Configuring Calm Window Manager
Even though I am such a proponent of OpenBSD, and BSD’s in general, my first foray into opensource was actually with linux. Since I was so young at the time, all I really seemed to care about was gnome vs kde. I quickly learned about the importance of the command line, and gradually shifted to become more interested in more minimal window managers. Trying out wm’s like fluxbox, openbox, and ratpoison, I quickly became obsessed with the minimal.
I eventually settled on using i3wm on my thinkpad for awhile, but have since moved to simply ssh’ing into my servers from a chromebook. However, I recently game calm window manager a try, and have since fallen in love.
Using wireguard on OpenBSD
Earlier this week, I was casually discussing various VPN’s with my colleagues. I’ve tried my hand at OpenVPN a couple times in my life, but was turned off by the complicated setup, poor iOS compatibility (at the time), and slow reconnection speeds. The conversation quickly came to revolve around a relative newcomer to the VPN world: wireguard. With the promise of ease of use, minimalistic code base, proven security, wireguard threatens to take the VPN world by storm.
Compiling CWM on Linux
I tried once, very briefly, to find a binary package for cwm on RHEL7. Maybe I was bored, or maybe I was just curious, but I figured out how to compile the cwm portable on Linux. It turned out to be a simple process of figuring out what packages were required to build cwm from source.
Deploying httpd with acme-client with Ansible
Having the ability to rebuild a server/router from scratch in minutes with confidence, versus slaving over all your configs, trying to get everything working is life changing. I can’t remember how many times I’ve rebuilt a computer, only to run into an issue that I KNOW I’ve fixed before… over a year ago. With ansible, all the work goes into the first deployment, giving you the ability to redeploy a server at a moments notice.
OpenBSD does require some extra options to work properly, as ansible seems to work best with Linux. Hopefully my struggles can help some of you.
OpenBSD with tmux
Being able to take off from work, and the next morning, be able to hop back into my tmux session from the day before is truly lifechanging. I used a custom screen config for a little while before stumbling across tmux. I read into tmux one day at work, and was simply amazed at how much easier it was to configure than screen! This led me to conduct an in-depth comparison between tmux and screen. Did you know, screen has some 254 known bugs? Some go back to 2005 the last time I checked.
Tmux is an active project that is significantly easier to configure, and just as stable in my experiance.
Configuring acme-client on OpenBSD
I hate spending money on things I don’t absolutely have to. Maybe that’s why I like opensource. I also like encryption. Therefore, I really like acme-client on OpenBSD. They have such an easy setup for generating your own SSL certs for use by a web server. In the article, I will walk through not only the basic configs that I’ve used. I am also writing a follow-up article that will illustrate how to create a quick ansible playbook that will do all the heavy lifting for you.
Using ifstated to watch an egress link
While developing my own OpenBSD router, I stumbled across a built-in service called ifstated. Previously, I was using a cronjob to run a script every five minutes to check the status of pppoe0. However, ifstated is able to do everything that my script could, in a more powerful way.
The inspiration for this configuration file originated heavily from calomel’s tutorial. I did modify a handful of items though, to better tailor it to my own router’s design.