Meine aktuelle private #QNAP #NAS Baustelle:

• #SSLVPN (TCP 443) mit #OpenVPN (#QVPN App)
• Interne CA für .internal (#OpenSSL)
• #PiHole (Docker) für .internal DNS A Records
• Reverse-Proxy #Caddy (Docker) für HTTPS
• #Vaultwarden (Docker)
• #FreshRSS (Docker)

Für den sehr sporadischen Dateizugriff verwende ich die Qfile-App.

Nur das SSL-VPN ist aus dem Internet erreichbar.

Weitere #Docker Ideen:
• #Nextcloud (wenn Qfile nicht ausreicht)
• #PaperlessNGX

#opensource #privatecloud #cloud

WHAT THE ACTUAL FUCKING FUCK‽‽‽‽

OpenSSL’s commandline-tool does not support AEAD ciphers, for, sorry to paraphrase, no sane reason whatsoever!

It’s not that they don’t have them implemented, that it would be too much work, or anything like that (which would be respectable reasons), but because:

On MacOS with Ruby v3.4 and openssl v3.6 if you're seeing an OpenSSL::SSL::SSLError exception with a message like "certificate verify failed (unable to get certificate CRL)", you can workaround/fix it by reinstalling Ruby against an earlier version of openssl, e.g. v3.5.

https://github.com/rails/rails/issues/55886#issuecomment-3411919148

#ruby #macos #openssl

tfw u see "Installing dependency: openssl@3"

#openSSL #homebrew

The upgrade to #NixOS 25.11 was all that was needed to get support for post quantum safe X25519MLKEM768 key agreement!

https://isitquantumsafe.info/

(Should be supported out of the box by Nginx if you have #OpenSSL 3.5+ installed: https://openssl-library.org/post/2025-04-08-openssl-35-final-release/)

#PQ #PQS #PostQuantum #Nginx

Thanks to @vsz this is quickly becoming the most thorough and detailed resource on the #OpenSSL fork situation. Which fork does what and how?

https://github.com/curl/curl/wiki/OpenSSL-forks

Até o FreeBSD deixou para trás o suporte a 32 bits (com uma exceção)

https://fed.brid.gy/r/https://tecnoblog.net/noticias/ate-o-freebsd-deixou-para-tras-o-suporte-a-32-bits-com-uma-excecao/