Re: httpd location statement
> On 11 Dec 2020, at 00:16, Todd C. Miller wrote: > > On Thu, 10 Dec 2020 19:24:20 +0200, Alexey Vatchenko wrote: > >> I’m migrating from ancient server with OpenBSD’s apache1 to 6.8 OpenBSD’s htt >> pd. >> In my configuration I use Handler for .html, .htm, .css, .js and 4 more exten >> sions. >> I’ve found a way to configure it for one extension and it works great! >> >> location “*.html” { >>fastcgi { >>socket “/run/slowcgi.sock” >>param SCRIPT_FILENAME “/path/to/handler.pl" >>} >> } > > Can't you just use lua-style patterns with "location match ..."? > See the CAPTURES section in pattern(7) for details. Sorry, still don’t understand how captures can help in this case. In my understanding, it lacks "OR” to avoid duplicating identical location blocks. location “*.html|*.css|*.js” { } instead of location “*.html” { } location “*.css” { } location “*.js” { } Could you please give an example of using captures for this case?
Re: Default installurl and Package Source
On Thu, Dec 10, 2020 at 10:24:27PM -, Stuart Henderson wrote: > > Please use https. Some ISP's insert crap into http. > > Sounds a good reason to use a better ISP :) > You're right about that and the CPU waste. I had an ISP a few years ago at home that tampered with http. Once burned, twice shy. Chris > Packages packing-lists are verified using signify signatures, and files > inside the package using sha256 from the (signed) plist, so it will be > very obvious if those files are changed. > > And because pkg_add doesn't use persistent connections, https really > slows it down as it has to make a new TLS handshake for every package > you have installed (even if no update is needed). > > > Certs are free, why doesn't a trusted source not have one? > > Some mirror servers are not on especially new hardware and may not have > loads of cpu to spare to encrypt everything. Also some may consider it a > waste of cpu time if the files are signed anyway. (For file distribution > where signature checks are not done automatically, I have a feeling > that seeing something fetched over https might suggest to the user that > things are safe and they don't need to bother to do a check manually - > this is of course not the case as https does nothing to help if a server > has been compromised, it only deals with the transport layer). > > > IMHO, you really should run stable. Although you might look at the > > Or -current :-) > > > patches and decide not to. packages-stable may or may not have security > > fixes you need. syspatch often, but not always, needs a reboot. > > > > But it's your system, do as you please. A security patch might not be > > relevant to you. > > > > Chris Bennett > > > > > > >
Re: Default installurl and Package Source
On 2020-12-10, Chris Bennett wrote: > On Wed, Dec 09, 2020 at 11:22:58AM +0800, Tito Mari Francis Escaño wrote: >> Hi misc, >> I recently installed 6.8 on VM then applied errata patches. >> When I tried to install git, it complained that git is not in the >> packages-stable folder, I was pleasantly surprised. The >> /etc/installurl by default is http://cdn.openbsd.org/pub/OpenBSD, and >> I got error 503 on the site. Checking the default URL indicates it may >> be down, same goes for Cloudflare CDN, Verizon seems working alright. >> When I changed /etc/installurl to where I used to get packages: >> http://ftp.jaist.ac.jp/pub/OpenBSD, it worked as expected. >> This raised the following questions: >> Does this mean when we apply errata patches, we're now automatically >> using stable release and need to use stable packages? >> Is it advisable to keep the /etc/installurl automatically default to >> http://cdn.openbsd.org/pub/OpenBSD or should users be advised to >> select packages from package sources geographically near them? >> Please advise. Thanks and keep up the great work. If you have a good local mirror then it is usually the best choice to use it. In that case the actual files are present on the system near you. With the CDNs, unless you pick a frequently accessed file that is cached locally, they are fetched from the origin server (for cdn.openbsd.org this is in Canada reached via Seattle). This is usually via a fairly fast network and with various optimizations that mean it's likely to be faster than fetching it directly from Canada yourself, but unless you're fairly close then it's likely to still