I’ve enabled an OpenBSD unbound(8) daemon that is used as a central DNS cache resolver. Now I needed to know what it was doing and how it performed. The question was answered grabbing statistics from unbound and render them using Grafana.
The whole monitoring stack is composed of Net-SNMP, Telegraf and InfluxDB for the metrics part ; and syslogd(8), Logstash and Elasticsearch for the logs part. Of course, most of those run on OpenBSD (6.3) ; except Telegraf, which is not available (yet).
Continue reading “Monitoring unbound(8) using Net-SNMP, Telegraf, InfluxDB and Elasticsearch”
I regularly check my pf(4) activity using pfctl(8) and pflogd(8). I already monitored pf using collectd(1) and rrdtool. This time, I wanted to use my already configured InfluxDB/Grafana system. The thing is, Telegraf is not (yet) available in OpenBSD 6.3. So I used a Telegraf container to remotely poll OpenBSD using the native SNMP OPENBSD-PF-MIB.
Continue reading “Monitoring pf(4) using snmpd(8), Telegraf and Grafana”
I took the time to switch from OpenBSD 6.2 to 6.3 on my Cloud instance with encrypted disk. As usual, it went smooth and troubleless. For the record, here are the directions.
Continue reading “Upgrade encrypted OpenBSD from 6.2 to 6.3”
By default, a DHCP client gets an IP address, a network gateway and a DNS server. That’s fine most of the time. But if you own an OpenBSD cloud instance that has to use DHCP to get online, you might not be satisfied with the domain-name-servers option provided by your DHCP server. Hopefully, OpenBSD provides an easy way to force your DNS:
# vi /etc/dhclient.conf
prepend domain-name-servers 127.0.0.1;
Since then, OpenBSD will use our DNS resolver. Which is… unbound(8)
# rcctl enable unbound
# rcctl start unbound
Note that this configuration allows to use the DNS server provided by the DHCP server as a fallback.
OpenBSD highly enables chrooting daemons. I try to do it as much as possible. But lazy software sometime fail to work out of the box. Here’s my notes to enable sending email via chroot PHP (in my case, hear WordPress).
Continue reading “Send email with chrooted PHP in OpenBSD”