Threads for wn

  1. 4

    a medium sized box stuffed with empty toilet paper rolls is a good way for me to organize short cables (mostly USB). For network and power cables and such, I use velcro cable ties everywhere.

    1. 3

      Is there a good extension already that can “Disagree All / Only essential” on these new cookie compliance popups?

      1. 4

        I find uBlock Origin gets rid of 90% of them with this rule list - https://github.com/easylist/easylist/blob/master/easylist_cookie/README.md

        1. 3

          Subscribed. Thanks!

          P.S. for anyone reading, just go to https://easylist.to/

        2. 4

          Try Consent-O-Matic, it works on the most annoying, though sadly not all, cookie popups. You can set which categories you want to consent to and the addon specifically only agrees to those for you.

          1. 3

            Using “Cookie AutoDelete” and “I don’t care about cookies” addons at the same time is doing it for me.

            1. 2

              i use an addon called “i don’t care about cookies”, it gets rid of almost all banners

              1. 1

                Super Agent does this. It’s pretty good but it broke enough sites I stopped using it. (I have very low patience for this kind of problem.) https://www.super-agent.com/

              1. 1

                I don’t see acme-dns 1 mentioned here, it’s a small tool for proxying cert requests for internal hostnames and validating them against Let’s Encrypt. I use it for a handful of domains and it made my internal hostnames pretty painless.

                1. 2

                  That doesn’t address the problem. You publish the TXT records for the ACME challenge with acme-dns, Let’s Encrypt probes these and issues a certificate. This certificate is published in the public certificate transparency log. Everyone on the Internet can then see that this subdomain exists.

                  1. 1

                    yes you are absolutely right. I posted this based on the assumption discussed here that if one wants to prevent internal hostnames getting logged publicly they might have bigger problems than that.

                1. 2

                  Not that satire I think, this is a no-bs-format that loads with every stone-age mobile network and just gets the content over. Another good exanple to name here is https://blog.fefe.de

                  1. 2

                    I’m typing on a Ducky One (TKL) with black MX switches for about two years now. The caps are made of PBT (that’s why I chose this keyboard) and are not getting shiny so far - the case however is made of ABS(?) and gets a bit weary.

                    1. 6

                      Anyone know of cloud providers (either virtualized or real hardware) that either offer OpenBSD, or allow you to install OpenBSD easily and without hacks?

                      I only know of prgmr.com, RootBSD and ARP Networks. I am interested in companies offering real professional support running on server grade hardware (ECC, Xeon, etc) with proper redundant networking, etc, so amateur (but cheap) stuff like Hetzner doesn’t count.

                      Somewhat tangential, but I am also interested in European companies. I only know of CloudSigma, Tilaa, Exoscale and cloudscale.ch. Are they any good?

                      EDIS and ITL seem to be Russian companies or shells operating in European locations, not interested in those.

                      Many thanks!

                      1. 5

                        https://www.vultr.com/servers/openbsd

                        I wouldn’t consider Gilles’ method a hack at this point, now that online.net gives you console access. Like usual, you first have to get the installer on to a disk attached to the machine. Since you can’t walk up to the machine with a stick of USB flash, copying it to the root disk from recovery mode makes all the sense.

                        1. 2

                          Thanks, I forgot about vultr.

                          As for installing, I would vastly prefer PXE boot. It’s not just about getting it installed. It’s about having a supported configuration. I am not interested in running configurations not supported by the provider. What if next year they change the way they boot the machines and you can’t install OpenBSD using the new system anymore? A guarantee for PXE boot ensures forward compatibility.

                          Or what if some provider that is using virtualization updates their hypervisor which has a new bug that only affects OpenBSD? If the provider does not explicitly support OpenBSD, it’s unlikely they will care enough to roll back the change or fix the bug.

                          You’re not paying for hardware, as Hetzner showed, hardware is cheap, you’re paying for support and for the network. If they don’t support you, then why pay?

                          1. 2

                            Yeah I share your concerns. That’s why I’ve hesitated to pay for hosting and am still running all my stuff at home. It would suck to pay only to hear that I’m on my own if something changes and my system doesn’t work well after that change.

                            Given how often OpenBSD makes it to the headlines on HN and other tech news outlets, it is really disappointing how few seem to actually care enough to run or support it. It’s also disappointing considering that the user base has a healthy disdain for twisting knobs, and the system itself doesn’t suffer much churn. It should be quite easy to find a stable & supported hardware configuration that just works for all OpenBSD users.

