💾 Archived View for ftrv.se › 5 captured on 2023-07-22 at 16:22:21. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-04-19)
-=-=-=-=-=-=-
Here I'm gonna be collecting random notes on OpenBSD, could be of help to other people as well.
This is probably going to be WIP forever, as I learn more, change configuration, etc.
I use amd64 snapshot version, you might want to use the last stable one (maybe even for a different arch).
At one of the mirrors[1] grab either `amd64/installXY.fs` or `amd64/installXY.iso`, depending on if you want to install from a USB flash drive or burn a CD. `*.fs` needs to be `dd`ed to the flash drive itself directly. See Creating Install media[2].
There is not going to be any WIFI firmware present on the installation media, so there are a few options to choose from before booting. The media has all the "sets" to install the system from already, so it's not really required. In case it is required however, it's best to use Ethernet, or USB tethering on your Android (hopefully) phone, which will most likely show up as `urndis0` interface and the installation process will use that. Another idea is to copy the required firmware[3] on the media and then drop into shell after booting, doing the necessary procedures to make OpenBSD see the firmware in the right place and configure the network interface, then continuing with the installation. I haven't gone this path.
Now reboot and go to your...
Chances are, you might need to disable all the crap that isn't going to work in OpenBSD anyway, anything you can think of that isn't a high priority. It's best to install the system first, then enable those things back one by one in case you need any. Thunderbolt, bluetooth, WWAN come to mind.
When it comes to hyperthreading support, keep it enabled. I tried having it disabled, OpenBSD behaved in very strange ways, eating one core to 100% at all times. This might have been only on that specific laptop, idk.
See `/etc/examples`.
cp /etc/examples/man.conf /etc/examples/doas.conf /etc/
Now you can read extra man pages and invoke `doas`, which is like `sudo` but not `sudo`.
# get VM some of that internet net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 # don't go suspending with the lid down machdep.lidaction=0 # allow audio/video recording (if you like videochats) kern.audio.record=1 kern.video.record=1 # very questionable considering OpenBSD disabled # hyperthreading for a reason, but just to show # how to enable it hw.smt=1
# I don't use touchpad, trackpoint is my friend mouse.tp.disable=1 # no beep, no boop keyboard.bell.volume=0 # faster key repeats keyboard.repeat.del1=150 keyboard.repeat.deln=55 # blank the screen sometimes display.vblank=on # remap caps lock → control keyboard.map+="keysym Caps_Lock = Control_L"
That file is supposed to be modified by `rcctl` mostly. Check the man page.
# APM: performance mode 100% apmd_flags=-H # rcctl enable vmd # that's for VMs later vmd_flags= # rcctl enable xenodm # X server xenodm_flags= # that's the interface we gonna use with VMs # they will need DHCP working dhcpd_flags=vether0 # nice thing about sndio, you get loopback recording for free sndiod_flags=-s default -m play,mon -s mon
Virtual machines. I have 9front[4] and Alpine[5]. Both disabled by default, they can be started like so: `vmctl start 9front`. Add `-c` to get into serial console, at least in the beginning, in case you don't have those qcow2 images ready from somewhere else, in which case use `vmctl create ...`.
vm "9front" {
disable
memory 2048M
disk "/home/ftrvx/v/9front.qcow2"
#cdrom "/home/ftrvx/v/9front.iso"
owner ftrvx
interface {
lladdr 52:54:00:00:EE:03
switch "uplink"
}
}
vm "alpine" {
disable
memory 2048M
disk "/home/ftrvx/v/alpine.qcow2"
#cdrom "/home/ftrvx/v/alpine-virt-3.11.3-x86_64.iso"
owner ftrvx
interface {
lladdr 52:54:00:00:EE:04
switch "uplink"
}
}
switch "uplink" {
interface bridge0
}
VMs are gonna need this service.
subnet 10.0.2.1 netmask 255.255.255.0 {
# ip range to give away
range 10.0.2.2 10.0.2.20;
# that's host's IP address on vether0
option routers 10.0.2.1;
# you might want to configure something else here ofc
option domain-name-servers 4.2.2.2;
}
inet 10.0.2.1/24 up
add vether0 up
Run `/etc/netstart vether0` and `/etc/netstart bridge0` to get it up if you need it right now.
Allow traffic flow on `vether0`:
echo 'match out on egress from vether0:network to any nat-to (egress)' | doas tee -a /etc/pf.conf doas pfctl -f /etc/pf.conf
That's the WIFI. Your interface name might have a different name, see `ifconfig`.
join someAPnameHere wpakey superpassword123 join someOtherAP wpakey totallydifferentpassword123 dhcp
OpenVPN in case you need it, `pkg_add openvpn; mkdir -p /etc/openvpn`, and copy the config to that directory.
up !/usr/local/sbin/openvpn --daemon --config /etc/openvpn/myvpnconfig
This pretty much depends on what you want to use as your WM or DE. I use `i3`. Do a `chmod +x ~/.xsession` after editing.
#!/bin/sh
export LC_CTYPE=en_US.UTF-8
# I put extra stuff in ~/b
export PATH="$HOME/b:$PATH"
# caps as ctrl
# left ctrl to switch between layouts
# right ctrl as the compose key
setxkbmap 'se(nodeadkeys),ru' -option grp:lctrl_toggle,grp_led:scroll,ctrl:nocaps,compose:rctrl
# higher key repeat rate
xset r rate 150 40
# uncomment if you have any specific settings there
#xrdb -merge ~/.Xresources
if [ -x /usr/local/bin/dbus-launch -a -z "${DBUS_SESSION_BUS_ADDRESS}" ]; then
eval `dbus-launch --sh-syntax --exit-with-x11`
fi
# clean things up and run i3
rm -rf /tmp/i3-*
unset I3SOCK
exec /usr/local/bin/ck-launch-session i3
`plan9.ini` needs `console=0` in order for the `vmctl` console to be usable.
Makes sense to add `monitor=none` as well.
If you don't like 9front to be using dhcp, provide a configuration in `/lib/ndb/local`. With previous virtual network config the gateway should be set: `ipgw=10.0.2.1`. Your VM's ip address should be in `10.0.2.0/24` range.
If you're going through a usual installation using a CD bootable image and want to start with serial first, run `vmctl start -B cdrom -c alpine` and hit Tab soon enough for "boot:" prompt. Type "lts console=ttyS0,115200" and hit Enter. That will enable input/output on serial.
This is what I did to enable serial by default and to have an unnattended automatic boot - I edited `/boot/extlinux.conf`:
SERIAL 0 115200 DEFAULT lts ..... TIMEOUT 5 LABEL lts ..... APPEND root=.......... console=ttyS0,115200
I have my OpenBSD's files mounted using `sshfs`, so I need `fuse` module to load automatically on boot:
echo fuse | doas tee /etc/modules-load.d/fuse.conf
To get a working system clock with vmd, I build and install vmm_clock[6]:
apk add git alpine-sdk linux-lts-dev git clone https://github.com/voutilad/vmm_clock cd vmm_clock make doas make install echo vmm_clock | doas tee /etc/modules-load.d/vmm_clock.conf # take effect now doas reboot