deimosBSD: I have resorted to finishing the install manually

bsdinstall mounts it all for me, I have pulled the distribution sets, extract them to /mnt

deimosBSD: seems ntp is IPv4 only, what ntp do you use

for ntpd

I run my own stratum 1 server

there's also time.nist.gov which with dual stack

or nyc.he.net also dual stack

there was also this bug, that i think only got resolved because of the version change, bugs.freebsd.org/bugzilla/show_bug.cgi?id=270536

actually 2.pool supports v6, reviews.freebsd.org/D39954

ah right

deimosBSD: I just set it to time.google.com

as I knew it was IPv6

anyways pf is playing up

block in; pass in proto tcp from any to any port 22

and nmap shows 22 is blocked

so I got no fucking clue

; being newline

polarian: did you get it working?

deimosBSD: what bsdinstall?

no

I dropped out of bsdinstall, fetch'd the tarballs manually

and extracted them

no the pf

then bios booted

deimosBSD: no

no clue whats going on

I just pfctl -d

that works too

well its not a solution

it's a solution, just not a very secure one

I will check pflog and see whats causing it

but rn I dont have time

I just need a freebsd server to launch a bhyve vm

to finish a job of mine

and I am already overdue :/

client is not going to be happy if I keep making more delays

polarian: did you get everything sorted out?

hello, this isnt my issue, but a friend of mine just installed freebsd 15 using pkgbase. when he was poking around he noticed that a jail was present, sharing the same hostname as the host machine and with the jail path sharing rootfs. ive never seen this before, did he misconfigure something?

during the installer, that could show up, but after the inital reboot i would find that extremely unusual

That does sound really crazy. What does "jls" say on the new machine after a reboot?

rwp: ill grill him for new details later, unfortunately he pinged me a while ago and now hes asleep. just kinda scouting information in case it was obvious. seemingly its not

rtprio: im curious, how is the jail involved in the installation?

well, i don't know,

it doesn't make any sense

specialbomb: maybe the service jail feature of rc? what is running in that jail?

After the id or name of the jail is known then you can list processes running in that jail "ps -J 1" and see what is running in jail 1.

Am I right or does it seem to me that `man pw' does not explain that with groupmod, -m means adding user to the group and -d deleting a user form the group? I see this informaion only when running `pw groupmod' with incorrect argumennts...

anyone awake?

I thougt I were not sleeping, am I?

ant-x: You are dreaming about us

"Everything is in the hands of Christ" -- "But the hands of Christ are the mind of Budda" .

so i’ve been putting off setting up a new freebsd serevr for years because . . who has the time.

but my current not-freebsd server has been having packet dropping issues for 3 days now and i’m still waiting for my data center to even awknowledge my high priority support ticket

In my case, the problem was solved by replacing the Eithernet cable's socket.

ant-x: section GROUP OPTIONS "-m newmembers Similar to -M, this option allows the addition of existing users to a group" "-d oldmembers Similar to -M, this option allows the deletion of existing users from a group"?

Then I /am/ sleeping. Thanks nimaje.

GoSox, I mean the 8P8C cable plug.

huh?

damnit my test machine is a mac mini with an ssd and an hdd and every time i boot it into macos, it wants to erase the drives and turn them back in to a fusion drive

I think telling about the package dropping issue was to explain why time is there now, not in the hope that switching to FreeBSD would help with that

oh, the packet dropping issue is due to ddos

(but who has the time to admin a non-freebsd os?)

well i’m a mac guy so admining a mac server is a piece of cake

the problem is, there are ZERO anti-synflood tools in the version of macos my server runs

the pf firewall is supposed to have a synproxy feature but its broken :/

anyhoo, a year or so ago, i started learning how to set up a freebsd server and taking my own notes so i could repeat the process as i go

i need to get back in to that

so ill be here asking questions again, but none today

do you guys also hang out on the freebsd.org forums

one thing i could do, instead of settings up a freebsd rackmount server, is i could pay for a VPN service with a static IP, and then set up a macos server at home and tunnel the traffic in through the vpn

there would be definite advangages and disadvantages to that

SponiX: no lol

I wonder if its due to me manually installing freebsd

but bsdinstall is borked, ditto pf

this didnt happen on 14.x

all of this for some stupid pkgbase

well no

all of this to stay on time with a release that was really slipping

pkgbase in se is a good idea

SarahMalik: I have already had this discussion 5 times already

TL;DR I see pkgbase as the destruction of everything *BSD's stood for

FreeBSD has turned into Linux, the packaging nightmare of Linux + literally all new drivers are LinuxKPI

see it how you like

someone joked recently that they have FreeBSD ontop of Linux running Linux, so why not just cut out the middleman and run Linux, which I think is a pretty good argument

I dont care about the existance of pkgbase, if people want to shoot themself in the foot thats your choice, but my concern is the deprecation and removal of delta updates

freebsd-rustdate can do delta updates far faster than freebsd-update, and it keeps the base whole... or the good old mounting /usr/src and /usr/obj remotely to your device and make installworld/installkernel

but in freebsds constant attempt to become more like Linux, we have adopted the stupidity that the base should be divided into many different small packages. This would be good if FreeBSD was rolling release, but its not...

