05:03:25 okay well. most of the times I just used the computer at the library 05:03:28 graudated with honors in aug continuing to bachelors 05:03:48 aug? 05:04:00 August 05:04:48 why continuing to bachelors? 05:04:58 Gi Bill 05:05:13 oh you in military? 05:05:16 VA pays me to goto school would be an idiot not to use it 05:05:33 was 05:06:09 right interesting I thought you usually get a bachelor's as a first out of a college education 05:06:32 things might work differently stateside 05:06:35 depends 05:06:48 you start with an associates and work your way up 05:07:05 okay i see 05:07:31 not familiar with the G.I. stuff but I heard it's not easy to get paid to go to college even after being in service 05:07:58 depends on time in 05:08:31 did you spend time overseas? 05:08:39 yeah 05:08:58 then it's navy or marine corps right? 05:09:04 Navy 05:09:14 that experience must be great for a man to have tbh 05:09:39 as long as you dont piss us off yeah 05:09:53 us? 05:09:58 veterans 05:10:25 okay by how? 05:11:10 most people who were in end up either grumpy, easily irriated or violent 05:11:45 sorry idk how this works exactly but you becoming an officer after college right? 05:12:09 i was active duty not an officer 05:12:53 okay 05:13:03 aka enlisted 05:13:23 how was your life btw? were you a pilot? 05:13:37 were you on carriers and stuff? 05:13:38 no I was a mechanic 05:14:12 okay alright 05:14:24 and I was on 2 carriers 05:14:41 wow that sounds great 05:15:40 anything interesting to share? 05:16:40 not really i have a messed up knee, arithtis in my c4 and c5 vert, back pain, head aches and stage 3b chronic kidney disease 05:17:32 damn that's no good. 05:17:52 how did that get those conditions? 05:19:21 fell in a hole during training, and jet fuel fumes 05:19:56 sorry to hear that. but hope you getting better man 05:21:52 im 2.3 point from needing dialysis, and its getting harder to move my neck carpol tunnel is making it hard to type 05:21:55 :P 05:22:31 because of mainly jet fuel fumes? 05:23:07 cant really get into the rest of the reasons 05:23:11 but pretty much 05:24:03 i mean that shouldn't cause that much of damage to the body. we smoke in gas exhausts all the time 05:25:30 but why did you say those in service eventually got grumpy and violent? 05:25:58 lets just say PTSD isn't fun 05:26:11 I heard some very different feedback from a guy stationed in Korea for a while 05:27:08 but i mean were you in active combat? I thought you just do stuff on a carrier. 05:27:31 i was a seabee we are like low level marines 05:29:13 okay 05:30:16 did you ever go ashore every so often? 05:30:42 like when the carrier gets supplies and stuff 05:31:42 not really 05:34:45 okay nice to talk to you man 05:34:54 gotta go so perhaps later cpet 05:35:43 bye 06:28:07 How is it I only just now learned about "service foo enable" and "service foo disable?" 06:28:30 beer is not involved ? 06:35:56 mason, It took me a while to discover that feature too. It's kind's one of those off to the side features. 06:36:15 It goes right along with "onestart" and "onestop". 06:37:48 took me a while to figure out sysrc -x cups_enable="YES" 06:37:51 is a thing 06:39:09 now im not a fan of all the linuxism 06:39:52 but it is easier to do sysrc bleh_enable="YES" && service bleh start than sh /etc/rc.d/bleh start 06:40:01 and yes thats being sarcastic as hell :) 06:41:29 I knew about onestart and onestop, but I love enable now that I know about it. 06:42:02 cpet: service is more an old Unixism than a Linuxism. 06:42:23 i have used freebsd since 2.2.8 06:42:30 i have yet to see service as a command 06:44:59 https://cgit.freebsd.org/src/commit/usr.sbin/service/service.sh?id=3d4828276848a4760cb383519d0743059d54cc5c 06:45:03 I hate to be the one to say this but as far as I remember "service" originaled with Red Hat. One of the few good ideas they had. 06:45:23 Wasn't there a service in Solaris? Now I don't remember. 06:45:26 when redhat implemented it it was not based off systemd 06:46:28 when I first started using redhat it came with linuxconf 06:46:30 Predates systemd. Was primarily there to insert "cd / && env -i" into the process start so that a user's environment stopped polluting the daemon environment. 06:46:32 something I do wish freebsd had 06:47:07 bsdconfig is good but 06:47:09 env -i is still something I do on, for instance, Slackware. 