Fix ansible playbook on FreeBSD.
This commit is contained in:
Tom Alexander
parent
6b3bdab18b
commit
724a8ca394
GPG Key ID:
D3A179C9A53C0EDE
@ -1,7 +1,7 @@
|
|||||||
os_flavor: "freebsd"
|
os_flavor: "freebsd"
|
||||||
custom_repo: 13amd64-default-framework
|
#custom_repo: 13amd64-default-framework
|
||||||
zfs_snapshot_datasets:
|
zfs_snapshot_datasets:
|
||||||
- path: zroot/freebsd/release/be/default
|
- path: zroot/freebsd/current/be/default
|
||||||
sshd_enabled: true
|
sshd_enabled: true
|
||||||
sshd_conf: "sshd_config"
|
sshd_conf: "sshd_config"
|
||||||
pf_config: "odofreebsd_pf.conf"
|
pf_config: "odofreebsd_pf.conf"
|
||||||
@ -14,7 +14,7 @@ loader_conf: "odofreebsd_loader.conf"
|
|||||||
install_graphics: true
|
install_graphics: true
|
||||||
graphics_driver: "amd"
|
graphics_driver: "amd"
|
||||||
cputype: "amd"
|
cputype: "amd"
|
||||||
cpu_opt: tigerlake
|
cpu_opt: znver4
|
||||||
hwpstate: true
|
hwpstate: true
|
||||||
cores: 16
|
cores: 16
|
||||||
build_user:
|
build_user:
|
||||||
@ -38,14 +38,14 @@ users:
|
|||||||
- homeassistant
|
- homeassistant
|
||||||
gitconfig: "gitconfig_home"
|
gitconfig: "gitconfig_home"
|
||||||
devfs_rules: "odo_devfs.rules"
|
devfs_rules: "odo_devfs.rules"
|
||||||
jail_zfs_dataset: zroot/freebsd/release/jails
|
jail_zfs_dataset: zroot/freebsd/current/jails
|
||||||
jail_zfs_dataset_mountpoint: /jail/main
|
jail_zfs_dataset_mountpoint: /jail/main
|
||||||
jail_list:
|
jail_list:
|
||||||
- name: nat_dhcp
|
- name: nat_dhcp
|
||||||
enabled: true
|
enabled: true
|
||||||
conf:
|
conf:
|
||||||
src: nat_dhcp
|
src: nat_dhcp
|
||||||
bhyve_dataset: zroot/freebsd/release/vm
|
bhyve_dataset: zroot/freebsd/current/vm
|
||||||
bhyve_list: []
|
bhyve_list: []
|
||||||
efi_dev: /dev/gpt/EFI
|
efi_dev: /dev/gpt/EFI
|
||||||
sway_conf_files:
|
sway_conf_files:
|
||||||
|
|||||||
@ -2,7 +2,12 @@ clear_tmp_enable="YES"
|
|||||||
syslogd_flags="-ss"
|
syslogd_flags="-ss"
|
||||||
sendmail_enable="NONE"
|
sendmail_enable="NONE"
|
||||||
hostname="odo"
|
hostname="odo"
|
||||||
|
# wlans_iwlwifi0="wlan0"
|
||||||
|
# ifconfig_wlan0="WPA DHCP"
|
||||||
|
# ifconfig_wlan0_ipv6="inet6 accept_rtadv"
|
||||||
sshd_enable="YES"
|
sshd_enable="YES"
|
||||||
|
ntpd_enable="YES"
|
||||||
|
powerd_enable="YES"
|
||||||
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
|
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
|
||||||
dumpdev="NO"
|
dumpdev="NO"
|
||||||
zfs_enable="YES"
|
zfs_enable="YES"
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
# freebsd_version: "releng/13.2"
|
# freebsd_version: "releng/13.2"
|
||||||
freebsd_version: "9c80d66ec1b4c5b9ac7aaf5b0fdbb1628d49c181"
|
freebsd_version: "c3d7bb5aca7749626b5c70dfa86ee8f07960f44a"
|
||||||
|
|||||||
@ -5,7 +5,7 @@ not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
|
|||||||
dns_redirect = "{ 10.193.223.1 10.213.177.1 10.215.1.1 }"
|
dns_redirect = "{ 10.193.223.1 10.213.177.1 10.215.1.1 }"
|
||||||
|
|
||||||
dhcp = "{ bootpc, bootps }"
|
dhcp = "{ bootpc, bootps }"
|
||||||
allow = "{ wgf wgh drmario colo }"
|
#allow = "{ wgf wgh drmario colo }"
|
||||||
|
|
||||||
tcp_pass_in = "{ 22 }"
|
tcp_pass_in = "{ 22 }"
|
||||||
udp_pass_in = "{ 53 51820 }"
|
udp_pass_in = "{ 53 51820 }"
|
||||||
@ -16,8 +16,8 @@ udp_pass_in = "{ 53 51820 }"