I would disagree with anyone who argues that pkgbase doesn't substancially drop the reliability of freebsd

well, base will still be developed together with the kernel, a main point is that it allows to install just the parts of base you need without building yourself and setting the required variables, so it is easier to have smaller jails

nimaje: until one package breaks and the entire of base falls apart

which is not uncommon on Linux, has happened a few times to me over the years

also freebsd is already reasonably small, it solves a non-issue imo

I don't think base updates enough on stable releases for that to be a real issue

if you were using packages to track current that could be a problem

but realistically you're going to be syncing with the traditional release every release

that will be an update step that will have already been thoroughly tested every time

yeah no one is gonna rewrite the package hierarchy for a patch release

at least not intentionally

"reasonably small" bruh it's like 2 gigabytes all-up

my basejail image is 22G

oh no that's a lie, I was reading the wrong thing

I thin provision to save on memory though not disk

SarahMalik: seems like you would choose docker instead then :p

I rather have a complete base... than pick and choose components which were designed to all work together

respectfully, fuck docker

the analogy I prefer for docker is that it's a diaper

true

I agree

haha, I like that

but docker folks are the ones who moan about every MB of wasted disk space

that we as a people have not grown beyond infancy?

diapers solve many real problems, but the big problem I have is when people then go "well I have a really great diaper, I can just design my software to shit everywhere and it's fine!"

to have the *option* of using docker to build, deploy, and test software is great

every MB of disk space wasted by a compiler the size of the SS Great Britain is a megabyte I can't use for scientific calculation outputs, for instance (not that I have any need for scientific calculations)

SarahMalik: dont install comp then :p

to have that as a requirement for a piece of software is, like 99% of the time, a massive red flag that its design and architecture are an absolute horror-show

also a compiler is kinda a vital part of an OS

it is, that's why it should maybe be fractionally smaller

the *cross*-compiler maybe doesn't need to be shipped, POSIX doesn't specify that

hodapp: most big OSS services are now docker-only

well "officially" supported docker only

polarian: dunno about "most"

you still get unofficial ports to package repos, but they arent endorsed upstream

hodapp: name me one big OSS service which doesnt use docker as its official install method?

immich? nextcloud?

all of them do

I don't really know where the line for "big" is

most HTTPDs do not require you to containerize

hodapp: lets go with a decently sized webapp included within them

"decently sized" is also pretty hand-wavy

I think web-apps in se are a fallacy

se?

in se = in themselves

it's the same «se» as in «per se»

not sure how an application could itself be a fallacy

all our web browsers are basically now virtual machines with hardware forwarding and such; this did not need to happen

buuut we've gone súper offtopic

it's sorta the nature of most things that they are the way they evolved to be, not the way they were originally designed nor the way they might be designed if we have the option of a clean-slate redesign while taking only our own needs and desires into account

doesn't mean all things are fallacies

SarahMalik okay, same here. I did not notice that before. time to read the man page and/or source code I guess?

are any 15-Release user? I start to think about upgrade 14.3 to 15 but I am scare. From 5 to 14.3 I didn't have problems but now...

I just discovered env BSDINSTALL_CHROOT=/tmp/foo/ UNAME_R=15.0-RELEASE /usr/libexec/flua /usr/libexec/bsdinstall/pkgbase --jail which works amazingly well, but looks like I also need to add --noninteractive --components base,devel,lib32 as an optional flag. /cc kevans_

...and I will use freebsd-update

nsoci in case you are using FreeBSD update, you might wanna use freebsd-rustdate instead. that will make things faster, and don't forget to use boot environments.

-rustdate I never try. I think from 11 I start to use freebsd-update

how are packages for 15 latest? I am using WM

antranigv, manpage supports your initial interpretation

so it's source code time. onc ei coffee enough

hey, I have an odd bastille issue, for some reason linuxfses won't mount? Using the Debian13 bootstrap

if anyone has advice, I'm all ears

SarahMalik: it looks like there may have been a change to prevent MTU changes when the interface is a bridge member. line 2762 of sys/net/if.c , on my copy of the CURRENT source, which is slightly old

oh

blimey

spuos: there used to be a #bastillebsd channel where they may be able to provide more guidance

antranigv: What does that pkgbase command line do, update the jail's base?

i am being penalized for talking bsd @ #security

i have an idea of a bsd lockbox computer in my mind

i get threats of being banned from the network

this is a regime

talk about it in -social and show logs

in progress

SarahMalik what did you find out?

nothing, still not coffee enough

mns setup a jail using bsdinstall+pkgbase. works like a charm, but needs some improvements.

wsky #security is not about security, and never has been.

