OpenBSD memo notes
Here I’m gonna be collecting random notes on OpenBSD, could be of help to other people as well.
This is probably going to be WIP forever, as I learn more, change configuration, etc.
I use amd64 snapshot version, you might want to use the last stable one (maybe even for a different arch)
Installation
At one of the mirrors grab either
amd64/installXY.fs
or amd64/installXY.iso
, depending on if you
want to install from a USB flash drive or burn a CD. *.fs
needs to
be dd
ed to the flash drive itself directly.
See Creating Install media.
There is not going to be any WIFI firmware present on the installation
media, so there are a few options to choose from before booting. The
media has all the “sets” to install the system from already, so it’s
not really required. In case it is required however, it’s best to
use Ethernet, or USB tethering on your Android (hopefully) phone,
which will most likely show up as urndis0
interface and the
installation process will use that. Another idea is to copy the
required firmware
on the media and then drop into shell after booting, doing the
necessary procedures to make OpenBSD see the firmware in the right
place and configure the network interface, then continuing with the
installation. I haven’t gone this path.
Now reboot and go to your…
BIOS settings
Chances are, you might need to disable all the crap that isn’t going to work in OpenBSD anyway, anything you can think of that isn’t a high priority. It’s best to install the system first, then enable those things back one by one in case you need any. Thunderbolt, bluetooth, WWAN come to mind.
When it comes to hyperthreading support, keep it enabled. I tried having it disabled, OpenBSD behaved in very strange ways, eating one core to 100% at all times.
FIXME add full-disk encryption, bioctl
Configuration
See /etc/examples
.
cp /etc/examples/man.conf /etc/examples/doas.conf /etc/
Now you can read extra man pages and invoke doas
, which is like
sudo
but not sudo
.
/etc/sysctl.conf
# get VM some of that internet
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
# don't go suspending with the lid down
machdep.lidaction=0
# very questionable considering OpenBSD disabled
# hyperthreading for a reason, but just to show
# how to enable it
hw.smt=1
/etc/wsconsctl.conf
# I don't use touchpad, trackpoint is my friend
mouse.tp.disable=1
/etc/rc.conf.local
That file is supposed to be modified by rcctl
mostly. Check the man page.
# APM: performance mode 100%
apmd_flags=-H
# rcctl enable vmd
# that's for VMs later
vmd_flags=
# rcctl enable xenodm
# X server
xenodm_flags=
# that's the interface we gonna use with VMs
# they will need DHCP working
dhcpd_flags=vether0
# nice thing about sndio, you get loopback recording for free
sndiod_flags=-s default -m play,mon -s mon
/etc/vm.conf
Virtual machines. I have 9front and Alpine.
Both disabled by default, they can be started like so: vmctl start 9front
. Add -c
to get
into serial console, at least in the beginning, in case you don’t have those qcow2 images
ready from somewhere else, in which case use vmctl create ...
.
vm "9front" {
disable
memory 2048M
disk "/home/ftrvx/v/9front.qcow2"
#cdrom "/home/ftrvx/v/9front.iso"
owner ftrvx
interface {
lladdr 52:54:00:00:EE:03
switch "uplink"
}
}
vm "alpine" {
disable
memory 2048M
disk "/home/ftrvx/v/alpine.qcow2"
#cdrom "/home/ftrvx/v/alpine-virt-3.11.3-x86_64.iso"
owner ftrvx
interface {
lladdr 52:54:00:00:EE:04
switch "uplink"
}
}
switch "uplink" {
interface bridge0
}
/etc/hostname.vether0
inet 10.0.2.1/24
up
/etc/hostname.bridge0
add vether0
up
Run /etc/netstart vether0
and /etc/netstart bridge0
to get it up
if you need it right now.
/etc/hostname.iwn0
That’s the WIFI. Your interface name might have a different name, see ifconfig
.
join someAPnameHere wpakey superpassword123
join someOtherAP wpakey totallydifferentpassword123
dhcp
/etc/hostname.tun0
OpenVPN in case you need it, pkg_add openvpn; mkdir -p /etc/openvpn
,
and copy the config to that directory.
up
!/usr/local/sbin/openvpn --daemon --config /etc/openvpn/myvpnconfig
/etc/dhcpd.conf
VMs are gonna need this service.
subnet 10.0.2.1 netmask 255.255.255.0 {
# ip range to give away
range 10.0.2.2 10.0.2.20;
# that's host's IP address on vether0
option routers 10.0.2.1;
# you might want to configure something else here ofc
option domain-name-servers 4.2.2.2;
}
~/.xsession
This pretty much depends on what you want to use as your WM or DE. I use i3
.
Do a chmod +x ~/.xsession
after editing.
#!/bin/sh
export LC_CTYPE=en_US.UTF-8
# dmenu caches stuff, refresh on every session
rm -f ~/.cache/dmenu_run
# and make sure it sees everything in ~/bin
export PATH="$HOME/bin:$PATH"
# caps as ctrl
# left ctrl to switch between layouts
# right ctrl as the compose key
setxkbmap 'se(nodeadkeys),ru' -option grp:lctrl_toggle,grp_led:scroll,ctrl:nocaps,compose:rctrl
# higher key repeat rate
xset r rate 150 40
# uncomment if you have any specific settings there
#xrdb -merge ~/.Xresources
# clean things up and run i3
rm -rf /tmp/i3-*
unset I3SOCK
exec i3
9front
plan9.ini
needs console=0
in order for the vmctl
console to be usable.
Makes sense to add monitor=none
as well.
If you don’t like 9front to be using dhcp, provide a configuration in /lib/ndb/local
. With previous virtual network config the gateway should be set: ipgw=10.0.2.1
. Your VM’s ip address should be in 10.0.2.0/24
range.
Alpine
FIXME
Last update: July 27, 2020 09:46AM