December 22 update

2022-12-03 17:32:20 -08:00 · 2022-12-03 17:32:20 -08:00 · a2cdf26594
commit a2cdf26594
parent 82a613d160
224 changed files with 6862 additions and 2341 deletions
--- a/configs/etc/hosts
+++ b/configs/etc/hosts
@ -10,22 +10,18 @@
 # not be consulted at all; see /etc/nsswitch.conf for the resolution order.
 #
 #
-::1			localhost localhost.my.domain
+::1			localhost
-127.0.0.1		localhost localhost.my.domain
+127.0.0.1		localhost
 192.168.0.10		nas nas.ahlawat.com
 fd01::10	nas nas.ahlawat.com
 192.168.1.10		nas nas.ahlawat.com
 fd02::10	nas nas.ahlawat.com
 192.168.2.10		nas nas.ahlawat.com
 fd05::10	nas nas.ahlawat.com
 192.168.200.10		nas nas.ahlawat.com
 fd09::10	nas nas.ahlawat.com
 192.168.10.10		nas nas.ahlawat.com
 fd0a::10	nas nas.ahlawat.com
 192.168.48.10		nas nas.ahlawat.com
 2001:470:480a::10	nas nas.ahlawat.com
 10.1.0.193 crucible.ad.inseego.com i01bitcru00.ad.inseego.com bitbucket.ad.inseego.com
 #
 # Imaginary network. 10.0.0.2 myname.my.domain myname 10.0.0.3 myfriend.my.domain myfriend
 #
--- a/configs/etc/rc.conf
+++ b/configs/etc/rc.conf
@ -17,8 +17,8 @@ performance_cpu_freq="HIGH"
 ntpd_sync_on_start="YES"
 ntpd_enable="YES"
-powerd_enable="YES"
+powerdxx_enable="YES"
-powerd_flags="-a hiadaptive -n hiadaptive -m 2500 -M 3300"
+powerdxx_flags=""
 smartd_enable="YES"
 nut_enable="YES"
@ -30,27 +30,38 @@ firewall_type="open"
 firewall_logging="YES"
 firewall_logif="YES"
-# interfaces
+# /interfaces
 cloned_interfaces_sticky="YES"
-cloned_interfaces="lagg0 bridge1 bridge2 bridge5 bridge9 bridge10 bridge48"
+cloned_interfaces="lagg0 bridge1 bridge2 bridge3 bridge5 bridge8 bridge9 bridge10 bridge48"
 ifconfig_lagg0="laggproto loadbalance laggport igb0 laggport igb1 up"
 ifconfig_igb0="up -rxcsum -rxcsum6 -txcsum -txcsum6 -lro -tso -vlanhwtso"
 ifconfig_igb1="up -rxcsum -rxcsum6 -txcsum -txcsum6 -lro -tso -vlanhwtso"
-vlans_lagg0="1 2 5 9 10 48"
+vlans_lagg0="1 2 3 5 8 9 10 48"
 ipv6_activate_all_interfaces="YES"
 rtsold_enable="YES"
 ifconfig_lagg0_1="inet 192.168.0.10/24"
 ifconfig_lagg0_1_ipv6="inet6 fd01::10/64 auto_linklocal accept_rtadv"
-ifconfig_lagg0_2="inet 192.168.1.10/24"
+ifconfig_lagg0_2="up"
-ifconfig_lagg0_2_ipv6="inet6 fd02::10/64 auto_linklocal accept_rtadv"
+#ifconfig_lagg0_2="inet 192.168.2.10/24"
-ifconfig_lagg0_5="inet 192.168.2.10/24"
+#ifconfig_lagg0_2_ipv6="inet6 fd02::10/64 auto_linklocal accept_rtadv"
-ifconfig_lagg0_5_ipv6="inet6 fd05::10/64 auto_linklocal accept_rtadv"
+ifconfig_lagg0_3="up"
-ifconfig_lagg0_9="inet 192.168.200.10/24"
+#ifconfig_lagg0_3="inet 192.168.3.10/24"
-ifconfig_lagg0_9_ipv6="inet6 fd09::10/64 auto_linklocal accept_rtadv"
+#ifconfig_lagg0_3_ipv6="inet6 fd03::10/64 auto_linklocal accept_rtadv"
 ifconfig_lagg0_5="up"
 #ifconfig_lagg0_5="inet 192.168.5.10/24"
 #ifconfig_lagg0_5_ipv6="inet6 fd05::10/64 auto_linklocal accept_rtadv"
 ifconfig_lagg0_8="up"
 # to avoid asymmetric routing - keep ip for vlan8 disabled
 #ifconfig_lagg0_8="inet 192.168.8.10/24"
 #ifconfig_lagg0_8_ipv6="inet6 fd08::10/64 auto_linklocal accept_rtadv"
 ifconfig_lagg0_9="up"
 #ifconfig_lagg0_9="inet 192.168.200.10/24"
 #ifconfig_lagg0_9_ipv6="inet6 fd09::10/64 auto_linklocal accept_rtadv"
 # required for lab servers netboot on vlan10
 ifconfig_lagg0_10="inet 192.168.10.10/24"
 ifconfig_lagg0_10_ipv6="inet6 fd0a::10/64 auto_linklocal accept_rtadv"
 ifconfig_lagg0_48="inet 192.168.48.10/24"
@ -58,7 +69,9 @@ ifconfig_lagg0_48_ipv6="inet6 2001:470:480a::10/64 auto_linklocal accept_rtadv"
 ifconfig_bridge1="addm lagg0.1 up"
 ifconfig_bridge2="addm lagg0.2 up"
 ifconfig_bridge3="addm lagg0.3 up"
 ifconfig_bridge5="addm lagg0.5 up"
 ifconfig_bridge8="addm lagg0.8 up"
 ifconfig_bridge9="addm lagg0.9 up"
 ifconfig_bridge10="addm lagg0.10 up"
 ifconfig_bridge48="addm lagg0.48 up"
@ -69,7 +82,7 @@ ifconfig_bridge48="addm lagg0.48 up"
 defaultrouter="192.168.0.5"
 ipv6_defaultrouter="fd01::5"
-# interfaces
+# interfaces/
 hostname="nas.ahlawat.com"
--- a/configs/etc/sysctl.conf
+++ b/configs/etc/sysctl.conf
@ -12,6 +12,7 @@ security.bsd.unprivileged_read_msgbuf=0
 security.bsd.unprivileged_proc_debug=0
 kern.randompid=1
 vfs.zfs.min_auto_ashift=12
 hw.acpi.cpu.cx_lowest=C6
 kern.coredump=1
 kern.sugid_coredump=1
--- a/configs/usr/local/etc/nanorc
+++ b/configs/usr/local/etc/nanorc
@ -161,7 +161,7 @@ set nowrap
 # set speller "aspell -x -c"
 ## Allow nano to be suspended.
-set suspend
+#set suspend
 ## Use this tab size instead of the default; it must be greater than 0.
 set tabsize 4
--- a/configs/usr/local/etc/rc.d/gstat_exporter
+++ b/configs/usr/local/etc/rc.d/gstat_exporter
@ -19,7 +19,7 @@
 name=gstat_exporter
 rcvar=${name}_enable
-GSTATEXPORTER="nohup /usr/local/bin/python3.8 /root/FreeBSD/scripts/gstat_exporter.py"
+GSTATEXPORTER="nohup /usr/local/bin/python3.9 /root/FreeBSD/scripts/gstat_exporter.py"
 start_cmd="${name}_start"
 stop_cmd="${name}_stop"
--- a/jails/config/atm/pkg-list-details-old.txt
+++ b/jails/config/atm/pkg-list-details-old.txt
@ -0,0 +1,6 @@
 pkgp123____netatalk3-3.1.13_4,1
 pkgp123____nss-pam-ldapd-sasl-0.9.12_1
 pkgp123____pkg-1.18.4
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____nano-6.4
--- a/jails/config/atm/pkg-list-details.txt
+++ b/jails/config/atm/pkg-list-details.txt
@ -1,6 +1,6 @@
-pkgp122____netatalk3-3.1.12_4,1
+pkgp123____netatalk3-3.1.13_4,1
 pkgp123____nss-pam-ldapd-sasl-0.9.12_1
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp123____pkg-1.18.4
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____nano-7.0
--- a/jails/config/atm/pkg-list-old.txt
+++ b/jails/config/atm/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion nano netatalk3 nss-pam-ldapd-sasl pkg
--- a/jails/config/auto/nginx.conf
+++ b/jails/config/auto/nginx.conf
@ -56,23 +56,42 @@ http {
        server_name  portfolio.ahlawat.com portfolio;
        location / {
            add_header alt-svc 'h3=":443"';
            return 301 https://portfolio.ahlawat.com$request_uri;
        }
    }
    server {
-        listen      0.0.0.0:443 ssl;
+        listen      0.0.0.0:443 ssl http2;
-        listen      [::]:443 ssl;
+        listen      0.0.0.0:443 http3 reuseport;
        listen      [::]:443 ssl http2;
        listen      [::]:443 http3 reuseport;
        server_name portfolio.ahlawat.com;
        add_header alt-svc 'h3=":443"';
        ssl_certificate      /mnt/certs/fullchain.pem;
        ssl_certificate_key  /mnt/certs/privkey.pem;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
-        ssl_ciphers  HIGH:!aNULL:!MD5;
+#        ssl_ciphers  HIGH:!aNULL:!MD5;
-        ssl_prefer_server_ciphers  on;
+#        ssl_prefer_server_ciphers  on;
        # modern configuration
        ssl_protocols TLSv1.3;
        ssl_prefer_server_ciphers off;
        # HSTS (ngx_http_headers_module is required) (63072000 seconds)
        add_header Strict-Transport-Security "max-age=63072000" always;
        # OCSP stapling
        ssl_stapling on;
        ssl_stapling_verify on;
        # verify chain of trust of OCSP response using Root CA and Intermediate certs
        ssl_trusted_certificate /mnt/certs/fullchain.pem;
        #charset koi8-r;
@ -135,8 +154,8 @@ http {
    }
    server {
-        listen      0.0.0.0:443 ssl;
+        listen      0.0.0.0:443 ssl http2;
-        listen      [::]:443 ssl;
+        listen      [::]:443 ssl http2;
        server_name producthunt.ahlawat.com;
        ssl_certificate      /mnt/certs/fullchain.pem;
@ -145,8 +164,22 @@ http {
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
-        ssl_ciphers  HIGH:!aNULL:!MD5;
+#        ssl_ciphers  HIGH:!aNULL:!MD5;
-        ssl_prefer_server_ciphers  on;
+#        ssl_prefer_server_ciphers  on;
        # modern configuration
        ssl_protocols TLSv1.3;
        ssl_prefer_server_ciphers off;