06:47:24 it doesnt have a tui for say pkg 06:47:39 Slackware is the onyl linux distro I tolerate 06:47:47 but as pain to instal software on 06:48:09 and compiling virtual box from src is not fun 06:50:52 messing with xsml is not fun either 06:52:07 cpet: https://slackbuilds.org/repository/15.0/system/virtualbox/ 06:52:11 been playing with it but 06:52:32 I want to find a Solaris 2.5.1/2.6 manual now. 06:52:40 yeah but still slackpkg works in such a way thats its manual 06:52:41 But I'm off-topic. Sorry. 06:52:54 i really doubt anyone is alive to make that count 06:52:59 heh 06:53:00 so you do you 06:53:13 one thign I always hated about liberchat 06:53:16 is the topic shit 06:53:23 Well. Anyway, there's automation: https://slackbuilds.org/repository/15.0/system/sbotools/ 06:53:37 yeah I used that but still its a pain 06:53:45 It could still use something like Poudriere. 06:53:47 you have to ediut each slackbuild to include the latest 06:53:53 as its beyonf the latest 06:54:30 The earliest mention of "service" I can find is from 2002 Red Hat Linux (pre-enterprise): https://ftp.kh.edu.tw/Linux/Redhat/en_7.3/RELEASE-NOTES.html 06:54:30 now I dont care about running old software but if you are installing it for the first time I expect to install the latest version 06:54:45 And whit that it is time for me to relocate from the coffee shop. 06:55:05 heh 06:55:18 for some reaosn people who spend hours at the coffee shop always irritated me 06:55:30 and made me thing go home and use the laptop there 06:57:43 I have no one waiting for me at home and the house is empty now and it is good for me to interact with people. 06:58:43 i do that at bars not coffee shops 07:03:54 the only issue with slackware is 07:04:05 it releases a release once every 5-6 yrs heh 07:04:29 looking at that slackbuild 6.1.50 is old 07:04:32 current is 7.2 07:04:49 7.2.4 07:05:46 im hoping to get a response form my bhyve PR 07:05:59 would be nicer to run bhyve vs a dedicated HD and linux install 07:06:20 but sometimes "whatever works for your use" applies 07:06:50 and I need windows 11 for school crap 07:07:33 is that bsdcert still a thing ? 07:07:47 i remeber i volunteered and they had me translate like 500 pages 07:19:13 mason: enable and disable are to make it run at startup or not 07:19:38 easy way to create a service that survives reboot 07:20:13 used to do "service" on old ubuntu versions until I learned systemctl 07:22:22 scottpedia: Right, but what's new is that there's a command that simple to obviate editing rc.conf directly, and with a syntax to me nicer than sysrc. 07:23:37 yeah 07:23:49 rc.conf is very difficult to deal with 07:24:00 you don't know when it stops working somehow 07:26:28 the only way it stops working if the daemon has a config issue 07:26:59 other then that its starts me if I have errors refuse to start 07:27:04 otherwise start me 07:33:01 regardless its still a linuxism as it was roginal implemented in redhat 07:33:45 BSD was still into the echo 'cups_enable="YES"' > /etc/rc.conf && sh /usr/local/etc/rc.d/cups start 08:28:37 is 15R being rushed just to keep the schedule? looks like it should be pushed back a week no? 08:41:42 There are goals set for each step of the way. Let me see if I still have that webpage in my browser showing them 08:42:29 https://wiki.freebsd.org/Releng/15.0ISSUES 10:31:21 zfs corruption bug :/ https://github.com/openzfs/zfs/issues/16626 12:09:06 cpet: oh wow thank you 12:09:26 I'll have to try it out later, I just woke up 12:15:40 is the 'install' binary safe to use to move a new bin file into place of a bin that's already running? when i need to upgrade a running daemon i have to overwrite the current bin file then restart daemon. right now what i use is rm bin && cp newbin bin, but i heard the install program is made for this purpose 12:21:56 i was thinking of running install -S newbin path/to/bin, to make sure the write is finalized 13:45:28 I was partitioning a drive, and found I could not manually duplicate what the installer had created, so I resorted to gpart backup | restore - https://dan.langille.org/2025/11/19/duplicating-partitions-to-a-larger-drive-zfs-freebsd/ 13:58:05 hello I am having trouble upgrading my php it's related to freebsd 13:59:45 httpd: Syntax error on line 189 of /usr/local/etc/apache24/httpd.conf: Cannot load libexec/apache24/libphp.so into server: Cannot open "/usr/local/libexec/apache24/libphp.so" 14:05:25 you can ignore for now I commented it out but I will maybe find out why I need php module later in the httpd conf 14:11:05 good day thank you again 15:37:47 kerneldove: install just copies or moves it and chmod/chown in one go IIRC 15:43:11 install should can also create directories if they are not there... 