Fix ansible playbook on FreeBSD.
This commit is contained in:
Tom Alexander
parent
6b3bdab18b
commit
724a8ca394
GPG Key ID:
D3A179C9A53C0EDE
@ -1,7 +1,7 @@
|
||||
os_flavor: "freebsd"
|
||||
custom_repo: 13amd64-default-framework
|
||||
#custom_repo: 13amd64-default-framework
|
||||
zfs_snapshot_datasets:
|
||||
- path: zroot/freebsd/release/be/default
|
||||
- path: zroot/freebsd/current/be/default
|
||||
sshd_enabled: true
|
||||
sshd_conf: "sshd_config"
|
||||
pf_config: "odofreebsd_pf.conf"
|
||||
@ -14,7 +14,7 @@ loader_conf: "odofreebsd_loader.conf"
|
||||
install_graphics: true
|
||||
graphics_driver: "amd"
|
||||
cputype: "amd"
|
||||
cpu_opt: tigerlake
|
||||
cpu_opt: znver4
|
||||
hwpstate: true
|
||||
cores: 16
|
||||
build_user:
|
||||
@ -38,14 +38,14 @@ users:
|
||||
- homeassistant
|
||||
gitconfig: "gitconfig_home"
|
||||
devfs_rules: "odo_devfs.rules"
|
||||
jail_zfs_dataset: zroot/freebsd/release/jails
|
||||
jail_zfs_dataset: zroot/freebsd/current/jails
|
||||
jail_zfs_dataset_mountpoint: /jail/main
|
||||
jail_list:
|
||||
- name: nat_dhcp
|
||||
enabled: true
|
||||
conf:
|
||||
src: nat_dhcp
|
||||
bhyve_dataset: zroot/freebsd/release/vm
|
||||
bhyve_dataset: zroot/freebsd/current/vm
|
||||
bhyve_list: []
|
||||
efi_dev: /dev/gpt/EFI
|
||||
sway_conf_files:
|
||||
|
||||
@ -2,7 +2,12 @@ clear_tmp_enable="YES"
|
||||
syslogd_flags="-ss"
|
||||
sendmail_enable="NONE"
|
||||
hostname="odo"
|
||||
# wlans_iwlwifi0="wlan0"
|
||||
# ifconfig_wlan0="WPA DHCP"
|
||||
# ifconfig_wlan0_ipv6="inet6 accept_rtadv"
|
||||
sshd_enable="YES"
|
||||
ntpd_enable="YES"
|
||||
powerd_enable="YES"
|
||||
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
|
||||
dumpdev="NO"
|
||||
zfs_enable="YES"
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
# freebsd_version: "releng/13.2"
|
||||
freebsd_version: "9c80d66ec1b4c5b9ac7aaf5b0fdbb1628d49c181"
|
||||
freebsd_version: "c3d7bb5aca7749626b5c70dfa86ee8f07960f44a"
|
||||
|
||||
@ -5,7 +5,7 @@ not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
|
||||
dns_redirect = "{ 10.193.223.1 10.213.177.1 10.215.1.1 }"
|
||||
|
||||
dhcp = "{ bootpc, bootps }"
|
||||
allow = "{ wgf wgh drmario colo }"
|
||||
#allow = "{ wgf wgh drmario colo }"
|
||||
|
||||
tcp_pass_in = "{ 22 }"
|
||||
udp_pass_in = "{ 53 51820 }"
|
||||
@ -16,8 +16,8 @@ udp_pass_in = "{ 53 51820 }"
|
||||
set skip on lo
|
||||
|
||||
# redirections
|
||||
nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
|
||||
rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
|
||||
#nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
|
||||
#rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
|
||||
|
||||
# Redirect jaeger ports to virtual machine.
|
||||
# nat pass on lo inet from 127.0.0.0/24 to 127.0.0.0/24 port {6831 6832 16686 14268} -> (jail_nat)
|
||||
@ -27,19 +27,19 @@ rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1
|
||||
block log all
|
||||
pass out on $ext_if
|
||||
|
||||
pass in on jail_nat
|
||||
#pass in on jail_nat
|
||||
# Allow traffic from my machine to the jails/virtual machines
|
||||
pass out on jail_nat from $jail_nat_v4
|
||||
#pass out on jail_nat from $jail_nat_v4
|
||||
|
||||
# We pass on the interfaces listed in allow rather than skipping on
|
||||
# them because changes to pass rules will update when running a
|
||||
# `service pf reload` but interfaces that we `skip` will not update (I
|
||||
# forget if its from adding, removing, or both. TODO: test to figure
|
||||
# it out). Also skipped interfaces are not subject to nat/rdr rules.
|
||||
pass quick on $allow
|
||||
#pass quick on $allow
|
||||
|
||||
pass on $ext_if proto icmp all
|
||||
pass on $ext_if proto icmp6 all
|
||||
|
||||
pass in on $ext_if proto tcp to any port $tcp_pass_in
|
||||
pass in on $ext_if proto udp to any port $udp_pass_in
|
||||
#pass in on $ext_if proto tcp to any port $tcp_pass_in
|
||||
#pass in on $ext_if proto udp to any port $udp_pass_in
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
- name: Install packages
|
||||
package:
|
||||
name:
|
||||
- sourcecodepro-ttf
|
||||
- source-code-pro-ttf
|
||||
- source-sans-ttf
|
||||
- cascadia-code
|
||||
- noto
|
||||
|
||||
42
ansible/roles/graphics/tasks/freebsd_amd.yaml
Normal file
42
ansible/roles/graphics/tasks/freebsd_amd.yaml
Normal file
@ -0,0 +1,42 @@
|
||||
- name: Install packages
|
||||
package:
|
||||
name:
|
||||
- drm-kmod
|
||||
# - libva-intel-media-driver # va-api support for broadwell (2014) and newer.
|
||||
# - libva-intel-driver # va-api support until after coffeelake (2017).
|
||||
- vulkan-loader
|
||||
- libva-utils # for vainfo
|
||||
- vdpauinfo # for vdpauinfo
|
||||
- libvdpau-va-gl # vdpau support
|
||||
# - igt-gpu-tools # for intel_gpu_top
|
||||
- vulkan-tools # For vulkaninfo
|
||||
state: present
|
||||
|
||||
# - name: Configure vdpau to use va-api driver
|
||||
# copy:
|
||||
# src: vdpau.sh
|
||||
# dest: /etc/profile.d/vdpau.sh
|
||||
# mode: 0644
|
||||
# owner: root
|
||||
# group: root
|
||||
|
||||
#- name: Install loader.conf
|
||||
# copy:
|
||||
# src: "files/{{ item }}_loader.conf"
|
||||
# dest: "/boot/loader.conf.d/{{ item }}.conf"
|
||||
# mode: 0644
|
||||
# owner: root
|
||||
# group: wheel
|
||||
# loop:
|
||||
# - intel_power
|
||||
# - intel_hw_accel_video
|
||||
|
||||
#- name: Install service configuration
|
||||
# copy:
|
||||
# src: "files/intel_{{ item }}_rc.conf"
|
||||
# dest: "/etc/rc.conf.d/{{ item }}"
|
||||
# mode: 0644
|
||||
# owner: root
|
||||
# group: wheel
|
||||
# loop:
|
||||
# - kld
|
||||
Loading…
x
Reference in New Issue
Block a user