        # HSTS (ngx_http_headers_module is required) (63072000 seconds)
        add_header Strict-Transport-Security "max-age=63072000" always;
        # OCSP stapling
        ssl_stapling on;
        ssl_stapling_verify on;
        # verify chain of trust of OCSP response using Root CA and Intermediate certs
        ssl_trusted_certificate /mnt/certs/fullchain.pem;
        #access_log  logs/host.access.log  main;
--- a/jails/config/auto/pkg-list-details-old.txt
+++ b/jails/config/auto/pkg-list-details-old.txt
@ -0,0 +1,13 @@
 pkgp123____bash-5.2.12
 pkgp123____bash-completion-2.11_2,2
 pkgp123____nginx-devel-1.23.2_4
 pkgp123____pkg-1.18.4
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____py39-ansible-6.1.0
 pkgp-freebsd-pkg____py39-django32-3.2.16
 pkgp-freebsd-pkg____py39-gunicorn-20.1.0
 pkgp-freebsd-pkg____py39-pillow-9.2.0
 pkgp-freebsd-pkg____py39-pip-22.2.2
 pkgp-freebsd-pkg____py39-psycopg2-2.9.4
 pkgp-freebsd-pkg____py39-tkinter-3.9.15_6
 pkgp-freebsd-pkg____sudo-1.9.12p1
--- a/jails/config/auto/pkg-list-details.txt
+++ b/jails/config/auto/pkg-list-details.txt
@ -1,14 +1,13 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp123____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp123____pkg-1.18.4
-pkgp-freebsd-pkg____mc-4.8.28
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____nginx-1.20.2_9,2
+pkgp-freebsd-pkg____nginx-devel-1.23.2_4
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____py39-ansible-6.1.0
-pkgp-freebsd-pkg____postgresql14-client-14.2
+pkgp-freebsd-pkg____py39-django32-3.2.16
-pkgp-freebsd-pkg____py38-ansible-5.5.0
+pkgp-freebsd-pkg____py39-gunicorn-20.1.0
-pkgp-freebsd-pkg____py38-django32-3.2.12
+pkgp-freebsd-pkg____py39-pillow-9.2.0
-pkgp-freebsd-pkg____py38-gunicorn-20.1.0
+pkgp-freebsd-pkg____py39-pip-22.2.2
-pkgp-freebsd-pkg____py38-pillow-9.0.1_1
+pkgp-freebsd-pkg____py39-psycopg2-2.9.4
-pkgp-freebsd-pkg____py38-pip-20.3.4
+pkgp-freebsd-pkg____py39-tkinter-3.9.15_6
-pkgp-freebsd-pkg____py38-tkinter-3.8.13_6
+pkgp-freebsd-pkg____sudo-1.9.12p1
 pkgp-freebsd-pkg____sudo-1.9.10
--- a/jails/config/auto/pkg-list-old.txt
+++ b/jails/config/auto/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion nano nginx-devel pkg py39-ansible py39-django32 py39-gunicorn py39-pillow py39-pip py39-psycopg2 py39-tkinter sudo
--- a/jails/config/auto/pkg-list.txt
+++ b/jails/config/auto/pkg-list.txt
@ -1 +1 @@
-bash bash-completion mc nano nginx pkg postgresql14-client py38-ansible py38-django32 py38-gunicorn py38-pillow py38-pip py38-tkinter sudo
+bash bash-completion nano nginx-devel pkg py39-ansible py39-django32 py39-gunicorn py39-pillow py39-pip py39-psycopg2 py39-tkinter sudo
--- a/jails/config/book/cps
+++ b/jails/config/book/cps
@ -19,7 +19,7 @@
 name=cpsserver
 rcvar=${name}_enable
-#CPSSERVER="nohup /usr/local/bin/python3.8 /data/calibre-web/cps.py"
+#CPSSERVER="nohup /usr/local/bin/python3.9 /data/calibre-web/cps.py"
 CPSSERVER="nohup /usr/local/bin/cps"
 start_cmd="${name}_start"
--- a/jails/config/book/pkg-list-details-old.txt
+++ b/jails/config/book/pkg-list-details-old.txt
@ -0,0 +1,10 @@
 pkgp123____libxml2-2.10.3_1
 pkgp123____libxslt-1.1.37
 pkgp123____pkg-1.18.4
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____py39-ldap-3.4.0
 pkgp-freebsd-pkg____py39-pip-22.2.2
 pkgp-freebsd-pkg____py39-sqlite3-3.9.15_7
 pkgp-freebsd-pkg____rust-1.64.0
--- a/jails/config/book/pkg-list-details.txt
+++ b/jails/config/book/pkg-list-details.txt
@ -1,10 +1,10 @@
-pkgp123____libxml2-2.9.13_2
+pkgp123____libxml2-2.10.3_1
-pkgp123____libxslt-1.1.35_3
+pkgp123____libxslt-1.1.37
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp123____pkg-1.18.4
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____py38-ldap-3.4.0
+pkgp-freebsd-pkg____py39-ldap-3.4.0
-pkgp-freebsd-pkg____py38-pip-20.3.4
+pkgp-freebsd-pkg____py39-pip-22.2.2
-pkgp-freebsd-pkg____py38-sqlite3-3.8.13_7
+pkgp-freebsd-pkg____py39-sqlite3-3.9.15_7
-pkgp-freebsd-pkg____rust-1.59.0
+pkgp-freebsd-pkg____rust-1.65.0
--- a/jails/config/book/pkg-list-old.txt
+++ b/jails/config/book/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion libxml2 libxslt nano pkg py39-ldap py39-pip py39-sqlite3 rust
--- a/jails/config/book/pkg-list.txt
+++ b/jails/config/book/pkg-list.txt
@ -1 +1 @@
-bash bash-completion libxml2 libxslt nano pkg py38-ldap py38-pip py38-sqlite3 rust
+bash bash-completion libxml2 libxslt nano pkg py39-ldap py39-pip py39-sqlite3 rust
--- a/jails/config/calibre/pkg-list-details-old.txt
+++ b/jails/config/calibre/pkg-list-details-old.txt
@ -0,0 +1,11 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____calibre-5.44.0_6
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____sudo-1.9.12p1
 pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
 pkgp-freebsd-pkg____xauth-1.1.1
 pkgp-freebsd-pkg____xpdf-4.04,1
 pkgp-freebsd-pkg____xterm-375
--- a/jails/config/calibre/pkg-list-details.txt
+++ b/jails/config/calibre/pkg-list-details.txt
@ -1,11 +1,11 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____calibre-5.40.0
+pkgp-freebsd-pkg____calibre-5.44.0_6
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____sudo-1.9.10
+pkgp-freebsd-pkg____sudo-1.9.12p1
-pkgp-freebsd-pkg____tigervnc-server-1.12.0_4
+pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
-pkgp-freebsd-pkg____xauth-1.1
+pkgp-freebsd-pkg____xauth-1.1.1
-pkgp-freebsd-pkg____xpdf-4.03_1,1
+pkgp-freebsd-pkg____xpdf-4.04,1
-pkgp-freebsd-pkg____xterm-372
+pkgp-freebsd-pkg____xterm-377
--- a/jails/config/calibre/pkg-list-old.txt
+++ b/jails/config/calibre/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion calibre fluxbox nano pkg sudo tigervnc-server xauth xpdf xterm
--- a/jails/config/cam/pkg-list-details-old.txt
+++ b/jails/config/cam/pkg-list-details-old.txt
@ -0,0 +1,7 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____curl-7.85.0
 pkgp-freebsd-pkg____motion-4.3.2_3
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____py27-pip-20.2.3
--- a/jails/config/cam/pkg-list-details.txt
+++ b/jails/config/cam/pkg-list-details.txt
@ -1,7 +1,7 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____curl-7.82.0
+pkgp-freebsd-pkg____curl-7.85.0
 pkgp-freebsd-pkg____motion-4.3.2_3
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____py27-pip-20.2.3
--- a/jails/config/cam/pkg-list-old.txt
+++ b/jails/config/cam/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion curl motion nano pkg py27-pip
--- a/jails/config/cert/config.cfg
+++ b/jails/config/cert/config.cfg
@ -4,7 +4,7 @@
 # for example: listen = "127.0.0.1:53"
 listen = "0.0.0.0:53"
 # protocol, "both", "both4", "both6", "udp", "udp4", "udp6" or "tcp", "tcp4", "tcp6"
-protocol = "both4"
+protocol = "both"
 # domain name to serve the requests off of
 domain = "dns-auth.ahlawat.com"
 # zone name server
@ -44,7 +44,7 @@ tls_cert_fullchain = "/mnt/certs/fullchain.pem"
 # only used if tls = "letsencrypt"
 acme_cache_dir = "api-certs"
 # optional e-mail address to which Let's Encrypt will send expiration notices for the API's cert
-notification_email = ""
+notification_email = "sharad.ahlawat.com"
 # CORS AllowOrigins, wildcards can be used
 corsorigins = [
    "*"
@ -56,7 +56,7 @@ header_name = "X-Forwarded-For"
 [logconfig]
 # logging level: "error", "warning", "info" or "debug"
-loglevel = "debug"
+loglevel = "error"
 # possible values: stdout, TODO file & integrations
 logtype = "stdout"
 # file path for logfile TODO
--- a/jails/config/cert/ocsp_update.sh
+++ b/jails/config/cert/ocsp_update.sh
@ -0,0 +1,27 @@
 #!/usr/local/bin/bash
 shopt -u nullglob
 # Certificates path and names
 DIR="/mnt/certs"
 CERTS="${DIR}/*haproxy.pem"
 for CERT in $CERTS; do
 # Get the issuer URI, download it's certificate and convert into PEM format
 ISSUER_URI=$(openssl x509 -in $CERT -text -noout | grep 'CA Issuers' | cut -d: -f2,3)
 ISSUER_NAME=$(echo ${ISSUER_URI} | cut -d/ -f3)
