Everyone (and their mother) have been trying to convince me that I should use one of my less loaded servers to be a Fediverse node. However, all Fediverse software packages I checked only support being installed on complicated systemd + Docker machines. My servers don’t have either of those, because neither systemd nor Docker even exist on OpenBSD and illumos.
I know that it would be possible to manually install (e.g.) Lemmy, assuming that I won’t ever need official support, but I wonder why the world outside a limited subset of the Linux ecosystem is - at most - an afterthought for Fediverse developers.
How can I help to change that?
I didn’t use docker. I went from scratch. You need to be able to compile rust and run nginx or similar
There is no “official support” for this. Is FOSS. You are on your own to run it.
It’s a project run by two people. And to be fair to them they chose one of the most OS agnostic methods to help build it. You don’t need to use a specific distro, just tools.
You can port what’s needed over to BSD and do a PR to merge it, even if it’s just a BSD_Jails.md file. But it’s gonna take some know how.
Building a Lemmy instance on pretty much any Linux box is fairly easy and well documented though.
On a personal note, imho it does no good to be an OS evangelist. It’s as true for MacOs or Windows as it does for BSD. Use a tool for its strengths. I have BSD running my firewalls and even some storage, Linux running stuff, windows for things it excels at, and macos for stuff it works for.
I agree with you and I really don’t want to sound like “finally use a decent system, unworthy Linux user”. However, this sword has two edges: I don’t necessarily want to be fobbed off with “Install Linux, you backward fool” either.
That’s fair. Id be interested to see a bsd port personally. You probably can do it without docker. But whether all the parts are ported is another question (ie pictrs). You may be able to compile them from source though. I’ve never used BSD for web apps, mostly just firewalls, storage and routing.
That’s an interesting question. The percentage of servers (with the exception of routers, and other consumer appliances) that run OpenBSD (and variants) is actually extremely low when compared to the amount of servers running Linux. That being said you CAN set it up yourself, rust can easily compile to a binary that works with openbsd by using the target x86_64-unknown-openbsd.
As another commenter said here, *BSD is very far behind the developments of Linux, when compared to developer experience. And realistically, unless you’re a huge organization that can dedicate a team of engineers just to manage your system, perhaps because your business is one of those antiquated companies that hate the GPL, or you’re someone who likes getting into the weeds, there is no reason to ever use *BSD in a modern system.
there is no reason to ever use *BSD in a modern system.
Pfsense/OPNsense has been running on my router for… I can’t even remember how long ago I built it. The BSD family of OSs are great pieces of opensource software and they absolutely have niches they excel at. Use the best tool for the job, and don’t fall prey to marketed loyalty.
And realistically (…) there is no reason to ever use *BSD in a modern system.
In my very personal opinion, there are a few not entirely unimportant advantages to using OpenBSD over Linux (and I suppose users of the other free BSDs have similar lists, but I no longer use any other free BSD):
- Culture. Basically, “shut up and hack”. Not wasting the time of project members with dissolute thoughts about social interference, but devoting themselves exclusively to improving the technology so far, leads to the fact that (much like NetBSD) all sorts of technical achievements came out of OpenBSD, including OpenSMTPD, OpenSSH and LibreSSL. Linux to me often seems more like a support group than a technical project.
- Predictability. The Linux community seems to constantly need new completely different approaches to everyday things. The systemd debacle with numerous reports of computers no longer starting (or shutting down) is not yet over, and there is already debate about the now-but-really future of the desktop. Many Linux distributions do not know anything like an “upgrade”, the normal approach to a new version is “download the installation DVD and start it”. In OpenBSD it is essentially three commands (
sysupgrade,reboot,sysmerge) - and it has never happened to me that after rebooting I was suddenly sitting in front of a completely different system. Yes, all this may not be cool - but predictability seems to me to be a not entirely irrelevant feature (also and especially for large companies). - History. Linux is a clone of Minix, which is itself essentially a clone of BSD, which was not yet free software in 1991. You might as well use the original, right? ;-)
edit: See also my previous answer for further advantages.
If 386BSD had been available when I started on Linux, Linux would probably never had happened.
The GPL licence is not a free licence, rather the opposite. But let’s assume that the licence debate is actually relevant: Why should a company that needs to make money selling software be “antiquated” simply because (for example) some of its algorithms are trade secrets?
Indeed, each system bears its distinctive advantages and drawbacks, and the optimal choice often hinges on the specific requirements of the task at hand. Nonetheless, I believe that OpenBSD’s utility is limited in contemporary scenarios.
Culture
It’s undeniable that OpenBSD has spawned important technologies under its “shut up and hack” mantra, cultivating an environment conducive to technical breakthroughs. Conversely, the Linux ecosystem too has been a breeding ground for major projects, Docker and Git being just a couple of examples. The ethos within each community can differ considerably, contingent upon the project or distribution. The widespread popularity of Linux may attract a varied spectrum of users, some less technically adept than the typical OpenBSD user. However, that doesn’t mean it’s short on technologically adept contributors.
Predictability
I’ve chosen to make peace with systemd, seeing it as a necessary compromise, as it has become the preferred choice amongst the developer community. Unless one fancies rewriting systemd .unit files each time something needs to be installed (which I don’t), the practical choice is to work with it.
Concerning the upgrading process, many Linux distributions today offer smooth upgrades without necessitating a complete reinstall. Your encounter may rely on the particular distribution you’re using. Perhaps it’s been a while since you last used Linux. I haven’t come across a distro that requires a complete overhaul in quite some time. Rolling release distros are now increasingly prevalent and are even suggested for novices.
