diff --git a/freebsd_vm/notes.txt b/freebsd_vm/notes.txt new file mode 100644 index 0000000..8bff341 --- /dev/null +++ b/freebsd_vm/notes.txt @@ -0,0 +1,4 @@ +zfs set mountpoint=/mnt/ship ship +zfs set mountpoint=/mnt/data data +zfs set mountpoint=/mnt/iocage ship/iocage +zfs create /mnt/ship/certs diff --git a/jails/create.sh b/jails/create.sh index b514b06..72e0b81 100755 --- a/jails/create.sh +++ b/jails/create.sh @@ -15,15 +15,16 @@ JAILIP=$4 JAILUSER=$5 JAILUSERID=$6 JAILUSERVNC=$7 +JAILSRC=${8-false} : "${JAIL:?Need to specify JAIL - first parameter}" : "${JAILHOSTNAME:?Need to specify JAILHOSTNAME - second parameter}" : "${JAILDOMAIN:?Need to specify JAILDOMAIN - third parameter}" : "${JAILIP:?Need to specify JAILIP - fourth parameter}" : "${JAILUSER:?Need to specify JAILUSER - fifth parameter - set to X if none required}" -: "${JAILUSERID:?Need to specify JAILUSERID - sixth parameter - eg. set to 1000 for p OR 2002 for r}" +: "${JAILUSERID:?Need to specify JAILUSERID - sixth parameter - eg. set to 1000 for p / 2002 for r}" : "${JAILUSERVNC:?Need to specify JAILUSERVNC - seventh parameter - set to true to add vnc for jailuser}" -# user p and r are diyit deployment specific +# : "${JAILSRC:?Need to specify JAILSRC - eighth parameter - set to true to keep SRC files}" # there are cases where you may only want an IPv4 jail I6CONFIG=true @@ -36,7 +37,7 @@ I4NS="192.168.0.5" I6NS="fd01::5" # these IP spaces are diyit deployment specific -echo "$JAIL / $JAILIP / $JAILHOSTNAME / $JAILDOMAIN / $JAILUSER / $JAILUSERID / $JAILUSERVNC" +echo "Name:$JAIL / IP:$JAILIP / Hostname:$JAILHOSTNAME / Domain:$JAILDOMAIN / User:$JAILUSER / UserID:$JAILUSERID / VNC:$JAILUSERVNC / SRC:$JAILSRC" # cant install packages during jail creation because ipfw blocks all network traffic #echo '{"pkgs":["bash","bash-completion","nano"]}' > /tmp/pkg-$JAIL.json @@ -85,8 +86,6 @@ iocage exec $JAIL "resolvconf -u" iocage exec $JAIL "mkdir -p /usr/local/etc/pkg/repos" iocage exec $JAIL "[ -f /mnt/config/pkgp.conf ] && cp /mnt/config/pkgp.conf /usr/local/etc/pkg/repos/ || cp /mnt/common/pkgp.conf /usr/local/etc/pkg/repos/" -iocage exec $JAIL "[ -f /mnt/config/freebsd-update.conf ] && cp /mnt/config/freebsd-update.conf /etc/ || cp /mnt/common/freebsd-update.conf /etc/" - iocage exec $JAIL "env ASSUME_ALWAYS_YES=YES pkg bootstrap" iocage exec $JAIL "pkg update -f" iocage exec $JAIL "pkg upgrade -y" @@ -164,11 +163,17 @@ if [ "$JAILUSER" != "X" ]; then fi fi +if ! (($JAILSRC)); then + echo "removing /usr/src files ..." + iocage exec $JAIL "rm -rf /usr/src/* ; rm -f /usr/src/.*" + iocage exec $JAIL "[ -f /mnt/config/freebsd-update.conf ] && cp /mnt/config/freebsd-update.conf /etc/ || cp /mnt/common/freebsd-update.conf /etc/" +fi + iocage exec $JAIL "pkg clean -y" iocage exec $JAIL "tzsetup America/Los_Angeles" # iocage fstab -r $JAIL /root/FreeBSD/jails/config/common /mnt/common nullfs ro 0 0 # iocage exec $JAIL "rmdir /mnt/common" -iocage exec $JAIL "echo 'Subject: created new jail: $JAIL with $JAILIP / $JAILHOSTNAME / $JAILDOMAIN / $JAILUSER / $JAILUSERID / $JAILUSERVNC' | sendmail -v -t jail-root@$JAILDOMAIN" +iocage exec $JAIL "echo 'Subject: created new jail: $JAIL with IP:$JAILIP / Hostname:$JAILHOSTNAME / Domain:$JAILDOMAIN / User:$JAILUSER / UserID:$JAILUSERID / VNC:$JAILUSERVNC / SRC:$JAILSRC' | sendmail -v -t jail-root@$JAILDOMAIN" # reverse dns should already be configured for the mail server to accept this email