 ISSUER_PEM="${DIR}/${ISSUER_NAME}.pem"
 wget -q -O- $ISSUER_URI | openssl x509 -inform DER -outform PEM -out $ISSUER_PEM
 # Get the OCSP URL from the certificate
 ocsp_url=$(openssl x509 -noout -ocsp_uri -in $CERT)
 # Extract the hostname from the OCSP URL
 ocsp_host=$(echo $ocsp_url | cut -d/ -f3)
 # Create/update the ocsp response file
 openssl ocsp -noverify -no_nonce -issuer $ISSUER_PEM -cert $CERT -url $ocsp_url -header Host=$ocsp_host -respout ${CERT}.ocsp
 done
 exit 0
--- a/jails/config/cert/pkg-list-details-old.txt
+++ b/jails/config/cert/pkg-list-details-old.txt
@ -0,0 +1,8 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____curl-7.85.0
 pkgp-freebsd-pkg____git-lite-2.38.1_3
 pkgp-freebsd-pkg____go-1.19,2
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____wget-1.21.3_1
--- a/jails/config/cert/pkg-list-details.txt
+++ b/jails/config/cert/pkg-list-details.txt
@ -1,7 +1,8 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____curl-7.82.0
+pkgp-freebsd-pkg____curl-7.85.0
-pkgp-freebsd-pkg____git-lite-2.35.1
+pkgp-freebsd-pkg____git-lite-2.38.1_4
-pkgp-freebsd-pkg____go-1.18,1
+pkgp-freebsd-pkg____go-1.19,2
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____wget-1.21.3_1
--- a/jails/config/cert/pkg-list-old.txt
+++ b/jails/config/cert/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion curl git-lite go nano pkg wget
--- a/jails/config/cert/pkg-list.txt
+++ b/jails/config/cert/pkg-list.txt
@ -1 +1 @@
-bash bash-completion curl git-lite go nano pkg
+bash bash-completion curl git-lite go nano pkg wget
--- a/jails/config/ci/pkg-list-details-old.txt
+++ b/jails/config/ci/pkg-list-details-old.txt
@ -0,0 +1,5 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____jenkins-2.377
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/ci/pkg-list-details.txt
+++ b/jails/config/ci/pkg-list-details.txt
@ -1,5 +1,5 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____jenkins-2.341
+pkgp-freebsd-pkg____jenkins-2.378
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/ci/pkg-list-old.txt
+++ b/jails/config/ci/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion jenkins nano pkg
--- a/jails/config/cloud/pkg-list-details-old.txt
+++ b/jails/config/cloud/pkg-list-details-old.txt
@ -0,0 +1,43 @@
 pkgp-freebsd-pkg____apache24-2.4.54
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____ffmpeg-4.4.3_1,1
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____php80-8.0.25
 pkgp-freebsd-pkg____php80-bcmath-8.0.25
 pkgp-freebsd-pkg____php80-bz2-8.0.25
 pkgp-freebsd-pkg____php80-ctype-8.0.25
 pkgp-freebsd-pkg____php80-curl-8.0.25
 pkgp-freebsd-pkg____php80-dom-8.0.25
 pkgp-freebsd-pkg____php80-exif-8.0.25
 pkgp-freebsd-pkg____php80-fileinfo-8.0.25
 pkgp-freebsd-pkg____php80-filter-8.0.25
 pkgp-freebsd-pkg____php80-ftp-8.0.25
 pkgp-freebsd-pkg____php80-gd-8.0.25
 pkgp-freebsd-pkg____php80-gmp-8.0.25
 pkgp-freebsd-pkg____php80-iconv-8.0.25
 pkgp-freebsd-pkg____php80-imap-8.0.25
 pkgp-freebsd-pkg____php80-intl-8.0.25_1
 pkgp-freebsd-pkg____php80-ldap-8.0.25
 pkgp-freebsd-pkg____php80-mbstring-8.0.25
 pkgp-freebsd-pkg____php80-mysqli-8.0.25
 pkgp-freebsd-pkg____php80-opcache-8.0.25
 pkgp-freebsd-pkg____php80-pcntl-8.0.25
 pkgp-freebsd-pkg____php80-pdo-8.0.25
 pkgp-freebsd-pkg____php80-pdo_mysql-8.0.25
 pkgp-freebsd-pkg____php80-pecl-APCu-5.1.22
 pkgp-freebsd-pkg____php80-pecl-imagick-3.7.0
 pkgp-freebsd-pkg____php80-pecl-mcrypt-1.0.5
 pkgp-freebsd-pkg____php80-pecl-redis-5.3.5
 pkgp-freebsd-pkg____php80-posix-8.0.25
 pkgp-freebsd-pkg____php80-session-8.0.25
 pkgp-freebsd-pkg____php80-simplexml-8.0.25
 pkgp-freebsd-pkg____php80-xml-8.0.25
 pkgp-freebsd-pkg____php80-xmlreader-8.0.25
 pkgp-freebsd-pkg____php80-xmlwriter-8.0.25
 pkgp-freebsd-pkg____php80-xsl-8.0.25
 pkgp-freebsd-pkg____php80-zip-8.0.25
 pkgp-freebsd-pkg____php80-zlib-8.0.25
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____redis-7.0.5
 pkgp-freebsd-pkg____sudo-1.9.12p1
--- a/jails/config/cloud/pkg-list-details.txt
+++ b/jails/config/cloud/pkg-list-details.txt
@ -1,44 +1,43 @@
-pkgp-freebsd-pkg____apache24-2.4.53
+pkgp-freebsd-pkg____apache24-2.4.54
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____ffmpeg-4.4.1_11,1
+pkgp-freebsd-pkg____ffmpeg-4.4.3_1,1
-pkgp-freebsd-pkg____mod_php80-8.0.17_1
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____php80-8.0.25
-pkgp-freebsd-pkg____php80-8.0.17_2
+pkgp-freebsd-pkg____php80-bcmath-8.0.25
-pkgp-freebsd-pkg____php80-bcmath-8.0.17_2
+pkgp-freebsd-pkg____php80-bz2-8.0.25
-pkgp-freebsd-pkg____php80-bz2-8.0.17_2
+pkgp-freebsd-pkg____php80-ctype-8.0.25
-pkgp-freebsd-pkg____php80-ctype-8.0.17_2
+pkgp-freebsd-pkg____php80-curl-8.0.25
-pkgp-freebsd-pkg____php80-curl-8.0.17_2
+pkgp-freebsd-pkg____php80-dom-8.0.25
-pkgp-freebsd-pkg____php80-dom-8.0.17_1
+pkgp-freebsd-pkg____php80-exif-8.0.25
-pkgp-freebsd-pkg____php80-exif-8.0.17_2
+pkgp-freebsd-pkg____php80-fileinfo-8.0.25
-pkgp-freebsd-pkg____php80-fileinfo-8.0.17_2
+pkgp-freebsd-pkg____php80-filter-8.0.25
-pkgp-freebsd-pkg____php80-filter-8.0.17_2
+pkgp-freebsd-pkg____php80-ftp-8.0.25
-pkgp-freebsd-pkg____php80-ftp-8.0.17_2
+pkgp-freebsd-pkg____php80-gd-8.0.25
-pkgp-freebsd-pkg____php80-gd-8.0.17_2
+pkgp-freebsd-pkg____php80-gmp-8.0.25
-pkgp-freebsd-pkg____php80-gmp-8.0.17_2
+pkgp-freebsd-pkg____php80-iconv-8.0.25
-pkgp-freebsd-pkg____php80-iconv-8.0.17_2
+pkgp-freebsd-pkg____php80-imap-8.0.25
-pkgp-freebsd-pkg____php80-imap-8.0.17_2
+pkgp-freebsd-pkg____php80-intl-8.0.25_1
-pkgp-freebsd-pkg____php80-intl-8.0.17_2
+pkgp-freebsd-pkg____php80-ldap-8.0.25
-pkgp-freebsd-pkg____php80-ldap-8.0.17_2
+pkgp-freebsd-pkg____php80-mbstring-8.0.25
-pkgp-freebsd-pkg____php80-mbstring-8.0.17_2
+pkgp-freebsd-pkg____php80-mysqli-8.0.25
-pkgp-freebsd-pkg____php80-mysqli-8.0.17_2
+pkgp-freebsd-pkg____php80-opcache-8.0.25
-pkgp-freebsd-pkg____php80-opcache-8.0.17_2
+pkgp-freebsd-pkg____php80-pcntl-8.0.25
-pkgp-freebsd-pkg____php80-pcntl-8.0.17_2
+pkgp-freebsd-pkg____php80-pdo-8.0.25
-pkgp-freebsd-pkg____php80-pdo-8.0.17_2
+pkgp-freebsd-pkg____php80-pdo_mysql-8.0.25
-pkgp-freebsd-pkg____php80-pdo_mysql-8.0.17_2
+pkgp-freebsd-pkg____php80-pecl-APCu-5.1.22
-pkgp-freebsd-pkg____php80-pecl-APCu-5.1.21
+pkgp-freebsd-pkg____php80-pecl-imagick-3.7.0
-pkgp-freebsd-pkg____php80-pecl-imagick-3.5.1
+pkgp-freebsd-pkg____php80-pecl-mcrypt-1.0.5
 pkgp-freebsd-pkg____php80-pecl-mcrypt-1.0.4
 pkgp-freebsd-pkg____php80-pecl-redis-5.3.5
-pkgp-freebsd-pkg____php80-posix-8.0.17_2
+pkgp-freebsd-pkg____php80-posix-8.0.25
-pkgp-freebsd-pkg____php80-session-8.0.17_2
+pkgp-freebsd-pkg____php80-session-8.0.25
-pkgp-freebsd-pkg____php80-simplexml-8.0.17_1
+pkgp-freebsd-pkg____php80-simplexml-8.0.25
-pkgp-freebsd-pkg____php80-xml-8.0.17_1
+pkgp-freebsd-pkg____php80-xml-8.0.25
-pkgp-freebsd-pkg____php80-xmlreader-8.0.17_1
+pkgp-freebsd-pkg____php80-xmlreader-8.0.25
-pkgp-freebsd-pkg____php80-xmlwriter-8.0.17_1
+pkgp-freebsd-pkg____php80-xmlwriter-8.0.25
-pkgp-freebsd-pkg____php80-xsl-8.0.17_1
+pkgp-freebsd-pkg____php80-xsl-8.0.25
-pkgp-freebsd-pkg____php80-zip-8.0.17_2
+pkgp-freebsd-pkg____php80-zip-8.0.25
-pkgp-freebsd-pkg____php80-zlib-8.0.17_2
+pkgp-freebsd-pkg____php80-zlib-8.0.25
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____redis-6.2.6
+pkgp-freebsd-pkg____redis-7.0.5
-pkgp-freebsd-pkg____sudo-1.9.10
+pkgp-freebsd-pkg____sudo-1.9.12p1
--- a/jails/config/cloud/pkg-list-old.txt
+++ b/jails/config/cloud/pkg-list-old.txt
@ -0,0 +1 @@
 apache24 bash bash-completion ffmpeg nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo
--- a/jails/config/cloud/pkg-list.txt
+++ b/jails/config/cloud/pkg-list.txt
@ -1 +1 @@
-apache24 bash bash-completion ffmpeg mod_php80 nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo
+apache24 bash bash-completion ffmpeg nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo
