talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Add sftp jail.

Browse Source
This commit is contained in:
Tom Alexander
2024-06-30 23:02:23 -04:00
parent 0363a462a0
commit 566b7dfd0b
27 changed files with 220 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/jail/templates/fstab_default.j2 Normal file
View File

@@ -0,0 +1,2 @@
tmpfs /jail/{{ item.name }}/tmp tmpfs rw,mode=777 0 0
tmpfs /jail/{{ item.name }}/var/run tmpfs rw,mode=755 0 0

14
ansible/roles/jail/templates/new_jail.bash.j2
View File

@@ -49,7 +49,19 @@ EOF
)
IGNORE_OSVERSION=yes pkg --rootdir "$DESTDIR" --config <(cat <<<"$config") install --repository base --yes --glob 'FreeBSD-*'
switch_to_latest_packages
cat > "$DESTDIR/usr/local/etc/pkg/repos/pkgbase.conf" <<<"$config"
local in_jail_config
in_jail_config=$(cat <<EOF
base: {
url: "pkg+https://pkg.freebsd.org/\${ABI}/base_release_1",
mirror_type: "srv",
signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: yes,
priority: 100
}
EOF
)
cat > "$DESTDIR/usr/local/etc/pkg/repos/pkgbase.conf" <<<"$in_jail_config"
# Post-install remove extra packages
# pkg remove --glob 'FreeBSD-*-lib32*' 'FreeBSD-*-dbg*' FreeBSD-src
}