Security-oriented derivative of FreeBSD. Primary goal is a clean-room reimplementation of the grsecurity patchset for the BSD community.
Due to a drastic increase in spam/fraudulent accounts in our self-hosted gitlab, we now require an admin approval of new accounts.
After registering, please email netops[AT]hardenedbsd.org to have us activate your account.
I restarted the last #HardenedBSD 15-STABLE package build. Tons of ports failed due fetch due to the network issues. Starting it from an incremental state means it should be finished relatively quickly.
We're now mostly alive! IPv6 is having issues, so I've disabled that. But IPv4 access into the #HardenedBSD infrastructure now works.
I don't have access to my email since my email VM is offline.
The #HardenedBSD dev/build infrastructure will remain offline for the foreseeable future until our ISP situation improves.
Our GitLab is online again, but in read-only mode. We will work overnight to investigate switching to #Radicle. If that is not successful, we're at a loss as what to do next.
#HardenedBSD HEADS UP:
Our oligarchic overlords with their legion of AI bots have decided that our GitLab isn't powerful enough to line their pockets with our code.
I've now powered off our self-hosted GitLab and disabled the autosync. I'll pull an all-nighter tonight to see if we can switch to Radicle. If that fails, I'm not sure what to do. It's evident that we need a
whole new fleet of servers just to handle the load and ain't nobody got funds for that.
The #HardenedBSD dev/build websites might be semi-nonfunctional this evening as I try my luck at deploying #Anubis.
If anyone has deployed Anubis in front of #nginx, which itself sits in front of a self-hosted #GitLab Enterprise server, please let me know. (Or similar multi-system/multi-site setups.)
I think the hardest thing is gonna be figuring out what to allowlist for GitLab to function properly.
I suspect that the allowlist is gonna be large enough as to render Anubis ineffective.
But, I'm coming at this somewhat blind, naive, and inexperienced, so hopefully my suspicion is wrong.
The #HardenedBSD March 2026 status report is out a couple days early!
https://hardenedbsd.org/article/shawn-webb/2026-03-29/hardenedbsd-march-2026-status-report
#HardenedBSD HEADS UP: Our development and build infrastructure will be switching ISP accounts on 23 Apr 2026 to 24 Apr 2026.
There will be at least 24 hour downtime. We will keep everyone informed:
https://groups.google.com/a/hardenedbsd.org/g/users/c/XqpoNqSejKM
Conversation started with #Dell for the purchase of a new #HardenedBSD build server.
The biggest hurdle will be the requirement of at least 1TB RAM.
With our less-than-shoestring budget, I will likely announce an official call-for-donations over the next couple months.
The new #HardenedBSD 15-STABLE build has been published.
With this commit, we have resolved the kernel panic plaguing our #HardenedBSD users. This one was a tricky one.
The #HardenedBSD February 2026 status report is out!
https://hardenedbsd.org/article/shawn-webb/2026-03-01/hardenedbsd-february-2026-status-report
Which firewall/packet filter on #HardenedBSD do you use (if any?)
The #HardenedBSD January 2026 status report is out! https://hardenedbsd.org/article/shawn-webb/2026-02-02/hardenedbsd-january-2026-status-report
Maintenance completed. We accomplished the majority of the planned work.
On Saturday, 31 Jan 2026, we are planning major maintenance of our development and build infrastructure: https://groups.google.com/a/hardenedbsd.org/g/users/c/9mC981rDbME/m/mL8lkfZPAAAJ
Downtime will likely be for the full day.
Do you use the #HardenedBSD security administration (secadm) tool?
Welcome 0x1eef (Robert) to the #HardenedBSD Development Team!
The #HardenedBSD 15-STABLE package repo has been published! Our bandwidth is limited, so please be gentle. :-)
Security-oriented derivative of FreeBSD. Primary goal is a clean-room reimplementation of the grsecurity patchset for the BSD community.
