By default, Ubuntu 20.04, or better the used OpenSSL version, disables all ciphers below TLSv1.2 and you need to re-enable it in order to use older ciphers. It is quite simple, add following text at the top of /etc/ssl/openssl.cnf:

openssl_conf = default_conf

[ default_conf ]

ssl_conf = ssl_sect

[ssl_sect]

system_default = system_default_sect

[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT:@SECLEVEL=1

Now reboot the machine and you should be done.

Warning: this can harm your machine, not physically but mentally. make sure you know how to restore the openssl.cnf if you have to.

FreeBSD UFS makes usually a very good job in staying sane and repairing itself. However, it can happen that UFS is not capable of repairing and some “mangled entries” appear which result in kernel panics. Unfortunatlely these are not repairable by fsck. How do they look like?

/: bad dir ino 32578 AT OFFSET 33812: MANGLED ENTRY
panic: ufs_dirbad: bad dir

So what should we do if i encounter one of these lookalike messages? Well…

Reboot your machiine in single user mode, usually option 2 in the boot menu. After bootup start a filesystem check with repairing:

$ fsck -y /
** Last Mounted on /
** Root file system
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
112346 files, 42158044 used, 59151489 free (9993 frags, 7392687 blocks, 0.0% fragmentation)

Even if no error was found and the disk was marked clean, there can be problems with some inodes/files. You may bring your system back up without any further work, however if it panics again with the same message (check out the inode number -> ino), you are likely to have unfixable corruption.

Now how can you fix it? Use the filesystem debugger fsdb. Please note that in our example the concerned inode is 32578 (ino 32578 in our error message), this is likely to change in your error.

$ fsdb /dev/da0p2
** /dev/da0p2
Editing file system '/dev/da0p2'
Last mounted on /
...
fsdb (inum: 2)>

Now go to the inode mentioned in the panic and delete it: WARNING: you will lose data when you clear the inode! Keep it in mind.

fsdb (inum: 2)> inode 32578
...
fsdb (inum: 32578)> clri 32578
fsdb (inum: 32578)> quit

**** FILE SYSTEM STILL DIRTY *****
*** FILE SYSTEM MARKED DIRTY
*** BE SURE TO RUN FSDK TO CLEAN UP ANY DAMAGE
*** IF IT WAS MOUNTED, RE-MOUNT WITH -u -o reload

Now start fsck again like in the beginning of this article. Run it until no more errors are shown and it is MARKED AS CLEAN.

That’s it. Reboot normally and hope that not more inodes are faulty. If so, repeat this for every inode throwing the initial error/panic.

Unfortunately the Nginx package for FreeBSD does not contain the RTMP module, so you need to compile it either from upstream sources or use the FreeBSD ports and enable the RTMP module before compiling:

# portsnap auto
# cd /usr/ports/www/nginx
# make config
# make
# make install

now create a new file name rtmp.conf in /usr/local/etc/nginx using your favorite editor, i use neovim:

# cd /usr/local/etc/nginx
# nvim rtmp.conf

now paste following code to rtmp.conf:

rtmp {
    server {
        listen 1935;
        chunk_size 4096;
        application hlslive {
            live on;
            hls on;
            hls_path /usr/local/www/nginx-dist/hlslive;
            hls_fragment 3s;
            hls_playlist_length 18s;
        }
    }
}

save it and open nginx.conf and add the following:

load_module /usr/local/libexec/nginx/ngx_rtmp_module.so;  # <-- must be loaded at the top of the file
include rtmp.conf;  # <-- can be at the end of the file

check if the config is valid:

# nginx -t

if valid you can start your Nginx/RTMP server and send the first RTMP to it.