Somewhat related OpenBSD is the fundament of my self-hosted homelab since it runs DNS, DHCP, a firewall router and a small local web server. Configuration is a dream compared to Linux and probably even compared to FreeBSD. You just need to go through the FAQ and copy&paste the relevant examples and modify them as needed. I don't know why it's so complicated on Linux where you need to appease a handful of daemons and find your way through a labyrinth of config files. I run a separate Linux based KVM host though.
OpenBSD is a very well kept secret that very few people are aware of. As close to nirvana as I can manage.
The fact I miss pretty much all the drama around the latest corporate take over attempts on Linux is just icing on the cake. The toxic slug strategy is an amazing one that more open source projects should use.
There are a few nice to haves that would really help me out with making an open bsd transition. I thought of writing them myself because I am getting very fed up with Linux for the above reasons.
- IDE support is an issue still
- Filesystem challenging when using a laptop that runs out of battery
- MATE lacking volume and WiFi controls
- This one is just me being picky but a GUI to help me gain a better understanding of the security settings or alternatively more up to date books.
- I am not exactly sure on how to correctly use virtualization and I need it to support docker workloads at work
My impression is that the BSD's are laser-focused on providing efficient environments for networking backbone software to exist in, so special attention is paid to making it easy to orchestrate everything with rc.conf and keeping anything not required for these goals out of the default installation; while Linux (and its distributions) being far more general-purpose naturally will take more configuration.
Linux packaging tools are bad and the people who make Linux packages generally don't do a very good job at it limited by tools and motivation.
So much linux software doesn't come with sane defaults out of the box, doesn't have an easy path to common desired configurations, and doesn't have reasonable documentation. PARTICULARLY for "open" software that has a paid hosted option.
I say this after decades of a career where a very large proportion of the frustration and "stupid work" I've had to do involved getting a piece of software to do something obvious.
Working with the BSDs is just delightful in how wanting to do something turns into something working with ease.
OpenBSD used to run my network but Plan 9, specifically 9front is even easier. Everything is configured using NDB which is a flat text file containing entries for each system on the network. On my CPU server I run DHCP, DNS and TFTPd, which are three lines in /cfg/$sysname/cpurc. That's it. No init system and no /etc. Just start the programs which all look at the same central database for config info. When I setup PXE booting it took literally 5 minutes of adding the tftpd line, adding an extra bootf= tuple in the machines ndb entry, a plan9.ini in /cfg/pxe and I had a machine pxe booting 9front over the network when turned on.
> I don't know why it's so complicated on Linux where you need to appease a handful of daemons and find your way through a labyrinth of config files.
Not too mention that some newer servers you might want to run are containerised and have few, if any, instructions for how to set them up without containers.
Speaking of Linux, OpenBSD’s hypervisor (vmm) supports it so I managed to get docker and containers running on my server via Alpine Linux. Opens the door on all the latest ‘modern server stuff’ running happily on an OBSD box.
Have you dealt with hardware failure or instability yet? It can be pretty annoying to pin down and isolate, unless you keep an order of magnitude of hoarded hardware around.
I run FreeBSD in my homelab, too! One reason is the stellar ZFS support, but the simple fun of doing stuff differently is definitely a thing, too. And I like FreeBSD jails.
For me, the balance between all the overhead of the "cattle, not pets" approach and the manual way is the a README.md file for basic setup, and then having Ansible stand up the rest of the configuration. The host is configured as a Jail host, then individual services live inside the jails. Creating and configuring the jails is also done through Ansible.
Overall, I really like the setup.
I can individually SSH into each jail to allow easy debugging, I can snapshot the jails, and data lives on a special ZFS subvolume that I mount into each jail at "/bucket".
This way, I can throw away the jail at any time, fire up Ansible, and have everything up and running again in no time.
If you don't know about them already, you may be interested in service jails (forthcoming[1] in 15):
> A service jail shares the complete filesystem tree directly with the host (the jail root path is /) and as such can access and modify any file on the host, and shares the same user accounts with the host. By default it has no access to the network or other resources which are restricted in jails, but they can be configured to re-use the network of the host and to remove some of the jail-restrictions.
Sounds interesting, but it sounds like that would mean installing the service software and it's dependencies into the root filesystem. I'm relatively sure I don't want that, as it would create a big mess on the host. I have stuff like Nextcloud in my jails, and wouldn't want to install PHP and all of it's deps outside the dedicated filesystem of the jail.
But it's very cool to see continued development, jails are such an awesome feature!
I've done something like this in the past, it works really well. Have you used Poudriere? I never tried it, but it sounds promising. Ansible is a good idea as well. I just wrote some shell scripts that parsed a file with some packages and hooks to set up the jails.
These days I have my FreeBSD server providing NFS for a k3s instance on a different box.
Yes, I have used Poudriere. Every time I want to talk about it, I have to look up how exactly that is spelled! My usecase was that I needed stuff to be linked against newer PostgreSQL client libs than were in quarterly.
I thought about using Linux and simply providing storage from FreeBSD using NFS, but that would require 2 machines or a VM that connects to the host using NFS or something... meh.
I really wanted to love FreeBSD. Growing up in grade school my friend's older brother was a contributor and I thought he was the coolest guy ever. I loved the ethos and I agreed with this post. But practically, I just ran I into too much pain.
- firewall? Lots of pain and hard to find friendly, best practice starter templates. Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
- pm2 was buggy on FreeBSD because of some issue with process IDs getting lost. That was pm2's fault, not FreeBSD's. But I still wanted to simply run different processes and keep my logs somewhere. Well, I guess I could write rc.d scripts for that. But keeping logs from the processes started by rc.d scripts? That also appeared to be a world of pain, and wherever I looked for answers people said "it's complicated."
In the end, it was just too much having to re-invent the wheel for common server tasks and I had to say goodbye. It's not you FreeBSD, it's me. I'm just not an OS dev.
> - firewall? […] Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
I felt this way about pf when I first got PF going around 2011 for my home router/firewall box. Not saying this is the same for you or anyone else, but my issue was that I was approaching it from the point of view of “I want to configure a home firewall router with PF” instead of “I want to learn the fundamentals of what a firewall does”.
It took me a few more years to get well-versed in all that stuff: the structure of packets, what NAT actually means (what addresses are being translated, why, and where), what's going on in the state table, how to debug when things aren't doing what I expect, etc. Once I did it became much more straightforward to express in my `pf.conf` what I want to do, but you're right that doesn't really help new users.
> Lots of pain and hard to find friendly, best practice starter templates.
For a very simple NAT gateway, one could set `firewall_type=simple` and then `firewall_simple_(iif|inet|oif|onet)(_ipv6)?` to configure the ISP-side and internal-side interface names and IPv4 and IPv6 network ranges for each.