be slower than a local "real" mirror. For snapshots there are additional problems, you're very unlikely to get any benefit from the cache at all, and because the filenames don't change between snapshots if files are cached near you then there can be problems getting a mix of two snaps. > If you find a good mirror, you can hard code the PKG_PATH > export PKG_PATH=... > it can use multiple servers separated by : > Be sure to change it to 6.9 later! Assuming they use the standard /pub/OpenBSD paths then you can set PKG_PATH to just the mirror name and the version (or "snapshots") and arch will be filled in. Or if you always use snapshots you can use http://whatever/pub/OpenBSD/snapshots/%a then you don't need to mess about with pkg_add -Dsnap around release time. > That's what I do when I have cdn problems. > Avoid the OpenBSD source, if possible. > Please use https. Some ISP's insert crap into http. Sounds a good reason to use a better ISP :) Packages packing-lists are verified using signify signatures, and files inside the package using sha256 from the (signed) plist, so it will be very obvious if those files are changed. And because pkg_add doesn't use persistent connections, https really slows it down as it has to make a new TLS handshake for every package you have installed (even if no update is needed). > Certs are free, why doesn't a trusted source not have one? Some mirror servers are not on especially new hardware and may not have loads of cpu to spare to encrypt everything. Also some may consider it a waste of cpu time if the files are signed anyway. (For file distribution where signature checks are not done automatically, I have a feeling that seeing something fetched over https might suggest to the user that things are safe and they don't need to bother to do a check manually - this is of course not the case as https does nothing to help if a server has been compromised, it only deals with the transport layer). > IMHO, you really should run stable. Although you might look at the Or -current :-) > patches and decide not to. packages-stable may or may not have security > fixes you need. syspatch often, but not always, needs a reboot. > > But it's your system, do as you please. A security patch might not be > relevant to you. > > Chris Bennett > > >
Re: httpd location statement
On Thu, 10 Dec 2020 19:24:20 +0200, Alexey Vatchenko wrote: > I’m migrating from ancient server with OpenBSD’s apache1 to 6.8 OpenBSD’s htt > pd. > In my configuration I use Handler for .html, .htm, .css, .js and 4 more exten > sions. > I’ve found a way to configure it for one extension and it works great! > > location “*.html” { > fastcgi { > socket “/run/slowcgi.sock” > param SCRIPT_FILENAME “/path/to/handler.pl" > } > } Can't you just use lua-style patterns with "location match ..."? See the CAPTURES section in pattern(7) for details. - todd
Re: httpd location statement
> On 10 Dec 2020, at 20:51, Florian Obser wrote: > > I think the only way is to repeat the location statement for each extension :/ If preparing a patch, what is the preferable syntax for this functionality? location regex “/.*\.(html|css){1}$” { # something }
Re: httpd location statement
I think the only way is to repeat the location statement for each extension :/ You can leave out the socket since that's the default On 10 December 2020 18:24:20 CET, Alexey Vatchenko wrote: >Hello! > >I’m migrating from ancient server with OpenBSD’s apache1 to 6.8 >OpenBSD’s httpd. >In my configuration I use Handler for .html, .htm, .css, .js and 4 more >extensions. >I’ve found a way to configure it for one extension and it works great! > >location “*.html” { >fastcgi { >socket “/run/slowcgi.sock” >param SCRIPT_FILENAME “/path/to/handler.pl" >} >} > >And I havn't found a way to specify multiple extensions. > >Any advice how to do it? > >Thanks in advance! -- Sent from a mobile device. Please excuse poor formating.
httpd location statement
Hello! I’m migrating from ancient server with OpenBSD’s apache1 to 6.8 OpenBSD’s httpd. In my configuration I use Handler for .html, .htm, .css, .js and 4 more extensions. I’ve found a way to configure it for one extension and it works great! location “*.html” { fastcgi { socket “/run/slowcgi.sock” param SCRIPT_FILENAME “/path/to/handler.pl" } } And I havn't found a way to specify multiple extensions. Any advice how to do it? Thanks in advance!