|
|||||||
set skip on lo
|
set skip on lo
|
||||||
|
|
||||||
# redirections
|
# redirections
|
||||||
nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
|
#nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
|
||||||
rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
|
#rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
|
||||||
|
|
||||||
# Redirect jaeger ports to virtual machine.
|
# Redirect jaeger ports to virtual machine.
|
||||||
# nat pass on lo inet from 127.0.0.0/24 to 127.0.0.0/24 port {6831 6832 16686 14268} -> (jail_nat)
|
# nat pass on lo inet from 127.0.0.0/24 to 127.0.0.0/24 port {6831 6832 16686 14268} -> (jail_nat)
|
||||||
@ -27,19 +27,19 @@ rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1
|
|||||||
block log all
|
block log all
|
||||||
pass out on $ext_if
|
pass out on $ext_if
|
||||||
|
|
||||||
pass in on jail_nat
|
#pass in on jail_nat
|
||||||
# Allow traffic from my machine to the jails/virtual machines
|
# Allow traffic from my machine to the jails/virtual machines
|
||||||
pass out on jail_nat from $jail_nat_v4
|
#pass out on jail_nat from $jail_nat_v4
|
||||||
|
|
||||||
# We pass on the interfaces listed in allow rather than skipping on
|
# We pass on the interfaces listed in allow rather than skipping on
|
||||||
# them because changes to pass rules will update when running a
|
# them because changes to pass rules will update when running a
|
||||||
# `service pf reload` but interfaces that we `skip` will not update (I
|
# `service pf reload` but interfaces that we `skip` will not update (I
|
||||||
# forget if its from adding, removing, or both. TODO: test to figure
|
# forget if its from adding, removing, or both. TODO: test to figure
|
||||||
# it out). Also skipped interfaces are not subject to nat/rdr rules.
|
# it out). Also skipped interfaces are not subject to nat/rdr rules.
|
||||||
pass quick on $allow
|
#pass quick on $allow
|
||||||
|
|
||||||
pass on $ext_if proto icmp all
|
pass on $ext_if proto icmp all
|
||||||
pass on $ext_if proto icmp6 all
|
pass on $ext_if proto icmp6 all
|
||||||
|
|
||||||
pass in on $ext_if proto tcp to any port $tcp_pass_in
|
#pass in on $ext_if proto tcp to any port $tcp_pass_in
|
||||||
pass in on $ext_if proto udp to any port $udp_pass_in
|
#pass in on $ext_if proto udp to any port $udp_pass_in
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
- name: Install packages
|
- name: Install packages
|
||||||
package:
|
package:
|
||||||
name:
|
name:
|
||||||
- sourcecodepro-ttf
|
- source-code-pro-ttf
|
||||||
- source-sans-ttf
|
- source-sans-ttf
|
||||||
- cascadia-code
|
- cascadia-code
|
||||||
- noto
|
- noto
|
||||||
|
|||||||
42
ansible/roles/graphics/tasks/freebsd_amd.yaml
Normal file
42
ansible/roles/graphics/tasks/freebsd_amd.yaml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
- name: Install packages
|
||||||
|
package:
|
||||||
|
name:
|
||||||
|
- drm-kmod
|
||||||
|
# - libva-intel-media-driver # va-api support for broadwell (2014) and newer.
|
||||||
|
# - libva-intel-driver # va-api support until after coffeelake (2017).
|
||||||
|
- vulkan-loader
|
||||||
|
- libva-utils # for vainfo
|
||||||
|
- vdpauinfo # for vdpauinfo
|
||||||
|
- libvdpau-va-gl # vdpau support
|
||||||
|
# - igt-gpu-tools # for intel_gpu_top
|
||||||
|
- vulkan-tools # For vulkaninfo
|
||||||
|
state: present
|
||||||
|
|
||||||
|
# - name: Configure vdpau to use va-api driver
|
||||||
|
# copy:
|
||||||
|
# src: vdpau.sh
|
||||||
|
# dest: /etc/profile.d/vdpau.sh
|
||||||
|
# mode: 0644
|
||||||
|
# owner: root
|
||||||
|
# group: root
|
||||||
|
|
||||||
|
#- name: Install loader.conf
|
||||||
|
# copy:
|
||||||
|
# src: "files/{{ item }}_loader.conf"
|
||||||
|
# dest: "/boot/loader.conf.d/{{ item }}.conf"
|
||||||
|
# mode: 0644
|
||||||
|
# owner: root
|
||||||
|
# group: wheel
|
||||||
|
# loop:
|
||||||
|
# - intel_power
|
||||||
|
# - intel_hw_accel_video
|
||||||
|
|
||||||
|
#- name: Install service configuration
|
||||||
|
# copy:
|
||||||
|
# src: "files/intel_{{ item }}_rc.conf"
|
||||||
|
# dest: "/etc/rc.conf.d/{{ item }}"
|
||||||
|
# mode: 0644
|
||||||
|
# owner: root
|
||||||
|
# group: wheel
|
||||||
|
# loop:
|
||||||
|
# - kld
|
||||||
Loading…
x
Reference in New Issue
Block a user