this post was submitted on 02 Nov 2024
8 points (100.0% liked)

BlendIT BSD Cafe - FreeBSD

158 readers
1 users here now

Welcome to the "FreeBSD" community at the BSD Cafe BlendIT server!

Join us in our bustling virtual cafe, where we savor the finest virtual pastries and discuss all things FreeBSD. We're thrilled to have you here, and we hope this place becomes your go-to spot for all matters concerning FreeBSD. Whether you're a seasoned FreeBSD enthusiast, a curious newcomer, or simply intrigued by the world of BSD operating systems, this space is open for discussions, questions, and knowledge exchange. Feel free to introduce yourself, pose questions, share your experiences, or engage in conversations about FreeBSD's robustness, performance, and its thriving community. We foster a warm and respectful environment where everyone can learn and contribute. So, take a seat in our bustling cafe, treat yourself to a virtual pastry, and let's dive into the exciting world of FreeBSD together! Your insights and questions are highly valued, and we eagerly anticipate enlightening conversations within this community.

founded 1 year ago
MODERATORS
 

Hello everyone, I'm a first-semester CS student from Germany, currently switching from Fedora to FreeBSD on my desktop. I still run Fedora on my laptop. I work part-time at our university's data center, helping with the maintenance of an OpenStack private cloud because I am truly eager to learn how to operate systems.

I plan to repurpose my desktop as a server to host some services locally in my student dormitory. I'm excited about FreeBSD and hope that learning it will help me run and administer services with minimal effort long-term. It would be great to manage my own infrastructure while being confident that updates won't break my system or require relearning everything. I have several questions:

What are the recommended patterns for hosting multiple services on a single server like bsd.cafe does ? Should I create a new user for each service (e.g., Lemmy, Forgejo), or should I run them all under the same user with multiple jails?

Is there a good identity management solution for FreeBSD? In the Fedora/Red Hat communities, people tend to use FreeIPA, but I haven't found an equivalent for FreeBSD yet. I'd like to provide my friends with single accounts that would give them access to services like Forgejo and Lemmy.

Looking forward to your suggestions!

top 6 comments
sorted by: hot top controversial new old
[–] Washhouse0749 5 points 4 weeks ago* (last edited 4 weeks ago) (2 children)

FreeBSD ships with jails in the base system, those offer a nice way to isolate services. Its also realy easy to create one:

bsdinstall jail <empty folder>

This will guide you through the interactive system install for a jail install. Have a look in jail.conf, and maybe grab a sample config from the handbook. If that is a little involved, you could also install a jailmanager like ipcage or ezjail. (Truenas was a nice webui but wont get updates much longer) Combined with zfs datasets for the different services, you can even get different snapshot and backup options for the different jails and services.

Hope this answers some questions.

[–] Washhouse0749 2 points 4 weeks ago (1 children)
[–] [email protected] 1 points 4 weeks ago (1 children)

Thanks a lot for this comprehensive answer! I will watch the talk now.

I didn't know that there is an interactive jail install. Thats very usefull.

I have one more question. Could I do all of this also on GhostBSD ? Or what would be the advantages of FreeBSD? My reasoning is that Ghost BSD is already configured for running a graphical user interface.

[–] Washhouse0749 2 points 4 weeks ago (1 children)

ghostbsd is based on freebsd as far as i know, so most of it should the same but i habe not used it yet

[–] [email protected] 1 points 4 weeks ago

yes it is based on FreeBSD. Then I will install it tomorrow. I have some Problems getting a graphical environment to run, although I haven't tried to fix my errors for too long.

Thanks , good night :)

[–] Washhouse0749 2 points 4 weeks ago

since i forgot to answer the identity part, to get single signon for the services, you can use somthing like keycloak, but not all services support oidc signin. if you need freeipa or AD, you can always use a bhyve vm

https://vermaden.wordpress.com/2024/03/10/keycloak-on-freebsd/