Re: Internal Microphone on Thinkpad X1 Carbon 7th gen not working
Alexandre Ratchov wrote: > On Thu, Dec 10, 2020 at 10:30:56AM +0100, Anders Damsgaard wrote: >> * Stefan Hagen [2020-12-10 10:14:35 +0100]: >>> Bodie wrote: On 9.12.2020 20:43, Stefan Hagen wrote: > Hello Zachary, > > Zachary Campbell wrote: >> Any luck with this? I am also struggling to get the internal >> mic to work on the X1 Carbon 7th Gen. Have gone through >> everything discussed here, but still no luck. >> >> My dmesg and mixerctl match those already shared in thread. >> Happy to share anything else that might be helpful, but after >> reading through the multimedia FAQ and this thread I am >> not quite sure where to go next. > > No progress here. > > I think all needed information is in here. > https://bbs.archlinux.org/viewtopic.php?id=249900 That part on SST remind me my problem with audio on T590 under Windows. For at least two patch builds Windows had issue to picking up wrong driver for audio. Instead of regular HD Audio they were setting up SST HD Audio and then output/input were not working. So maybe it is something wrong inside that HW like reporting wrong capabilities? >>> >>> Not unlikely as "microphone not working on x1 carbon gen 7" complaints >>> are all over the place. The solution for ms windows is upgrade + use >>> newest drivers. So yes, I assume there's something off that has been >>> fixed in software. >>> >>> I've seen similar complaints about Dell Laptops that are also using >>> the Realtek ALC285 chip. >>> >>> If it's just this one chip, then fine, let's ignore it. >>> >>> Can someone with a X1 Carbon Gen 8 report it working? >> >> The same issue persists on 8th generation, also reported to dmesg@. >> >> azalia0 at pci0 dev 31 function 3 "Intel 400 Series HD Audio" rev 0x00: msi >> azalia0: codecs: Realtek ALC285, Intel/0x280b, using Realtek ALC285 >> audio0 at azalia0 >> >> Also, the mic is enabled in BIOS and kern.audio.record=1. > > AFAIU, all audio components but the internal microphone are connected > to the "Realtek ALC285" codec which is handled by azalia(4). The > internal microphone uses the Intel Smart Sound Technology, which needs > a dedicated driver. ^^ Right! That's how it shows up on windows. I think it's *not* worth to create a driver for the internal microphone. It's really not that useful most of the time. But it's good to know that it's not just configuration that's missing. So I can stop fiddling and accept that it does not work. Thanks, Stefan
Re: Internal Microphone on Thinkpad X1 Carbon 7th gen not working
On Thu, Dec 10, 2020 at 10:30:56AM +0100, Anders Damsgaard wrote: > * Stefan Hagen [2020-12-10 10:14:35 +0100]: > > > Bodie wrote: > > > > > > > > > On 9.12.2020 20:43, Stefan Hagen wrote: > > > > Hello Zachary, > > > > > > > > Zachary Campbell wrote: > > > > > Any luck with this? I am also struggling to get the internal > > > > > mic to work on the X1 Carbon 7th Gen. Have gone through > > > > > everything discussed here, but still no luck. > > > > > > > > > > My dmesg and mixerctl match those already shared in thread. > > > > > Happy to share anything else that might be helpful, but after > > > > > reading through the multimedia FAQ and this thread I am > > > > > not quite sure where to go next. > > > > > > > > No progress here. > > > > > > > > I think all needed information is in here. > > > > https://bbs.archlinux.org/viewtopic.php?id=249900 > > > > > > > > > > That part on SST remind me my problem with audio on T590 under Windows. > > > For at least two patch builds Windows had issue to picking up wrong > > > driver for audio. Instead of regular HD Audio they were setting > > > up SST HD Audio and then output/input were not working. > > > > > > So maybe it is something wrong inside that HW like reporting wrong > > > capabilities? > > > > Not unlikely as "microphone not working on x1 carbon gen 7" complaints > > are all over the place. The solution for ms windows is upgrade + use > > newest drivers. So yes, I assume there's something off that has been > > fixed in software. > > > > I've seen similar complaints about Dell Laptops that are also using > > the Realtek ALC285 chip. > > > > If it's just this one chip, then fine, let's ignore it. > > > > Can someone with a X1 Carbon Gen 8 report it working? > > > > Best Regards, > > Stefan > > > > The same issue persists on 8th generation, also reported to dmesg@. > > azalia0 at pci0 dev 31 function 3 "Intel 400 Series HD Audio" rev 0x00: msi > azalia0: codecs: Realtek ALC285, Intel/0x280b, using Realtek ALC285 > audio0 at azalia0 > > Also, the mic is enabled in BIOS and kern.audio.record=1. > AFAIU, all audio components but the internal microphone are connected to the "Realtek ALC285" codec which is handled by azalia(4). The internal microphone uses the Intel Smart Sound Technology, which needs a dedicated driver. Linux has a driver written by Intel employees, which is around twice as big as azalia. It's unclear how difficult it would be to write a openbsd-ish driver that simply makes the hardware work. Sorry. Meanwhile, if this is for voice calls, I'd suggest either using a phone headset (the x1 probably has a trrs jack) or a comfortable full-duplex usb headset; most work way better than the internal mics/speakers.
