updates Jun 11

configs/etc/ctl.conf

@@ -4,32 +4,32 @@ portal-group pg0 {
 	listen [::]
 }
 
-target iqn.nas.ahlawat.com:lab13 {
+target iqn.nas.ahlawat.com:f11 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab13
+		path /dev/zvol/ship/raw/FreeBSD11
 		size 128G
 	}
 }
 
-target iqn.nas.ahlawat.com:lab17 {
+target iqn.nas.ahlawat.com:f12 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab17
+		path /dev/zvol/ship/raw/FreeBSD12
 		size 128G
 	}
 }
 
-target iqn.nas.ahlawat.com:lab18 {
+target iqn.nas.ahlawat.com:f13 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab18
+		path /dev/zvol/ship/raw/FreeBSD13
 		size 128G
 	}
 }

configs/etc/rc.conf

@@ -1,6 +1,6 @@
 zfs_enable="YES"
 
-kld_list="nmdm vmm ipfw"
+kld_list="nmdm vmm ipfw ipdivert linux64"
 
 # Do not mark to autodetach otherwise ZFS gets very unhappy.
 geli_autodetach="NO"
@@ -24,7 +24,7 @@ nut_enable="YES"
 
 #dbus_enable="YES"
 
-firewall_enable="NO"
+firewall_enable="YES"
 firewall_type="open"
 firewall_logging="YES"
 firewall_logif="YES"
@@ -56,6 +56,16 @@ ifconfig_bridge2="addm lagg0.2 up"
 ifconfig_bridge5="addm lagg0.5 up"
 ifconfig_bridge9="addm lagg0.9 up"
 
+# adding IP to bridges does not work
+#ifconfig_bridge1="inet 192.168.0.10/24"
+#ifconfig_bridge1_ipv6="inet6 2603:3024:3f6:e1::10/64 auto_linklocal accept_rtadv"
+#ifconfig_bridge2="inet 192.168.1.10/24"
+#ifconfig_bridge2_ipv6="inet6 2603:3024:3f6:e2::10/64 auto_linklocal accept_rtadv"
+#ifconfig_bridge5="inet 192.168.2.10/24"
+#ifconfig_bridge5_ipv6="inet6 2603:3024:3f6:e5::10/64 auto_linklocal accept_rtadv"
+#ifconfig_bridge9="inet 192.168.200.10/24"
+#ifconfig_bridge9_ipv6="inet6 2603:3024:3f6:e9::10/64 auto_linklocal accept_rtadv"
+
 defaultrouter="192.168.0.5"
 ipv6_defaultrouter="2603:3024:3f6:e1::5"
 # interfaces
@@ -83,3 +93,25 @@ devfs_system_ruleset="usbrules"
 node_exporter_enable="YES"
 node_exporter_args=--collector.filesystem.ignored-mount-points="/mnt/iocage*"
 gstat_exporter_enable="YES"
+
+# modify hard disk cam queues 
+cam_tag_enable="YES"
+
+# debian jail
+linux_enable="YES"
+
+nfs_server_enable="YES"
+nfsv4_server_enable="YES"
+nfsuserd_enable="YES"
+
+mountd_enable="YES"
+mountd_flags="-r"
+
+rpcbind_enable="YES"
+rpc_lockd_enable="YES"
+rpc_statd_enable="YES"
+
+tftpd_enable="YES"
+tftpd_flags="-s /mnt/ship/pxe"
+
+ctld_enable="YES"

configs/pxe/ctl.conf

@@ -4,32 +4,32 @@ portal-group pg0 {
 	listen [::]
 }
 
-target iqn.nas.ahlawat.com:lab13 {
+target iqn.nas.ahlawat.com:f11 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab13
+		path /dev/zvol/ship/raw/FreeBSD11
 		size 128G
 	}
 }
 
-target iqn.nas.ahlawat.com:lab17 {
+target iqn.nas.ahlawat.com:f12 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab17
+		path /dev/zvol/ship/raw/FreeBSD12
 		size 128G
 	}
 }
 
