summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--content/2023/moved-to-openbsd.md4
1 files changed, 2 insertions, 2 deletions
diff --git a/content/2023/moved-to-openbsd.md b/content/2023/moved-to-openbsd.md
index 32cfabb..01869ea 100644
--- a/content/2023/moved-to-openbsd.md
+++ b/content/2023/moved-to-openbsd.md
@@ -26,7 +26,7 @@ OpenBSD's official project goal[^goals] states that even though they aim to prov
[^goals]: [OpenBSD Project Goals](https://www.openbsd.org/goals.html)
[^hackathon]: enough said that OpenBSD coined the term "Hackathon" before corporations stole it - like the internet.
-OpenBSD ships with a secure by-default mindset. All non-essential services are disabled, and those running are using sensible configurations. For example, I had huge problems configuring a firewall on FreeBSD, especially for IPv6[^ipv6]. On OpenBSD, all ports are closed by default and only opened after a service explicitly requests it. More on this later.
+OpenBSD ships with a secure by-default mindset. All non-essential services are disabled, and those running are using sensible configurations. For example, I had huge problems configuring a firewall on FreeBSD, especially for IPv6[^ipv6]. On OpenBSD, it was much simpler.
[^ipv6]: [Fixing IPv6 and securing the domain](https://michal.sapka.me/2023/fixing-ipv6-and-securing-the-domain/)
OpenBSD being a BSD, provides a complete system - system and user space are developed together. No GNU tools are needed, as everything comes together. At the same time, BSDs come with a lot of surprising things out of the box. FreeBSD wowed me with Jails[^jail].
@@ -59,7 +59,7 @@ OpenBSD comes with three great tools out of the box:
- relayd(8) - a relay daemon
- acme-client(1) - a client for Automatic Certificate Management Environment (ACME)
-With those free things, we can serve static webpages over TLS. While you most likely already use [NGINX](https://www.nginx.com/) or [Apache](https://httpd.apache.org/)[^win], those solutions are complex. They work amazingly in enterprise environments where you have people with doctorates in NGINX configuration, but most real-world examples don't need that complexity. A static blog most likely doesn't.
+With those free things, we can serve static webpages over TLS. While you most likely already use [NGINX](https://www.nginx.com/) or o[Apache](https://httpd.apache.org/)[^win], those solutions are complex. They work amazingly in enterprise environments where you have people with doctorates in NGINX configuration, but most real-world examples don't need that complexity. A static blog most likely doesn't.
[^win]: because there is no fourth way. Please repeat after me: there is no webserver in Windows.
Let's set it up.
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-09 18:03:19 +0000