@stefano back when I worked at a university, we had a backup server running an ancient customized version of Linux. Was not on the internet so we didn’t reboot it in over 5 years and we only did so to replace a hard drive.
@stefano
I would extend the same concept to programming languages, but apparently, this is not a popular point of view. So, we now have a group of prime-time hypertrophic languages and frameworks with tons of new features (often not back-compatible) introduced at every release to cover the whole universe of applications and beyond (at least in the minds of the their teams).
@stefano Great article. Unfortunately it is very hard to convince people to move from Linux to BSD. I often hear people saying that BSD is something they have heard about but they would never consider installing it. Simply because they don’t know it, but they know Linux. And why would they use something else instead, when hardware support is better and they get a system running a desktop environment out of the box? And when there is Docker and everything they think they need…
In my opinion, every government, public entity, association, foundation, etc., that needs to communicate with the public should have its own communication channel, with full control over its data and the messages it delivers. When I read “my Discord server,” I feel like responding “there’s nothing ‘yours’ about it - tomorrow morning they could shut everything down, and you would have lost EVERYTHING.”. Own your data!
Sometimes, I read that instances are not opened because of “costs not balanced by the number of users.” But even public television channels are often economically unprofitable, yet they are considered an essential service for public communication. Open, decentralized technologies that ensure control over one’s data should be treated the same way.
In my opinion, every government, public entity, association, foundation, etc., that needs to communicate with the public should have its own communication channel, with full control over its data and the messages it delivers. When I read “my Discord server,” I feel like responding “there’s nothing ‘yours’ about it - tomorrow morning they could shut everything down, and you would have lost EVERYTHING.”. Own your data!
I can highly recommend to migrate away from discord uaing https://keet.io today or at least to mirror all discord communication using bots to something like https://cabal.chat 🙂
When bureaucracy reaches new heights, and I have to send a certified email to myself as the admin of my own company to approve my own tax regime choice. 😂
The slides, the video, and the text behind my presentation at EuroBSDCon 2024 - 'Why and how we're migrating many of our servers from Linux to the BSDs.'
@stefano It was an enriching read. I like your problem-solving philosophy. Thank you for sharing. Implementing a rock solid solution will always the better choice compared to the trendy one.
Snac2 is an excellent software solution for accessing the Fediverse. It is lightweight, very easy to compile and install, has minimal dependencies, and the development is progressing along a clear, clean, and logical path - thank you, @grunfink
Since last December, BSD Cafe has had, among its services, a snac instance - https://snac.bsd.cafe - which has been used sparingly, mainly by some for testing purposes. I’ve kept it as a 'testing' option.
In light of the interest it is generating (we now have stable users) and given that development is evolving to allow for both inbound and outbound movement, I have decided to designate it as a stable solution for accessing the Fediverse and to consider it a primary service of the BSD Cafe.
It has always received the utmost attention, I have consistently updated it promptly, and it has always been accessible, but I have also modified all the descriptions to clarify that it is a stable and definitive solution.
Snac2 is an excellent software solution for accessing the Fediverse. It is lightweight, very easy to compile and install, has minimal dependencies, and the development is progressing along a clear, clean, and logical path - thank you, @grunfink
Since last December, BSD Cafe has had, among its services, a snac instance - https://snac.bsd.cafe - which has been used sparingly, mainly by some for testing purposes. I’ve kept it as a 'testing' option.
Maggie Smith was one of my favorite actresses. Especially in Downton Abbey, she perfectly embodied the stereotype (not even that much of a stereotype, to be honest) of a lady from a bygone era. I hoped to see her again in some production, but given her age, I knew it would be unlikely.
Farewell, Lady Violet.
And thanks for all the tea.
The goal is to have complete access to my networks and to use DNS that filters out unwanted content and ads.
It works very well, and the browsing experience is optimal.
In Dublin, I decided to route all traffic through that VPS. Since I often connect to open Wi-Fi networks (in hotels, at conferences, in pubs, etc.), I preferred to keep everything active. Moreover, at that point, I was still appearing to websites with my Italian IP, which reduced issues with streaming, etc.
Everything worked perfectly, and I didn't notice any significant increase in battery consumption. The hotel had all Ruckus equipment (with excellent Wi-Fi coverage), while the conference used Cisco, and the coverage there was also generally good.
The Wireguard implementation on OpenBSD has proven to be, as always, extremely stable and reliable.
@stefano I do the same thing, anytime I’m out of home all my connections go through my home internet, using the same dns blocking, accessing all my services like they are local
@stefano I read your blog post a few days ago, that’s how I found out about the Spamhaus Drop lists. Got to implement a few more of your recommendations as my #OpenBSD/ #Wireguard VPN server currently only speaks IPv4.