--- a/jails/config/common/nanorc
+++ b/jails/config/common/nanorc
@ -161,7 +161,7 @@ set nowrap
 # set speller "aspell -x -c"
 ## Allow nano to be suspended.
-set suspend
+#set suspend
 ## Use this tab size instead of the default; it must be greater than 0.
 set tabsize 4
--- a/jails/config/db/pkg-list-details-old.txt
+++ b/jails/config/db/pkg-list-details-old.txt
@ -0,0 +1,6 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____mariadb105-server-10.5.17_1
 pkgp-freebsd-pkg____mysqld_exporter-0.12.1_6
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/db/pkg-list-details.txt
+++ b/jails/config/db/pkg-list-details.txt
@ -1,6 +1,6 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____mariadb105-server-10.5.15_2
+pkgp-freebsd-pkg____mariadb105-server-10.5.17_1
-pkgp-freebsd-pkg____mysqld_exporter-0.12.1_1
+pkgp-freebsd-pkg____mysqld_exporter-0.12.1_6
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/db/pkg-list-old.txt
+++ b/jails/config/db/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion mariadb105-server mysqld_exporter nano pkg
--- a/jails/config/dns/dns_update.sh
+++ b/jails/config/dns/dns_update.sh
@ -24,21 +24,21 @@ cd /data/namedb/master
 rm /data/namedb/master/*signed*
 declare -A ZONE_PEM
-ZONE_PEM=(["ahlawat.com"]="" ["beyondbell.com"]="bb" ["diyit.org"]="diy" ["xflow.org"]="xflow" ["datavpc.com"]="dvpc" ["mydatavpc.com"]="mdvpc" ["rockwoodestates.org"]="rwe" ["rockwoodranch.org"]="rwr" ["scvcc-rental.com"]="scvcc")
+# ZONE_PEM=(["ahlawat.com"]="" ["beyondbell.com"]="bb" ["diyit.org"]="diy" ["xflow.org"]="xflow" ["datavpc.com"]="dvpc" ["mydatavpc.com"]="mdvpc" ["rockwoodestates.org"]="rwe" ["rockwoodranch.org"]="rwr" ["scvcc-rental.com"]="scvcc" ["inseego5g.net"]="i5g" )
 ZONE_PEM=(["ahlawat.com"]="" ["beyondbell.com"]="bb" ["diyit.org"]="diy" ["datavpc.com"]="dvpc" ["mydatavpc.com"]="mdvpc" ["rockwoodestates.org"]="rwe" ["rockwoodranch.org"]="rwr" ["scvcc-rental.com"]="scvcc" ["inseego5g.net"]="i5g" )
 for ZONE in "${!ZONE_PEM[@]}"
 do
    PEM=${ZONE_PEM[$ZONE]}
-    /usr/local/bin/ldns-dane -c "/mnt/certs/"$PEM"fullchain.pem" create mail.$ZONE 25 3 1 1 > /data/namedb/master/tlsa-$ZONE
+    /usr/local/bin/ldns-dane -c "/mnt/certs/${PEM}fullchain.pem" create mail.$ZONE 25 3 1 1 > /data/namedb/master/tlsa-$ZONE
-    /usr/local/bin/ldns-dane -c "/mnt/certs/"$PEM"fullchain.pem" create mail-backup.$ZONE 25 3 1 1 >> /data/namedb/master/tlsa-$ZONE
+    /usr/local/bin/ldns-dane -c "/mnt/certs/${PEM}fullchain.pem" create mail-backup.$ZONE 25 3 1 1 >> /data/namedb/master/tlsa-$ZONE
-    /usr/local/bin/ldns-dane -c "/mnt/certs/"$PEM"fullchain.pem" create $ZONE 443 3 1 1 >> /data/namedb/master/tlsa-$ZONE
+    /usr/local/bin/ldns-dane -c "/mnt/certs/${PEM}fullchain.pem" create $ZONE 443 3 1 1 >> /data/namedb/master/tlsa-$ZONE
-    /usr/local/bin/ldns-dane -c "/mnt/certs/"$PEM"fullchain.pem" create www.$ZONE 443 3 1 1 >> /data/namedb/master/tlsa-$ZONE
+    /usr/local/bin/ldns-dane -c "/mnt/certs/${PEM}fullchain.pem" create www.$ZONE 443 3 1 1 >> /data/namedb/master/tlsa-$ZONE
 done
 NEW_SERIAL=`date -j +%Y%m%d%H`
 #NEW_SERIAL="2022022635"
 echo $NEW_SERIAL
 for DBFILE in `ls /data/namedb/master/*.db`
 do
@ -47,6 +47,7 @@ do
    /usr/local/sbin/named-checkzone $ZONE $DBFILE
    SERIAL=`/usr/local/sbin/named-checkzone $ZONE $DBFILE | egrep -ho '[0-9]{10}'`
    echo $SERIAL
    echo $NEW_SERIAL
    sed -i .orig 's/'$SERIAL'/'$(($NEW_SERIAL))'/' $DBFILE
    #/usr/local/sbin/dnssec-signzone -S -K /data/namedb/master -t -o $ZONE $DBFILE
--- a/jails/config/dns/pkg-list-details-old.txt
+++ b/jails/config/dns/pkg-list-details-old.txt
@ -0,0 +1,7 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____bind916-9.16.34_1
 pkgp-freebsd-pkg____ldns-1.8.3
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____rpl-1.4.1
--- a/jails/config/dns/pkg-list-details.txt
+++ b/jails/config/dns/pkg-list-details.txt
@ -1,7 +1,7 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____bind916-9.16.27
+pkgp-freebsd-pkg____bind916-9.16.35
-pkgp-freebsd-pkg____ldns-1.8.1
+pkgp-freebsd-pkg____ldns-1.8.3
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____rpl-1.4.1
--- a/jails/config/dns/pkg-list-old.txt
+++ b/jails/config/dns/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion bind916 ldns nano pkg rpl
--- a/jails/config/elk/kibana.yml
+++ b/jails/config/elk/kibana.yml
@ -27,6 +27,8 @@ server.name: "kibana.diyit.org"
 # The URLs of the Elasticsearch instances to use for all your queries.
 elasticsearch.hosts: ["https://elk.diyit.org:9200"]
 server.publicBaseUrl: "https://kibana.diyit.org"
 # When this setting's value is true Kibana uses the hostname specified in the server.host
 # setting. When the value of this setting is false, Kibana uses the hostname of the host
 # that connects to this Kibana instance.
@ -43,7 +45,7 @@ elasticsearch.hosts: ["https://elk.diyit.org:9200"]
 # the username and password that the Kibana server uses to perform maintenance on the Kibana
 # index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
 # is proxied through the Kibana server.
-elasticsearch.username: "kibana"
+elasticsearch.username: "kibana_system"
 elasticsearch.password: "0AKzGiy2Cu4Klaz23asT"
 # Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
@ -58,7 +60,7 @@ server.ssl.key: /mnt/certs/diyprivkeyr.pem
 #elasticsearch.ssl.certificate: /path/to/your/client.crt
 #elasticsearch.ssl.key: /path/to/your/client.key
-xpack.security.enabled: true
+#xpack.security.enabled: true
 xpack.encryptedSavedObjects.encryptionKey: "something_at_least_32_characters_this_is_it"
 # Optional setting that enables you to specify a path to the PEM file for the certificate
--- a/jails/config/elk/pkg-list-details-old.txt
+++ b/jails/config/elk/pkg-list-details-old.txt
@ -0,0 +1,10 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____beats7-7.17.7
 pkgp-freebsd-pkg____curl-7.85.0
 pkgp-freebsd-pkg____elasticsearch7-7.17.7
 pkgp-freebsd-pkg____kibana7-7.17.7
 pkgp-freebsd-pkg____logstash7-7.17.7
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____openjdk11-11.0.17+8.1_1
 pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/elk/pkg-list-details.txt
+++ b/jails/config/elk/pkg-list-details.txt
@ -1,10 +1,10 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____beats7-7.16.3_1
+pkgp-freebsd-pkg____beats7-7.17.7
-pkgp-freebsd-pkg____curl-7.82.0
+pkgp-freebsd-pkg____curl-7.85.0
-pkgp-freebsd-pkg____elasticsearch7-7.16.3
+pkgp-freebsd-pkg____elasticsearch7-7.17.7
-pkgp-freebsd-pkg____kibana7-7.16.3
+pkgp-freebsd-pkg____kibana7-7.17.7
-pkgp-freebsd-pkg____logstash7-7.16.3
+pkgp-freebsd-pkg____logstash7-7.17.7
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____openjdk11-11.0.14+9.1_1
+pkgp-freebsd-pkg____openjdk11-11.0.17+8.1_1
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
--- a/jails/config/elk/pkg-list-old.txt
+++ b/jails/config/elk/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion beats7 curl elasticsearch7 kibana7 logstash7 nano openjdk11 pkg
--- a/jails/config/elk/rc.d/elasticsearch
+++ b/jails/config/elk/rc.d/elasticsearch
@ -1,10 +1,8 @@
 #!/bin/sh
-#
+
 # $FreeBSD: head/textproc/elasticsearch7/files/elasticsearch.in 538703 2020-06-13 22:41:04Z glewis $
 #
 # PROVIDE: elasticsearch
-# REQUIRE: NETWORKING SERVERS
+# REQUIRE: DAEMON
-# BEFORE: DAEMON
+# BEFORE: LOGIN
 # KEYWORD: shutdown
 #
 # Add the following line to /etc/rc.conf to enable elasticsearch:
@ -17,7 +15,7 @@
 #               Set it to required group.
 # elasticsearch_config (path):   Set to /usr/local/etc/elasticsearch/elasticsearch.yml by default.
 #               Set it to the config file location.
-# elasticsearch_java_home (path): Set to /usr/local/openjdk8 by default.
+# elasticsearch_java_home (path): Set to /usr/local/openjdk11 by default.
