diff --git a/.build.yml b/.build.yml
new file mode 100644
index 0000000..de5ede4
--- /dev/null
+++ b/.build.yml
@@ -0,0 +1,37 @@
+image: openbsd/7.5
+shell: false
+secrets:
+  - b2b00838-c8a8-441d-baaa-da121489d0bd
+sources:
+  - git@git.sr.ht:~robertkeizer/bgpipe
+  - https://github.com/bgpfix/bgpfix.git
+packages:
+  - go
+tasks:
+  - install_bgpipe: |
+      cd bgpipe
+      go install .
+  - setup_networking: |
+      doas ifconfig vether1 198.51.100.1 255.255.255.0 up
+  - setup_bgpd: |
+      cat <<EOF>/tmp/bgpd.conf
+        AS 65001
+        router-id 198.51.100.1
+
+        listen on 198.51.100.1
+        network 198.51.100.0/24
+
+        neighbor 198.51.100.1 {
+          remote-as 65002
+        }
+
+        allow from 198.51.100.1
+        allow to 198.51.100.1
+      EOF
+
+      doas mv /tmp/bgpd.conf /etc
+      doas bgpd -vnf /etc/bgpd.conf
+      doas rcctl enable bgpd
+      doas rcctl start bgpd
+  - test: |
+      /home/build/go/bin/bgpipe connect 198.51.100.1 stdout
diff --git a/stages/util_openbsd.go b/stages/util_openbsd.go
new file mode 100644
index 0000000..fe8d3a4
--- /dev/null
+++ b/stages/util_openbsd.go
@@ -0,0 +1,39 @@
+//go:build openbsd
+
+package stages
+
+import (
+	"syscall"
+  "golang.org/x/sys/unix"
+)
+
+func tcp_md5(md5pass string) func(net, addr string, c syscall.RawConn) error {
+	if len(md5pass) == 0 {
+		return nil
+	}
+
+	return func(net, addr string, c syscall.RawConn) error {
+
+    // * Check whether the tcpmd5 SA already exists
+    // * If it doesn't, depending on flags:
+    //   * return an error and docs around setting up the sa.
+    //   or
+    //   * create a temporary file that can be used to load rules
+    //   * Execute ipsecctl -f /path/to/file to load the sa
+
+    // https://blog.habets.se/2019/11/TCP-MD5.html
+
+		// setsockopt
+		var err error
+		c.Control(func(fd uintptr) {
+
+      /*
+      Future: 0x04 comes from https://github.com/openbsd/src/blob/master/sys/netinet/tcp.h#L217
+      While it is unlikely to change, looking it up would be better rather than having it hardcoded.
+      */
+
+			err = unix.SetsockoptString(int(fd), unix.IPPROTO_TCP, 0x04, string("tcpmd5string"))
+		})
+		return err
+	}
+}
diff --git a/stages/util_unsupported.go b/stages/util_unsupported.go
index 4760d85..358bd24 100644
--- a/stages/util_unsupported.go
+++ b/stages/util_unsupported.go
@@ -1,4 +1,4 @@
-//go:build !linux
+//go:build (!linux && !openbsd)
 
 package stages