I read that the official Mastodon instance of the Swiss government will be closing down.
They say there are few active users, low engagement, and minimal interaction, which seems quite plausible. Additionally, they claim that "on platforms like X or Instagram, the Federal Council and the Federal Administration have many more followers." I believe that too, of course.
However, I do not agree with their decision. I think a government shouldn’t be overly concerned about follower counts and interactions, but rather about providing free, autonomous communication that is independent of third-party companies. In my view, a government shouldn’t operate like a business focused on "numbers."
Still, I appreciate their experiment - many governments, like the Italian one, haven’t even tried.
Regarding costs and management effort: an instance with 5 users and 3,500 followers (numbers provided by them) can run on a VPS for €3 a month and doesn't require heavy moderation. The cost for them is nearly zero. Yet, the freedom of information and discussion, especially for a Neutral Country, should always be a priority.
I believe that maintaining control over one’s information channels is crucial, especially in today's world. But, I fear that decision-makers only consider the numbers, which often favor the flashiest - but worse - solutions.
Encouraging citizens to use closed platforms is, in my opinion, a wrong choice.
Thanks to the Swiss government for at least giving it a shot.
I read that the official Mastodon instance of the Swiss government will be closing down.
They say there are few active users, low engagement, and minimal interaction, which seems quite plausible. Additionally, they claim that "on platforms like X or Instagram, the Federal Council and the Federal Administration have many more followers." I believe that too, of course.
It would be wise to maintain their Mastodon Instance, if for no other reason to maintain a single communication channel they control and will always be there.
The gecko in the house doesn’t bother me at all, quite the opposite. What worries me more is one detail: I’ve known these animals since I was born, as they’ve always been quite common in my native area, but around here, you never used to see them much. Just like other animals, typical of more southern regions, that are starting to adapt here as well.
Since yesterday, we have a new roommate at home. He decided to come in, knows exactly how to get out, and doesn’t seem afraid of us. We saw him wandering around last night and again this afternoon, but tonight he hasn’t shown up yet. His name is Jack, and he’s a gecko. Since today is Friday the 13th (even though in Italy it’s not considered a "special" day), a little good luck charm is exactly what we needed :-)
A small compendium of the Fediverse platforms I use/know well.
In the past few days, I revisited some of my old Fediverse instances since some friends asked me to help them set up a new one. I also took the chance to perform maintenance on some leftover instances. Here's my experience:
Akkoma: My oldest instance still running, opened in 2022. It was offline for a few months (3/4). I updated everything to the latest version and restarted it. I’m not sure why, but it’s extremely slow, with a heavy load on Postgres and many queries just to open the main page. I like Akkoma - I'll investigate further.
GoToSocial: I updated a friend's instance - GoToSocial itself was up-to-date, but the underlying system wasn’t. I noticed that once it exceeds 2000 followings, it becomes a bit slow. The database is PostgreSQL, but that's not the issue. The GoToSocial process becomes somewhat heavy on the VPS. Still, it's very usable and a software with great potential, in my opinion. The Mastodon API is implemented quite well and works with the major software.
Mitra: It seems well-built. The person had around 1000 followers and followings on a Mastodon account, which they moved from a large instance. No speed issues, though sending a message makes the server “heavy” for a bit, but it’s temporary. The Mastodon API is partially implemented, but the software is advancing quickly, and I find its native interface quite pleasant.
Snac2: I've always had a soft spot for Snac2. The lack of a database and some design choices make it an excellent solution for small instances. For example, sending posts to all known instances increases visibility and interaction. Its basic, JavaScript-free interface is very clear, though it might not be the best for those used to Mastodon. But the Mastodon API is improving version by version, and I think the developer is doing an excellent job. It struggles a bit with larger numbers, but that's due to the underlying file system, not the software itself. If "move" support (both in and out) were added, I would recommend it to anyone starting self-hosting for single-user or small community instances because "move" is one of the options that gives the most freedom in Fediverse software.
Mastodon: My “old” personal instance was stuck at version 4.1.x and had been offline for a few months. I updated the FreeBSD Jail and upgraded Mastodon to 4.2.12 and then to 4.3.0-beta1. No issues. I also helped a friend (who had an old Pleroma-based instance they barely used) migrate. This user has around 5000 followers and followings - Mastodon is running on FreeBSD on a VPS (arm64) for just over 3 euros a month, with no significant issues (apart from media storage, but that's not Mastodon’s fault). Mastodon is sometimes said to be heavy, and that's partly true, but its modularity ensures that even in cases of overload, queues may slow down, but navigation and the local timeline remain reasonably fast. I think this is a good thing for any larger-scale use of an instance.