 #               Set it to the root of the JDK to use.
 #
 . /etc/rc.subr
@ -46,7 +44,7 @@ command=/usr/local/lib/elasticsearch/bin/elasticsearch
 command_args="-d --pidfile=${pidfile}"
 export ES_PATH_CONF=${elasticsearch_config}
-export JAVA_HOME=${elasticsearch_java_home}
+export ES_JAVA_HOME=${elasticsearch_java_home}
 elasticsearch_precmd()
 {
--- a/jails/config/elk/rc.d/filebeat
+++ b/jails/config/elk/rc.d/filebeat
@ -0,0 +1,43 @@
 #!/bin/sh
 # PROVIDE: filebeat
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
 # KEYWORD: shutdown
 # Add the following lines to /etc/rc.conf to enable filebeat:
 #
 # filebeat_enable (bool):	Set to YES to enable filebeat
 # 				Default: NO
 # filebeat_flags (str):		Extra flags passed to filebeat
 # filebeat_config (str):	filebeat configuration directory
 #				Default: ${PREFIX}/etc/beats
 # filebeat_conffile (str):	filebeat configuration file
 #				relative to ${filebeat_conf}
 #				Default: filebeat.yml
 . /etc/rc.subr
 name="filebeat"
 rcvar=${name}_enable
 load_rc_config $name
 : ${filebeat_enable:="NO"}
 : ${filebeat_config:="/usr/local/etc/beats"}
 : ${filebeat_conffile:="filebeat.yml"}
 : ${filebeat_home:="/usr/local/share/beats/filebeat"}
 : ${filebeat_logs:="/var/log/beats"}
 : ${filebeat_data:="/var/db/beats/filebeat"}
 # daemon
 start_precmd=filebeat_prestart
 command=/usr/sbin/daemon
 pidfile="/var/run/${name}"
 command_args="-frP ${pidfile} /usr/local/sbin/${name} ${filebeat_flags} --path.config ${filebeat_config} --path.home ${filebeat_home} --path.data ${filebeat_data} --path.logs ${filebeat_logs} -c ${filebeat_conffile}"
 filebeat_prestart() {
 # Have to empty rc_flags so they don't get passed to daemon(8)
 	rc_flags=""
 }
 run_rc_command "$1"
--- a/jails/config/elk/rc.d/heartbeat
+++ b/jails/config/elk/rc.d/heartbeat
@ -0,0 +1,44 @@
 #!/bin/sh
 # PROVIDE: heartbeat
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
 # KEYWORD: shutdown
 # Add the following lines to /etc/rc.conf to enable heartbeat:
 #
 # heartbeat_enable (bool):	Set to YES to enable heartbeat
 # 				Default: NO
 # heartbeat_flags (str):	Extra flags passed to heartbeat
 # heartbeat_config (str):	heartbeat configuration directory
 #				Default: ${PREFIX}/etc/beats
 # heartbeat_conffile (str):	heartbeat configuration file
 #				relative to ${heartbeat_conf}
 #				Default: heartbeat.yml
 . /etc/rc.subr
 name="heartbeat"
 rcvar=${name}_enable
 load_rc_config $name
 : ${heartbeat_enable:="NO"}
 : ${heartbeat_config:="/usr/local/etc/beats"}
 : ${heartbeat_conffile:="heartbeat.yml"}
 : ${heartbeat_home:="/usr/local/share/beats/heartbeat"}
 : ${heartbeat_logs:="/var/log/beats"}
 : ${heartbeat_data:="/var/db/beats/heartbeat"}
 # daemon
 start_precmd=heartbeat_prestart
 command=/usr/sbin/daemon
 pidfile="/var/run/${name}"
 command_args="-frP ${pidfile} /usr/local/sbin/${name} ${heartbeat_flags} --path.config ${heartbeat_config} --path.home ${heartbeat_home} --path.data ${heartbeat_data} --path.logs ${heartbeat_logs} -c ${heartbeat_conffile}"
 heartbeat_prestart() {
 # Have to empty rc_flags so they don't get passed to daemon(8)
 	rc_flags=""
 }
 run_rc_command "$1"
--- a/jails/config/elk/rc.d/kibana
+++ b/jails/config/elk/rc.d/kibana
@ -0,0 +1,84 @@
 #!/bin/sh
 # PROVIDE: kibana
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
 # KEYWORD: shutdown
 . /etc/rc.subr
 name=kibana
 rcvar=kibana_enable
 load_rc_config $name
 : ${kibana_enable:="NO"}
 : ${kibana_config:="/usr/local/etc/kibana/kibana.yml"}
 : ${kibana_user:="www"}
 : ${kibana_group:="www"}
 : ${kibana_log:="/var/log/kibana.log"}
 : ${kibana_syslog_output_enable:="NO"}
 start_precmd="kibana_start_precmd"
 reload_cmd="kibana_reload_cmd"
 extra_commands="reload"
 if checkyesno kibana_syslog_output_enable; then
 	if [ -n "${kibana_syslog_output_tag}" ]; then
 		kibana_syslog_output_flags="-T ${kibana_syslog_output_tag}"
 	else
 		kibana_syslog_output_flags="-T ${name}"
 	fi
 	if [ -n "${kibana_syslog_output_priority}" ]; then
 		kibana_syslog_output_flags="${kibana_syslog_output_flags} -s ${kibana_syslog_output_priority}"
 	fi
 	if [ -n "${kibana_syslog_output_facility}" ]; then
 		kibana_syslog_output_flags="${kibana_syslog_output_flags} -l ${kibana_syslog_output_facility}"
 	fi
 fi
 NODE="/usr/local/bin/node"
 required_files="${kibana_config}"
 pidfile="/var/run/${name}-daemon.pid"
 _kpidfile="/var/run/${name}.pid"
 command="/usr/sbin/daemon"
 command_args="-f ${kibana_syslog_output_flags} -P ${pidfile} -t ${name} \
 	/usr/bin/env BABEL_DISABLE_CACHE=1 NODE_ENV=production ${kibana_env} \
 	${NODE} --no-warnings --max-http-header-size=65536 \
 	/usr/local/www/kibana7/src/cli/dist serve \
 	--config ${kibana_config} --log-file ${kibana_log} --allow-root \
 	--xpack.reporting.enabled=false ${kibana_args}"
 kibana_start_precmd()
 {
 	if [ ! -e "${pidfile}" ]; then
 		install -m 0600 -o ${kibana_user} -g ${kibana_group} /dev/null ${pidfile}
 	fi
 	if [ ! -e "${_kpidfile}" ]; then
 		install -m 0600 -o ${kibana_user} -g ${kibana_group} /dev/null ${_kpidfile}
 	fi
 	if [ ! -f ${kibana_log} ]; then
 		install -o ${kibana_user} -g ${kibana_group} -m 640 /dev/null ${kibana_log}
 	fi
 	if [ ! -d /usr/local/www/kibana7/optimize ]; then
 		install -d -o ${kibana_user} -g ${kibana_group} /usr/local/www/kibana7/optimize
 	else
 		# We may have installed a plugin as root which will cause files in here
 		# to be owned by root:wheel. Fix with a chown.
 		chown -R ${kibana_user}:${kibana_group} /usr/local/www/kibana7/optimize
 	fi
 }
 kibana_reload_cmd()
 {
 	if [ -z "$rc_pid" ]; then
 		_run_rc_notrunning
 		return 1
 	else
 		pkill -HUP -P ${rc_pid}
 	fi
 }
 run_rc_command "$1"
--- a/jails/config/elk/rc.d/metricbeat
+++ b/jails/config/elk/rc.d/metricbeat
@ -0,0 +1,51 @@
 #!/bin/sh
 # PROVIDE: metricbeat
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
 # KEYWORD: shutdown
 # Add the following lines to /etc/rc.conf to enable metricbeat:
 #
 # metricbeat_enable (bool):	Set to YES to enable metricbeat
 # 				Default: NO
 # metricbeat_flags (str):	Extra flags passed to metricbeat
 # metricbeat_config (str):	metricbeat configuration directory
 #				Default: ${PREFIX}/etc/beats
 # metricbeat_conffile (str):	metricbeat configuration file
 #				relative to ${metricbeat_conf}
 #				Default: metricbeat.yml
 . /etc/rc.subr
 name="metricbeat"
 rcvar=${name}_enable
 load_rc_config $name
 : ${metricbeat_enable:="NO"}
 : ${metricbeat_config:="/usr/local/etc/beats"}
 : ${metricbeat_conffile:="metricbeat.yml"}
 : ${metricbeat_home:="/usr/local/share/beats/metricbeat"}
 : ${metricbeat_logs:="/var/log/beats"}
 : ${metricbeat_data:="/var/db/beats/metricbeat"}
 # daemon
 start_precmd=metricbeat_prestart
 command=/usr/sbin/daemon
 pidfile="/var/run/${name}"
 command_args="-frP ${pidfile} /usr/local/sbin/${name} ${metricbeat_flags} --path.config ${metricbeat_config} --path.home ${metricbeat_home} --path.data ${metricbeat_data} --path.logs ${metricbeat_logs} -c ${metricbeat_conffile}"
 metricbeat_prestart() {
 # Have to empty rc_flags so they don't get passed to daemon(8)
 	rc_flags=""
 }
 # metricbeat will refuse to quit if linprocfs is mounted, and sadly requires -9
 [ -f /compat/linux/proc/cpuinfo ] && stop_cmd=metricbeat_stop
 metricbeat_stop() {
 	pkill -9 -F ${pidfile} > /dev/null 2>&1
 	pkill -9 -F ${pidfile}.child > /dev/null 2>&1
 }
 run_rc_command "$1"
--- a/jails/config/git/gitea/conf/app.ini
+++ b/jails/config/git/gitea/conf/app.ini
@ -0,0 +1,94 @@
 # # Sample Configuration for Gitea using SQLite
 #
 # For information on the available settings, consult the online
 # documentation, or see the accompanying file app.ini.defaults, which
 # contains the settings incorporated into the gitea binary.
 #
 # This sample configuration runs Gitea with a local database.  Before
 # running this configuration, make sure to change the SECRET_KEY and the
 # INTERNAL_TOKEN at the end of this file.  SECRET_KEY is a password of your
 # choosing, INTERNAL_TOKEN is a 64-byte random number in BASE64 encoding. 
 # Your can generate the token using for example:
 # openssl rand -base64 64
 #
 # There are no pre-configured users; the first user to register becomes an
 # admin.  In this sample configuration, the HTTP server only listens on
 # localhost.
 #
 # If you'd rather use the web-based installer, remove this conf/app.ini file
 # and make /usr/local/etc/gitea/conf writeable to the git user.
 APP_NAME = Ahlawat GIT
 RUN_USER = git
 RUN_MODE = prod
 [database]
 DB_TYPE = mysql
 HOST    = 192.168.0.53:3306
 NAME    = gitea
 USER    = gitea
 PASSWD  = mysql__gitea
 [indexer]
 ISSUE_INDEXER_PATH = /var/db/gitea/indexers/issues.bleve
 [log]
 ROOT_PATH = /var/log/gitea
 MODE      = file
 LEVEL     = Info
 ENABLE_ACCESS_LOG = true
 ACCESS    = file
 [picture]
 DISABLE_GRAVATAR        = true
 AVATAR_UPLOAD_PATH      = /var/db/gitea/data/avatars
 [repository]
 ROOT = /var/db/gitea/gitea-repositories
 # Gitea's default is 'bash', so if you have bash installed, you can comment
 # this out.
 #SCRIPT_TYPE = sh
 [repository.upload]
 TEMP_PATH = /var/db/gitea/data/tmp/uploads
 [security]
 INSTALL_LOCK       = true
 INTERNAL_TOKEN     = 1FFhAklka01JhgJTRUrFujWYiv4ijqcTIfXJ9o4n1fWxz+XVQdXhrqDTlsnD7fvz7gugdhgkx0FY2Lx6IBdPQw==
 SECRET_KEY         = BeyondChangeMeBeforeRunningBell
 IMPORT_LOCAL_PATHS = true
 [session]
 COOKIE_SECURE   = true
 [server]
 DOMAIN        = git.ahlawat.com
 PROTOCOL      = https
 HTTP_ADDR     = ::
 HTTP_PORT     = 3000
 ROOT_URL      = https://git.ahlawat.com/
 DISABLE_SSH   = true
 SSH_DOMAIN    = %(DOMAIN)s
 SSH_PORT      = 22
 OFFLINE_MODE  = false
 APP_DATA_PATH = /var/db/gitea/data
 CERT_FILE     = /mnt/certs/fullchain.pem
 KEY_FILE      = /mnt/certs/privkeyr.pem
 LANDING_PAGE  = explore
 [service]
 DISABLE_REGISTRATION   = true
 [openid]
 ENABLE_OPENID_SIGNIN = false
 [other]
 SHOW_FOOTER_BRANDING           = false
 SHOW_FOOTER_VERSION            = false
 SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
 [oauth2]
 JWT_SECRET = 3giTtKAIflI_e9ixoU6ELHfxGaDkvFwHxDoPZQyZ0ak
 [ui]
