Add a public_dns jail.

This jail will host the authoritative zone for my domains.
2023-06-18 13:45:45 -04:00 · 2023-06-18 13:45:45 -04:00 · 334ec8b49b
commit 334ec8b49b
parent f10964623d
3 changed files with 23 additions and 0 deletions
--- a/ansible/environments/colo/host_vars/mrmanager
+++ b/ansible/environments/colo/host_vars/mrmanager
@ -27,6 +27,10 @@ jail_list:
    enabled: true
    conf:
      src: admin_git
+  - name: public_dns
+    enabled: true
+    conf:
+      src: public_dns
 bhyve_dataset: zdata/vm
 bhyve_canmount: "on"
 # efi_dev: /dev/gpt/EFI
--- a/ansible/roles/jail/files/jails/public_dns.conf
+++ b/ansible/roles/jail/files/jails/public_dns.conf
@ -0,0 +1,14 @@
+public_dns {
+    path = "/jail/main/jails/${name}";
+    vnet;
+    exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
+    exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
+    vnet.interface += "jail${name}";
+
+    devfs_ruleset = 14;
+    mount.devfs;
+
+    exec.start += "/bin/sh /etc/rc";
+    exec.stop = "/bin/sh /etc/rc.shutdown jail";
+    exec.consolelog = "/var/log/jail_${name}_console.log";
+}
--- a/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf
+++ b/ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf
@ -63,6 +63,11 @@
                        // admin_git
                        "hw-address": "58:9c:fc:10:fc:5a",
                        "ip-address": "10.215.1.210"
+                    },
+                    {
+                        // public_dns
+                        "hw-address": "58:9c:fc:10:ff:80",
+                        "ip-address": "10.215.1.211"
                    }
                ]
            }