For a very easy single-machine firewall, one could set `firewall_type=client` or `firewall_type=workstation` if you want to host anything. For the latter, `firewall_myservices` and `firewall_allowservices` control what ports are enabled and who (other networks/IPs) have access to them
> - firewall? Lots of pain and hard to find friendly, best practice starter templates. Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
I don't use much FreeBSD these days, but pf (from OpenBSD, I know), is one of the best things since sliced bread.
In my first job I was working for a company selling a third-party vertical software and we were proving support for it. We were using a very expensive symantec vpn with most customers connecting with a 33.3kb phone connection, until we reached the license limits, and there was no money for new licenses. In a pinch, me and a coworker set up a new server with openvpn, freebsd, pf, and a ruby-based dns server that I don't remember anymore, and we grew an order of magnitudes more customers.
It's been more that 20 years, I still don't know how to use firewalls in linux, (there are many, I just pretend they don't exists) but I would still be able to setup a pf firewall if needed. I need to say it again, pf is a joy to use.
My gripe with FreeBSD right now is that I miss something like docker swarm. bhyve is fine but AFAIK it works only on a single host. Give me something that works on a bunch of hosts, and I will come back right away
PF seems to me like pretty much the most well regarded firewall there is -
with a nice, sensible DSL for config. If you don't like like it, you can use use IPFW or IPFILTER, which are alternative, built-in, firewall front-ends.
- In the end, it was just too much having to re-invent the wheel for common server tasks
Maybe you have built your routine around a system that have reinvented the wheel? I think FreeBSD knowledge degrades more slowly than that of Linux distros.
- I'm just not an OS dev.
That's how I feel when I enter the chaotic Linux world. Do you think my life revolve around keeping up with this shit? :)
> That's how I feel when I enter the chaotic Linux world.
I feel that as a Linux user. I really like Linux, I use it on my desktop and it runs all my servers. Delving into forum posts to find some solution to a specific problem can be exhausting. Sometimes you get a top result from like 2011 and it is out of date so you then need to spend X minutes trying to look up something more recent.
Addendum:
I've used FreeBSD as my daily driver (I hate that term) since around 2004. Including through cs/math university. With Windows in a VM for "I need it".
The longer I've used it the more I'm annoyed by the trivialities of Linux distro management. And the bugs that happens between ill fitting parts composed by underfunded distro developers.
And I didn't mean to imply that FreeBSD is stale. There is big stuff happening continuously. Right now it's compatibility with Linux Wifi drivers, which will make FreeBSD more laptop-able. And pkgbase, which brings some of the compile-your-self flexibility of FreeBSD to binary management, and merges the two tools that decides what makes up your system into one. And kinda makes FreeBSD into the slim system that people already claims it to be.
My pet conspiracy is that pkgbase happened because the powers that be didn't want the 1000 battles to remove junk. Any time anyone wants to remove something there's always one or two guys on the mailing list claiming their livelihood depends on not having to do "pkg install Ø". With pkgbase its all gone.
They might've been trying freebsd back when pf wasn't well supported. Back when I last used openbsd (which might be nearly 20yrs ago now - eek), pf support on freebsd was lagging quite a bit.
Not sure what things are like now though - I'm guessing it's much better as pf was obviously the best option :)
I had similar issues with it. What helps today are LLMs. It’s really a boon to configuring such things. You do it on ace and forget unless that’s your job. Did you try to do what you had wanted back then with a recent LLM?
I spent a lot of time 25 years ago learning to love BSD in general, but FreeBSD in particular. I tried to make DragonflyBSD my desktop OS for a time. It’s sad how little love BSD gets nowadays…especially given how much of modern iOS / macOS owes BSD (for BSD subsystem that’s on top of the Mach kernel).
I use it every day as my desktop OS. Vanilla FreeBSD even, not dragonfly.
I like it because it's so stable. They don't have this Linux thing where they have to change everything around to incorporate the latest fad, and there's also not so many big tech companies constantly messing with the code. Linux has too much corporate influence for me. I don't want Huawei or Amazon to be messing with the code I run all the time. The grassroots nature of Linux is kinda gone and the suits have taken over, just like with the internet itself.
I also love how the OS is stable but the apps are rolling. This really helps to be on the latest KDE etc. And the documentation is excellent. ZFS on root as a first class citizen too.
There's a small team of maintainers working hard to keep everything going in this age of increasing linuxisms. But so far they've been doing a great job.
I just started using FreeBSD as my desktop OS on an old x230. I was surprised to find that for my use case, wine works faster and is more stable than on linux or Mac. Now I will install it on my desktop pc next.
Is this the fluffypony of Monero fame? If so, I got into FreeBSD a bit after hearing you praise it on crypto podcasts back in 2017/18. Surprised your handle was still available on HN!
Nice website design. I don't like to use the same stuff I use for work at home because home is supposed to be fun.
So I used to have everything FreeBSD but I've stopped using around 2020 when I've started buying computers that have different core configurations like ARM RockChip and Intel Alder Lake. I believe the term is called big.LITTLE when you have efficient and performance cores.
As of now the FreeBSD scheduler is not making full use of big.LITTLE. TBF It works and your mileage might vary and you might also pin stuff to cores but not ideal.
Meanwhile I went back to Linux and fell into the Nix rabbit hole.
I might go back once they get ULE to be able to use my Alder Lake efficiently.
This really resonates. Sometimes the best reason to switch tech is just to feel that spark of learning again. I build self-hosting platforms and have spent years trying to make it “easy”, even getting it to work on Windows/macOS. But honestly, the magic isn’t in convenience. It’s in that figuring it out phase imho...
When we don't have convenience and rather jump into the sea directly, we would actually learn how the stack works and not how the convenience wrapper worked. We would feel more confident in our ability to do more things without requiring somebody else's help and more.
It is this reason why figuring out this phase feels really important and lovely even, yet most people feel its hardness and leave it aside since they just want something which just works
Fortunately, for them, I think with technologies like docker/podman, flatpak, appimage etc. I feel like its already easy-ish enough.
Side nit pick but I hate when apps create docker/podman containers when they can also have flatpak, I would love to see some self hosting apps which have a gui or maybe even some cli hosted via flatpak but I rarely saw cli apps in flatpak etc.
Not an OpenBSD expert by any means, but two small pieces of minor feedback as everything else you wrote mirrors my own setup and experience. Firstly, unless you are really strapped for space on say a 90s machine, it is generally recommended to install all the file sets as there can be interactions with ports even if one does not expect it (say ffmpeg needing X11 libraries). The general OpenBSD mindset is after all "Use the defaults" and the default is to install all the file sets. Secondly, the OpenBSD Handbook has a bit of a mixed reputation in the community from what I can tell. Unlike the FreeBSD Handbook, it is not an official document and I tend to rely on man pages, openbsd.org, misc@, and a few blogs I consider to be trustworthy instead.
