If you've been an OpenBSD user for any period of time, you probably know what mg is. For those who don't know, mg stands for MicroGnuEmacs. It's a small clone of Emacs maintained by the OpenBSD team that's included with the base system. Being an Emacs user, I love that mg is part of the OpenBSD base system. It's great to have an editor that has familiar keybinds on a system that I haven't had the time to install any packages on.
I've been looking at the PC Engines APU line for a while. They're a line of medium size single board PCs with a DB9 serial connector and no VGA port. They also have gigabit Ethernet. Because of this they're often used as firewall machines. I want to get one and use it as either the home router, or an experimental server to mess around with. Quite a few OpenBSD folks use them and recommend them as OpenBSD router and server hardware.
So I have an OpenBSD server serving a static website using httpd(8). I've been thinking for a while I should add an SSL certificate, but never got around to it because it was just a small hobby website and it didn't require any real attention. Today while watching one of the OpenBSD tutorials at BSDCan, I thought it was finally time. Since configuring everything else in OpenBSD is so easy, this must be easy too, right?
EDIT: (August 22, 2020) Theo Buehler has kindly reached out to me and informed me that this issue has just been fixed in a syspatch, and that OpenVPN now works correctly. Hi. Regarding https://blog.lambda.cx/posts/openvpn-issues-openbsd/, the issue you describe in this post should be fixed in 6.7-stable. It boils down to this: ProtonVPN appears to require clients to use P-521 for the TLSv1.3 key exchange.