Author details how to cache Mastodon with nginx on FreeBSD while handling content negotiation correctly, covering cache keys for HTML/ActivityPub/JSON variants, bypass rules for private traffic, and TTL strategies for assets, media, and dynamic pages. The guide includes production-tested configurations for thundering-herd protection, failover, and logging to verify cache behavior.
Author details how to cache Mastodon with nginx on FreeBSD while handling content negotiation correctly, covering cache keys for HTML/ActivityPub/JSON variants, bypass rules for private traffic, and TTL strategies for assets, media, and dynamic pages. The guide includes production-tested configurations for thundering-herd protection, failover, and logging to verify cache behavior.
OpenBSD now randomizes the link order of httpd and smtpd at boot, extending the anti-exploit measure already used by sshd. Theo de Raadt’s commits split smtpd into six privsep binaries for finer-grained relinking and add a generalized RELINK mechanism in bsd.prog.mk to simplify future adoption. The changes are available in snapshots for testing.
fatgid exploit details, why ZFS excels for multi-user media production, and a guide to hosting a private pkg repo behind mutual TLS for secure BSD package distribution.
The FreeBSD community hosted its first regional hackathon in Frankfurt, Germany, from April 24–26, 2026, drawing 25 participants from across Europe, including experienced committers and newcomers. Held at a sponsored Innovation Lab, the event featured intensive hacking sessions and yielded key contributions, such as closing 120 bugs, implementing Software Bill of Materials (SBOM) functionality, and completing a German translation of the Sylve tool. The hackathon also facilitated networking and informal discussions during a sponsored barbecue lunch, with organizers expressing plans to repeat the event in future years due to its success.
The FreeBSD Foundation announced that travel grant applications are now open for EuroBSDCon 2026, taking place September 9–13, 2026, in Brussels, Belgium. Application deadline: July 7, 2026.
The HardenedBSD project detailed its May–June 2026 developments, highlighting the near-complete migration from self-hosted GitLab to Radicle for version control, though some workflow adjustments remain. Key priorities included fixing release image generation—particularly the disc1.iso—integrating Radicle into auto-sync processes, and replicating GitLab’s commit email functionality, with manual syncs performed interim. Recent FreeBSD security advisories prompted new builds for 16-CURRENT and 15-STABLE, though installer image issues persist, limiting testing to roughly two attempts per day. Infrastructure changes involved migrating ISP accounts, temporarily losing IPv6 tunnel support, while source updates addressed LLVM 21 compatibility, Radicle integration for core tools, and hardening improvements like sysctl node logic enhancements. Ports updates included fixes for multimedia/ffmpeg, pkg/2.7.5, and initial Radicle-based distfile downloads, alongside disabling PIE for devel/ccache4 and COMPAT32 for older misc/compat versions.
OpenBSD has issued errata patches addressing vulnerabilities in the X server, smtpd mail server, and vmd virtual machine daemon for versions 7.8 and 7.9. Binary updates are available for amd64, arm64, and i386 architectures through the syspatch utility, while source code patches can be obtained from the official errata pages.
This guide details the step-by-step process of establishing a WireGuard VPN connection where a FreeBSD client initiates a connection to an OpenBSD monitoring server. On the OpenBSD side, the setup involves creating a WireGuard interface, generating keys, and configuring network settings via /etc/hostname.wg0. The FreeBSD configuration requires loading the if_wg kernel module, generating private and preshared keys, and setting up the interface using rc.conf and rc.local for persistence across reboots. The final step involves adding the FreeBSD peer details—including its public key, allowed IPs, and preshared key—to the OpenBSD configuration and restarting the interface. The connection is verified via ping, ensuring secure communication for metrics, logs, and alerts between the servers. The guide assumes OpenBSD 7.9 and FreeBSD 14.4 but notes compatibility with nearby releases.
This episode of BSD Now highlights the release of OpenBSD 7.9, marking its 60th edition, alongside updates on FreeBSD’s critical infrastructure cleanup efforts. The show also features GhostBSD’s January 2026 financial report, Oracle’s reduced update frequency for Solaris 11.4, and a guide for running FreeBSD on a ThinkPad T14 Gen 2. Additional segments include NetBSD’s role in Apple Time Capsule devices, DragonFly BSD’s updated DPorts contribution guide, and a discussion on OpenJDK improvements for FreeBSD.
Database workloads differ significantly from traditional file storage, requiring specialized caching and I/O strategies to maintain performance and data consistency. This article examines how Direct IO functions within OpenZFS, detailing its interaction with the Adaptive Replacement Cache (ARC) and database buffer caches. It explores scenarios where bypassing the filesystem cache can enhance latency, throughput, and NVMe performance for database operations, including considerations for alignment requirements, compression benefits, and trade-offs between filesystem and database-managed caching. The discussion covers use cases where Direct IO improves predictability over raw performance, particularly with high-concurrency NVMe storage, while acknowledging that optimal configurations depend on factors like database type, data compressibility, and hardware capabilities. The piece concludes by emphasizing the importance of workload-specific testing to determine whether leveraging ZFS ARC or Direct IO delivers better results.
The Ottawa FreeBSD Developer Summit will take place June 17–18, 2026, co-located with BSDCan 2026 at the University of Ottawa, Canada. The event features two days of presentations, working groups, and hacker lounges, followed by BSDCan sessions from June 19–20. Key topics include kernel security research using LLMs, cloud integration strategies, FreeBSD Foundation updates, and discussions on the kernel scheduler and network stack improvements. Sponsored by the FreeBSD Foundation, the summit is open to all attendees, with registration available through the BSDCan website. Developer sessions will be held in the Desmarais Building, while evening activities and meals take place in the U90 Residence Hall. A detailed schedule lists talks, breaks, and collaborative working sessions across both days.
When the latest Plex Media Server release is unavailable via FreeBSD's pkg manager, a manual upgrade can be performed using the official .tar.bz2 archive. The process involves downloading the archive from Plex's website, stopping the Plex service, extracting the files over the existing installation directory, and restarting the service. The same steps apply to both Plex Pass and standard versions, with minor adjustments to directory and service names. In rare cases, a second restart may be required if Plex fails to start properly. This method mirrors the pkg upgrade process and can be used until the new version becomes available through official channels.
The Valuable News weekly roundup for May 25, 2026, curates notable updates across UNIX, BSD, and Linux ecosystems. Highlights include OpenBSD 7.9's release with support for up to 255 CPU cores and WiFi 6, FreeBSD 15.1-RC1's availability with AI-discovered security fixes, and a forked KDE Plasma login manager by SonicDE that supports X11 and systemd-free environments. Additional topics cover FreeBSD's mdo(1) privilege delegation, HAProxy optimizations for Fedimeteo, and a dual-node FreeBSD NAS cluster setup for $210.