../ blog / obsd-lessons
2024.09.03
OpenBSD works great for a server out-of-the-box when compared to Linux. Linux is too much like Windows.
I've been privy to OpenBSD since 2013. I've been using it as a daily driver since 2019 and fulltime since 2020. Thus I've learned many lessons regarding the OS. The most important lesson learned is that it is, in my opinion, the best server OS that currently exists.
From a scale of 0 to usable, OSX is a 0, Windows is a 5, Linux is a 7, the other BSDs are a 7.5, and OpenBSD is a 9 (usable is a 10). After a devastating fire in 2021, I lost everything. A few hard drives, a RaspberryPi 3B, and a USBSD portable OpenBSD install on a USB drive later, OpenBSD became the default OS for my personal server. I used Arch Linux, Fedora, Debian, then NetBSD, and finally OpenBSD for my server OS. I went from a simple SSH setup to include a webserver and full-blown suite of applications and uses including Nextcloud, IRC chats, VLANs and SCM repositories. From a HP desktop I was able to host a variety of applications with OpenBSD. To honor that which was lost, and save on a ridiculously-overpriced Ameren electric bill, I decided to use my surviving RaspberryPi 3. For the sake of allowing me to use more mainstream applications, I decided to return to the Linux-land of Debian. This is what I've learned from using OpenBSD as a server.
These are the main downsides with OpenBSD:
Probably the biggest issue with OpenBSD is that it's a bit of a drag if you want to use the latest software. There are ways around this, like the ports tree, but it takes more work to build and set them up. While some of the latest software exists in ports, most builds will not work or will fail if the software is a bit more obscure. With Linux, you're almost guaranteed to have a software app available, as most OSS is built to target Linux. BSD support is more obscure, and OpenBSD is sometimes the last to be targeted. This limits the software stack to outdated apps and the mainstream stalwarts that are popular. Even then, the stalwarts were outdated and lacking feature parity, even though the packages and ports are the most recent. This is the main reason why I returned to my Pi with Debian in mind.
OpenBSD has a steep learning curve compared to Linux and Windows.
This is because OpenBSD is its own contained ecosystem.
Config files have their own singular location that doesn't match the methodology of other OSes.
Specific security features like pledge() and unveil() also change how you approach troubleshooting software that's been ported.
Then the issue is if pledge and unveil are used in that specific port, and how you approach it if it is.
While this makes it more consistent than Linux and other systems, it also means that you have to know the OpenBSD ecosystem in order to know where online guides for Linux need to be adjusted.
You essentially perform a lot more translation and transposition than you should have to, effectively multiplying the amount of troubleshooting dedicated to a specific issue.
There is great documentation for OpenBSD's suite of applications, but it's practically a foreign language when coming from the Linux world.
The best way around this is to know OpenBSD inside and out, and to have mastery over its ecosystem.
As stated, OpenBSD lacks documentation when compared to Linux and other OSes. However, this only really applies to applications outside of the OpenBSD ecosystem and family of apps. For instance, an OSS app that mainly targets Linux tends to only have documentation for setting it up on Linux. While it can be run on OpenBSD, one has to know how to adapt the workflow to fit in with OpenBSD. Even if there are docs on porting an app to OpenBSD, they may be outdated in comparison to their Linux ports. The lack of documentation causes more difficulty with adapting software to OpenBSD than anything, and limits its usability.
Despite OpenBSD's downsides, there are a lot of upsides to how the system operates:
OpenBSD has a unified and standardized experience.
With Linux and Windows, there's no real cohesiveness.
Different distros have different approaches.
For instance, does your distro use systemd or rc.d?
Is the default shell bash, ksh, fish, or the good ol-fashioned Christian sh shell?
Does your favorite tool have all the same flags?
With OpenBSD, it's simple, and variety is oftentimes sacrificed for simplicity.
Most apps adapted for use in OpenBSD follow the same simple standard and disallow variety.
Everything is cohesive, from configuration files down to flags and handling parameters.
However, there are differences between OpenBSD's software suite that technically add to the variation in the apps across various OSes.
Compared to other OSes, OpenBSD includes a comprehensive suite of applications that meets most needs for a server OS right off the bat.
OpenBSD has its own in-house app suite, including a webserver (httpd), virtual machine hypervisor (vmctl), SSH (OpenSSH), and more.
All of these applications are included during install.
With the OpenXYZ suite of applications included by default, admins can skip the spurious amount of time-wasting setup for most needs.
Config files are more consistent and can be copied over.
For instance, when moving back to my Pi, I could have used OpenBSD's arm port.
Since my desktop amd64 port was setup using OpenBSD's native ecosystem and in-box suite of apps, all I would technically have to do is copy over the config files to get it up and running.
Compare this with Linux or even *shudders* Windows and OSX, and the setup time is significantly quicker.
With Linux I found myself having to make a file containing all the popular packages like sudo, openssh, nginx/httpd, and qemu and adding that file as arguments to my package manager.
Meanwhile, OpenBSD has it all included by default.
While there are Linux distros that specifically target servers, OpenBSD has the simplicity of everything being included by default, making transitions like my amd-arm Pi transition much smoother.
To me, there is not as stable and performant of an ecosystem as that of OpenBSD. It is strongly (and even strictly) geared towards consistency, security, and simplicity. OpenBSD is far more predictable and simple compared to other OSes, which makes it very stable and performant. With OpenBSD, the downsides become an advantage once you have the ecosystem down. Consistency between in-house apps and strict guidelines ensures that there is a high degree of stability. It's harder to botch config files and with the stability given, more consistent performace is guaranteed. OpenBSD lacks driver support and performance in the sense of most interpretations of the word, where performance is often tied to speed. OpenBSD's performance is focused on being reliable and robust more than fast. OpenBSD apps perform well as well as the OS itself, with more uptime and less weirdness when compared to Linux and Windows. While it might not be as fast, it is certainly more reliable and is guaranteed to perform well. This is because speed has to be sacrificed for stability and vice-versa.
OpenBSD has taught me a lot. In some ways, it taught me to appreciate Linux more than I did when it came to application support and porting software. In others, it taught me that performance can mean reliability instead of speed. I learned that OpenBSD is truly geared towards servers when I went back to Linux for my Pi setup and had a fun time getting things tweaked and adjusted. While OpenBSD is more complex and unique, it ultimately is more simple and has a great use-case in server application. Ultimately, I learned that OpenBSD is the Apple philosophy adjusted for freedom: you are given a strict, consistent, and performant ecosystem out of the box with the option of easily extending it to suit your needs. I also learned that Linux is like Windows: you have so many options and so much support that you don't have to worry or think as much as you would elsewhere, that it's something that you can tweak and customize to truly become yours. At the end, Linux seems to be a great playground or sand pit that you can test things out in. It's like shopping for clothes at Walmart. OpenBSD, however, seems to be a great foundation or basement that you build a permenant dwelling on. It's like going to a tailor for clothes rather than a department store. It's no wonder that I'm currently exploring Linux on my Pi 3. I want to get an idea of what will best suit my future needs as my server evolves from a simple SSH/web server to a hub for all my technological needs. Once I have everything finely-tuned, I can then adapt it for a more permenant and stable setup that will last me down the line. I haven't left OpenBSD, I've simply started to see where Linux and OpenBSD fit in my journey through tech.