From 8346065c6fba271e22c0248843f4c0d2904f7d90 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Thu, 22 Jun 2023 13:28:12 -0400
Subject: [PATCH] Add a NFS server jail for persistent volumes.

---
 ansible/environments/colo/host_vars/mrmanager      |  9 +++++++++
 .../roles/jail/files/jails/persistent_volume.conf  | 14 ++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 ansible/roles/jail/files/jails/persistent_volume.conf

diff --git a/ansible/environments/colo/host_vars/mrmanager b/ansible/environments/colo/host_vars/mrmanager
index 5c02e57..a8fa5c1 100644
--- a/ansible/environments/colo/host_vars/mrmanager
+++ b/ansible/environments/colo/host_vars/mrmanager
@@ -31,6 +31,15 @@ jail_list:
     enabled: true
     conf:
       src: public_dns
+  - name: persistent_volume
+    enabled: true
+    conf:
+      src: persistent_volume
+    persist:
+      - name: volumes
+        mount: /volumes
+        # properties:
+        #   recordsize: "8192"
 bhyve_dataset: zdata/vm
 bhyve_canmount: "on"
 # efi_dev: /dev/gpt/EFI
diff --git a/ansible/roles/jail/files/jails/persistent_volume.conf b/ansible/roles/jail/files/jails/persistent_volume.conf
new file mode 100644
index 0000000..47fc86e
--- /dev/null
+++ b/ansible/roles/jail/files/jails/persistent_volume.conf
@@ -0,0 +1,14 @@
+persistent_volume {
+    path = "/jail/main/jails/${name}";
+    vnet;
+    exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
+    exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
+    vnet.interface += "jail${name}";
+
+    devfs_ruleset = 14;
+    mount.devfs;
+
+    exec.start += "/bin/sh /etc/rc";
+    exec.stop = "/bin/sh /etc/rc.shutdown jail";
+    exec.consolelog = "/var/log/jail_${name}_console.log";
+}