Transition the home server to the dynamic netgraph devices.

ansible/roles/jail/files/jails/cloak.conf

@@ -1,8 +1,11 @@
 cloak {
-    path = "/jail/main/jails/cloak";
+    path = "/jail/main/jails/${name}";
     vnet;
-    vnet.interface += "host_link2";
-    vnet.interface += "wg_uplink0";
+    exec.prestart += "/usr/local/bin/jail_netgraph_bridge start restricted_nat jail${name} 10.215.2.1/24";
+    exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop restricted_nat jail${name}";
+    vnet.interface += "jail${name}";
+    vnet.interface += "cloak";
+
     devfs_ruleset = 13;
     mount.devfs; # To expose tun device