In short, I think things are moving in the right direction, and the software is evolving nicely. Well done, devs!
A small compendium of the Fediverse platforms I use/know well.
In the past few days, I revisited some of my old Fediverse instances since some friends asked me to help them set up a new one. I also took the chance to perform maintenance on some leftover instances. Here's my experience:
Akkoma: My oldest instance still running, opened in 2022. It was offline for a few months (3/4). I updated everything to the latest version and restarted it. I’m not sure why, but it’s extremely slow, with a heavy...
By far my favourite option. Without snac2 and the ability to self-host it very easily, I would not be on the Fediverse today. Bonus points for the main developer being very easy to get in touch with, and very reactive when problems are reported.
Keeping in mind that I am not coming from Mastodon or Twitter. Snac2 is my first experience as an active contributor to the Fediverse and more generally to micro-blogging.
I've always had a soft spot for Snac2.
By far my favourite option. Without snac2 and the ability to self-host it very easily, I would not be on the Fediverse today. Bonus points for the main developer being very easy to get in touch with, and very reactive when problems are reported.
This morning, I took my wife to the hospital for routine blood tests that had been scheduled for some time. Everything was going smoothly: check-in, number, waiting room. Suddenly, everything came to a halt and shut down. I was connected to the hospital’s public Wi-Fi and noticed that my connection also went down.
Having managed a couple of similar facilities, I immediately understood what had happened. I saw the staff panicking and calling the technicians, but they quickly reorganized within 10 minutes. They managed to process everyone who already had a number and then proceeded with the others in the order of their arrival. Despite the ten-minute delay (even though people started complaining right away), they were extremely efficient.
I later confirmed that the entire booking, check-in, and queue system is “in the cloud.” The hospital experienced a connectivity interruption, and all related services stopped. The staff no longer had access to anything, so a technician sent the lists to a manager via another channel, and everything resumed manually.
For years, I’ve insisted that certain things MUST be local. The healthcare facilities I manage have all the necessary systems for the operation of the facility internally, including patient records. External services like websites, emails, etc., are secondary.
Everything essential must always be accessible locally and, in special cases, it should be possible to physically access the servers and connect directly to them, bypassing any network/switch failures.
There has been only one interruption in the past, due to human error. Today, we have redundant servers (not HA on virtualizers, but two machines running the same software with replicated databases - on separate power lines) so such an issue shouldn’t happen anymore.
Not everything can be anticipated, but history is a great teacher. The Internet connection will eventually be interrupted :-)
When it comes to the health and survival of people, there are no compromises.
This morning, I took my wife to the hospital for routine blood tests that had been scheduled for some time. Everything was going smoothly: check-in, number, waiting room. Suddenly, everything came to a halt and shut down. I was connected to the hospital’s public Wi-Fi and noticed that my connection also went down.
@stefano about 6 years ago a doctor asked me the best way to set up his new office and patients files. I recommended a server that was not connected to the internet to keep his patients records. The program on the web he wanted to use we could basically restyle to suit his needs. He found that idea unacceptable and went with a cloud based company. I often wonder how many times he goes down or needs to tell patients their files have been compromised.
@stefano I couldn't agree more. Choose whichever architecture you wish (IDK -even periodical local copies of cloud repositories if nothing else is available our supported by management) but ask yourself if critical services are really autonomous or else can be brought down by not-so-extreme circumstances and render basic vital information inaccessible. If I depend on a single wire (literally or figuratively speaking) I'm likely to run into trouble.
Yah my work moved their accounting/job/invoicing system to the cloud. It is annoyingly slow and I wish they just done hybrid but apparently they were never given that option.
But yeah, people aren't generally aware of how fragile infrastructure is.
After successfully installing the Mastodon 4.3 beta on a FreeBSD Jail (I’ve taken notes for some changes I’ll make to my blog post, but that will be when it's officially stable), I tried updating an old instance that started with Mastodon 4.0.x and was currently offline and stuck at 4.1.x. I upgraded to 4.2.12 and now it’s on the 4.3 beta. Everything seems to be running smoothly.
In the coming days, I’ll test replicating the changes from BSD Cafe (default theme, character limit increase, more options for polls), but I don't anticipate any issues.
The BSD Cafe instance will be upgraded when everything will be considered officially stable.
After successfully installing the Mastodon 4.3 beta on a FreeBSD Jail (I’ve taken notes for some changes I’ll make to my blog post, but that will be when it's officially stable), I tried updating an old instance that started with Mastodon 4.0.x and was currently offline and stuck at 4.1.x. I upgraded to 4.2.12 and now it’s on the 4.3 beta. Everything seems to be running smoothly.
Gregory's Server
