Ltning (@ltning@weirdr.net)

📌 28 ★ 11 ↺

Ltning » 2025-01-02 / 2025-01-02
@ltning@weirdr.net

After a fair bit of fiddling, this #snac instance is now .. operational, I think? And this is officially my first post here.

See also my main fediverse presence: @ltning@anduin.net

About this instance, at the time of writing:
- OS: #NetBSD 10
- Reverse proxy: nginx
- CPU: Dual Pentium Pro Overdrive, 333MHz
- RAM: 512MB EDO
- NIC: 3Com 100Mbit PCI NIC
- Storage: SATA 1.0 (CF and SSD)

#retrocomputing #butwhy

...

2 ★ 2 ↺

Anders Gulden Olstad boosted

Ltning » 2025-01-02
@ltning@weirdr.net

Posting and boosting this certainly put the box under some duress.. Changed ssl_ecdh_curve from secp521r1:secp384r1; to X25519:prime256v1; now; let's see if that helps.

Tim Chase » 2025-01-03
@gumnos@mastodon.bsd.cafe

@ltning @rubenerd
Those hardware specs are delightful (and it says a lot about @grunfink's work that snac is svelte enough to run in such a constrained environment; I can't fathom attempting to run full Mastodon on such specs)

...

4 ★ 1 ↺

Jay 🚩 boosted

Ltning » 2025-01-05
@ltning@weirdr.net

Yeah I agree. It's absolutely awesome - also that #NetBSD (and all the other #BSD variants) are first-class citizens. Thank you, @grunfink@comam.es!

CC: @rubenerd@bsd.network

gyptazy » 2025-01-05
@gyptazy@mastodon.gyptazy.com

#snac is really awesome and @grunfink did an amazing job by creating this. It even runs smoothly on my RISC-V dev board which is really pretty slow.

@gumnos @ltning @rubenerd @grunfink

...

3 ★ 0 ↺

Ltning » 2025-01-07
@ltning@weirdr.net

@gyptazy@gyptazy.com Still runs circles around a 1998 chip though. But it shows what good code can get out of questionable hardware.

Cc @grunfink@comam.es @gumnos@bsd.cafe @rubenerd@bsd.network

Wojo » 2025-01-05
@polishdub@bsd.network

@gumnos @ltning @rubenerd @grunfink Seeing specs like that make me so giddy.
You almost never see anything nowdays running on something like that

...

1 ★ 0 ↺

Ltning » 2025-01-06
@ltning@weirdr.net

Happy to please :D Now would it be considered cheating if I ran snac on a 486 but with TLS handled elsewhere (simply for lack of CPU instructions to do EC TLS)? :)

CC: @gumnos@bsd.cafe @rubenerd@bsd.network @grunfink@comam.es

4 ★ 2 ↺

hoanga boosted

Ltning » 2025-01-10
@ltning@weirdr.net

Attempting to install #NetBSD on this 486.. gonna need some more work before that works I'm afraid.

(Read the alt text for more info)
#retrocomputing #moreram

Alt...

Kernel messages from NetBSD 10.1 on an AMD 486. Panics due to low memory after showing interesting sound cards detected. No correlation I'm sure - only including to brag.

...

Gonzalo » 2025-01-10
@gonzalo@social.sdf.org

@ltning I installed NetBSD on a 486.. 10 years ago, it worked great! But looks like newer versions need extra work for old PCs, see: https://www.idatum.net/running-netbsd-101-on-a-1998-toshiba-laptop.html

6 ★ 5 ↺

Ltning » 2025-01-04
@ltning@weirdr.net

Damn I like the whole css-or-bust approach to styling that #snac has. I mean I know many (most?) others do a bit of the same but this is just delightful.

So..TLS aside, what is the most lightweight reverse proxy I can use instead of nginx in front of this thing? You know, in case I would like to move the instance from this beefy PPro to, say, a #486 or a #Nintendo Wii running #NetBSD? :)

#retrocomputing #BSD #stupididea

...

Older...

Funky Bob » 2025-01-04 / 2025-01-04
@FunkyBob@chaos.social

@ltning worth looking into: OpenBSDs httpd, and h2o

...