-target iqn.nas.ahlawat.com:lab18 {
+target iqn.nas.ahlawat.com:f13 {
 #	auth-group no-authentication
 	portal-group pg0
     chap user secretsecret
 	lun 0 {
-		path /dev/zvol/ship/raw/lab18
+		path /dev/zvol/ship/raw/FreeBSD13
 		size 128G
 	}
 }

configs/pxe/iscsi.conf.13

@@ -1,6 +1,6 @@
 t0 {
 	TargetAddress   = 192.168.0.10
-	TargetName      = iqn.nas.ahlawat.com:lab13
+	TargetName      = iqn.nas.ahlawat.com:f13
 	AuthMethod      = CHAP
 	chapIName       = user
 	chapSecret      = secretsecret

configs/pxe/iscsi.conf.17

@@ -1,7 +0,0 @@
-t0 {
-	TargetAddress   = 192.168.0.10
-	TargetName      = iqn.nas.ahlawat.com:lab17
-	AuthMethod      = CHAP
-	chapIName       = user
-	chapSecret      = secretsecret
-}

configs/pxe/iscsi.conf.18

@@ -1,7 +0,0 @@
-t0 {
-	TargetAddress   = 192.168.0.10
-	TargetName      = iqn.nas.ahlawat.com:lab18
-	AuthMethod      = CHAP
-	chapIName       = user
-	chapSecret      = secretsecret
-}

configs/pxe/rc.conf

@@ -1,6 +1,26 @@
+cloned_interfaces_sticky="YES"
+cloned_interfaces="bridge1 bridge2 bridge11 bridge12"
+ifconfig_bridge1="ether random addm bge0 up"
+ifconfig_bridge2="ether random addm bge1 up"
+ifconfig_bridge11="ether random addm bnxt0 up"
+#ifconfig_bridge12="ether random addm bnxt1 up"
+ifconfig_bnxt0="up"
+ifconfig_bnxt1="up"
+#
+#on lab17:
+#ifconfig_bnxt0="inet 10.0.11.17/24 up"
+#ifconfig_bnxt1="inet 10.0.12.17/24 up"
+#
+#on lab18:
+#ifconfig_bnxt0="inet 10.0.11.18/24 up"
+#ifconfig_bnxt1="inet 10.0.12.18/24 up"
+
+rpcbind_enable="YES"
 rpc_lockd_enable="YES"
 rpc_statd_enable="YES"
+
 sshd_enable="YES"
+
 iscsid_enable="YES"
 iscsictl_enable="YES"
 iscsictl_flags="-Aa"

configs/pxe/resolv.conf

@@ -1,8 +1,7 @@
 # Generated by resolvconf
-search ahlawat.com
+search diyit.org
 nameserver 192.168.0.5
 nameserver 2603:3024:3f6:e1::5
 nameserver 2603:3024:3f6:e2::5
 nameserver 2603:3024:3f6:e5::5
 nameserver 2603:3024:3f6:e9::5
-

jails/config/ibm/create_tuns.sh

@@ -1,14 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 2018-2020, diyIT.org
-# All rights reserved.
-#
-# BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")
-# https://diyit.org/license/
-#
-#
-
-ifconfig tun181 create
-#ifconfig bridge1 addm tap181 up
-#ifconfig tap181 up
-#ifconfig tap181 inet6 auto_linklocal

jails/config/vm/create_taps.sh

@@ -28,6 +28,11 @@ ifconfig bridge1 addm tap84 up
 ifconfig tap84 up
 ifconfig tap84 inet6 auto_linklocal
 
+ifconfig tap85 create
+ifconfig bridge1 addm tap85 up
+ifconfig tap85 up
+ifconfig tap85 inet6 auto_linklocal
+
 ifconfig tap90 create
 ifconfig bridge1 addm tap90 up
 ifconfig tap90 up

jails/config/vm/r-windows.sh

@@ -18,12 +18,12 @@ do
 
 bhyve -c sockets=1,cores=2,threads=2 -m 16G -S -A -H -P \
 -s 0,hostbridge \
--s 4,ahci-hd,/dev/zvol/ship/raw/windows,sectorsize=512 \
+-s 4,ahci-hd,/dev/zvol/ship/raw/r-windows,sectorsize=512 \
--s 5,virtio-net,tap81,mac=00:0A:0B:0C:0D:81 \
+-s 5,virtio-net,tap85,mac=00:0A:0B:0C:0D:85 \
--s 6,ahci-hd,/dev/zvol/ship/raw/windows_data,sectorsize=512 \
+-s 6,ahci-hd,/dev/zvol/ship/raw/r-windows_data,sectorsize=512 \
--s 29,fbuf,tcp=0.0.0.0:5981,w=1600,h=900 \
+-s 29,fbuf,tcp=0.0.0.0:5985,w=1600,h=900 \
 -s 30,xhci,tablet \
--s 31,lpc -l com1,/dev/nmdm81A \
+-s 31,lpc -l com1,/dev/nmdm85A \
 -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
 r-windows
 
@@ -53,14 +53,14 @@ exit $?
 