As a final note, glad to see you have IPv6 up and running. I really should get around to it now that dhcp6leased has been in base for more than two releases.
I feel like these "self-host and free yourself" articles would be better served giving us an estimate on the amount of time they spent on the process. That might help sell people more if I know it will take me 3 hours to setup a Bastille VPS w/jails for Caddy website, syncthing, Cal/Card/WebDAV, etc.
Then I can put 1.5 hours of effort into it one day setting up and getting used to Bastille and another 1.5 hours another day installing my software. Maybe my request is silly but most people say "I don't have the time or patience to self host" but what does "dont have the time" mean? Sure it's variable from person to person. It might increase interest in self hosting if people have a better idea of what they would be getting into.
This would pair well with encouraging a system like Bastille that just wants to get out of your way (two contextual views of time-savings).
I still run a server for hosting my Jellyfin and n8n, but I've honestly been moving a lot of my stuff to cloud hosting stuff. I found that trying to maintain uptime for all my services started to become a pretty huge time sink and I realized that I really didn't gain anything by hosting my blog on my own server with Nginx instead of just using a free Cloudflare Pages with Quartz.
I think it's ultimately a sign of aging; I don't really have the attention span or energy to LARP as a sysadmin anymore, especially since I never really enjoyed that aspect of computers anyway. I think my monthly cost of storage would get untenable if I tried to move all my raw media rips to the cloud (about 45TB [1]), so I don't think I'll be able to migrate my Jellyfin for the foreseeable future, but I would like to some day.
[1] Looking it up, storing 45TB would end up costing anywhere between $250-$1500 a month pretty easily, which I currently cannot justify.
I'm curious which aspect(s) became a time sink for you? I self-host a bunch of stuff myself. I can't say I never spend time on it, but it's measured in hours per year. Once stuff is set up, it just runs.
Also curious about the time sinks! Fingers crossed no issues with my services so far. The initial setup was tedious: configuring multiple services with their own configuration intricacies, and having proper backups. I am looking for something that would help reduce the setup toil, maybe something like nix?
I installed Jellyfin on my home server a few months ago but it’s already broken by upgrading to 10.11, and unusable until I restore 10.10 from backup or start over: https://github.com/jellyfin/jellyfin/issues/15027. There seem to be lots of other database migration bugs for this release and other ones.
Yeah, I've been afraid to upgrade because I've been following these updates. I'm going to wait until the dust settles a bit before upgrading because, as stated, I don't really enjoy larping as a sysadmin anymore.
I use Docker on Linux for this kind of thing (Jellyfin, Nextcloud and a few others) and updates are completely trouble free. I would never deploy complex "black box" apps like Jellyfin bare metal. That being said, I do run my email stack bare metal as I want fine control. Everything is hosted at home on my own hardware and I would never consider moving my computing to the "cloud."
Actually had I known about this two years ago, I would have considered pCloud; as it stands I bought 24x16TB used hard drives, about 288TB after RAID. That was like a $2600 investment that I don't really want to get rid of now unless I can find something considerably cheaper per-month.
I'm using FreeBSD for self-hosting, home NAS and router from version 2.2.0. As it is my hobby projects, I don't want to migrate to Linux which is, IMHO, over-represented.
But it become harder and harder in recent years.
Reason? Docker.
Many current «server-side» products doesn't have good instructions how to install them «by hands» and is not very suitable for system-side packaging (creating port), as they have build systems designed to be used in CI with online access in build time (especially node.js-based and go-based ones, but rust goes same way).
Installation instructions, well-defined dependencies, good versioning, immutable source distribution files? Nah. «Take this Docker file and run it».
Just two weeks ago, I spun up a FreeBSD server on OVH and migrated a service to it from Railway. Playing with jails, pf, ZFS, and some other goodies has been a lot of fun. Since I (massively) over-provisioned, I also spun up Gitea, Woodpecker CI (and agent; blazing fast CICD is so nice), and a personal blog. Been a great learning project.
[] It's not my first time with FreeBSD. I first ran it in ~2004. But it's been over 10 years since I last ran it, and I'd forgotten a decent bit. The last time I ran it, I just set up a couple of jails for NAS and Plex and proceeded to not touch it until I moved.
Bastille is very nice to use. You can spin up a jail with a simple `doas bastille create myjail 10.0.0.1` or whatever. Bastillefiles stand in as Dockerfile analogs, if you want to go that route (you have to create the jail, then apply the template, rather than doing it in a single command).
One nice thing is cloning a jail (which can be done live if using ZFS) to spin up a dev/test environment on a different IP. Or setting up a jail to try some different configurations and not having to worry about resetting things on your main host.
I've set up a storage jail with no network access, then a couple of service jails that dip into it at various mount points/permissions. It's total overkill for what I'm doing, but the point is to learn, tinker, and have fun.
I've started using Bastille recently, it allows using Dockerfile-like 'templates' to provision jails. I like this because I can destroy and recreate the jails easily, particularly to move to a new release (without having to do in-place upgrades synced to the host version, which is how I used to do it).
I know the feeling, having recently migrated a solid TrueNAS 13.3 to a hand-built FreeBSD 13.5. The main reason was to get OpenZFS 2.3 RAIDZ expansion as storage was getting tight. It turns out to be quite similar using Webmin for GUI and BastilleBSD for jails.
There were a few hiccups, such as learning about bootloader versions, but after a few Saturdays tinkering it has been running solid and I’m very pleased.
That's similar to me, I started using FreeNAS back in the 9.x days.
At the time the FreeNAS documentation recommend installing to a usb drive. This proved unreliable, but dedicating a drive to it was silly given it couldn't be used for anything else. I had all the things I needed but I wanted to peel back the layers and this seemed like a good excuse
So I threw in a drive and installed freebsd 10 and spent a few days familiarising myself with everything, learned how to configure samba myself, learned how to setup jails with iocage (the old shell version), and finally imported my pool.
Yes, I had been following vault.io for a few months, but I don't think it is ready. My understanding is that vault.io faces similar limitations as TrueNAS and ZFS. So, I hand-built FreeBSD, OpenZFS, Bastille, and Samba how I want it and learnt a lot along the way, and I am very happy that I did. It didn't take too long to transfer from iocage to Bastille.
I used FreeBSD as my daily desktop for a while in the 2000s. IIRC, the package manager had to compile each package from source, but that wasn't a huge deal. Things just worked in a non-overly-clever fashion.