                            1. 1

                              It should be quite easy to find a stable & supported hardware configuration that just works for all OpenBSD users.

                              Boom! There it is. The consumer side picks their own hardware expecting whatever they install to work on it. They pick for a lot of reasons other than compatibility, like appearance. OpenBSD supporting less hardware limits it a lot there. I’ve always thought an OpenBSD company should form that uses the Apple model of nice hardware with desktop software preloaded for some market segment that already buys Linux, terminals, or something. Maybe with some must-have software for business that provides some or most of the revenue so not much dependency on hardware sales. Any 3rd party providing dediboxes for server-side software should have it easiest since they can just standardize on some 1U or 2U stuff they know works well with OpenBSD. In theory, at least.

                        2. 4

                          https://www.netcup.de/

                          I run the above setup on a VPS. OpenBSD is not officially supported, but you can upload custom images. Support was very good in the last 3-4 years (didn’t need it recently).

                          1. 2

                            Looks nice, especially since they are locals :) Do you mind answering some questions?

                            • Do they support IPv6 for VPS (/64)?
                            • Have you tried to restore a snapshot from a VPS?
                            • Mind sharing a dmesg?
                            1. 3
                          2. 2

                            I have two OpenBSD vservers running at Hetzner https://www.hetzner.com . They provide OpenBSD ISO images and a “virtual KVM console” via HTTP. So installing with softraid (RAID or crypto) is easily possible.

                            Since one week there is no official vServer product more. Nowadays, they call it … wait for it … cloud server. The control panel looks different, however, I have no clue if something[tm] changed.

                            Here is a dmesg from one server: http://dmesgd.nycbug.org/index.cgi?do=view&id=3441

                            1. 2

                              Joyent started providing a KVM OpenBSD image for Triton last May: https://docs.joyent.com/public-cloud/instances/virtual-machines/images/openbsd

                              (This has been possible for some time if you had your own Triton cluster, but there was no official way until this was published.)

                              1. 1

                                What’s the deal for cloud providers for not making OpenBSD available? Is it technically complex to offer, or just that they don’t have the resources for the support? Maybe just a mention that it’s not supported by their customer service would already help users no?

                                1. 12

                                  As far as I know, it’s a mix of things. Few people ask for OpenBSD, so there’s little incentive to offer it. Plus a lot of enterprise software tends to target RHEL and other “enterprise-y” offerings. Even in the open source landscape, things are pretty dire:

                                  OpenBSD also seems to have pretty bad timing issues on qemu/KVM that have fairly deeply rooted causes. Who knows what other horrors lurk in OpenBSD as a guest.

                                  OpenBSD doesn’t get people really excited, either. Many features are security features and that’s always a tough sell. They’d rather see things like ZFS.

                                  For better or for worse, OpenBSD has a very small following. For everybody else, it just seems to be the testing lab where people do interesting things with OS development, such as OpenSSH, LibreSSL, KASLR, KARL, arc4random, pledge, doas, etc. that people then take into OSes that poeple actually use. Unless some kind of Red Hat of OpenBSD emerges, I don’t see that changing, too. Subjectively, it feels very UNIX-y still. You can’t just google issues and be sure people have already seen them before; you’re on your own if things break.

                                  1. 9

                                    Rust’s platform support has OpenBSD/amd64 in tier 3 (“which are not built or tested automatically, and may not work”).

                                    I can talk a little about this point, as a common problem: we could support OpenBSD better if we had more knowledge and more people willing to integrate it well into our CI workflow, make good patches to our libc and so on.

                                    It’s a damn position to be in: on the one hand, we don’t want to be the people that want to inflict work to OpenBSD. We are in no position to ask. On the other hand, we have only few with enough knowledge to make OpenBSD support good. And if we deliver half-arsed support but say we have support, we get the worst of all worlds. So, we need people to step up, and not just for a couple of patches.

                                    This problem is a regular companion in the FOSS world, sadly :(.

                                    Also, as noted by mulander: I forgot semarie@ again. Thanks for all the work!

                                    1. 7

                                      semarie@ has been working upstream with rust for ages now… It would be more accurate to say ‘we need more people to step up’.

                                      1. 3

                                        Right, sorry for that. I’ll change the wording.