 # bhyvectl --get-all --vm=r-windows
 
-# cu -l /dev/nmdm81B
+# cu -l /dev/nmdm85B
 # (This uses cu() so press ~+Ctrl-D to exit)
 
 #on base system:
 #zfs create -V 32G -o refreservation=none ship/raw/r-windows
-#zfs create -V 128G -o refreservation=none ship/raw/r-windows_data
+#zfs create -V 256G -o refreservation=none ship/raw/r-windows_data
 # on boot
-#ifconfig tap81 create
+#ifconfig tap85 create
-#ifconfig bridge1 addm tap81 up
+#ifconfig bridge1 addm tap85 up
-#ifconfig tap81 up
+#ifconfig tap85 up
-#ifconfig tap81 inet6 auto_linklocal
+#ifconfig tap85 inet6 auto_linklocal

jails/config/vm/startvms.sh

@@ -18,10 +18,10 @@ tmux new-session -d -s $session -n freepbx
 tmux selectp -t 1
 tmux send-keys "cd /mnt/config;./pbx.sh" C-m
 
-# create a new window r-windows
+# create a new window windows
-tmux new-window -t $session:1 -n r-windows
+tmux new-window -t $session:1 -n windows
 tmux selectp -t 1
-tmux send-keys "cd /mnt/config;./r-windows.sh" C-m
+tmux send-keys "cd /mnt/config;./windows.sh" C-m
 
 # create a new window ubuntu
 tmux new-window -t $session:2 -n ubuntu
@@ -38,6 +38,11 @@ tmux new-window -t $session:4 -n w2019
 tmux selectp -t 1
 tmux send-keys "cd /mnt/config;./w2019.sh" C-m
 
+# create a new window r-windows
+tmux new-window -t $session:5 -n r-windows
+tmux selectp -t 1
+tmux send-keys "cd /mnt/config;./r-windows.sh" C-m
+
 # return to main window
 tmux select-window -t $session:0
 tmux selectp -t 1

jails/jails-restore-httpd.sh

@@ -12,6 +12,7 @@ web_jails=(cloud hub nivi rachna rishabh sharad web web-diyit ldap-mgr r-ldap-mg
 
 for i in ${web_jails[@]};
 do
+	echo ""
     echo "## checking $i JAIL configs after Apache and/or PHP updates ##"
 	iocage exec $i "diff /usr/local/etc/apache24/httpd.conf /mnt/config/httpd.conf"
 	iocage exec $i "diff /usr/local/etc/php.ini /mnt/config/php.ini"
@@ -21,14 +22,20 @@ do
 	echo "####"
 done
 
+echo ""
+echo "check in output above if php.ini or php-fpm also need to be restored"
+
+echo ""
 read -p "Return/Enter to restore httpd.conf files, ctrl-c to abort? " RESP
 
 for i in ${web_jails[@]};
 do
+	echo ""
 	echo "restoring httpd.conf in web_jail $i after Apache update"
 	iocage exec $i "cp /mnt/config/httpd.conf /usr/local/etc/apache24/httpd.conf"
 	iocage exec $i "service apache24 restart"
 done
 
-echo "check in output above if php.ini or php-fpm need to be restored"
+echo ""
-echo "check pkgp jail nginx instance is running"
+echo "checking pkgp jail nginx instance is running"
+iocage exec nginx "service nginx staus" service nginx status

jails/jails-update-pkgs.sh

@@ -66,6 +66,10 @@ for i in `iocage list -h | cut -f 2`;
 do
 	echo "## $i JAIL ##"
 
+    if [ $i == "pkgp" ] || [ $i == "debian"]; then
+        continue;
+    fi
+
 	iocage exec $i "pkg update"
 
 	if [[ "$i" == "ldap" || "$i" == "r-ldap" ]]; then
@@ -92,17 +96,17 @@ do
 done
 
 echo "NOTES:"
-
+echo ""
 echo "update base system by running:"
 echo "pkg update"
 echo "pkg autoremove -y"
 echo "pkg upgrade -y"
 echo "pkg clean -ay"
-
+echo ""
 echo "iocage stop ALL"
 echo "iocage start ALL"
-
+echo ""
-echo "hub check for index.html and adminer version"
+echo "check hub for index.html and adminer version"
-
+echo ""
 echo "iocage exec cert \"/root/.acme.sh/acme.sh --upgrade\""
 echo "iocage exec cert \"cp -r /root/.acme.sh /mnt/certs\""