I like it because it's so stable. They don't have this Linux thing where they have to change everything around to incorporate the latest fad, and there's also not so many big tech companies constantly messing with the code. Linux has too much corporate influence for me. I don't want Huawei or Amazon to be messing with the code I run all the time. The grassroots nature of Linux is kinda gone and the suits have taken over, just like with the internet itself.
I also love how the OS is stable but the apps are rolling. This really helps to be on the latest KDE etc. And the documentation is excellent. ZFS on root as a first class citizen too.
There's a small team of maintainers working hard to keep everything going in this age of increasing linuxisms. But so far they've been doing a great job.
So I used to have everything FreeBSD but I've stopped using around 2020 when I've started buying computers that have different core configurations like ARM RockChip and Intel Alder Lake. I believe the term is called big.LITTLE when you have efficient and performance cores.
As of now the FreeBSD scheduler is not making full use of big.LITTLE. TBF It works and your mileage might vary and you might also pin stuff to cores but not ideal.
Meanwhile I went back to Linux and fell into the Nix rabbit hole.
I might go back once they get ULE to be able to use my Alder Lake efficiently.
- firewall? Lots of pain and hard to find friendly, best practice starter templates. Wherever I looked, people said "it's complicated." After a lot of tinkering and learning I finally got a setup that was pretty safe. (I think.)
- pm2 was buggy on FreeBSD because of some issue with process IDs getting lost. That was pm2's fault, not FreeBSD's. But I still wanted to simply run different processes and keep my logs somewhere. Well, I guess I could write rc.d scripts for that. But keeping logs from the processes started by rc.d scripts? That also appeared to be a world of pain, and wherever I looked for answers people said "it's complicated."
In the end, it was just too much having to re-invent the wheel for common server tasks and I had to say goodbye. It's not you FreeBSD, it's me. I'm just not an OS dev.
PF seems to me like pretty much the most well regarded firewall there is - with a nice, sensible DSL for config. If you don't like like it, you can use use IPFW or IPFILTER, which are alternative, built-in, firewall front-ends.
- In the end, it was just too much having to re-invent the wheel for common server tasks
Maybe you have built your routine around a system that have reinvented the wheel? I think FreeBSD knowledge degrades more slowly than that of Linux distros.
- I'm just not an OS dev.
That's how I feel when I enter the chaotic Linux world. Do you think my life revolve around keeping up with this shit? :)
I feel that as a Linux user. I really like Linux, I use it on my desktop and it runs all my servers. Delving into forum posts to find some solution to a specific problem can be exhausting. Sometimes you get a top result from like 2011 and it is out of date so you then need to spend X minutes trying to look up something more recent.
Time passes (how much time? are the birds singing yet?) as you keep slogging through that endless sea of muck.
Finally, you run across an old post on some forum where the person not only wrote about the problem, but also the cause of the problem -- and the answer.
So you're reading along, working to once again evaluate whether your problem matches their problem. And the more you read, the more familiar it all seems... like you've been there before.
"It can't be," you say to yourself.
But you scroll back up to the top of the comment and look at the author's name anyway.
And yep, sure as anything: It was you. Six years ago, you wrote about that exact problem yourself and posted a perfectly-cromulent solution to it.
So you fix it (again), note that the birds are in fact singing, and to try to sleep for a bit while pondering your life's choices: You could have found a hobby in origami or perhaps woodworking. Maybe worked as a Mennonite tradesman producing leather goods, or as a carpenter (even an Amish one if any of that seemed too high-tech).
But you didn't. You chose this path instead. It could have all been so simple, but it isn't.
And I didn't mean to imply that FreeBSD is stale. There is big stuff happening continuously. Right now it's compatibility with Linux Wifi drivers, which will make FreeBSD more laptop-able. And pkgbase, which brings some of the compile-your-self flexibility of FreeBSD to binary management, and merges the two tools that decides what makes up your system into one. And kinda makes FreeBSD into the slim system that people already claims it to be.
My pet conspiracy is that pkgbase happened because the powers that be didn't want the 1000 battles to remove junk. Any time anyone wants to remove something there's always one or two guys on the mailing list claiming their livelihood depends on not having to do "pkg install Ø". With pkgbase its all gone.
Not sure what things are like now though - I'm guessing it's much better as pf was obviously the best option :)
* PF was imported into FreeBSD from OpenBSD, maybe it had problems at first.
* Both implementations have been actively maintained, further developed, and diverged.
* There is now collaboration in the development of the FreeBSD and OpenBSD implementations.
* PF is the shit. Even though IPFW is the "invented here" firewall.
I don't use much FreeBSD these days, but pf (from OpenBSD, I know), is one of the best things since sliced bread.
In my first job I was working for a company selling a third-party vertical software and we were proving support for it. We were using a very expensive symantec vpn with most customers connecting with a 33.3kb phone connection, until we reached the license limits, and there was no money for new licenses. In a pinch, me and a coworker set up a new server with openvpn, freebsd, pf, and a ruby-based dns server that I don't remember anymore, and we grew an order of magnitudes more customers.