15:58:17 ah, yah that 16:35:49 so is my install cmd right? install -S newbin path/to/bin 16:37:41 WOOT. So, we had audio working last night with Firefox and we even tested a Jitsi meeting. Power down overnight. Power up, and audio doesn't work any more. I can't use FreeBSD for this role. SIGH. 16:40:10 Are you sure you didn't forget to make something persistent across reboots? 16:51:47 Hi 16:53:27 a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services.” 16:54:05 one of Cloudflare's staff said that 16:54:34 panic! 16:55:20 So as I see all service goes down or hacked in last few months is for the same reason "routine change" or some sort of error 16:55:32 *is saying 16:59:22 Cloudflare attacked and many hosting services (like linode), security companies.. India many datacenters got down between 8Nov and 10 (causing lack of water due to overheating), increasing in traffic of bots trying to hack (I run my website for +4 years, this didn't start to happen like that only from Sep) 16:59:54 +70k request 17:02:08 0day exploits and malicious stuff is mass spared everywhere 17:02:48 And nothing is happening.. Just some routine change XD 17:05:36 wtf are you talking about 17:05:41 ? 17:05:59 rtyler: you need to see what happens clear 17:06:22 oh okay, thanks, I see now, it's also very on topic thank you 17:06:33 Ah, sorry 17:07:15 rtyler: I thinked you believe them :P 17:13:23 https://www.tomshardware.com/software/security-software/microsoft-azure-blocks-largest-ddos-attack-in-history-attack-equivalent-to-streaming-3-5-million-netflix-movies-at-once-15-72-terabits-per-second-from-500-000-ip-addresses-tied-to-iot-botnet 17:14:14 Oh even Azure people be careful (many Linode servers got owned by same way) 17:20:19 V_PauAmma_V: Not sure what to make persistent, is the thing. sndiod is running, webcamd unchanged, and I never ended up implementing virtual_oss as it wasn't clear how to create something from the resulting device that a browser could see. 17:22:26 I tried having virtual_oss spinning up from boot in case it's spooky action at a distance, but it didn't matter. 17:23:11 Almost makes me wonder if it wasn't PulseAudio dragged in by the temporary introduction of Chromium. 17:35:39 Although I'm 90% sure that I didn't have PulseAudio running for at least one working test. 17:35:44 I guess I can test that. 17:39:28 We want to see if a specific physical address is mapped into the virtual address space of a user space process. We are trying to do this from the kernel, but we are running into issues with trying to use pmap_extract, specifically we get the following kernel panic: 17:39:29 panic: mtx_lock() of spin mutex (invalid) 17:39:43 The pmap pointer comes from: 17:39:43 1. pfind(target_pid) - gets the process structure 17:39:44 2. p->p_vmspace - gets the vmspace from the process 17:39:44 3. vmspace_pmap(p->p_vmspace) - extracts the pmap from vmspace 17:39:45 Then I'm iterating through vm_map entries with VM_MAP_ENTRY_FOREACH() while and calling pmap_extract_and_hold(pmap, va, VM_PROT_READ) for each virtual address. 17:39:45 The crash happens when calling pmap_extract_and_hold(). I suspect it's trying to acquire pmap locks that conflict with something. 17:39:46 I'm trying to find which virtual address maps to a given physical address in a userspace process. I'm doing this from a kernel module via sysctl handler. 17:41:04 friedy10: Might be good to ask that on a mailing list as well. I don't think many kernel developers hang out in here. Or maybe ask on #bsdmips on EFnet, but the mailing lists are the best bet. 18:04:36 friedy10: we need the code 18:36:29 I should check whether any of my WiFi dongles work with FreeBSD.... Then I could resetup my media server to use FreeBSD cause all I need is docker/podman and ssh 18:37:19 That will work right? 