Which type of applications? What I have found to be finicky is the desktop environments, however BSDs are pretty much tuned for web servers/applications. Bastille is designed for deploying web applications in jails securely and built on top of FreeBSD which is a pretty good default OS that gets out of your way already.
Normally you don't release an app for BSD specifically unless you want to offer a port. In which case software is usually built and if you need containerization you can put it in a jail.
It seems you would do well to install a FreeBSD vm/usb and give it a run. Their documentation is pretty good and their forums are helpful.
The deb and rpm files are not from the application either. Someone outside the application took the application and built the deb/rpm for the distro. FreeBSD just calls their packages "ports", but the concept is otherwise the same, just download the package. FreeBSD is better that most distros as is works to rebuild some middle library yourself with non-default options and then have a leaf application binary depend on it (assuming of course that they are compatible, if your non-default option breaks the application it won't work)
I find myself using BSDs at home too, I got a bunch of very old systems that only NetBSD supports these days. Very old SPARC, HP 9000s and the likes. Everything else is Linux, but maybe I'll try one of the BSDs on something more modern...
Is *BSD routing performance still lagging behind Linux? On Debian 12, I can saturate my 25Gbps link between PCs (the router has a 9600X), and can push north of 4Gbps through Wireguard.
I haven't personally tested, but have seen reports that BSD-based opnSense struggles to push 2.5G on modern low-end hardware (mini-PCs). I find that surprising considering I can fully saturate my 25G link on a Ryzen 5 running Linux. The Ryzen is considerably faster than an N100, but not 10x faster.
Having never used anything beyond Linux, Windows and Mac, what would be a good starting point? Can I expect gnu/coreutils to work as is (ls, cd, pwd, et al.). Can I expect to not get bitten by arbitrary issues? What if one of the emacs packages that I am accustomed to using doesn't work there due to a dependency on something that is Linux only? How likely/possible is that?
All the utilities are not GNU, but BSD, so there are differences. But typically not a problem, as long as you move inside POSIX. Most GNU utilities (all?) can be installed if you prefer them. For example, make is typically gmake, and you really need it. I haven't used BSD for the last 10 years but used it from 1999 to 2015. I had never major issues.
I have used FreeBSD back in 1999 to provide hosting services for a company that I have worked. Web server, DNS, POP/SMTP, FTP and squid cache proxy
.it was used also internally for DHCP and NAT routing (since we had only one public IP). Just configured it like an appliance and never had a problem, even uptime was counted in months (exception was package and kernel upgrades).
I prefer developing Rust on FreeBSD, memory allocator, scheduler, network stack, kqueue, dtrace and other instrumentation are all superior than the Linux counterparts. What's missing for you?
All of this person's problems seem to stem from a practice of implementing business style setups at home. The truth is you don't need any containerization/VMs for a home server setup. You don't need all the nines for uptime either, it's perfectly okay to be offline for a week or whatever. It's your stuff! No one else has a say. The idea that everything has to be running on a separate OS from the one you use is a killer.
You don't need to start over in a new OS for this. Just don't cargo cult. Linux can do all this fine natively without containers and without risk in very straightforward ways if you ignore all the "deployal" memes or ideas of fallbacks. Just install nginx from your repos on your desktop, throw in some .html files to a directory and play.
My wife has opinions on my servers going down. She likes all our private music to be up 100% when she is listening. (think recordings from friends - the type of things that spotify would never have)
Can we leverage AI for thr man pages and how to get things done? Anyone know if the llms are relatively trustworthy with their how to?. The assumption is because rhe man pages are well curated and the bsd's don't change much, source of truth is a bit more universal than other OS's.
Somewhat related OpenBSD is the fundament of my self-hosted homelab since it runs DNS, DHCP, a firewall router and a small local web server. Configuration is a dream compared to Linux and probably even compared to FreeBSD. You just need to go through the FAQ and copy&paste the relevant examples and modify them as needed. I don't know why it's so complicated on Linux where you need to appease a handful of daemons and find your way through a labyrinth of config files. I run a separate Linux based KVM host though.
OpenBSD is a very well kept secret that very few people are aware of. As close to nirvana as I can manage.
The fact I miss pretty much all the drama around the latest corporate take over attempts on Linux is just icing on the cake. The toxic slug strategy is an amazing one that more open source projects should use.
Openbsd split from netbsd back in the day as the original toxic slug, so it is amusing to call it a releif today
1 reply →
What do you mean by "toxic slug strategy"?
18 replies →
There are a few nice to haves that would really help me out with making an open bsd transition. I thought of writing them myself because I am getting very fed up with Linux for the above reasons.
- IDE support is an issue still
- Filesystem challenging when using a laptop that runs out of battery
- MATE lacking volume and WiFi controls
- This one is just me being picky but a GUI to help me gain a better understanding of the security settings or alternatively more up to date books.
- I am not exactly sure on how to correctly use virtualization and I need it to support docker workloads at work
13 replies →
Shoutout to OpenBSD.amsterdam for providing a wonderful hosted OpenBSD VPS. It is indeed pretty close to nirvana.
It’s also behind the times
3 replies →
My impression is that the BSD's are laser-focused on providing efficient environments for networking backbone software to exist in, so special attention is paid to making it easy to orchestrate everything with rc.conf and keeping anything not required for these goals out of the default installation; while Linux (and its distributions) being far more general-purpose naturally will take more configuration.
Linux packaging tools are bad and the people who make Linux packages generally don't do a very good job at it limited by tools and motivation.
So much linux software doesn't come with sane defaults out of the box, doesn't have an easy path to common desired configurations, and doesn't have reasonable documentation. PARTICULARLY for "open" software that has a paid hosted option.
I say this after decades of a career where a very large proportion of the frustration and "stupid work" I've had to do involved getting a piece of software to do something obvious.
Working with the BSDs is just delightful in how wanting to do something turns into something working with ease.
2 replies →
OpenBSD used to run my network but Plan 9, specifically 9front is even easier. Everything is configured using NDB which is a flat text file containing entries for each system on the network. On my CPU server I run DHCP, DNS and TFTPd, which are three lines in /cfg/$sysname/cpurc. That's it. No init system and no /etc. Just start the programs which all look at the same central database for config info. When I setup PXE booting it took literally 5 minutes of adding the tftpd line, adding an extra bootf= tuple in the machines ndb entry, a plan9.ini in /cfg/pxe and I had a machine pxe booting 9front over the network when turned on.
> I don't know why it's so complicated on Linux where you need to appease a handful of daemons and find your way through a labyrinth of config files.
Not too mention that some newer servers you might want to run are containerised and have few, if any, instructions for how to set them up without containers.
