FreeBSD

Docker on Freebsd

Fireup FreeBSD 14 Instance on AWS ?!? Install Packages pkg install gmake go git vim Install Lima git clone https://github.com/lima-vm/lima /opt/lima Patch File cat << EOF > /opt/lima/pkg/sshutil/sshutil_others.go //go:build !darwin && !linux // +build !darwin,!linux package sshutil import ( "runtime" "github.com/sirupsen/logrus" ) func detectAESAcceleration() bool { var err error const fallback = runtime.GOARCH == "amd64" logrus.WithError(err).Warnf("cannot detect whether AES accelerator is available, assuming %v", fallback) return fallback } EOF Build gmake Copy Binaries cp /opt/lima/_output/bin/* /usr/local/bin/ mkdir -p /usr/local/share/doc/lima && cp -r /opt/lima/_output/share/doc/lima/* /usr/local/share/doc/lima/ cp -r /opt/lima/_output/share/lima /usr/local/share/lima Install QEMU pkg install qemu-nox11 Get CPU root@freebsd:/opt/lima # qemu-system-x86_64 -cpu help | grep -i cascadelake x86 Cascadelake-Server (alias configured by machine type) x86 Cascadelake-Server-noTSX (alias of Cascadelake-Server-v3) x86 Cascadelake-Server-v1 Intel Xeon Processor (Cascadelake) x86 Cascadelake-Server-v2 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES] x86 Cascadelake-Server-v3 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX] x86 Cascadelake-Server-v4 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX] x86 Cascadelake-Server-v5 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX] Export CPU export QEMU_SYSTEM_X86_64="qemu-system-x86_64 -cpu Cascadelake-Server" Start Lima switch to user

FreeBSD bhyve

bhyve, pronounced “beehive” is a hypervisor/virtual machine manager for FreeBSD that supports most Intel and AMD processors that report the “POPCNT” (POPulation Count) processor feature in dmesg(8). Download ISO and boot it … in a new Virtual Machine … cat << 'EOF' > run_bhyve.sh #!/usr/bin/env bash iso=FreeBSD-13.1-RELEASE-amd64-bootonly.iso vm=guest.img # Load Module if needed kldstat |grep vmm.ko || kldload vmm ifconfig tap0 create sysctl net.link.tap.up_on_open=1 ifconfig ifconfig bridge0 create ifconfig bridge0 addm vmx0 addm tap0 ifconfig bridge0 create ifconfig bridge0 up # Get ISO test -f $iso || fetch https://download.

FreeBSD

List Packages Prime [root@freebsd13 ~]# pkg prime-list bash doas fping git go gohugo gsed hping3 htop jq ... List Packages Origin [root@freebsd13 ~]# pkg prime-origins |sort archivers/py-borgbackup devel/git devel/py-pip devel/py-poetry-core editors/vim emulators/open-vm-tools ftp/wget lang/go lang/python310 net/fping ... Package Cleanup pkg autoremove Pkg Audit audit installed packages against known vulnerabilities pkg audit -F sha256: 41490d57eaf6f60005156ccf31d91c8293d7086bb6b203dc23e32d7b2c3489a6

FreeBSD - Upgrade 13.0 to 13.1

Upgrade FreeBSD 13.0 to 13.1 should be a easy task, right ? https://www.freebsd.org/releases/13.1R/installation/ https://www.freebsd.org/releases/13.1R/relnotes/ Patch it first freebsd-update fetch freebsd-update install reboot may not needed, but you have to boot anyway a few times … Fetch and Upgrade to 13.1 this needs some time ! depending on your internet speed, and specially to power and filesystem performance of your machine. 20-30min for a common VM is not unreal :( time freebsd-update upgrade -r 13.

Wireguard Puffy to OPNsense

WG Tunnel between OpenBSD and OPNsense How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple … OpenBSD Install Packages pkg_add wireguard-tools-- Gen Key Onliner wg genkey | tee privatekey | wg pubkey > publickey Build Interface r=$(openssl rand -base64 32) remote_ip="1.2.3.4" remote_net="192.168.0.0/24" cat << 'EOF' > /etc/hostname.wg0 # WG Tunnel to OPNsense wgkey ${r} wgport 51820 wgpeer xxxxx - PUBLIC-KEY-OF-REMOTE-HOST - xxxxx= wgendpoint ${remote_ip} 51820 wgaip ${remote_net} inet 10.

Freebsd Stuff

Fix Broken Package Manager pkg add -f https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/pkg-1.14.2.txz pkg bootstrap -f; pkg update -f sha256: eb6263c0896e059168e9491b1f29e3bbf4e0fec278a42dd13929483ff0c8a5a3