18:37:54 depends what media server you're sporting 18:38:31 Jellyfin for movies and TV and navidrome for music 18:38:38 All in docker 18:38:43 Or podman 18:38:47 dont do that over wifi :( 18:39:03 Why 18:39:25 Hi, I've just upgraded to 14.3 and get lots of messages of the form "pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:14:amd64/kmods_quarterly_0/meta.conf: Not found" with pkg update 18:39:28 poor network performance will cause a lot of issues, I guarantee 18:39:29 What have I done wrong here? 18:39:38 specialbomb: oh 18:40:02 Hmm I'll see if I can't get Ethernet or smth going on idk 18:40:07 huh wait that says 0 18:40:13 The router is not in the same room 18:40:33 if its a server or dedicated box just plop it next to your router 18:40:34 right this is part of a persistent problem I have where OSVERSION isn't set 18:41:00 specialbomb: it's gonna be kinda chonky, lemme see if I can find a pic of the case 18:41:16 freebsd-version -kru shows 14.3-RELEASE-p5 for all 3 18:42:46 https://share.katzenmue.de:9270/file_share/0691e0fa-4dfe-74c0-90d7-eecb1faf4635/11-133-169-18.jpg.webp 18:45:26 Is docker or podman better supported on freebsd 18:45:49 right I found it, there is something setting OSVERSION as given in that msg, but it isn't obvious what the file really is 18:47:17 Oh we have jellyfin and radarr packaged?? Shoot that's awesome 18:47:26 I might use those packages instead then 18:48:36 Any gotchas I should know about when using those packages? (Radarr, jellyfin, etc) 18:50:28 How can I set OSVERSION to match uname -K 18:52:08 I can manually set it in pkg.conf but that doesn't seem systainable to do every single time 18:56:26 JetpackJackson: your best bet for docker or podman is virtualization. neither are natively supported yet, there have been talks about native docker for a bit though. 18:56:37 I virtualize debian and run docker that way 18:56:51 Oh so docker in a VM? 18:57:04 How does that work with accessing files on the host 18:57:29 Also I found native packages for jellyfin and radarr so I wanted to look at those first 18:57:40 You need to pass your storage through via NFS or SMB 18:57:58 Hmm 18:58:18 Would I need to do that if I use the native packages 19:01:27 no, you wouldnt. you could put them in jails if you wanted to get the same kind of process separation you would get from other container solutions as well 19:02:13 I highly suggest this. 19:02:50 but keep in mind, you may not have hardware transcoding support with jellyfin, if that doesnt bother you. 19:03:56 I do Jellyfin in a jail and expose media via nullfs. Works perfectly fine. 19:04:44 specialbomb: im gonna use my old pc as the new media server and its gonna have an i7 in it 19:05:48 I might try jails later 19:07:09 if you run jf bare metal and install the right packages you might be able to use the hardware video encoder on the CPU. I havent fooled around with it before though. What model of CPU is it exactly. 19:08:03 Err I think 7700k? 19:08:18 I don't remember and I can't check right now 19:09:55 you should be able to get hw accel on that, theres video quick sync. it probably wont work with every codec though, probably want to go to the jellyfin support in matrix or discord for help with that. 19:12:18 this is def going out of th scope of freebsd now though, lol. 19:12:26 Oh 19:12:42 Will the nvidia GPU be a problem 19:13:39 I just want to make sure I can set this thing up with no issue basically 19:15:55 This test with file-based devices leads me to believe shrinking a ZFS mirror is possible. The real test is trying it with partition based disk mirrors (e.g. /dev/adap3 instead of /tmp/0.raw). https://gist.github.com/dlangille/2578c132dc6177e2eb94ac426892da70 19:16:41 Should I do the virtualization route? Is there a writeup on this? I dont want to get bogged down in a complicated setup 19:19:50 Oh nice radarr is supported on FreeBSD and their page has setup instructions 19:20:07 so its just jellyfin that might be problematic 19:20:34 ek: what does your nullfs config look like? I'm still new to all of this 19:22:21 I just found a thing using Bastille to set up jellyfin so now I'm not sure what to use 19:23:02 JetpackJackson: I have multiple (one for each type of media) and I do read-only. But, they basically look like: 19:24:03 //path/to/host/Media/Videos/Movies /path/to/jail/name/root/media/Movies nullfs ro 0 0 19:24:23 Err.. With just one "/" at the beginning. 