 #DEFAULT_THEME = arc-green
--- a/jails/config/git/gitea/conf/app.ini.defaults
+++ b/jails/config/git/gitea/conf/app.ini.defaults
--- a/jails/config/git/gitea/conf/app.ini.sample
+++ b/jails/config/git/gitea/conf/app.ini.sample
@ -11,7 +11,7 @@
 # choosing, INTERNAL_TOKEN is a 64-byte random number in BASE64 encoding,
 # JWT_SECRET is a 32-byte random number in BASE64 encoding.
 # 
-# Your can generate the token using for example:
+# You can generate the token using for example:
 #   openssl rand -base64 64
 # 
 # You can let Gitea add these to the config for you; you need to make
--- a/jails/config/git/gitea/options/license
+++ b/jails/config/git/gitea/options/license
@ -1,6 +1,6 @@
 BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")
-Copyright (c) 2018-2022, diyIT.org
+Copyright (c) 2018-2019, diyIT.org
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
--- a/jails/config/git/gitea/public/diyit-org-license.txt
+++ b/jails/config/git/gitea/public/diyit-org-license.txt
@ -1,6 +1,6 @@
 BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")
-Copyright (c) 2018-2022, diyIT.org
+Copyright (c) 2018-2019, diyIT.org
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
--- a/jails/config/git/pkg-list-details-old.txt
+++ b/jails/config/git/pkg-list-details-old.txt
@ -0,0 +1,6 @@
 pkgp123____openldap26-client-2.6.3
 pkgp123____pkg-1.18.4
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____gitea-1.17.3
 pkgp-freebsd-pkg____nano-6.4
--- a/jails/config/git/pkg-list-details.txt
+++ b/jails/config/git/pkg-list-details.txt
@ -1,6 +1,6 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp123____openldap26-client-2.6.3
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp123____pkg-1.18.4
-pkgp-freebsd-pkg____gitea-1.16.5_1
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____openldap-sasl-client-2.4.59
+pkgp-freebsd-pkg____gitea-1.17.3
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____nano-7.0
--- a/jails/config/git/pkg-list-old.txt
+++ b/jails/config/git/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion gitea nano openldap26-client pkg
--- a/jails/config/git/pkg-list.txt
+++ b/jails/config/git/pkg-list.txt
@ -1 +1 @@
-bash bash-completion gitea nano openldap-sasl-client pkg
+bash bash-completion gitea nano openldap26-client pkg
--- a/jails/config/book/pkgp.conf
+++ b/jails/config/book/pkgp.conf
--- a/jails/config/hass/hass.sh
+++ b/jails/config/hass/hass.sh
@ -12,4 +12,4 @@
 cd /data/homeassistant/
 source bin/activate
-hass
+hass --ignore-os-check
--- a/jails/config/hass/libffi-3.3_1.pkg
+++ b/jails/config/hass/libffi-3.3_1.pkg
--- a/jails/config/hass/pkg-list-details-old.txt
+++ b/jails/config/hass/pkg-list-details-old.txt
@ -0,0 +1,16 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____cmake-3.24.3
 pkgp-freebsd-pkg____ffmpeg-4.4.3_1,1
 pkgp-freebsd-pkg____git-lite-2.38.1_3
 pkgp-freebsd-pkg____gmake-4.3_2
 pkgp-freebsd-pkg____heyu2-2.10_1
 pkgp-freebsd-pkg____libxslt-1.1.37
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____openjpeg-2.5.0
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____py39-sqlite3-3.9.15_7
 pkgp-freebsd-pkg____python39-3.9.15_1
 pkgp-freebsd-pkg____rust-1.64.0
 pkgp-freebsd-pkg____tmux-3.3a
 pkgp-freebsd-pkg____wget-1.21.3_1
--- a/jails/config/hass/pkg-list-details.txt
+++ b/jails/config/hass/pkg-list-details.txt
@ -1,17 +1,16 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____cmake-3.22.2
+pkgp-freebsd-pkg____cmake-3.24.3
-pkgp-freebsd-pkg____ffmpeg-4.4.1_11,1
+pkgp-freebsd-pkg____ffmpeg-4.4.3_1,1
-pkgp-freebsd-pkg____git-lite-2.35.1
+pkgp-freebsd-pkg____git-lite-2.38.1_4
 pkgp-freebsd-pkg____gmake-4.3_2
 pkgp-freebsd-pkg____heyu2-2.10_1
-pkgp-freebsd-pkg____libxslt-1.1.35_1
+pkgp-freebsd-pkg____libxslt-1.1.37
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____openjpeg-2.4.0
+pkgp-freebsd-pkg____openjpeg-2.5.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____py38-sqlite3-3.8.13_7
+pkgp-freebsd-pkg____py39-sqlite3-3.9.15_7
-pkgp-freebsd-pkg____py39-sqlite3-3.9.12_7
+pkgp-freebsd-pkg____python39-3.9.15_1
-pkgp-freebsd-pkg____python39-3.9.12
+pkgp-freebsd-pkg____rust-1.65.0
-pkgp-freebsd-pkg____rust-1.59.0
+pkgp-freebsd-pkg____tmux-3.3a
-pkgp-freebsd-pkg____tmux-3.2a
+pkgp-freebsd-pkg____wget-1.21.3_1
 pkgp-freebsd-pkg____wget-1.21.3
--- a/jails/config/hass/pkg-list-old.txt
+++ b/jails/config/hass/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion cmake ffmpeg git-lite gmake heyu2 libxslt nano openjpeg pkg py39-sqlite3 python39 rust tmux wget
--- a/jails/config/hass/pkg-list.txt
+++ b/jails/config/hass/pkg-list.txt
@ -1 +1 @@
-bash bash-completion cmake ffmpeg git-lite gmake heyu2 libxslt nano openjpeg pkg py38-sqlite3 py39-sqlite3 python39 rust tmux wget
+bash bash-completion cmake ffmpeg git-lite gmake heyu2 libxslt nano openjpeg pkg py39-sqlite3 python39 rust tmux wget
--- a/jails/config/hub/pkg-list-details-old.txt
+++ b/jails/config/hub/pkg-list-details-old.txt
@ -0,0 +1,28 @@
 pkgp123____apache24-2.4.54
 pkgp123____apr-1.7.0.1.6.1_2
 pkgp123____pkg-1.18.4
 pkgp123____samba413-4.13.17_4
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____firefox-esr-102.5.0,1
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
 pkgp-freebsd-pkg____iperf3-3.12
 pkgp-freebsd-pkg____mc-4.8.28
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____p7zip-16.02_3
 pkgp-freebsd-pkg____php81-ldap-8.1.12
 pkgp-freebsd-pkg____php81-mysqli-8.1.12
 pkgp-freebsd-pkg____php81-pgsql-8.1.12
 pkgp-freebsd-pkg____php81-session-8.1.12
 pkgp-freebsd-pkg____rename-1.99.2
 pkgp-freebsd-pkg____rkhunter-1.4.6_1
 pkgp-freebsd-pkg____rsync-3.2.6
 pkgp-freebsd-pkg____sshguard-2.4.2_2,1
 pkgp-freebsd-pkg____sudo-1.9.12p1
 pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
 pkgp-freebsd-pkg____unrar-6.12,6
 pkgp-freebsd-pkg____wget-1.21.3_1
 pkgp-freebsd-pkg____xauth-1.1.1
 pkgp-freebsd-pkg____xorg-fonts-truetype-7.7_1
 pkgp-freebsd-pkg____xorriso-1.5.4
 pkgp-freebsd-pkg____xterm-375
--- a/jails/config/hub/pkg-list-details.txt
+++ b/jails/config/hub/pkg-list-details.txt
@ -1,29 +1,28 @@
-pkgp122____openldap24-client-2.4.59_4
+pkgp123____apache24-2.4.54
 pkgp123____apache24-2.4.53_1
 pkgp123____apr-1.7.0.1.6.1_2
-pkgp123____php81-ldap-8.1.5
+pkgp123____pkg-1.18.4
-pkgp123____pkg-1.17.5_1
+pkgp123____samba413-4.13.17_4
-pkgp123____samba413-4.13.17_1
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____firefox-esr-102.5.0_1,1
 pkgp-freebsd-pkg____compat9x-amd64-9.3.903000.20170608
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
-pkgp-freebsd-pkg____iperf3-3.11
+pkgp-freebsd-pkg____iperf3-3.12
 pkgp-freebsd-pkg____mc-4.8.28
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
 pkgp-freebsd-pkg____openjdk8-8.322.06.1
 pkgp-freebsd-pkg____p7zip-16.02_3
-pkgp-freebsd-pkg____php81-mysqli-8.1.4_2
+pkgp-freebsd-pkg____php81-ldap-8.1.13
-pkgp-freebsd-pkg____php81-pgsql-8.1.4_2
+pkgp-freebsd-pkg____php81-mysqli-8.1.13
-pkgp-freebsd-pkg____php81-session-8.1.4_2
+pkgp-freebsd-pkg____php81-pgsql-8.1.13
 pkgp-freebsd-pkg____php81-session-8.1.13
 pkgp-freebsd-pkg____rename-1.99.2
 pkgp-freebsd-pkg____rkhunter-1.4.6_1
-pkgp-freebsd-pkg____rsync-3.2.3_1
+pkgp-freebsd-pkg____rsync-3.2.6
 pkgp-freebsd-pkg____sshguard-2.4.2_2,1
-pkgp-freebsd-pkg____sudo-1.9.10
+pkgp-freebsd-pkg____sudo-1.9.12p1
-pkgp-freebsd-pkg____tigervnc-1.9.0_4
+pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
-pkgp-freebsd-pkg____unrar-6.11,6
+pkgp-freebsd-pkg____unrar-6.12,6
-pkgp-freebsd-pkg____wget-1.21.3
+pkgp-freebsd-pkg____wget-1.21.3_1
-pkgp-freebsd-pkg____xauth-1.1
+pkgp-freebsd-pkg____xauth-1.1.1
 pkgp-freebsd-pkg____xorg-fonts-truetype-7.7_1
 pkgp-freebsd-pkg____xorriso-1.5.4
-pkgp-freebsd-pkg____xterm-372
+pkgp-freebsd-pkg____xterm-377
--- a/jails/config/hub/pkg-list-old.txt
+++ b/jails/config/hub/pkg-list-old.txt
@ -0,0 +1 @@
 apache24 apr bash bash-completion firefox-esr fluxbox iperf3 mc nano p7zip php81-ldap php81-mysqli php81-pgsql php81-session pkg rename rkhunter rsync samba413 sshguard sudo tigervnc-server unrar wget xauth xorg-fonts-truetype xorriso xterm
--- a/jails/config/hub/pkg-list.txt
+++ b/jails/config/hub/pkg-list.txt
@ -1 +1 @@
-apache24 apr bash bash-completion compat9x-amd64 fluxbox iperf3 mc nano openjdk8 openldap24-client p7zip php81-ldap php81-mysqli php81-pgsql php81-session pkg rename rkhunter rsync samba413 sshguard sudo tigervnc unrar wget xauth xorriso xterm
+apache24 apr bash bash-completion firefox-esr fluxbox iperf3 mc nano p7zip php81-ldap php81-mysqli php81-pgsql php81-session pkg rename rkhunter rsync samba413 sshguard sudo tigervnc-server unrar wget xauth xorg-fonts-truetype xorriso xterm
--- a/jails/config/ibm/pkg-list-details-old.txt
+++ b/jails/config/ibm/pkg-list-details-old.txt
@ -0,0 +1,9 @@
 pkgp-freebsd-pkg____automake-1.16.5
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____cmake-3.24.3
 pkgp-freebsd-pkg____git-lite-2.38.1_3
 pkgp-freebsd-pkg____hercules-3.13
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____tmux-3.3a
--- a/jails/config/ibm/pkg-list-details.txt
+++ b/jails/config/ibm/pkg-list-details.txt
@ -1,9 +1,9 @@
 pkgp-freebsd-pkg____automake-1.16.5
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____cmake-3.22.2
+pkgp-freebsd-pkg____cmake-3.24.3
-pkgp-freebsd-pkg____git-lite-2.35.1
+pkgp-freebsd-pkg____git-lite-2.38.1_4
 pkgp-freebsd-pkg____hercules-3.13
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____tmux-3.2a
+pkgp-freebsd-pkg____tmux-3.3a
--- a/jails/config/ibm/pkg-list-old.txt
+++ b/jails/config/ibm/pkg-list-old.txt
@ -0,0 +1 @@
 automake bash bash-completion cmake git-lite hercules nano pkg tmux
--- a/jails/config/jump/pkg-list-details-old.txt
+++ b/jails/config/jump/pkg-list-details-old.txt
@ -0,0 +1,10 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____guacamole-client-1.4.0
 pkgp-freebsd-pkg____guacamole-server-1.4.0
 pkgp-freebsd-pkg____libqrencode-4.1.1
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____openldap-sasl-client-2.4.59
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____wireguard-2,1
 pkgp-freebsd-pkg____zip-3.0_1
--- a/jails/config/jump/pkg-list-details.txt
+++ b/jails/config/jump/pkg-list-details.txt
@ -1,10 +1,10 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