0 ★ 0 ↺

Ltning » 2025-01-04
@ltning@weirdr.net

I'm on NetBSD and at least pkgin knows nothing about OpenBSD's httpd (I think)..
Do you have any idea of the memory footprint of h2o when doing TLS and proxying?

kbity... » 2025-01-04
@cybertailor@wetdry.world

@ltning httpd and relayd can come with base system in case of BSDs

...

0 ★ 0 ↺

Ltning » 2025-01-04
@ltning@weirdr.net

Sadly not on NetBSD though :)

theothertom » 2025-01-09
@tom@epsom.social

@ltning I used Apache HTTPd, with many modules ripped out as a reverse proxy for Snac on a machine with 32MB of RAM if that helps.
Something I was able to do with Apache that turned out to be helpful was limiting the connections to Snac itself to 1 - meant that the storm of hits from other servers allowed some requests to work, rather than mostly failing.
If curious: https://people.cobaltqu.be/~theothertom/Physical/Qube3Fedi.html

...

theothertom » 2025-01-09
@tom@epsom.social

@ltning oh, and as an aside - I found Snac just about usable on a 450MHz K6-II with 32MB of RAM. Extrapolating backwards makes me think you would need quite a lot of patience to use it on a 486 :D

...

0 ★ 0 ↺

Ltning » 2025-01-09
@ltning@weirdr.net

I'm thinking of running it on a 120/133MHz AMD 5x86 or something like that. It should (at least) have 64MB RAM, possibly 128 if I can get it to cache the whole range.

A bigger challenge will be the Nintendo WII - it has, I believe, 24MB or something like that? But at least the CPU should be vastly superior to any 486..

...

theothertom » 2025-01-09
@tom@epsom.social

@ltning 24MB is tight, though you might be able to do it if you use something else as a proxy in front on Snac.
Something else that might not be immediately obvious too - lots of 32-bit builds target i686 these days, at least for Linux. The only Linux distro I could find that targets i586 with recent releases was Slackware - dunno what the situation is for NetBSD though.

...

1 ★ 0 ↺

Ltning » 2025-01-09
@ltning@weirdr.net

@tom@epsom.social fully expect I have to build a bunch of stuff myself. Including netbsd. But I expect snac to build nicely and not require any special gymnastics. :)

0 ★ 0 ↺

Ltning » 2025-01-09
@ltning@weirdr.net

How much memory does Apache use then? It sounds like unnecessary bloat even with modules disabled. But maybe that's just me still clinging to 20+ year old impressions of Apache being bloated by definition.

Do you do TLS in Apache too? On a K6-II?

...

theothertom » 2025-01-09
@tom@epsom.social

@ltning I've managed to add more memory since I first installed the system, so it's not quite as tight as it was (and now there's meaningful disk cache, which seems to help loads).
Looking at the stats on it, snac is using 13.5MB (resident), Apache is using 10.5MB.
I think the perception of Apache as a resource hog may have come from the "prefork" MPM there's other, lighter MPMs you can use instead.
Yeah - it's doing TLS in apache. https://social.cobaltqu.be/theothertom/p/1717810603.209255 if you want a sense of how quick it is.

Alt...

Screenshot of htop, showing the resource usage on a snac server. The relevant parts are mentioned in the body of the original message.

...

0 ★ 0 ↺

Ltning » 2025-01-09
@ltning@weirdr.net

@tom@epsom.social Mind sharing the tls config? Key lengths, curves, ciphers and protocols?

...

theothertom » 2025-01-10
@tom@epsom.social

@ltning Sure. I've got this, which I'm pretty sure is just the defaults from the distro package (at least, I don't remember tuning it):
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/var/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300

📌 28 ★ 11 ↺

Marcus Rohrmoser 🌻 boosted

Ltning » 2025-01-02 / 2025-01-02
@ltning@weirdr.net

After a fair bit of fiddling, this #snac instance is now .. operational, I think? And this is officially my first post here.

See also my main fediverse presence: @ltning@anduin.net

#retrocomputing #butwhy

...

2 ★ 2 ↺

Anders Gulden Olstad boosted

Ltning » 2025-01-02
@ltning@weirdr.net

Posting and boosting this certainly put the box under some duress.. Changed ssl_ecdh_curve from secp521r1:secp384r1; to X25519:prime256v1; now; let's see if that helps.

Tim Chase » 2025-01-03
@gumnos@mastodon.bsd.cafe

...