19:24:25 nullfs is ezpz 19:24:35 Sure is. I love it. 19:24:46 Oh ok 19:24:58 Maybe I'll try that on my VM if I can 19:25:42 I'm looking at the forums for posts about jellyfin and it seems to be working well for some people so I might use the binary package 19:25:59 just read the man page on it if you need more information. what I can also tell you, transcoding with an nvidia gpu will probably not work on freebsd. In order for me to do this, K had to patch bhyve 19:26:16 Oh 19:26:16 *I had to patch bhyve and virtualize linux 19:27:55 That doesnt sound fun 19:29:13 its not the most straightforward thing, no. honestly if I were you, since you want a simple solution, id just run jf on bare metal debian or something. if you're willing to put in the extra work and learning, getting it to work with freebsd as a host is totally possible 19:30:33 Oh 19:30:59 I was using chimera Linux but I havent used the system much cause its flaky cause its 15yr old hardware 19:31:59 I did hear people getting baremetal nvidia HW accel using VAAPI, but its not as good as nvidia's own implementation 19:32:10 you could try that 19:32:36 Alright 19:32:39 Yeah. I use vaapi via CPU. I don't have a GPU in my host for jellyfin. 19:33:00 Would it help if I got the specific GPU name 19:33:12 It should be in dmesg. 19:33:37 Its my windows 10 PC at home so I can't check now but I can when I'm home 19:33:51 I should be looking at my notes but this is more fun 19:33:53 you should really attempt to move this convo to jellyfin support honestly, I dont wanna keep bogging up freebsd with jellyfin specific info 19:33:59 Oh 19:34:17 They don't officially support FreeBSD tho so I dont think they would accept it 19:34:31 And the jail/bhyve stuff is kinda on topic 19:34:38 But I understand 19:34:40 Sorry 19:35:48 mewt, doesn't the repo have ${ABI} in the URL to do that automatically? 19:36:12 let's take a look! 19:37:56 Yes it does 19:38:08 "/etc/pkg/FreeBSD.conf", right? 19:38:54 in my case, i tend to enable latest, so for me /usr/local/etc/pkg/repos/FreeBSD.conf, which has FreeBSD: { url: pkg+http://pkg.FreeBSD.org/${ABI}/latest, enabled: yes } 19:39:32 yeah, I've got quarterly here now but otherwise same 19:39:54 I'll try and chase it down later, I think that somehow it doesn't set $ABI correctly 19:41:23 I suppose I can test out the media setup on the test laptop and See what happens rather than guessing at things. 19:44:35 I haven't messed with podman at all, but apparently we have it https://www.linkedin.com/pulse/getting-started-podman-freebsd-simple-guide-building-containers-jan-rgehc 19:54:07 scoobybejesus_tl: yes we do and its very awesome 19:54:46 there are a lot more notes here https://docs.skunkwerks.at/LqHthEkTSeGDwV0PDUQSyg# which will move into the handbook in the next few weeks 19:55:55 dvl: I would be very surprised to learn if you can shrink a zpool 19:57:01 AFAIK, you can't. You need to send | receive, recreate it, then reverse. 19:57:52 dvl: the main thing I don't see, is, what mechanism is there in zfs to migrate the data from mirror-0 to mirror-1. 19:58:10 ^ good question for #openzfs channel 19:58:58 your test pool comprises 2 striped, mirrored vdevs. So the question is, how would the data move from one vdev to the other? 20:01:27 damn theres an openzfs channel, im hanging there 20:15:23 dch: I think it's here. "Removing a top-level vdev reduces the total amount of space in the storage pool. " https://man.freebsd.org/cgi/man.cgi?query=zpool-remove 20:16:17 dvl: aaah this is newly supported via device evacuation.... 20:16:19 dch: "The specified device will be evacuated by copying all allocated space from it to the other devices in the pool. " 20:16:36 So yes this process would work then. 20:16:37 dch: So it seems. It seems to be my precise use case. 20:17:17 I vaguely recall it leaves some metadata indirection all over the place. I don't think this is large, but presumably there is a slight penalty for the extra lookup. 20:17:30 you should probably get proper advice from somebody more familiar with it 20:17:51 i look forwards to yet another informative dvl blog port! 20:17:51 dch: I've posted in the #openzfs channel already 20:18:14 dch: I will test it soon, after I add a third drive to the zroot mirror, then remove it for future use as a backup... 20:18:41 dch: I'm assuming I can do that... just boot from a single drive removed from a zpool. If not, it's easy to reinstall. 