Speaking of Linux, OpenBSD’s hypervisor (vmm) supports it so I managed to get docker and containers running on my server via Alpine Linux. Opens the door on all the latest ‘modern server stuff’ running happily on an OBSD box.
Have you dealt with hardware failure or instability yet? It can be pretty annoying to pin down and isolate, unless you keep an order of magnitude of hoarded hardware around.
Time and attention are always in short supply.
I run FreeBSD in my homelab, too! One reason is the stellar ZFS support, but the simple fun of doing stuff differently is definitely a thing, too. And I like FreeBSD jails.
For me, the balance between all the overhead of the "cattle, not pets" approach and the manual way is the a README.md file for basic setup, and then having Ansible stand up the rest of the configuration. The host is configured as a Jail host, then individual services live inside the jails. Creating and configuring the jails is also done through Ansible. Overall, I really like the setup. I can individually SSH into each jail to allow easy debugging, I can snapshot the jails, and data lives on a special ZFS subvolume that I mount into each jail at "/bucket". This way, I can throw away the jail at any time, fire up Ansible, and have everything up and running again in no time.
> And I like FreeBSD jails.
If you don't know about them already, you may be interested in service jails (forthcoming[1] in 15):
> A service jail shares the complete filesystem tree directly with the host (the jail root path is /) and as such can access and modify any file on the host, and shares the same user accounts with the host. By default it has no access to the network or other resources which are restricted in jails, but they can be configured to re-use the network of the host and to remove some of the jail-restrictions.
* https://docs.freebsd.org/en/books/handbook/jails/#service-ja...
* https://docs.freebsd.org/en/books/handbook/jails/#service-ja...
* https://man.freebsd.org/cgi/man.cgi?query=rc.conf&manpath=Fr...
[1] https://www.freebsd.org/releases/15.0R/schedule/
Sounds interesting, but it sounds like that would mean installing the service software and it's dependencies into the root filesystem. I'm relatively sure I don't want that, as it would create a big mess on the host. I have stuff like Nextcloud in my jails, and wouldn't want to install PHP and all of it's deps outside the dedicated filesystem of the jail.
But it's very cool to see continued development, jails are such an awesome feature!
If I didn't need CUDA support, I'd be on FreeBSD all the way. No systemd, built-in "containers" before they were cool, basically just good 'ole UNIX.
You can pass a CUDA device through to a bhyve vm.
1 reply →
I've done something like this in the past, it works really well. Have you used Poudriere? I never tried it, but it sounds promising. Ansible is a good idea as well. I just wrote some shell scripts that parsed a file with some packages and hooks to set up the jails.
These days I have my FreeBSD server providing NFS for a k3s instance on a different box.
Yes, I have used Poudriere. Every time I want to talk about it, I have to look up how exactly that is spelled! My usecase was that I needed stuff to be linked against newer PostgreSQL client libs than were in quarterly.
I thought about using Linux and simply providing storage from FreeBSD using NFS, but that would require 2 machines or a VM that connects to the host using NFS or something... meh.
2 replies →
I really wanted to love FreeBSD. Growing up in grade school my friend's older brother was a contributor and I thought he was the coolest guy ever. I loved the ethos and I agreed with this post. But practically, I just ran I into too much pain.
- firewall? Lots of pain and hard to find friendly, best practice starter templates. Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
- pm2 was buggy on FreeBSD because of some issue with process IDs getting lost. That was pm2's fault, not FreeBSD's. But I still wanted to simply run different processes and keep my logs somewhere. Well, I guess I could write rc.d scripts for that. But keeping logs from the processes started by rc.d scripts? That also appeared to be a world of pain, and wherever I looked for answers people said "it's complicated."
In the end, it was just too much having to re-invent the wheel for common server tasks and I had to say goodbye. It's not you FreeBSD, it's me. I'm just not an OS dev.
> - firewall? […] Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
I felt this way about pf when I first got PF going around 2011 for my home router/firewall box. Not saying this is the same for you or anyone else, but my issue was that I was approaching it from the point of view of “I want to configure a home firewall router with PF” instead of “I want to learn the fundamentals of what a firewall does”.
It took me a few more years to get well-versed in all that stuff: the structure of packets, what NAT actually means (what addresses are being translated, why, and where), what's going on in the state table, how to debug when things aren't doing what I expect, etc. Once I did it became much more straightforward to express in my `pf.conf` what I want to do, but you're right that doesn't really help new users.
> Lots of pain and hard to find friendly, best practice starter templates.
FreeBSD does include this, however! It's just implemented using IPFW instead of PF. Check out `firewall_type` key in `rc.conf`: https://cgit.freebsd.org/src/tree/libexec/rc/rc.conf?id=edad...
For a very simple NAT gateway, one could set `firewall_type=simple` and then `firewall_simple_(iif|inet|oif|onet)(_ipv6)?` to configure the ISP-side and internal-side interface names and IPv4 and IPv6 network ranges for each.
For a very easy single-machine firewall, one could set `firewall_type=client` or `firewall_type=workstation` if you want to host anything. For the latter, `firewall_myservices` and `firewall_allowservices` control what ports are enabled and who (other networks/IPs) have access to them
For more details and to see exactly what each option actually does, check out `/etc/rc.firewall` where this is all implemented: https://cgit.freebsd.org/src/tree/libexec/rc/rc.firewall?id=...
> - firewall? Lots of pain and hard to find friendly, best practice starter templates. Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
I don't use much FreeBSD these days, but pf (from OpenBSD, I know), is one of the best things since sliced bread.
In my first job I was working for a company selling a third-party vertical software and we were proving support for it. We were using a very expensive symantec vpn with most customers connecting with a 33.3kb phone connection, until we reached the license limits, and there was no money for new licenses. In a pinch, me and a coworker set up a new server with openvpn, freebsd, pf, and a ruby-based dns server that I don't remember anymore, and we grew an order of magnitudes more customers.
It's been more that 20 years, I still don't know how to use firewalls in linux, (there are many, I just pretend they don't exists) but I would still be able to setup a pf firewall if needed. I need to say it again, pf is a joy to use.
My gripe with FreeBSD right now is that I miss something like docker swarm. bhyve is fine but AFAIK it works only on a single host. Give me something that works on a bunch of hosts, and I will come back right away
vm-bhyve, which is a friendly wrapper around bhyve, has a vm send command. Not as automatic as docker swarm but is pretty handy for homelabbin’.
1 reply →
what do you need docker swarm / bhyve for in a selfhosting context?
https://docs.freebsd.org/en/books/handbook/firewalls/
- firewall?
PF seems to me like pretty much the most well regarded firewall there is - with a nice, sensible DSL for config. If you don't like like it, you can use use IPFW or IPFILTER, which are alternative, built-in, firewall front-ends.
