Recent posts

Use a raspberry-pi 2 as a firewall with FreeBSD

10 minute read

Updated @ Mon Nov 16 08:16:30 PM CET 2020: Corrected the version when OPNsense dropped 32 bits support.

pifire

I was using OPNsense on my pcengines alix firewall and was quite happy with it.

The alix 2d13 is a nice motherboard with a Geode CPU, it has a 32 bits x86 instruction set. I migrated to OPNsense from pfSense when pfSense dropped 32 bits support.

Unfortunately, OPNsense also dropped support for 32 bits CPU’s in the 19.1.7 release 20.7 release. I decided to install FreeBSD on the alix to use it as my firewall. But I need a temporary firewall solution so I can install FreeBSD on my alix board. I have a Raspberry PI 2 that I wasn’t using.

You’ll find my journey to use my RPI2 as my firewall below.

Read more...

Open Hardware PowerPC notebook

less than 1 minute read

PowerPC Notebook

powerpc noetbook

I prefer RISC as a CPU architecture over CISC. RISC is a simpler design that should deliver more CPU performance with fewer transistors and is more power-efficient. We have to recognize that Intel and AMD have made great progress in increasing the performance and efficiency of the x86 CISC architecture.

But the x86 architecture comes with a FreeDOM cost, Intel has the Intel Management Engine and closed Proprietary software is required to initialize the components. The same can be said about AMD; AMD has the AMD Platform Security Processor and binary blobs are required.

Power is currently the most powerful alternative that doesn’t require binary blobs; this is not only great for free/open source activists. A truly open-source firmware that can be reviewed / audited is also for nice security reasons.

Read more...

Keep zfs running on the Raspberry PI

less than 1 minute read

I got a Raspberry PI 4 to play with and installed Manjaro GNU/Linux on it.

I use OpenZFS on my PI. The latest kernel update broke zfs on my PI due to a License conflict, the solution is to disable PREEMPT in the kernel config. This BUG was already resolved with OpenZFS with the main Linux kernel tree at least on X86_64/AMD64, not sure why the kernel on the raspberry pi is still affected.

I was looking for an excuse to build a custom kernel for my Pi anyway :-). I cloned the default manjaro RPI4 kernel and disabled PREEMPT in the kernel config.

The package is available at: https://gitlab.com/stafwag/manjaro-linux-rpi4-nopreempt. This package also doesn’t update /boot/config.txt and /boot/cmdline.txt to not overwrite custom settings.

Have fun!

Read more...

Howto use cloud images on the Raspberry PI 4

7 minute read

I got a Raspberry PI 4 to play with and installed Manjaro GNU/Linux on it.

I wanted to verify how usable the latest PI is for desktop and home server usage.

  • For desktop usage, it is “usable”.

    For video playback in the browser, I recommend disabling 60fps (https://greasyfork.org/en/scripts/23329-disable-youtube-60-fps-force-30-fps) and keep the video playback to 720p. Please note that if you want to use it for Netflix you will need Widevine for the DRM content. As far as I know, there isn’t an ARM64 version available. An ARM32 version exists but I didn’t try (yet).

  • For (home) server usage ARM64 or AArch64 is getting more usable.

    Cloud providers are also offering ARM64 based systems. A container-based workload - like Docker, LXC, FreeBSD jails etc - is probably better suited for a small device like the Raspberry PI. Virtual machines are still important for server usage so let see how the PI4 can handle it.

Most GNU/Linux distributions RedHat, Centos, Ubuntu, Debian are offering cloud images for ARM64. To configure these images you’ll need cloud-init.

I already wrote a blog post on howto cloud-init for KVM/libvirt on GNU/Linux: Howto use centos cloud images with cloud-init on KVM/libvirtd. Let see if we can get it working on ARM64.

Read more...