how can I run wireguard in a regular jail using a loopback IP? I've done it before with VNET, but replicating my devfs rule doesn't seem to be enough. I'm getting this message: [!] Missing WireGuard kernel support (ifconfig: SIOCIFCREATE2 (wg): Operation not permitted)

the kernel module is loaded

may need to precreate the wg interfaces on the host

if I need to do that, then I suppose it's worth asking: is there any security benefit to running wireguard in a jail instead of on the host?

wireguard bits are all in the kernel now

yeah

dont think there'd be a specific benefit from loading its configuration from within a jail

that's kinda what I'm thinking

i feel like if you're doing that you probably should just use vnet?

I like doing it so I can move the jail elsewhere if needed but I mostly wanted that for my central server in case I needed to move it to a new host for some reason, but for just a peer like this I don't think it matters

gman999: some news - i have moved to michigan for the foreseeable future.

woah.. MI

jpb...

Pushing Pages

nimaje: id still have to install the supported go utilities to build it wouldn’t I?

I think a while back I tried doing it for fbsd but go was really outdated in the pkg repo and then I realized gomuks was there so just used that pkg instead.

any reason my keyboard wouldn't be detected in 1st stage boot on a rockpro64?

i couldn't boot into single user mode

i tried all the usb ports but it didn't make a difference

Is it ports quarterly day? 572 actions and the pkg server is struggling to push 80k/sec

Sure seems so

Lets see if VBox and Nvidia drivers still work on 14.3-RELEASE

reboot ... nvidia OK otherwise I would either be rebuilding the drivers or upgrading to 15

VBox OK as well

nvidia works okay in 15, i am running it

did anything ever become of this? wiki.freebsd.org/SummerOfCode2019Projects/VirtualMemoryCompression the git tree that contained it seems to have gone away

Anyone with a 13.5 host, does it have /usr/libexec/flua? I think it should, based on cgit.freebsd.org/src/tree/libexec/flua?h=releng/13.5

it does

Macer: my suggestion was to reintroduce the old version as a new port, which seems justified if the new version dropped the terminal interface (but you should open a problem report then, as the package description still says it is a terminal matrix client and even if it has both a terminal interface and a web interface the description should say that)

thanks.

so i'm trying to mount nullfs from the host into a jail. but the jail is on an ad and i want to specify a uid/gid within the jail. i added it to the jail fstab but it's 'cutting off' the gid/uid

nullfs rw,uid=2001105,gid=2000513 ... ls -l dir... drwxr-xr-x 10 21103 20513

does the jail fstab not honor forcing a gid/uid?

oh i guess nullfs can't do that :/

hm. i kind of feel like i need to make a completely different network just for a storage backend

for smb/nfs/iscsi/etc

wonder if i should just go ahead and get some more nics for this

Does FreeBSD 15 support 9p2000.[uL] yet? AFAIK 14 doesn't (not in kernel, anyway)

Macer, i have a dataset for syncthing, for example, which is in a jail, and I had to set the ownership in the host so that syncthing would have the proper perms in the jail

DarkUranium: man.freebsd.org/cgi/man.cgi?query=p…5.0-STABLE&arch=default&format=html <- this one ?

Yeah, I think so. Sounds like it's time to upgrade my guest to 15.0

what's the wisdom on dealing with dependency resolution loops

ah, nvm

Hm, I just ran into a problem with syncoid: `cannot receive new filesystem stream: 'mountpoint' cannot be set while dataset 'zoned' property is set`

I'm not even sure what's going on, because 'zoned' is supposedly an invalid/unknown property?

hmmm wonder if I can do something ill-advised like using a Linux guest inside Bhyve using the root filesystem on 9p

wiki.qemu.org/Documentation/9p_root_fs makes it look possible

postgres complained when I had some data on 9p, but that was before I changed some settings, so it *might* work with the new ones?

do you recall what settings offhand?

because postgres data is something that'd be on this

hodapp, Interesting idea. That would require running it under qemu all of the time though, right? I would worry it would be a performance bottleneck.

I have a laptop with AMD Ryzen 7 PRO 4750U that is stuck at 1.7 GHz with full load on one core. Under 16-current. It used to work fine. Any idea what might be causing this?

i'm not required to name a lagg lagg<number> right?

i can name it something like storage0?

or does it have to be named lagg0 lagg1 etc?