- In the end, it was just too much having to re-invent the wheel for common server tasks
Maybe you have built your routine around a system that have reinvented the wheel? I think FreeBSD knowledge degrades more slowly than that of Linux distros.
- I'm just not an OS dev.
That's how I feel when I enter the chaotic Linux world. Do you think my life revolve around keeping up with this shit? :)
> That's how I feel when I enter the chaotic Linux world.
I feel that as a Linux user. I really like Linux, I use it on my desktop and it runs all my servers. Delving into forum posts to find some solution to a specific problem can be exhausting. Sometimes you get a top result from like 2011 and it is out of date so you then need to spend X minutes trying to look up something more recent.
1 reply →
Addendum: I've used FreeBSD as my daily driver (I hate that term) since around 2004. Including through cs/math university. With Windows in a VM for "I need it". The longer I've used it the more I'm annoyed by the trivialities of Linux distro management. And the bugs that happens between ill fitting parts composed by underfunded distro developers.
And I didn't mean to imply that FreeBSD is stale. There is big stuff happening continuously. Right now it's compatibility with Linux Wifi drivers, which will make FreeBSD more laptop-able. And pkgbase, which brings some of the compile-your-self flexibility of FreeBSD to binary management, and merges the two tools that decides what makes up your system into one. And kinda makes FreeBSD into the slim system that people already claims it to be.
My pet conspiracy is that pkgbase happened because the powers that be didn't want the 1000 battles to remove junk. Any time anyone wants to remove something there's always one or two guys on the mailing list claiming their livelihood depends on not having to do "pkg install Ø". With pkgbase its all gone.
They might've been trying freebsd back when pf wasn't well supported. Back when I last used openbsd (which might be nearly 20yrs ago now - eek), pf support on freebsd was lagging quite a bit.
Not sure what things are like now though - I'm guessing it's much better as pf was obviously the best option :)
2 replies →
I had similar issues with it. What helps today are LLMs. It’s really a boon to configuring such things. You do it on ace and forget unless that’s your job. Did you try to do what you had wanted back then with a recent LLM?
I spent a lot of time 25 years ago learning to love BSD in general, but FreeBSD in particular. I tried to make DragonflyBSD my desktop OS for a time. It’s sad how little love BSD gets nowadays…especially given how much of modern iOS / macOS owes BSD (for BSD subsystem that’s on top of the Mach kernel).
I use it every day as my desktop OS. Vanilla FreeBSD even, not dragonfly.
I like it because it's so stable. They don't have this Linux thing where they have to change everything around to incorporate the latest fad, and there's also not so many big tech companies constantly messing with the code. Linux has too much corporate influence for me. I don't want Huawei or Amazon to be messing with the code I run all the time. The grassroots nature of Linux is kinda gone and the suits have taken over, just like with the internet itself.
I also love how the OS is stable but the apps are rolling. This really helps to be on the latest KDE etc. And the documentation is excellent. ZFS on root as a first class citizen too.
There's a small team of maintainers working hard to keep everything going in this age of increasing linuxisms. But so far they've been doing a great job.
I just started using FreeBSD as my desktop OS on an old x230. I was surprised to find that for my use case, wine works faster and is more stable than on linux or Mac. Now I will install it on my desktop pc next.
I really wish I could run FreeBSD on Apple silicon. The shared *BSD base seems fitting.
5 replies →
Is this the fluffypony of Monero fame? If so, I got into FreeBSD a bit after hearing you praise it on crypto podcasts back in 2017/18. Surprised your handle was still available on HN!
Nice website design. I don't like to use the same stuff I use for work at home because home is supposed to be fun.
So I used to have everything FreeBSD but I've stopped using around 2020 when I've started buying computers that have different core configurations like ARM RockChip and Intel Alder Lake. I believe the term is called big.LITTLE when you have efficient and performance cores.
As of now the FreeBSD scheduler is not making full use of big.LITTLE. TBF It works and your mileage might vary and you might also pin stuff to cores but not ideal.
Meanwhile I went back to Linux and fell into the Nix rabbit hole.
I might go back once they get ULE to be able to use my Alder Lake efficiently.
This really resonates. Sometimes the best reason to switch tech is just to feel that spark of learning again. I build self-hosting platforms and have spent years trying to make it “easy”, even getting it to work on Windows/macOS. But honestly, the magic isn’t in convenience. It’s in that figuring it out phase imho...
When we don't have convenience and rather jump into the sea directly, we would actually learn how the stack works and not how the convenience wrapper worked. We would feel more confident in our ability to do more things without requiring somebody else's help and more. It is this reason why figuring out this phase feels really important and lovely even, yet most people feel its hardness and leave it aside since they just want something which just works
Fortunately, for them, I think with technologies like docker/podman, flatpak, appimage etc. I feel like its already easy-ish enough.
Side nit pick but I hate when apps create docker/podman containers when they can also have flatpak, I would love to see some self hosting apps which have a gui or maybe even some cli hosted via flatpak but I rarely saw cli apps in flatpak etc.
I recently set up an OpenBSD based router in our home and, man, it felt like a breath of fresh air.
I wrote about it here: https://www.blog.montgomerie.net/posts/2025-10-11-setting-up...
Thank you for sharing the write up!
Not an OpenBSD expert by any means, but two small pieces of minor feedback as everything else you wrote mirrors my own setup and experience. Firstly, unless you are really strapped for space on say a 90s machine, it is generally recommended to install all the file sets as there can be interactions with ports even if one does not expect it (say ffmpeg needing X11 libraries). The general OpenBSD mindset is after all "Use the defaults" and the default is to install all the file sets. Secondly, the OpenBSD Handbook has a bit of a mixed reputation in the community from what I can tell. Unlike the FreeBSD Handbook, it is not an official document and I tend to rely on man pages, openbsd.org, misc@, and a few blogs I consider to be trustworthy instead.
As a final note, glad to see you have IPv6 up and running. I really should get around to it now that dhcp6leased has been in base for more than two releases.
I was fooled by the handbook! It sounded so official. I will add a footnote to the post.
I feel like these "self-host and free yourself" articles would be better served giving us an estimate on the amount of time they spent on the process. That might help sell people more if I know it will take me 3 hours to setup a Bastille VPS w/jails for Caddy website, syncthing, Cal/Card/WebDAV, etc.
Then I can put 1.5 hours of effort into it one day setting up and getting used to Bastille and another 1.5 hours another day installing my software. Maybe my request is silly but most people say "I don't have the time or patience to self host" but what does "dont have the time" mean? Sure it's variable from person to person. It might increase interest in self hosting if people have a better idea of what they would be getting into.
This would pair well with encouraging a system like Bastille that just wants to get out of your way (two contextual views of time-savings).