SarahMalik I just make 6 cups, I'd invite you over, but I'm guessing we're at least 3000KMs apart. alas no BSD users who like coffee in my area. Lonelyyyyy, I am so lonelyyyy, I have no Beastieeee, I'm a sysadmin on my owwwwwwwn

anyway i have an idea of a bsd based lockbox computer made by an organisation assembled in a knighthood order fashion

it is interesting

someone should get me out this nursing home and hire me :(

wsky I'd hire you, but I have no idea what you're talking about.

maybe read the logs

wsky you're lucky I run a ZNC.

:D

cool

wsky cool idea, what you're calling a lockbox used to be called a "computer" back in the 90s and 2000s.

antranigv, i misread "mns" as "mi ne scias" i.e. green star "i don't know"

lockbox because it's security focused

in multiple ways

#security is exactly about security

wsky have you had a look at Gerwsin Desktop? because no matter how you focus on Security you also need to focus on user friendliness.

yeah they didn't treat me too well over there

antranigv: well i know some gui would have to be done

wsky but first thing first, I suggest you make a design document, like what this thing is, how it works, and what problems is it solving. people might join you in making that.

but coding zfs interface, vpn interface, wifi interface, jail interface is few months of work at most

i'd need to get hired somewhere, no other way for me

all i hjave is this idea

i'm locked in a nursing home :(

you are in no place to actually even start to execute on this idea

you are mentally sick, and possibly physically as well

which is why you're in the nursing home

i am thinking quite straight

incorrect

you need a healthy mind and a healthy body. get well, first, the rest will be easy. no worries.

bit flippant, he's in an environment inconducive to getting well

so i'm done for

SarahMalik: that's prejudice

wsky for now, go to -social, and lets talk about your zfs interface

US nursing homes are run by profit seekers in general

wow, i forgot we were in main, what the fark

SarahMalik: i am in a nursing home cuz i jumped outta 2nd story high on ritalin and broke my arm if you must know, i am 39

oh

man what did I walk into

specialbomb you walked into a specialbomb

Ritalin is the drug from the Exorcism movie.

* Exorcist

:D

:E

how to remaster mfsBSD?

are there any companies that do freebsd virtual servers?

all i ever see is windows and linux

GoSox Vultr

GoSox also, antranigv.am/posts/2024/05/freebsd-vultr-ipxe-root-on-zfs

GoSox: I run ramnode, im satisfied

rwp: I want to remaster the mfsBSD I am running whith all modifications

i can’t figure out what my best option is. ive been collocating for years. do i want to keep doing that, or do a vps, or runa. server at home through a public facing VPN

It's a problem we have all wrestled with. I do a combination of all of the above.

GoSox: why not go bare metal?

i don’t feel great about running a freebsd server at a datacenter. I’m a life long mac guy and i’m trying to learn bsd but i’m inherently not a command line guy. And if something goes wrong I’m going to have no idea how to fix it

ipmi at a datacenter is as good as a screen at home

i like hosting at home, but i don't bother with a vpn

When I am forced to use GUI only I feel very limited.

i’d want the VPN because as fast as my home connection is, it is technically a dynamic IP that is on many blaklists because of that

GoSox: you can learn freebsd with running it in a VM at your mac too

with a VPN i could have a static IP with reverse DNS and nobody would know it just tunnels back to a server running at home

i’m learning it just running it natively on an old mac mini i have

its just slow going

If you have a solid home connection then that's a reasonable thing to do. Maybe the best thing for you.

the other benefit of the VPN solution is that if theres a power outage, i could just bring the computer to someone elses house until power comes back on. connect to the VPN from anywhere and your server is up

Do you usually have power outages that last that long where relocating a server machine is viable?

power outages are very rare at my home. but anything can happen, and if i did an at home server, it would be something between the size of a mac mini and a small tower so having the option is a nice extra beenfit

benefit

renting VPSs here is cheaper than hosting at home :S

on top of that, every night my internet goes out a couple times per night (3-4 times a 10 mins)

GoSox: i probably wouldnt bother with mail

rrahl0: it wouldnt be with 74tb of storage

rtprio: yeah, that's way outside of my use case :). and tbf, I still selfhost some stuff at home. but I am slowly moving small services onto the "cloud"