With nixos, which is my distribution of choice for the foreseeable future, I have an attribute that your OpenBSD system lacks: reproducibility. I can transfer a handful of configuration files to a brand new computer and replicate my system precisely, encompassing all my installed packages and configurations, including those in $XDG_CONFIG_HOME. It will literally recreate the same exact environment.
History
And both of them are inspired by Unix, what’s your point? :P
Why should a company that needs to make money selling software be “antiquated” simply because (for example) some of its algorithms are trade secrets?
I think we’re not gonna agree on this, but I believe that all code that matters should be FOSS, there is no reason for a company to keep their algorithms as trade secrets, and if anything being open source can only improve the world, not hinder it.
Unless one fancies rewriting systemd .unit files each time something needs to be installed (which I don’t), the practical choice is to work with it.
The last Linuces I deliberately played with :-) were Gentoo and Void, both being non-systemd distributions by default. The point is that, if Linux was about choice (at least that’s what I’m told rather often than not), a particular init system should not be a component on which other components depend.
At least none of the services on my servers demanded systemd just yet. Maybe I’m a minority.
I can transfer a handful of configuration files to a brand new computer and replicate my system precisely, encompassing all my installed packages and configurations, including those in $XDG_CONFIG_HOME. It will literally recreate the same exact environment.
Sounds like a glorified rsync to me. I can imagine how this could come in handy if you have a whole set of identical machines that should serve the exact same purpose. I never had this situation in my own environments yet.
And both of them are inspired by Unix, what’s your point? :P
The D in BSD means distribution. BSD was Unix until the early 90s. Admittedly, today’s BSD is quite a different piece of software than 4.xBSD, especially given that both macOS and OpenBSD started with (a version of) it.
I believe that all code that matters should be FOSS
So do I, and the BSD license is a FOSS license. That does not necessarily mean that you are allowed to sell my code - or that I must not sell mine. Nobody said that FOSS requires “free of charge”. And if you spend quite a lot of money, I’m even sure that Microsoft will gladly sell you the Windows code. I a way, all code is free - it only depends on your bank account.
I feel you, I tried to install lemmy on the server on which I already run 7 other services (Matrix, PeerTube, my website with rails, Mastodon, another three websites with PHP, Nextcloud, Rainloop, some static HTML websites, and probably more). It’s a really small server so not much resources left but everything is working fine sharing one instance of Nginx and one instance of Postgresql.
Lemmy also uses Nginx and Postgresql so I thought great, let me reuse those. But nope, after 4 days of trying I had to give up and get a new Server just for lemmy. I tried the install from scratch, there lemmy would just not compile. Then I tried to reuse the docker-compose but to connect the existing Nginx and Postgresql but nope, Postgresql didn’t want to work with it because of a extension which was installed but somehow I couldn’t get it to work. And then Nginx with the example config file didn’t work at all.
Anyway on the new server it almost worked, the only thing which didn’t work were the websockets because the example didn’t set up anything for them. But I figured this last part out for myself and now I have to pay 5 EUR more each month to run Lemmy.
It’s “annoyingly hard” because you’re not using modern tooling. If Docker is unavailable on your preferred OS, then that OS is stuck in the past. Simple as that.
Docker makes it easy to install a program, including all its dependencies, in a repeatable way. Since you’re familiar with BSD, it’s similar to jails except with better isolation, fewer security holes/issues, and the software you want to run is preinstalled. Docker containers are essentially mmutable which makes upgrades easy - just throw away the old container and replace it with the new version. (persistent files are stored separately, in “volumes”)
You can of course manually install the same software by looking at the Dockerfile and manually performing the same steps, but there’s no guarantee that it’d work well on an unsupported OS.
It’s “annoyingly hard” because you’re not using modern tooling.
Calling Docker “modern” is a stretch, as it’s not much more than glorified Solaris Zones, but please enlighten me: Which feature of a federated web application requires modern tooling?
Since you’re familiar with BSD, it’s similar to jails
OpenBSD does not have jails.
except with better isolation
How so?
fewer security holes/issues
Actually, not using Docker prevents a number of security holes/issues.
and the software you want to run is preinstalled.
If you grab an image with it. You could as well just grab a tar archive with it… with less side effects.
Docker containers are essentially mmutable which makes upgrades easy
And security patches impossible.
Calling Docker “modern” is a stretch, as it’s not much more than glorified Solaris Zone
And yet the OS you’re using doesn’t support it. Hmm.
OpenBSD does not have jails.
Sorry, I didn’t realise that these are FreeBSD-specific (I guess? I’m not too familiar with BSD)
Which feature of a federated web application requires modern tooling?
Deployment. All web apps and APIs are moving towards containerization - Docker for smaller scale deployments, and Kubernetes for large-scale deployments.
except with better isolation How so?
I didn’t think jails had CPU, memory, or process limits similar to what cgroup2 provides, but it looks like this functionality was added to FreeBSD at some point. Sorry for the incorrect information.
Actually, not using Docker prevents a number of security holes/issues.
Sure, Docker has had a few issues, but overall it’s more secure to run your apps in Docker containers. If an app gets compromised, the attacker will generally be stuck inside the Docker container rather than getting access to your entire system. If you’re worried about (very rare) container escape security holes, using unprivileged containers helps - You can run the app inside the container as an unprivileged user, and you can also run the entire Docker container as an unprivileged user on the host system.
And security patches impossible.
Security patches are easier than if you used a tar archive to install the software. With a tar archive you threw into / or whatever, the app and its config/data are often stored together, so you need to be mindful of things like not overriding customized config files. Since Dockers containers are immutable and all the actual data is stored elsewhere, it’s always safe to delete the container and replace it with a patched version.
