diyIT
/
FreeBSD
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

.

This commit is contained in:
Charlie Root 2021-04-18 12:23:35 -07:00
parent c888a24d70
commit 666071e35d
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
freebsd_vm/notes.txt Normal file
View File

@ -0,0 +1,4 @@
zfs set mountpoint=/mnt/ship ship
zfs set mountpoint=/mnt/data data
zfs set mountpoint=/mnt/iocage ship/iocage
zfs create /mnt/ship/certs

17
jails/create.sh
View File

@ -15,15 +15,16 @@ JAILIP=$4
JAILUSER=$5 JAILUSER=$5
JAILUSERID=$6 JAILUSERID=$6
JAILUSERVNC=$7 JAILUSERVNC=$7
JAILSRC=${8-false}
: "${JAIL:?Need to specify JAIL - first parameter}" : "${JAIL:?Need to specify JAIL - first parameter}"
: "${JAILHOSTNAME:?Need to specify JAILHOSTNAME - second parameter}" : "${JAILHOSTNAME:?Need to specify JAILHOSTNAME - second parameter}"
: "${JAILDOMAIN:?Need to specify JAILDOMAIN - third parameter}" : "${JAILDOMAIN:?Need to specify JAILDOMAIN - third parameter}"
: "${JAILIP:?Need to specify JAILIP - fourth parameter}" : "${JAILIP:?Need to specify JAILIP - fourth parameter}"
: "${JAILUSER:?Need to specify JAILUSER - fifth parameter - set to X if none required}" : "${JAILUSER:?Need to specify JAILUSER - fifth parameter - set to X if none required}"
: "${JAILUSERID:?Need to specify JAILUSERID - sixth parameter - eg. set to 1000 for p OR 2002 for r}" : "${JAILUSERID:?Need to specify JAILUSERID - sixth parameter - eg. set to 1000 for p / 2002 for r}"
: "${JAILUSERVNC:?Need to specify JAILUSERVNC - seventh parameter - set to true to add vnc for jailuser}" : "${JAILUSERVNC:?Need to specify JAILUSERVNC - seventh parameter - set to true to add vnc for jailuser}"
# user p and r are diyit deployment specific # : "${JAILSRC:?Need to specify JAILSRC - eighth parameter - set to true to keep SRC files}"
# there are cases where you may only want an IPv4 jail # there are cases where you may only want an IPv4 jail
I6CONFIG=true I6CONFIG=true
@ -36,7 +37,7 @@ I4NS="192.168.0.5"
I6NS="fd01::5" I6NS="fd01::5"
# these IP spaces are diyit deployment specific # these IP spaces are diyit deployment specific
echo "$JAIL / $JAILIP / $JAILHOSTNAME / $JAILDOMAIN / $JAILUSER / $JAILUSERID / $JAILUSERVNC" echo "Name:$JAIL / IP:$JAILIP / Hostname:$JAILHOSTNAME / Domain:$JAILDOMAIN / User:$JAILUSER / UserID:$JAILUSERID / VNC:$JAILUSERVNC / SRC:$JAILSRC"
# cant install packages during jail creation because ipfw blocks all network traffic # cant install packages during jail creation because ipfw blocks all network traffic
#echo '{"pkgs":["bash","bash-completion","nano"]}' > /tmp/pkg-$JAIL.json #echo '{"pkgs":["bash","bash-completion","nano"]}' > /tmp/pkg-$JAIL.json
@ -85,8 +86,6 @@ iocage exec $JAIL "resolvconf -u"
iocage exec $JAIL "mkdir -p /usr/local/etc/pkg/repos" iocage exec $JAIL "mkdir -p /usr/local/etc/pkg/repos"
iocage exec $JAIL "[ -f /mnt/config/pkgp.conf ] && cp /mnt/config/pkgp.conf /usr/local/etc/pkg/repos/ || cp /mnt/common/pkgp.conf /usr/local/etc/pkg/repos/" iocage exec $JAIL "[ -f /mnt/config/pkgp.conf ] && cp /mnt/config/pkgp.conf /usr/local/etc/pkg/repos/ || cp /mnt/common/pkgp.conf /usr/local/etc/pkg/repos/"
iocage exec $JAIL "[ -f /mnt/config/freebsd-update.conf ] && cp /mnt/config/freebsd-update.conf /etc/ || cp /mnt/common/freebsd-update.conf /etc/"
iocage exec $JAIL "env ASSUME_ALWAYS_YES=YES pkg bootstrap" iocage exec $JAIL "env ASSUME_ALWAYS_YES=YES pkg bootstrap"
iocage exec $JAIL "pkg update -f" iocage exec $JAIL "pkg update -f"
iocage exec $JAIL "pkg upgrade -y" iocage exec $JAIL "pkg upgrade -y"
@ -164,11 +163,17 @@ if [ "$JAILUSER" != "X" ]; then
fi fi
fi fi
if ! (($JAILSRC)); then
echo "removing /usr/src files ..."
iocage exec $JAIL "rm -rf /usr/src/* ; rm -f /usr/src/.*"
iocage exec $JAIL "[ -f /mnt/config/freebsd-update.conf ] && cp /mnt/config/freebsd-update.conf /etc/ || cp /mnt/common/freebsd-update.conf /etc/"
fi
iocage exec $JAIL "pkg clean -y" iocage exec $JAIL "pkg clean -y"
iocage exec $JAIL "tzsetup America/Los_Angeles" iocage exec $JAIL "tzsetup America/Los_Angeles"
# iocage fstab -r $JAIL /root/FreeBSD/jails/config/common /mnt/common nullfs ro 0 0 # iocage fstab -r $JAIL /root/FreeBSD/jails/config/common /mnt/common nullfs ro 0 0
# iocage exec $JAIL "rmdir /mnt/common" # iocage exec $JAIL "rmdir /mnt/common"
iocage exec $JAIL "echo 'Subject: created new jail: $JAIL with $JAILIP / $JAILHOSTNAME / $JAILDOMAIN / $JAILUSER / $JAILUSERID / $JAILUSERVNC' | sendmail -v -t jail-root@$JAILDOMAIN" iocage exec $JAIL "echo 'Subject: created new jail: $JAIL with IP:$JAILIP / Hostname:$JAILHOSTNAME / Domain:$JAILDOMAIN / User:$JAILUSER / UserID:$JAILUSERID / VNC:$JAILUSERVNC / SRC:$JAILSRC' | sendmail -v -t jail-root@$JAILDOMAIN"
# reverse dns should already be configured for the mail server to accept this email # reverse dns should already be configured for the mail server to accept this email