Wireguard Puffy to OPNsense

WG Tunnel between OpenBSD and OPNsense How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple … OpenBSD Install Packages pkg_add wireguard-tools-- Build Interface r=$(openssl rand -base64 32) remote_ip="" remote_net="" cat << 'EOF' > /etc/hostname.wg0 # WG Tunnel to OPNsense wgkey ${r} wgport 51820 wgpeer xxxxx - PUBLIC-KEY-OF-REMOTE-HOST - xxxxx= wgendpoint ${remote_ip} 51820 wgaip ${remote_net} inet !route add ${remote_net} up EOF sh /etc/netstart wg0 ifconfig wg0 update pf.


Need a small and smart utility to manage you ssh keys under linux ? got some scripts and cronjobs which requires an local ssh key ? have a look at keychain ! Install Software $ sudo apt-get install keychain edit startup Scripts $HOME/.bashrc / $HOME/.bash_profile / /etc/profile cat << 'EOF' >> $HOME/.bashrc # Keychain Startup eval `keychain --eval id_ed25519` EOF check service $ keychain $ ssh-add -L sha256: 3e33fcf6e85d374fe4e3b365c96c4a0d0270d99768af09f7ec8612209008ad04


Wanna run Kubernetes / Minikube on your Mac ? Install /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)" brew install hyperkit brew install minikube Run minikube start --vm-driver=hyperkit Stop minikube stop sha256: 995333caa2d330acedcbd6f4e2313ca8eec688cb83e3faa848eba3c31e62c703

OpenBSD 6.8

OpenBSD 6.8 released OpenBSD has two new releases every year. historically, on 1. Mai and 1. November. With a few small execptions in the past Check Wikipedia so, then latest OS appeared today: OpenBSD 6.8 Perform a Full Upgrade (incl. X Stuff) sysupgrade -r Run the Script (on your own risk !) doas su - mkdir /root/bin ftp -o /root/bin/upgrade_to_68.sh https://puffy.nolink.ch/scripts/upgrade_to_68.sh chmod 740 /root/bin/upgrade_to_68.sh # /root/bin/upgrade_to_68.sh # *** reboot *** # /root/bin/upgrade_to_68.

Docker on OSX

Some Notes Based on this Video: https://www.youtube.com/watch?v=bhBSlnQcq2k Download Docker https://docs.docker.com/get-docker/ Download Nginx Image https://hub.docker.com/_/nginx docker pull nginx Run Image docker run nginx docker run nginx:latest docker run -d nginx:latest docker run -d -p 80 nginx:latest docker run -d -p 8080:80 nginx:latest docker run -d -p 3000:80 -p 8080:80 nginx:latest Access Webserver mbp:~ stoege$ docker run -d -p 8080:80 nginx:latest 5c7a945caa59f14e35932f3d4470c9b9afc0307dac34e01947d41adbcdfda091 mbp:~ stoege$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5c7a945caa59 nginx:latest "/docker-entrypoint.

Dr. Daniele Ganser über Corona und die Medien

sehr gutes Interview mit Daniele Ganser, über Corona, Medien, Frieden und aktuelle Themen Daniele Ganser weiterführende Videos von Menschen, die Daniele Ganser im Interview erwähnt: Sucharit Bhakdi Wolfgang Wodarg Klaus Püschel Hendrik Streeck sha256: cfff4351a23e303c41620d7ce98efe4ef112737a70ec33e594c4a3dff34cdc09

Reverse Proxy

how to operate nginx as reverse proxy and loadbalancer sha256: 3f94e234fcef8aa351a4824dd3be6f71471210f6155886dffa464576e674a5a2

SSH Server behind Firewall

got a Server behing NAT / Firewall ? Need Shell access to … ? Server behind NAT/FW user@server$ ssh -R 1234:localhost:22 my.public.jumpbox Access Server ssh my.public.jumpbox user@jumpbox$ ssh -p 1234 localhost user@server$ and you’re in :) sha256: a2d421e9b998a6ecc2d1764036662585199c760809bef98dd88174c8d1609fcf


another component of OpenBSD is relayd. it’s an integrated Loadbalancer & Proxy Service, like F5, Nginx and Others. But just like other BSD Services, straight, simple and easy to use … wanna see … ? Setup 4 VM’s, one Loadbalancer and 3 Webserver. The Webserver should server the same content, while the Loadbalancer checks if a Webserver is running and redirects traffic to the host or not. the configuration on the loadbalancer is simple like that:

FullBGP at Home

did you always wanted to have a fullbgp table at home once ? Over your DSL / CM / LTE or whatever connection ? here a little howto :) Setup VM Install a VM with OpenBSD. Add 1 CPU, 1 GB RAM, 20 GB Disk, nothing special Check our Upstream Provider Check the Page from Lukasz and spend him a Beer if you ever meet him. Edit your Config set the router-id to your Public IP.