diff --git a/ansible/environments/laptop/host_vars/odofreebsd b/ansible/environments/laptop/host_vars/odofreebsd index 0832903..03ba232 100644 --- a/ansible/environments/laptop/host_vars/odofreebsd +++ b/ansible/environments/laptop/host_vars/odofreebsd @@ -10,6 +10,7 @@ pflog_conf: network_rc: "odofreebsd_network.conf" rc_conf: "odofreebsd_rc.conf" loader_conf: "odofreebsd_loader.conf" +netgraph_config: "setup_netgraph_odo" graphics_driver: "intel" cputype: "intel" cpu_opt: tigerlake diff --git a/ansible/roles/jail/files/setup_netgraph b/ansible/roles/jail/files/setup_netgraph new file mode 100644 index 0000000..e6bc224 --- /dev/null +++ b/ansible/roles/jail/files/setup_netgraph @@ -0,0 +1,23 @@ +#!/bin/sh +# /usr/local/etc/rc.d/setup_netgraph +# +# REQUIRE: FILESYSTEM kld +# PROVIDE: setup_netgraph +# BEFORE: netif + +. /etc/rc.subr +name=setup_netgraph +rcvar=${name}_enable +start_cmd="${name}_start" +stop_cmd="${name}_stop" +load_rc_config $name + +setup_netgraph_start() { + /usr/local/bin/setup_netgraph start +} + +setup_netgraph_stop() { + /usr/local/bin/setup_netgraph stop +} + +run_rc_command "$1" diff --git a/ansible/roles/jail/files/setup_netgraph_odo b/ansible/roles/jail/files/setup_netgraph_odo new file mode 100644 index 0000000..3241a27 --- /dev/null +++ b/ansible/roles/jail/files/setup_netgraph_odo @@ -0,0 +1,41 @@ +#!/usr/local/bin/bash + +cleanup() { + ngctl shutdown nat_link2: + ngctl shutdown nat_uplink0: + ngctl shutdown jail_nat_wg0: +} + +setup_netgraph_start() { + cleanup + + ngctl -d -f - <&2 echo "Unrecognized command" +fi diff --git a/ansible/roles/jail/tasks/freebsd.yaml b/ansible/roles/jail/tasks/freebsd.yaml index db99c14..2ab0242 100644 --- a/ansible/roles/jail/tasks/freebsd.yaml +++ b/ansible/roles/jail/tasks/freebsd.yaml @@ -90,3 +90,38 @@ state: absent when: jail_list|community.general.json_query('[?enabled==`true`]')|length == 0 +- name: Install rc script + when: netgraph_config is defined + copy: + src: "files/{{ item.src }}" + dest: "/usr/local/etc/rc.d/{{ item.dest|default(item.src) }}" + owner: root + group: wheel + mode: 0755 + loop: + - src: setup_netgraph + +- name: Install scripts + when: netgraph_config is defined + copy: + src: "files/{{ item.src }}" + dest: "{{ item.dest }}" + mode: 0755 + owner: root + group: wheel + loop: + - src: "{{ netgraph_config }}" + dest: /usr/local/bin/setup_netgraph + +- name: Enable setup_netgraph + when: netgraph_config is defined + community.general.sysrc: + name: setup_netgraph_enable + value: "YES" + path: /etc/rc.conf.d/setup_netgraph + +- name: Disable setup_netgraph + when: netgraph_config is not defined + file: + path: /etc/rc.conf.d/setup_netgraph + state: absent