20:19:12 yes I have done this alot, mostly to hetzner after splitting a mirror and booting in linux rescue mode 20:19:33 just check the removed drive has boot blocks / efi partition 20:20:12 how to ssh into install session of FreeBSD-14.3-RELEASE-amd64-disc1.iso? 20:21:06 Chip1972: I 20:21:17 m not sure that you can without console access. 20:21:30 Chip1972: tried `service sshd start`? 20:21:53 Chip1972: What's your goal? ssh or install? 20:25:19 my goal is test my own install script on virtual machine. since I cant add an script to the iso file itself 20:26:02 how to configure network card on install? 20:27:54 dch: Yes, I did that parition / boot stuff earlier today: https://dan.langille.org/2025/11/19/duplicating-partitions-to-a-larger-drive-zfs-freebsd/ & https://dan.langille.org/2025/11/19/moving-a-zpool-to-larger-drives-zfs-freebsd/ for the bootcode. 20:28:38 forgoted FreeBSD-14.3-RELEASE-amd64-memstick.img 20:29:31 Chip1972: you can use unionfs to get mountable bits to run ssh http://kev009.com/wp/2016/07/freebsd-uefi-root-on-zfs-and-windows-dual-boot/ 20:29:33 Chip1972: Your goal is a customized and automated install? 20:29:55 Chip1972: but for 1-offs I prefer using mfsBSD https://mfsbsd.vx.sk/ 20:32:22 dch: I was considering mentioning that for custom installs 20:32:48 Chip1972: I use mfsBSD on a regular basis, not for installs, but for booting a system using a thumb drive. 20:34:41 dvl: are you building own mfsBSD images ? 20:34:53 I do 20:35:00 mzar: I never have, but I did know it can be done. 20:35:10 I also use poudriere-image a lot 20:35:11 I am testing first link. How to list network cards? 20:35:49 Chip1972: ifconfig -l 20:36:44 cool, TBH I have never tried this poudriere-image, looks nice 20:37:18 mfsBSD works nice in PXE enviroment 20:37:38 mzar: have you UEFI PXE boot ? 20:38:09 not, it was old PXE 20:52:28 Chip1972: you can also insert scripts into the official installer medium, all of these ways are legit 20:52:34 https://forums.freebsd.org/threads/how-can-i-automate-an-installation.93511/ is a nice writeup of that 20:53:11 how to add a nick in the begining is a message? 20:53:23 see https://man.freebsd.org/bsdinstall for the official doc 20:53:36 Chip1972: sorry I don't follow what you're saying 20:55:50 I forgot how to add a nick to the begining is a message 20:58:14 Chip1972 try with @? 20:58:40 works with my client. 21:00:25 Chip1972: "i wrote ch and my client did it for me" 21:00:52 Chip1972: i wrote "ch" and my client did it for me (for better parsing :] 21:01:53 that is initial letters of the key and then tab 21:05:15 what client? tab key on Pidgin fill my screen wirh lot of garbage 21:06:59 i'm using weechat 21:09:21 dch: nedko: worked... 21:10:02 now I have a lot documentation to read 21:10:42 Chip1972: you're welcome back with questions too. I suggest you try using mfsBSD 21:10:49 to start with 21:10:53 just download the img file and write it to a usb stick 21:11:00 boot from it 21:11:21 and then try ssh over the network 21:11:25 then run `bsdinstall` 21:11:37 once you understand that, you can customise mfsbsd itself 21:11:42 add your own ssh keys 21:11:49 and have it run custom installs 21:12:05 poudriere-image allows similar things, but its not as easy to get started 21:23:19 thanks a lot. Now I will get away from linux systemd/wayland/rust crazyness for good 21:33:45 ... for maybe like a year 21:34:02 wayland works on freebsd and there are overtures towards rust in base (which I find absurd, but here we are) 21:36:55 rust isnt surprising 21:44:14 Rust is nauseating. 21:44:25 but so are the majority of its opponents. 21:45:00 I use OpenBSD for work, freebsd as server, and linux for console/multimedia, but latest rust crashes make me do the final decision 21:45:43 the language has merits 22:12:05 there are reasons for everything. I wouldnt rewrite things in rust for no reason, but I would expect future software included in freebsd to potentially use rusy 23:27:45 anyone here good with networking, or do I need to annoy ivy :P 23:30:09 Just ask rather than asking to ask. If someone is able to help I'm sure they'll try to. 23:30:13 polarian: What networking? 23:30:49 mason: wireguard, NAT and pf :0 23:31:24 Ah, I don't know wireguard and I use ipfw, so I'm probably not a great resource. Sorry! 23:50:48 I got an idea who to ask 23:51:23 The mailing lists are always good.