 pkgp-freebsd-pkg____guacamole-client-1.4.0
 pkgp-freebsd-pkg____guacamole-server-1.4.0
 pkgp-freebsd-pkg____libqrencode-4.1.1
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
 pkgp-freebsd-pkg____openldap-sasl-client-2.4.59
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____wireguard-2,1
 pkgp-freebsd-pkg____zip-3.0_1
--- a/jails/config/jump/pkg-list-old.txt
+++ b/jails/config/jump/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion guacamole-client guacamole-server libqrencode nano openldap-sasl-client pkg wireguard zip
--- a/jails/config/ldap-mgr/pkg-list-details-old.txt
+++ b/jails/config/ldap-mgr/pkg-list-details-old.txt
@ -0,0 +1,9 @@
 pkgp-freebsd-pkg____apache24-2.4.54
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____ldap-account-manager-8.0.1
 pkgp-freebsd-pkg____mod_php80-8.0.25
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____phpldapadmin-php80-1.2.6.3_1
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____self-service-password-php80-1.5.0
--- a/jails/config/ldap-mgr/pkg-list-details.txt
+++ b/jails/config/ldap-mgr/pkg-list-details.txt
@ -1,9 +1,7 @@
-pkgp-freebsd-pkg____apache24-2.4.53
+pkgp-freebsd-pkg____apache24-2.4.54
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____ldap-account-manager-7.9
+pkgp-freebsd-pkg____ldap-account-manager-8.0.1
-pkgp-freebsd-pkg____mod_php80-8.0.17_1
+pkgp-freebsd-pkg____mod_php80-8.0.25
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____phpldapadmin-php80-1.2.6.3_1
+pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____pkg-1.17.5_1
 pkgp-freebsd-pkg____self-service-password-php80-1.4_1
--- a/jails/config/ldap-mgr/pkg-list-old.txt
+++ b/jails/config/ldap-mgr/pkg-list-old.txt
@ -1 +1 @@
-apache24 bash bash-completion ldap-account-manager mod_php80 nano phpldapadmin-php80 pkg sudo
+apache24 bash bash-completion ldap-account-manager mod_php80 nano phpldapadmin-php80 pkg self-service-password-php80
--- a/jails/config/ldap-mgr/pkg-list.txt
+++ b/jails/config/ldap-mgr/pkg-list.txt
@ -1 +1 @@
-apache24 bash bash-completion ldap-account-manager mod_php80 nano phpldapadmin-php80 pkg self-service-password-php80
+apache24 bash bash-completion ldap-account-manager mod_php80 nano pkg
--- a/jails/config/ldap/pkg-list-details-old.txt
+++ b/jails/config/ldap/pkg-list-details-old.txt
@ -0,0 +1,6 @@
 pkgp123____openldap26-server-2.6.3_2
 pkgp123____pkg-1.18.4
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____openssl-1.1.1s,1
--- a/jails/config/ldap/pkg-list-details.txt
+++ b/jails/config/ldap/pkg-list-details.txt
@ -1,7 +1,6 @@
-pkgp122____openldap24-client-2.4.59_4
+pkgp123____openldap26-server-2.6.3_2
-pkgp123____openldap24-server-2.4.59_9
+pkgp123____pkg-1.18.4
-pkgp123____pkg-1.17.5_1
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____openssl-1.1.1s,1
 pkgp-freebsd-pkg____openssl-1.1.1n,1
--- a/jails/config/ldap/pkg-list-old.txt
+++ b/jails/config/ldap/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion nano openldap26-server openssl pkg
--- a/jails/config/ldap/pkg-list.txt
+++ b/jails/config/ldap/pkg-list.txt
@ -1 +1 @@
-bash bash-completion nano openldap24-client openldap24-server openssl pkg
+bash bash-completion nano openldap26-server openssl pkg
--- a/jails/config/mage/pkg-list-details-old.txt
+++ b/jails/config/mage/pkg-list-details-old.txt
@ -0,0 +1,29 @@
 pkgp-freebsd-pkg____automake-1.16.5
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____cmake-3.24.3
 pkgp-freebsd-pkg____dbus-1.14.4,1
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
 pkgp-freebsd-pkg____git-lite-2.38.1_3
 pkgp-freebsd-pkg____libxslt-1.1.37
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____perl5-5.32.1_3
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____py39-IBMQuantumExperience-2.0.4
 pkgp-freebsd-pkg____py39-jupyterlab-3.4.8
 pkgp-freebsd-pkg____py39-matplotlib-3.4.3_5
 pkgp-freebsd-pkg____py39-pandas-1.5.0,1
 pkgp-freebsd-pkg____py39-pep517-0.13.0
 pkgp-freebsd-pkg____py39-pip-22.2.2
 pkgp-freebsd-pkg____py39-scikit-learn-1.1.2_1
 pkgp-freebsd-pkg____py39-seaborn-0.11.2
 pkgp-freebsd-pkg____rubygem-pkg-config-1.4.9
 pkgp-freebsd-pkg____rust-1.64.0
 pkgp-freebsd-pkg____sudo-1.9.12p1
 pkgp-freebsd-pkg____suitesparse-cholmod-3.0.14
 pkgp-freebsd-pkg____suitesparse-umfpack-5.7.9
 pkgp-freebsd-pkg____symengine-0.9.0_5
 pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
 pkgp-freebsd-pkg____xauth-1.1.1
 pkgp-freebsd-pkg____xorg-fonts-truetype-7.7_1
 pkgp-freebsd-pkg____xterm-375
--- a/jails/config/mage/pkg-list-details.txt
+++ b/jails/config/mage/pkg-list-details.txt
@ -1,30 +1,29 @@
 pkgp-freebsd-pkg____automake-1.16.5
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____cmake-3.22.2
+pkgp-freebsd-pkg____cmake-3.24.3
-pkgp-freebsd-pkg____dbus-1.12.20_5
+pkgp-freebsd-pkg____dbus-1.14.4,1
 pkgp-freebsd-pkg____fluxbox-1.3.7_5
-pkgp-freebsd-pkg____git-lite-2.35.1
+pkgp-freebsd-pkg____git-lite-2.38.1_4
-pkgp-freebsd-pkg____libxslt-1.1.35_1
+pkgp-freebsd-pkg____libxslt-1.1.37
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____perl5-5.32.1_1
+pkgp-freebsd-pkg____perl5-5.32.1_3
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____py38-IBMQuantumExperience-2.0.4
+pkgp-freebsd-pkg____py39-IBMQuantumExperience-2.0.4
-pkgp-freebsd-pkg____py38-jupyterlab-3.1.19
+pkgp-freebsd-pkg____py39-jupyterlab-3.4.8
-pkgp-freebsd-pkg____py38-matplotlib-3.4.3_3
+pkgp-freebsd-pkg____py39-matplotlib-3.4.3_5
-pkgp-freebsd-pkg____py38-pandas-1.3.5,1
+pkgp-freebsd-pkg____py39-pandas-1.5.0,1
-pkgp-freebsd-pkg____py38-pep517-0.12.0
+pkgp-freebsd-pkg____py39-pep517-0.13.0
-pkgp-freebsd-pkg____py38-pip-20.3.4
+pkgp-freebsd-pkg____py39-pip-22.2.2
-pkgp-freebsd-pkg____py38-scikit-learn-1.0.2
+pkgp-freebsd-pkg____py39-scikit-learn-1.1.3
-pkgp-freebsd-pkg____py38-seaborn-0.11.0_1
+pkgp-freebsd-pkg____py39-seaborn-0.11.2
-pkgp-freebsd-pkg____py38-tensorflow-1.15.5_2
+pkgp-freebsd-pkg____rubygem-pkg-config-1.4.9
-pkgp-freebsd-pkg____rubygem-pkg-config-1.4.7
+pkgp-freebsd-pkg____rust-1.65.0
-pkgp-freebsd-pkg____rust-1.59.0
+pkgp-freebsd-pkg____sudo-1.9.12p1
 pkgp-freebsd-pkg____sudo-1.9.10
 pkgp-freebsd-pkg____suitesparse-cholmod-3.0.14
 pkgp-freebsd-pkg____suitesparse-umfpack-5.7.9
-pkgp-freebsd-pkg____symengine-0.8.1
+pkgp-freebsd-pkg____symengine-0.9.0_5
-pkgp-freebsd-pkg____tigervnc-server-1.12.0_4
+pkgp-freebsd-pkg____tigervnc-server-1.12.0_5
-pkgp-freebsd-pkg____xauth-1.1
+pkgp-freebsd-pkg____xauth-1.1.1
 pkgp-freebsd-pkg____xorg-fonts-truetype-7.7_1
-pkgp-freebsd-pkg____xterm-372
+pkgp-freebsd-pkg____xterm-377
--- a/jails/config/mage/pkg-list-old.txt
+++ b/jails/config/mage/pkg-list-old.txt
@ -0,0 +1 @@
 automake bash bash-completion cmake dbus fluxbox git-lite libxslt nano perl5 pkg py39-IBMQuantumExperience py39-jupyterlab py39-matplotlib py39-pandas py39-pep517 py39-pip py39-scikit-learn py39-seaborn rubygem-pkg-config rust sudo suitesparse-cholmod suitesparse-umfpack symengine tigervnc-server xauth xorg-fonts-truetype xterm
--- a/jails/config/mage/pkg-list.txt
+++ b/jails/config/mage/pkg-list.txt
@ -1 +1 @@
-automake bash bash-completion cmake dbus fluxbox git-lite libxslt nano perl5 pkg py38-IBMQuantumExperience py38-jupyterlab py38-matplotlib py38-pandas py38-pep517 py38-pip py38-scikit-learn py38-seaborn py38-tensorflow rubygem-pkg-config rust sudo suitesparse-cholmod suitesparse-umfpack symengine tigervnc-server xauth xorg-fonts-truetype xterm
+automake bash bash-completion cmake dbus fluxbox git-lite libxslt nano perl5 pkg py39-IBMQuantumExperience py39-jupyterlab py39-matplotlib py39-pandas py39-pep517 py39-pip py39-scikit-learn py39-seaborn rubygem-pkg-config rust sudo suitesparse-cholmod suitesparse-umfpack symengine tigervnc-server xauth xorg-fonts-truetype xterm
--- a/jails/config/mail/pkg-list-details-old.txt
+++ b/jails/config/mail/pkg-list-details-old.txt
@ -0,0 +1,14 @@
 pkgp123____dcc-dccd-2.3.168
 pkgp123____dovecot-2.3.19.1_1
 pkgp123____dovecot-pigeonhole-0.5.19
 pkgp123____icu-72.1,1
 pkgp123____libunwind-20211201_1
 pkgp123____libyaml-0.2.5
 pkgp123____pkg-1.18.4
 pkgp123____postfix-3.7.3_1,1
 pkgp123____rspamd-3.4_1
 pkgp-freebsd-pkg____apache-solr-8.11.2,1
 pkgp-freebsd-pkg____bash-5.2.2_1
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____redis-7.0.5
--- a/jails/config/mail/pkg-list-details.txt
+++ b/jails/config/mail/pkg-list-details.txt
@ -1,12 +1,14 @@
 pkgp122____openldap24-client-2.4.59_4
 pkgp123____dcc-dccd-2.3.168
-pkgp123____dovecot-2.3.18_1
+pkgp123____dovecot-2.3.19.1_1
-pkgp123____dovecot-pigeonhole-0.5.18
+pkgp123____dovecot-pigeonhole-0.5.19
-pkgp123____pkg-1.17.5_1
+pkgp123____icu-72.1,1
-pkgp123____postfix-3.7.0_2,1
+pkgp123____libunwind-20211201_1
-pkgp123____rspamd-3.2_1
+pkgp123____libyaml-0.2.5
-pkgp-freebsd-pkg____apache-solr-8.11.1
+pkgp123____pkg-1.18.4
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp123____postfix-3.7.3_1,1
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp123____rspamd-3.4_1
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____apache-solr-8.11.2,1
-pkgp-freebsd-pkg____redis-6.2.6
+pkgp-freebsd-pkg____bash-5.2.12
 pkgp-freebsd-pkg____bash-completion-2.11_2,2
 pkgp-freebsd-pkg____nano-7.0
 pkgp-freebsd-pkg____redis-7.0.5
--- a/jails/config/mail/pkg-list-old.txt
+++ b/jails/config/mail/pkg-list-old.txt
@ -0,0 +1 @@
 apache-solr bash bash-completion dcc-dccd dovecot dovecot-pigeonhole icu libunwind libyaml nano pkg postfix redis rspamd
--- a/jails/config/mail/pkg-list.txt
+++ b/jails/config/mail/pkg-list.txt
@ -1 +1 @@
-apache-solr bash bash-completion dcc-dccd dovecot dovecot-pigeonhole nano openldap24-client pkg postfix redis rspamd
+apache-solr bash bash-completion dcc-dccd dovecot dovecot-pigeonhole icu libunwind libyaml nano pkg postfix redis rspamd
--- a/jails/config/mail/postfix/main.cf
+++ b/jails/config/mail/postfix/main.cf
@ -282,10 +282,9 @@ unknown_local_recipient_reject_code = 550
 #mynetworks = $config_directory/mynetworks
 #mynetworks = hash:$config_directory/network_table
-#mynetworks = 127.0.0.1/32 192.168.0.0/16 [::1]/128 [fe80::]/10 [2603:3024:3f6::]/56
+mynetworks = 127.0.0.1/32 192.168.0.0/24 [::1]/128 [fe80::]/10 [fd01::]/64
 mynetworks = 127.0.0.1/32 192.168.0.0/24 [::1]/128 [fe80::]/10 [2603:3024:3f6:e1::]/64