It's been more that 20 years, I still don't know how to use firewalls in linux, (there are many, I just pretend they don't exists) but I would still be able to setup a pf firewall if needed. I need to say it again, pf is a joy to use.
My gripe with FreeBSD right now is that I miss something like docker swarm. bhyve is fine but AFAIK it works only on a single host. Give me something that works on a bunch of hosts, and I will come back right away
I felt this way about pf when I first got PF going around 2011 for my home router/firewall box. Not saying this is the same for you or anyone else, but my issue was that I was approaching it from the point of view of “I want to configure a home firewall router with PF” instead of “I want to learn the fundamentals of what a firewall does”.
It took me a few more years to get well-versed in all that stuff: the structure of packets, what NAT actually means (what addresses are being translated, why, and where), what's going on in the state table, how to debug when things aren't doing what I expect, etc. Once I did it became much more straightforward to express in my `pf.conf` what I want to do, but you're right that doesn't really help new users.
> Lots of pain and hard to find friendly, best practice starter templates.
FreeBSD does include this, however! It's just implemented using IPFW instead of PF. Check out `firewall_type` key in `rc.conf`: https://cgit.freebsd.org/src/tree/libexec/rc/rc.conf?id=edad...
For a very simple NAT gateway, one could set `firewall_type=simple` and then `firewall_simple_(iif|inet|oif|onet)(_ipv6)?` to configure the ISP-side and internal-side interface names and IPv4 and IPv6 network ranges for each.
For a very easy single-machine firewall, one could set `firewall_type=client` or `firewall_type=workstation` if you want to host anything. For the latter, `firewall_myservices` and `firewall_allowservices` control what ports are enabled and who (other networks/IPs) have access to them
For more details and to see exactly what each option actually does, check out `/etc/rc.firewall` where this is all implemented: https://cgit.freebsd.org/src/tree/libexec/rc/rc.firewall?id=...
The problem is when self-hosting amateur stuff leaks into professional life.
And then you have a expert beginner pushing their homelab/Self-hosting
I think it's ultimately a sign of aging; I don't really have the attention span or energy to LARP as a sysadmin anymore, especially since I never really enjoyed that aspect of computers anyway. I think my monthly cost of storage would get untenable if I tried to move all my raw media rips to the cloud (about 45TB [1]), so I don't think I'll be able to migrate my Jellyfin for the foreseeable future, but I would like to some day.
[1] Looking it up, storing 45TB would end up costing anywhere between $250-$1500 a month pretty easily, which I currently cannot justify.
The fact I miss pretty much all the drama around the latest corporate take over attempts on Linux is just icing on the cake. The toxic slug strategy is an amazing one that more open source projects should use.
One was to pick a set of norms repugnant to the mainstream that everyone currently in the community can tolerate and enforce them rigorously on all new members. This will limit the appeal of the community to people like the ones currently there and will make sure that it never grows too big.
Thus your community is as appetising to activists attempting a hostile takeover as a toxic slug is to a bird.
As an example from six years ago, when the code of conduct madness had just reached its peak:
>I believe OpenBSD's code of conduct can be summed up as "if you are the type of person who needs a code of conduct to teach to you how to human then you are not welcome here".
* Ease of management - more holistically designed.
* Rock solid parts that fits together - more holistically designed.
* ZFS, jails, bhyve, dtrace, ports.
* If it works today, it works tomorrow.
* A more approachable community (which AMD says is the reason why they are developing for FreeBSD before Linux now).
* Transparency and simplicity of how it works, if you can understand it, you can manage it and fix it.
* Fun! Linux is not fun.
I wrote about it here: https://www.blog.montgomerie.net/posts/2025-10-11-setting-up...
There were a few hiccups, such as learning about bootloader versions, but after a few Saturdays tinkering it has been running solid and I’m very pleased.
For me, the balance between all the overhead of the "cattle, not pets" approach and the manual way is the a README.md file for basic setup, and then having Ansible stand up the rest of the configuration. The host is configured as a Jail host, then individual services live inside the jails. Creating and configuring the jails is also done through Ansible. Overall, I really like the setup. I can individually SSH into each jail to allow easy debugging, I can snapshot the jails, and data lives on a special ZFS subvolume that I mount into each jail at "/bucket". This way, I can throw away the jail at any time, fire up Ansible, and have everything up and running again in no time.
[
] It's not my first time with FreeBSD. I first ran it in ~2004. But it's been over 10 years since I last ran it, and I'd forgotten a decent bit. The last time I ran it, I just set up a couple of jails for NAS and Plex and proceeded to not touch it until I moved.
SurceBeats•13h ago
awesomecomment•2h ago
Fortunately, for them, I think with technologies like docker/podman, flatpak, appimage etc. I feel like its already easy-ish enough.
Side nit pick but I hate when apps create docker/podman containers when they can also have flatpak, I would love to see some self hosting apps which have a gui or maybe even some cli hosted via flatpak but I rarely saw cli apps in flatpak etc.