𝙹𝚘𝚎𝚕 𝙲𝚊𝚛𝚗𝚊𝚝 ♑ 🤪Doing things on the remote-homelab. So far, I can watch #YouTube videos without Ads.
Martin PughSo, it turns out, that if you want a dual stack OpenBSD box, operating as a `relayd` proxy, to be able to talk to another server on the same VLAN using IPv6, you kinda need some pf firewall rules to allow inbound IPv6 stuff for it to work. You know, stuff like neighbour discovery works much better when the packets can actually arrive at the interface.
I've been fighting this weirdness, on and off, for months and in the end just used legacy IP for the back haul instead. I had an epiphany just now while adding relayd config for another backend server in a different VLAN that just worked over IPv6.
I was always convinced it was a "me" problem, as nobody else seemed to have issues. Turns out I was just looking in the wrong place (my relayd config) all along.
Pope Bob the UnsaneI have a #RaspberryPI connected to a #WireGuard VPN connected to my #OpenBSD #VPS where the VPS is running #RelayD and directing trraffic through the WireGuard VPN to my Pi to serve music from #MPD ... and I have a phone out in the garage connected to a cheap bluetooth aux input on a boombox playing music over cellular networks... from my pi through the VPS...
Take that network brain!
Big Fl👀f is watching you.Running #OpenBSD 7.8 
DNS: #nsd (3 Master Zones), #DNSSEC & #DANE (RFC6698) + #unbound
Firewall: #pf with auto-fed tables (IPS-style), spambot-tarpitting & service rate limits.
Mail: #smtpd (Multi-domain, RFC8461/MTA-STS) + #rspamd (DKIM) + #dovecot (IMAPS-only).
Spam-Defense: #spamd with auto-SPF-walk (no more greylisting issues).
Web: #relayd (TLS-Terminator, HSTS, CSP) + #httpd (NIP-05, Autoconfig, security.txt).
Performance: Lightweight "Fail2Ban" via 1-liner shell script (No Python crap!).
#Nostr Relay in Rust building...
#SelfHosted #SysAdmin #Security #Privacy
DNS: #nsd (3 Master Zones), #DNSSEC & #DANE (RFC6698) + #unbound
Firewall: #pf with auto-fed tables (IPS-style), spambot-tarpitting & service rate limits.
Mail: #smtpd (Multi-domain, RFC8461/MTA-STS) + #rspamd (DKIM) + #dovecot (IMAPS-only).
Spam-Defense: #spamd with auto-SPF-walk (no more greylisting issues).
Web: #relayd (TLS-Terminator, HSTS, CSP) + #httpd (NIP-05, Autoconfig, security.txt).
Performance: Lightweight "Fail2Ban" via 1-liner shell script (No Python crap!).
#Nostr Relay in Rust building...
#SelfHosted #SysAdmin #Security #Privacy
Reddit Tech VN Bot🔔 Đã chán vì bỏ lỡ khi các Codex agents kết thúc? Tôi vừa phát triển relayd – bảng điều khiển di động gửi thông báo push, cho phép tiếp tục agents ngay trên điện thoại. Có gói miễn phí, rất mong nhận phản hồi! #relayd #Codex #mobile #phản_hồi #công_nghệ #phát_triển #software
Morgan AldridgeMy configuration management for the #OpenBSD #ReverseProxy is now updated to uninstall any prior version of #ddclient, _then_ install my self-packaged v4.0.0 (but only under OpenBSD amd64/7.8-stable, for which it's built.) A little troubleshooting of #ACMEClient #LetsEncrypt errors resulting in #relayd failing to start and now everything is _finally_ running smoothly!
Suffice it to say, some of my documentation is getting updated in addition to these package & config management tweaks!
OdicforceSoundsI don't play in "Lucky games" but sometimes I wish I had some Luck. Motivating #Relayd developers to setup a dedicated site with the documentation for this AWESOME application. I want to be Happy !!! https://blog.odicforcesounds.com/unbound.html
What now?! Oh, various #LetsEncrypt failures. Ah, right, have to run my configuration management twice due to some chicken-and-egg situations with #ACMEClient and #httpd #relayd.
That should do it, ri- Ah! Nope, turns out I was using a self-built #ddclient package due the #OpenBSD port & package being outdated and not supporting my #DNS provider.
Of course, my OpenBSD dev VM is running -current. Fine, I'll have to submit a patch to ports@ anyway. Then I'll have to backport to 7.8-stable... 2/2
grndprnzpGestern abend noch happy, weil #OpenBSD mit #relayd bei uns an den Start ging... Heute sporadisch Ohnmachtsanfälle wegen #stromausfall im Süden Berlins. Unser RZ ist betroffen. Notstrom Aggregat wegen Defekt außer Betrieb. Hatte ich erwähnt das wir unter anderem Winterdienst in ganz Berlin mittels unserer Systeme managen? Glaube mein Wochenende ist im Eimer :D .
Aber alles halb so wild.... ist nur business. Viel wichtiger: Passt alle auf euch und eure Nächsten auf!
SunWukong