4 ★ 1 ↺

Jay 🚩 boosted

Ltning » 2025-01-05
@ltning@weirdr.net

Yeah I agree. It's absolutely awesome - also that #NetBSD (and all the other #BSD variants) are first-class citizens. Thank you, @grunfink@comam.es!

CC: @rubenerd@bsd.network

gyptazy » 2025-01-05
@gyptazy@mastodon.gyptazy.com

#snac is really awesome and @grunfink did an amazing job by creating this. It even runs smoothly on my RISC-V dev board which is really pretty slow.

@gumnos @ltning @rubenerd @grunfink

...

3 ★ 0 ↺

Ltning » 2025-01-07
@ltning@weirdr.net

@gyptazy@gyptazy.com Still runs circles around a 1998 chip though. But it shows what good code can get out of questionable hardware.

Cc @grunfink@comam.es @gumnos@bsd.cafe @rubenerd@bsd.network

Wojo » 2025-01-05
@polishdub@bsd.network

@gumnos @ltning @rubenerd @grunfink Seeing specs like that make me so giddy.
You almost never see anything nowdays running on something like that

...

1 ★ 0 ↺

Ltning » 2025-01-06
@ltning@weirdr.net

Happy to please :D Now would it be considered cheating if I ran snac on a 486 but with TLS handled elsewhere (simply for lack of CPU instructions to do EC TLS)? :)

CC: @gumnos@bsd.cafe @rubenerd@bsd.network @grunfink@comam.es

2 ★ 3 ↺

Anders Gulden Olstad boosted

Ltning » 2025-01-05
@ltning@weirdr.net

Since nobody asked, here are a couple of pictures of the rig. It's not posing for the picture (I didn't tell it what was going on), so it's as messy as usual.

I'll post each picture as a reply to this post, as snac doesn't like multiple attachments..

Enjoy. And wish the poor box luck serving this.

#servertorture #retrocomputing

...

1 ★ 0 ↺

Ltning » 2025-01-05
@ltning@weirdr.net

This is the "aquarium case", as it has become known around the office. It has a nearly-invisible batman-symbol embossed on the front, and a similar cutout in the back. Beats me why, but it's kinda cool.

Alt...

Server seen from the front. Black base with CD-ROM drive and power button in the front. The mainboard is mounted horizontally in the upper half, which is transparent. Seen are various expansion cards and the back of the CPU card itself.

2 ★ 0 ↺

Ltning » 2025-01-05
@ltning@weirdr.net

And here's the innards. Curious eyes might spot some old and dear sound cards, other than that the highlight is of course the mainboard and the CPU board, which is replaceable. And the CPUs, obviously.

Alt...

Inside of machine, showing two CPUs with fans on the CPU board, some RAM, a SCSI card, network card, SATA controller card and GPU - all 32-bit PCI. Next up are two sound cards - a Gravis Ultrasound and a Sound Blaster AWE64 Gold.

1 ★ 0 ↺

Ltning » 2025-01-05
@ltning@weirdr.net

And finally, the screenfetch output. Full text in description.

Alt...

OS: NetBSD, Kernel: i386 NetBSD 10.0_STABLE, Uptime: 3d 2h 55m, Packages: 393, Shell: bash, Resolution: 1600x1200, WM: WindowMaker, GTK Theme: Arc-Dark [GTK2/3], Icon Theme: Adwaita, Font: Sans 9, Disk: 7.3G / 241G (3%), CPU: Intel 686-class @ 2x 333MHz, GPU: Mesa DRI R200 (RV280 5964) x86/MMX DRI2, RAM: 351MiB / 486MiB

...

Anders Gulden Olstad » 2025-01-05
@andersgo@infosec.exchange

@ltning I need to use that toaster for lunch tomorrow…

0 ★ 0 ↺

in reply to »

Ltning » 2025-01-04
@ltning@weirdr.net

Any idea of its memory footprint in such a case? When doing TLS?

...

⚡🍰 » 2025-01-04
@glitchcake@tech.lgbt

@ltning no

1 ★ 1 ↺

Funky Bob boosted

Ltning » 2025-01-03
@ltning@weirdr.net

TIL today: secp* curves are orders of magnitude slower than X25519 and prime256v1. At least on a Pentium Pro/Pentium II-class CPU.
#retrocomputing #forgetwhatyouknow