I still run a server for hosting my Jellyfin and n8n, but I've honestly been moving a lot of my stuff to cloud hosting stuff. I found that trying to maintain uptime for all my services started to become a pretty huge time sink and I realized that I really didn't gain anything by hosting my blog on my own server with Nginx instead of just using a free Cloudflare Pages with Quartz.
I think it's ultimately a sign of aging; I don't really have the attention span or energy to LARP as a sysadmin anymore, especially since I never really enjoyed that aspect of computers anyway. I think my monthly cost of storage would get untenable if I tried to move all my raw media rips to the cloud (about 45TB [1]), so I don't think I'll be able to migrate my Jellyfin for the foreseeable future, but I would like to some day.
[1] Looking it up, storing 45TB would end up costing anywhere between $250-$1500 a month pretty easily, which I currently cannot justify.
I'm curious which aspect(s) became a time sink for you? I self-host a bunch of stuff myself. I can't say I never spend time on it, but it's measured in hours per year. Once stuff is set up, it just runs.
Also curious about the time sinks! Fingers crossed no issues with my services so far. The initial setup was tedious: configuring multiple services with their own configuration intricacies, and having proper backups. I am looking for something that would help reduce the setup toil, maybe something like nix?
1 reply →
I installed Jellyfin on my home server a few months ago but it’s already broken by upgrading to 10.11, and unusable until I restore 10.10 from backup or start over: https://github.com/jellyfin/jellyfin/issues/15027. There seem to be lots of other database migration bugs for this release and other ones.
Yeah, I've been afraid to upgrade because I've been following these updates. I'm going to wait until the dust settles a bit before upgrading because, as stated, I don't really enjoy larping as a sysadmin anymore.
I use Docker on Linux for this kind of thing (Jellyfin, Nextcloud and a few others) and updates are completely trouble free. I would never deploy complex "black box" apps like Jellyfin bare metal. That being said, I do run my email stack bare metal as I want fine control. Everything is hosted at home on my own hardware and I would never consider moving my computing to the "cloud."
1 reply →
Update: I just tried upgrading again (from 10.11.1 to 10.11.2) and it seems to have fixed things!
> [1] Looking it up, storing 45TB would end up costing anywhere between $250-$1500 a month pretty easily, which I currently cannot justify.
Or about $5k one-off at pCloud, which is still a big investment. (No affiliation, just a customer.)
Actually had I known about this two years ago, I would have considered pCloud; as it stands I bought 24x16TB used hard drives, about 288TB after RAID. That was like a $2600 investment that I don't really want to get rid of now unless I can find something considerably cheaper per-month.
I personally still don't understand how actual online services (like storage) can work with one-off licenses.
3 replies →
I'm using FreeBSD for self-hosting, home NAS and router from version 2.2.0. As it is my hobby projects, I don't want to migrate to Linux which is, IMHO, over-represented.
But it become harder and harder in recent years.
Reason? Docker.
Many current «server-side» products doesn't have good instructions how to install them «by hands» and is not very suitable for system-side packaging (creating port), as they have build systems designed to be used in CI with online access in build time (especially node.js-based and go-based ones, but rust goes same way).
Installation instructions, well-defined dependencies, good versioning, immutable source distribution files? Nah. «Take this Docker file and run it».
It is pity.
This may help you.
« An introduction to OCI Containers on FreeBSD
October 31, 2025 »
https://freebsdfoundation.org/blog/oci-containers-on-freebsd...
Thank you, I've missed this one.
Problem is, these prepared images contain Linux binaries. Using Linux emulation in FreeBSD for OSS project doesn't feel ... right?
1 reply →
You can pretty much study the Dockerfile of each docker image and you'll see how it's installed. It's all there, no magic
Just two weeks ago, I spun up a FreeBSD server on OVH and migrated a service to it from Railway. Playing with jails, pf, ZFS, and some other goodies has been a lot of fun. Since I (massively) over-provisioned, I also spun up Gitea, Woodpecker CI (and agent; blazing fast CICD is so nice), and a personal blog. Been a great learning project.
[] It's not my first time with FreeBSD. I first ran it in ~2004. But it's been over 10 years since I last ran it, and I'd forgotten a decent bit. The last time I ran it, I just set up a couple of jails for NAS and Plex and proceeded to not touch it until I moved.
How's the UX for jails these days? I remember trying to use it barebones and also some of the wrappers.
Bastille is very nice to use. You can spin up a jail with a simple `doas bastille create myjail 10.0.0.1` or whatever. Bastillefiles stand in as Dockerfile analogs, if you want to go that route (you have to create the jail, then apply the template, rather than doing it in a single command).
One nice thing is cloning a jail (which can be done live if using ZFS) to spin up a dev/test environment on a different IP. Or setting up a jail to try some different configurations and not having to worry about resetting things on your main host.
I've set up a storage jail with no network access, then a couple of service jails that dip into it at various mount points/permissions. It's total overkill for what I'm doing, but the point is to learn, tinker, and have fun.
1 reply →
I've started using Bastille recently, it allows using Dockerfile-like 'templates' to provision jails. I like this because I can destroy and recreate the jails easily, particularly to move to a new release (without having to do in-place upgrades synced to the host version, which is how I used to do it).
I know the feeling, having recently migrated a solid TrueNAS 13.3 to a hand-built FreeBSD 13.5. The main reason was to get OpenZFS 2.3 RAIDZ expansion as storage was getting tight. It turns out to be quite similar using Webmin for GUI and BastilleBSD for jails.
There were a few hiccups, such as learning about bootloader versions, but after a few Saturdays tinkering it has been running solid and I’m very pleased.
That's similar to me, I started using FreeNAS back in the 9.x days.
At the time the FreeNAS documentation recommend installing to a usb drive. This proved unreliable, but dedicating a drive to it was silly given it couldn't be used for anything else. I had all the things I needed but I wanted to peel back the layers and this seemed like a good excuse
So I threw in a drive and installed freebsd 10 and spent a few days familiarising myself with everything, learned how to configure samba myself, learned how to setup jails with iocage (the old shell version), and finally imported my pool.
Years later very little has changed.
Have you looked at zVault at all?
https://zvault.io/
Yes, I had been following vault.io for a few months, but I don't think it is ready. My understanding is that vault.io faces similar limitations as TrueNAS and ZFS. So, I hand-built FreeBSD, OpenZFS, Bastille, and Samba how I want it and learnt a lot along the way, and I am very happy that I did. It didn't take too long to transfer from iocage to Bastille.
I used FreeBSD as my daily desktop for a while in the 2000s. IIRC, the package manager had to compile each package from source, but that wasn't a huge deal. Things just worked in a non-overly-clever fashion.