Re: Internal Microphone on Thinkpad X1 Carbon 7th gen not working
* Stefan Hagen [2020-12-10 10:14:35 +0100]: Bodie wrote: On 9.12.2020 20:43, Stefan Hagen wrote: Hello Zachary, Zachary Campbell wrote: Any luck with this? I am also struggling to get the internal mic to work on the X1 Carbon 7th Gen. Have gone through everything discussed here, but still no luck. My dmesg and mixerctl match those already shared in thread. Happy to share anything else that might be helpful, but after reading through the multimedia FAQ and this thread I am not quite sure where to go next. No progress here. I think all needed information is in here. https://bbs.archlinux.org/viewtopic.php?id=249900 That part on SST remind me my problem with audio on T590 under Windows. For at least two patch builds Windows had issue to picking up wrong driver for audio. Instead of regular HD Audio they were setting up SST HD Audio and then output/input were not working. So maybe it is something wrong inside that HW like reporting wrong capabilities? Not unlikely as "microphone not working on x1 carbon gen 7" complaints are all over the place. The solution for ms windows is upgrade + use newest drivers. So yes, I assume there's something off that has been fixed in software. I've seen similar complaints about Dell Laptops that are also using the Realtek ALC285 chip. If it's just this one chip, then fine, let's ignore it. Can someone with a X1 Carbon Gen 8 report it working? Best Regards, Stefan The same issue persists on 8th generation, also reported to dmesg@. azalia0 at pci0 dev 31 function 3 "Intel 400 Series HD Audio" rev 0x00: msi azalia0: codecs: Realtek ALC285, Intel/0x280b, using Realtek ALC285 audio0 at azalia0 Also, the mic is enabled in BIOS and kern.audio.record=1. Cheers, Anders
Re: Internal Microphone on Thinkpad X1 Carbon 7th gen not working
Bodie wrote: > > > On 9.12.2020 20:43, Stefan Hagen wrote: >> Hello Zachary, >> >> Zachary Campbell wrote: >>> Any luck with this? I am also struggling to get the internal >>> mic to work on the X1 Carbon 7th Gen. Have gone through >>> everything discussed here, but still no luck. >>> >>> My dmesg and mixerctl match those already shared in thread. >>> Happy to share anything else that might be helpful, but after >>> reading through the multimedia FAQ and this thread I am >>> not quite sure where to go next. >> >> No progress here. >> >> I think all needed information is in here. >> https://bbs.archlinux.org/viewtopic.php?id=249900 >> > > That part on SST remind me my problem with audio on T590 under Windows. > For at least two patch builds Windows had issue to picking up wrong > driver for audio. Instead of regular HD Audio they were setting > up SST HD Audio and then output/input were not working. > > So maybe it is something wrong inside that HW like reporting wrong > capabilities? Not unlikely as "microphone not working on x1 carbon gen 7" complaints are all over the place. The solution for ms windows is upgrade + use newest drivers. So yes, I assume there's something off that has been fixed in software. I've seen similar complaints about Dell Laptops that are also using the Realtek ALC285 chip. If it's just this one chip, then fine, let's ignore it. Can someone with a X1 Carbon Gen 8 report it working? Best Regards, Stefan