At the moment, I am using a single Dell Optiplex 7010 box as a multipurpose server: it runs OpenBSD and a lot of its base applications (relayd
for reverse proxying, httpd
as a HTTP server, pf
as a firewall, etc) and some from the ports tree (like nsd
for an authoritative NS, unbound
for LAN DNS, …). It also runs a single Alpine VM inside that in turn hosts some dockerized apps (like Lemmy :-))
This setup is suboptimal, as OpenBSD’s virtualization support is still in its early stages, so I wanted to make a defining change: move OpenBSD + all base stuff to a separate ‘firewall’ box and dedicate my 7010 to be a docker host (probably installing alpine linux directly).
My question is: what hardware can you recommend for the OpenBSD box? I would want something with low power consumption. It does not have to be beefy, most of the resource-hungry stuff will probably be on the docker box. One thing though: it would be nice to be able to handle gigabit network throughput for the future.
I have been looking at APU2 boards, Raspbery Pi 4B (I am not sure about the OpenBSD support, though), Intel NUCs, and also Dell Optiplex micros and minis. It would be great to get away with a budget below €100. Thanks in advance for any insight!
check out Protectli Vault. They have different hardware configuration options depending on what you need.
Protectli supports virtually anything you want to slap on it, be it BSD or Linux based. A popular approach is to put Opensense on it (BSD based firewall).
I can vouch for it, quality hardware and silent. Easy to repurposed.
I know of protectli, but I wouldn’t consider it a low-budget option. I mean it is reasonably cheap, but I was hoping I could get away with some much cheaper used hardware.
Youre right, The 2 port vaults are $176 which is almost double your budget. I figured you could find a used one for cheaper, but I just looked around and you cannot :(
You can check out ODROID. The ARM version for $83 and a x86 version for $129. You can play around with specs and models and get those numbers down lower. Pretty large community playing with them, BSD probably can support them or at least the info is most likely in a forum somewhere.