From 0f1769dd1f7b59790631781f81797c9672a9fede Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sat, 17 Jun 2023 16:28:43 -0400 Subject: [PATCH] Add admin_git jail. --- ansible/environments/colo/host_vars/mrmanager | 4 ++++ ansible/roles/jail/files/jails/admin_git.conf | 14 ++++++++++++++ ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf | 5 +++++ 3 files changed, 23 insertions(+) create mode 100644 ansible/roles/jail/files/jails/admin_git.conf diff --git a/ansible/environments/colo/host_vars/mrmanager b/ansible/environments/colo/host_vars/mrmanager index ed468c3..182c13b 100644 --- a/ansible/environments/colo/host_vars/mrmanager +++ b/ansible/environments/colo/host_vars/mrmanager @@ -23,6 +23,10 @@ jail_list: enabled: true conf: src: nat_dhcp + - name: admin_git + enabled: true + conf: + src: admin_git bhyve_dataset: zdata/vm bhyve_canmount: "on" # efi_dev: /dev/gpt/EFI diff --git a/ansible/roles/jail/files/jails/admin_git.conf b/ansible/roles/jail/files/jails/admin_git.conf new file mode 100644 index 0000000..1758270 --- /dev/null +++ b/ansible/roles/jail/files/jails/admin_git.conf @@ -0,0 +1,14 @@ +admin_git { + path = "/jail/main/jails/${name}"; + vnet; + exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; + exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; + vnet.interface += "jail${name}"; + + devfs_ruleset = 14; + mount.devfs; + + exec.start += "/bin/sh /etc/rc"; + exec.stop = "/bin/sh /etc/rc.shutdown jail"; + exec.consolelog = "/var/log/jail_${name}_console.log"; +} diff --git a/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf b/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf index 61f2a4d..a5c9f6d 100644 --- a/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf +++ b/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf @@ -58,6 +58,11 @@ // worker2 "hw-address": "06:01:92:5b:78:92", "ip-address": "10.215.1.209" + }, + { + // admin_git + "hw-address": "58:9c:fc:10:fc:5a", + "ip-address": "10.215.1.210" } ] }