 smtp_bind_address = 192.168.0.100
-smtp_bind_address6 = 2603:3024:3f6:e1::100
+smtp_bind_address6 = fd01::100
 # The relay_domains parameter restricts what destinations this system will
 # relay mail to.  See the smtpd_recipient_restrictions description in
@ -675,7 +674,7 @@ manpage_directory = /usr/local/man
 # sample_directory: The location of the Postfix sample configuration files.
 # This parameter is obsolete as of Postfix 2.1.
 #
-sample_directory = /usr/local/etc/postfix
+#sample_directory = /usr/local/etc/postfix
 # readme_directory: The location of the Postfix README files.
 #
@ -684,6 +683,7 @@ inet_protocols = ipv4, ipv6
 # sometimes comcast's IPv6 reverse DNS lookup stops working so you need to enable the line below (default: any)
 #smtp_address_preference = ipv4
 smtp_address_preference = any
 meta_directory = /usr/local/libexec/postfix
 shlib_directory = /usr/local/lib/postfix
@ -717,6 +717,8 @@ swap_bangpath = no
 smtpd_tls_cert_file = /mnt/certs/fullchain.pem
 smtpd_tls_key_file = /mnt/certs/privkeyr.pem
 smtpd_tls_loglevel = 2
 # These two lines define how postfix will connect to other mail servers.
 # DANE is a stronger form of opportunistic TLS. You can read about it here:
 # http://www.postfix.org/TLS_README.html#client_tls_dane
@ -729,25 +731,34 @@ smtp_dns_support_level = dnssec
 # Here we define the options for "mandatory" TLS. In our setup, TLS is only
 # "mandatory" for authenticating users. I got these settings from Mozilla's
 # SSL reccomentations page.
 # https://ssl-config.mozilla.org/#server=postfix&version=3.4.8&config=intermediate&openssl=1.1.1k&guideline=5.6
 #
 # NOTE: do not attempt to make TLS mandatory for all incoming/outgoing
 # connections. Do not attempt to change the default cipherlist for non-
 # mandatory connections either. There are still a lot of mail servers out
 # there that do not use TLS, and many that do only support old ciphers.
 # Forcing TLS for everyone *will* cause you to lose mail.
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1, TLSv1.2
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
-smtpd_tls_mandatory_ciphers = high
+smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
-tls_high_cipherlist = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
+
 smtpd_tls_mandatory_ciphers = medium
 tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
 tls_preempt_cipherlist = no
 # allow other mail servers to connect using TLS, but don't require it
 smtpd_tls_security_level = may
 # tickets and compression have known vulnerabilities
-tls_ssl_options = no_ticket, no_compression
+tls_ssl_options = no_ticket, no_compression, NO_RENEGOTIATION
-# it's more secure to generate your own DH params
+# it's more secure to generate your own DH params but using mozilla's
-smtpd_tls_dh512_param_file  = /mnt/certs/dhparam512.pem
+# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
-smtpd_tls_dh1024_param_file = /mnt/certs/dhparam2048.pem
+# not actually 1024 bits, this applies to all DHE >= 1024 bits
 #smtpd_tls_dh512_param_file  = /mnt/certs/dhparam512.pem
 smtpd_tls_dh1024_param_file = /mnt/certs/dhparam4096.pem
 # cache incoming and outgoing TLS sessions
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_tlscache
@ -781,13 +792,13 @@ smtpd_helo_required = yes
 # entry and present a valid, FQDN HELO hostname. In addition, they can only
 # send mail to valid mailboxes on the server, and the sender's domain must
 # actually exist.
-smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_pipelining,reject_unknown_reverse_client_hostname
+smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_pipelining,reject_unknown_reverse_client_hostname,reject_unknown_client_hostname
 # you might want to consider:
 #  reject_unknown_client_hostname,
 # here. This will reject all incoming connections without a reverse DNS
 # entry that resolves back to the client's IP address. This is a very
 # restrictive check and may reject legitimate mail.
-smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_helo_hostname,reject_unauth_pipelining,reject_non_fqdn_helo_hostname
+smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_helo_hostname,reject_unauth_pipelining,reject_non_fqdn_helo_hostname,reject_unknown_helo_hostname
 # you might want to consider:
 #  reject_unknown_helo_hostname,
 # here. This will reject all incoming mail without a HELO hostname that
@ -819,3 +830,5 @@ milter_protocol = 6
 milter_default_action = accept
 smtpd_milters = unix:/var/run/rspamd/milter.sock
 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
 #always_bcc = ahlawat@ahlawat.com
--- a/jails/config/maps/pkg-list-details-old.txt
+++ b/jails/config/maps/pkg-list-details-old.txt
@ -0,0 +1,7 @@
 pkgp-freebsd-pkg____bash-5.2.9
 pkgp-freebsd-pkg____bash-completion-2.11_1,2
 pkgp-freebsd-pkg____nano-6.4
 pkgp-freebsd-pkg____npm-8.19.2
 pkgp-freebsd-pkg____pkg-1.18.4
 pkgp-freebsd-pkg____pkgconf-1.8.0_1,1
 pkgp-freebsd-pkg____vips-8.13.0_3
--- a/jails/config/maps/pkg-list-details.txt
+++ b/jails/config/maps/pkg-list-details.txt
@ -1,7 +1,7 @@
-pkgp-freebsd-pkg____bash-5.1.16
+pkgp-freebsd-pkg____bash-5.2.12
-pkgp-freebsd-pkg____bash-completion-2.11_1,2
+pkgp-freebsd-pkg____bash-completion-2.11_2,2
-pkgp-freebsd-pkg____nano-6.0
+pkgp-freebsd-pkg____nano-7.0
-pkgp-freebsd-pkg____npm-8.5.2
+pkgp-freebsd-pkg____npm-8.19.2
-pkgp-freebsd-pkg____pkg-1.17.5_1
+pkgp-freebsd-pkg____pkg-1.18.4
-pkgp-freebsd-pkg____pkgconf-1.8.0,1
+pkgp-freebsd-pkg____pkgconf-1.8.0_1,1
-pkgp-freebsd-pkg____vips-8.12.2_4
+pkgp-freebsd-pkg____vips-8.13.0_3
--- a/jails/config/maps/pkg-list-old.txt
+++ b/jails/config/maps/pkg-list-old.txt
@ -0,0 +1 @@
 bash bash-completion nano npm pkg pkgconf vips
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							`bash bash-completion nano netatalk3 nss-pam-ldapd-sasl pkg`
		`@ -0,0 +1 @@`
							`bash bash-completion nano nginx-devel pkg py39-ansible py39-django32 py39-gunicorn py39-pillow py39-pip py39-psycopg2 py39-tkinter sudo`
`@ -1 +1 @@`
	`bash bash-completion mc nano nginx pkg postgresql14-client py38-ansible py38-django32 py38-gunicorn py38-pillow py38-pip py38-tkinter sudo`	`bash bash-completion nano nginx-devel pkg py39-ansible py39-django32 py39-gunicorn py39-pillow py39-pip py39-psycopg2 py39-tkinter sudo`
		`@ -0,0 +1 @@`
							`bash bash-completion libxml2 libxslt nano pkg py39-ldap py39-pip py39-sqlite3 rust`
		`@ -0,0 +1 @@`
							`bash bash-completion calibre fluxbox nano pkg sudo tigervnc-server xauth xpdf xterm`
		`@ -0,0 +1 @@`
							`bash bash-completion curl motion nano pkg py27-pip`
		`@ -0,0 +1 @@`
							`bash bash-completion curl git-lite go nano pkg wget`
		`@ -0,0 +1 @@`
							`apache24 bash bash-completion ffmpeg nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo`
`@ -1 +1 @@`
	apache24 bash bash-completion ffmpeg mod_php80 nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo	`apache24 bash bash-completion ffmpeg nano php80 php80-bcmath php80-bz2 php80-ctype php80-curl php80-dom php80-exif php80-fileinfo php80-filter php80-ftp php80-gd php80-gmp php80-iconv php80-imap php80-intl php80-ldap php80-mbstring php80-mysqli php80-opcache php80-pcntl php80-pdo php80-pdo_mysql php80-pecl-APCu php80-pecl-imagick php80-pecl-mcrypt php80-pecl-redis php80-posix php80-session php80-simplexml php80-xml php80-xmlreader php80-xmlwriter php80-xsl php80-zip php80-zlib pkg redis sudo`
		`@ -0,0 +1 @@`
							`bash bash-completion mariadb105-server mysqld_exporter nano pkg`