They added binary packages.
Binary packages were there in the 2000s also.
How is the situation with applications in BSD?
I never see an app released for FreeBSD. There are usually Deb and rpm files.
I suppose FreeBSD adapts and releases some them in their ports. But how is the coverage?
Another issue is the hardware support. Does it have drivers for things like recent WiFi chips?
According to repology.org, FreeBSD is the 4th largest package repository in the open-source world.
Which type of applications? What I have found to be finicky is the desktop environments, however BSDs are pretty much tuned for web servers/applications. Bastille is designed for deploying web applications in jails securely and built on top of FreeBSD which is a pretty good default OS that gets out of your way already.
Normally you don't release an app for BSD specifically unless you want to offer a port. In which case software is usually built and if you need containerization you can put it in a jail.
It seems you would do well to install a FreeBSD vm/usb and give it a run. Their documentation is pretty good and their forums are helpful.
Desktop apps: PDF viewer, office applications, playing video and audio, IDEs or editors at least, …
If they support flatpaks, it might be good enough.
3 replies →
The deb and rpm files are not from the application either. Someone outside the application took the application and built the deb/rpm for the distro. FreeBSD just calls their packages "ports", but the concept is otherwise the same, just download the package. FreeBSD is better that most distros as is works to rebuild some middle library yourself with non-default options and then have a leaf application binary depend on it (assuming of course that they are compatible, if your non-default option breaks the application it won't work)
I find myself using BSDs at home too, I got a bunch of very old systems that only NetBSD supports these days. Very old SPARC, HP 9000s and the likes. Everything else is Linux, but maybe I'll try one of the BSDs on something more modern...
> it deviates a bit from what might be the most common setup, but it's undoubtedly me
This is delightful. Personal projects are a great place to buck the technical monoculture and try something unique. I really enjoyed reading this.
Is *BSD routing performance still lagging behind Linux? On Debian 12, I can saturate my 25Gbps link between PCs (the router has a 9600X), and can push north of 4Gbps through Wireguard.
I was under the impression this was one of the main use of *BSD (lot of networking hardware is based on it). Where did you see it was lagging behind ?
I haven't personally tested, but have seen reports that BSD-based opnSense struggles to push 2.5G on modern low-end hardware (mini-PCs). I find that surprising considering I can fully saturate my 25G link on a Ryzen 5 running Linux. The Ryzen is considerably faster than an N100, but not 10x faster.
Web rings on HN content. That was a 20 min nostalgia trip. Thank you
Having never used anything beyond Linux, Windows and Mac, what would be a good starting point? Can I expect gnu/coreutils to work as is (ls, cd, pwd, et al.). Can I expect to not get bitten by arbitrary issues? What if one of the emacs packages that I am accustomed to using doesn't work there due to a dependency on something that is Linux only? How likely/possible is that?
All the utilities are not GNU, but BSD, so there are differences. But typically not a problem, as long as you move inside POSIX. Most GNU utilities (all?) can be installed if you prefer them. For example, make is typically gmake, and you really need it. I haven't used BSD for the last 10 years but used it from 1999 to 2015. I had never major issues.
> Having never used anything beyond Linux, Windows and Mac, what would be a good starting point?
GhostBSD.
https://ghostbsd.org/
Without looking or knowing all your requirements, it's likely everything you need works the same. (I don't know anything about gnu/coreutils.)
I run OPNsense (based on FreeBSD) for my home router/firewall and it's amazing what it can do compared to the typical home router.
I have used FreeBSD back in 1999 to provide hosting services for a company that I have worked. Web server, DNS, POP/SMTP, FTP and squid cache proxy .it was used also internally for DHCP and NAT routing (since we had only one public IP). Just configured it like an appliance and never had a problem, even uptime was counted in months (exception was package and kernel upgrades).
NIXOS! NIXOS!! NIXOS!!!
Love seeing BSD still getting real use, old school tech with true hacker vibes!
No body mention that the footer of this website has many retro badge buttons? Let's take a minute to appreciate nostalgia of web 1.0.
Don't forget to set up toor user password! /thin foil hat on It's deliberate! /thin foil hat off
The lack of full rust support has kept me from developing on FreeBSD. I prefer it as a file server.
I prefer developing Rust on FreeBSD, memory allocator, scheduler, network stack, kqueue, dtrace and other instrumentation are all superior than the Linux counterparts. What's missing for you?
Why choose Free/OpenBSD instead of Debian, CentOS, or any other distro?
For FreeBSD, given that it fulfills the tasks required:
* Ease of management - more holistically designed.
* Rock solid parts that fits together - more holistically designed.
* ZFS, jails, bhyve, dtrace, ports.
* If it works today, it works tomorrow.
* A more approachable community (which AMD says is the reason why they are developing for FreeBSD before Linux now).
* Transparency and simplicity of how it works - if you can understand it, you can manage it and fix it.
* Documentation.
* Fun! Linux is not fun.
What makes Linux not fun?
Whats the difference between FreeBSD ports and Debian packages?
3 replies →
Less churn -> the OS respects the time you invest in learning the system, and the time people have invested in documenting the system.
One is a full cohesive OS. The other is just a kernel with all the other bits packaged together by other groups of people.
And it shows.
What do you use Linux for?
All of this person's problems seem to stem from a practice of implementing business style setups at home. The truth is you don't need any containerization/VMs for a home server setup. You don't need all the nines for uptime either, it's perfectly okay to be offline for a week or whatever. It's your stuff! No one else has a say. The idea that everything has to be running on a separate OS from the one you use is a killer.
You don't need to start over in a new OS for this. Just don't cargo cult. Linux can do all this fine natively without containers and without risk in very straightforward ways if you ignore all the "deployal" memes or ideas of fallbacks. Just install nginx from your repos on your desktop, throw in some .html files to a directory and play.
My wife has opinions on my servers going down. She likes all our private music to be up 100% when she is listening. (think recordings from friends - the type of things that spotify would never have)
keepalived is just a blessing for almost effortless HA
what about docker/containerd compatibility? is now possible to run on freebsd?
Make self hosting fun - true. Using FreeBSD... - Seriously?
Can we leverage AI for thr man pages and how to get things done? Anyone know if the llms are relatively trustworthy with their how to?. The assumption is because rhe man pages are well curated and the bsd's don't change much, source of truth is a bit more universal than other OS's.
Its fine to have fun with self-hosting.
The problem is when self-hosting amateur stuff leaks into professional life.
And then you have a expert beginner pushing their homelab/Self-hosting
If a single expert beginner can call the shots in your org, your org is the kind where that is absolutely fine.
It's more common than you think. Talking from 30 years of experience 20+ of them in very senior roles.