commit eb3b9ad04be850263842b4b19a4b81936b15ed1f
parent 2dac43c55a463146ec1ae4545bed9b65fc9262b0
Author: MichaĆ M. Sapka <michal@sapka.me>
Date: Fri, 28 Jul 2023 16:30:00 +0200
fix: remove another lie
Diffstat:
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/content/2023/moved-to-openbsd.md b/content/2023/moved-to-openbsd.md
@@ -26,7 +26,7 @@ OpenBSD's official project goal[^goals] states that even though they aim to prov
[^goals]: [OpenBSD Project Goals](https://www.openbsd.org/goals.html)
[^hackathon]: enough said that OpenBSD coined the term "Hackathon" before corporations stole it - like the internet.
-OpenBSD ships with a secure by-default mindset. All non-essential services are disabled, and those running are using sensible configurations. For example, I had huge problems configuring a firewall on FreeBSD, especially for IPv6[^ipv6]. On OpenBSD, all ports are closed by default and only opened after a service explicitly requests it. More on this later.
+OpenBSD ships with a secure by-default mindset. All non-essential services are disabled, and those running are using sensible configurations. For example, I had huge problems configuring a firewall on FreeBSD, especially for IPv6[^ipv6]. On OpenBSD, it was much simpler.
[^ipv6]: [Fixing IPv6 and securing the domain](https://michal.sapka.me/2023/fixing-ipv6-and-securing-the-domain/)
OpenBSD being a BSD, provides a complete system - system and user space are developed together. No GNU tools are needed, as everything comes together. At the same time, BSDs come with a lot of surprising things out of the box. FreeBSD wowed me with Jails[^jail].
@@ -59,7 +59,7 @@ OpenBSD comes with three great tools out of the box:
- relayd(8) - a relay daemon
- acme-client(1) - a client for Automatic Certificate Management Environment (ACME)
-With those free things, we can serve static webpages over TLS. While you most likely already use [NGINX](https://www.nginx.com/) or [Apache](https://httpd.apache.org/)[^win], those solutions are complex. They work amazingly in enterprise environments where you have people with doctorates in NGINX configuration, but most real-world examples don't need that complexity. A static blog most likely doesn't.
+With those free things, we can serve static webpages over TLS. While you most likely already use [NGINX](https://www.nginx.com/) or o[Apache](https://httpd.apache.org/)[^win], those solutions are complex. They work amazingly in enterprise environments where you have people with doctorates in NGINX configuration, but most real-world examples don't need that complexity. A static blog most likely doesn't.
[^win]: because there is no fourth way. Please repeat after me: there is no webserver in Windows.
Let's set it up.
