Add a unifi vm.

router/boot_loader.conf

@@ -0,0 +1,6 @@
+security.bsd.allow_destructive_dtrace=0
+cryptodev_load="YES"
+zfs_load="YES"
+vmm_load="YES"
+pptdevs="1/0/0 2/0/0 3/0/0 4/0/0 5/0/0 7/0/0"
+autoboot_delay="0"

router/etc_rc.conf

@@ -0,0 +1,16 @@
+clear_tmp_enable="YES"
+syslogd_flags="-ss"
+hostname="turtle"
+#ifconfig_bridgeif="DHCP"
+#ifconfig_bridgeif_ipv6="inet6 accept_rtadv"
+wlans_rtwn0="wlan0"
+ifconfig_wlan0="WPA DHCP"
+ifconfig_wlan0_ipv6="inet6 accept_rtadv"
+create_args_wlan0="country US regdomain FCC"
+sshd_enable="YES"
+ntpd_enable="YES"
+ntpd_sync_on_start="YES"
+moused_nondefault_enable="NO"
+# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
+dumpdev="NO"
+zfs_enable="YES"

router/launch_opnsense.bash

@@ -59,7 +59,7 @@ function start_vm {
     fi
 
     local bridge_name="bridge_vm"
-    local host_interface_name="bridge_if"
+    local host_interface_name="bridgeif"
 
     assert_bridge "$host_interface_name" "$bridge_name"
     local mac_address
@@ -133,8 +133,9 @@ EOF
 mkpeer ${host_interface_name}: bridge ether link0
 name ${host_interface_name}:ether $bridge_name
 EOF
-        ifconfig "$(ngctl msg "${host_interface_name}:" getifname | grep Args | cut -d '"' -f 2)" name "${host_interface_name}" #"$ip_range" up
+        ifconfig "$(ngctl msg "${host_interface_name}:" getifname | grep Args | cut -d '"' -f 2)" name "${host_interface_name}" up
 
+        dhclient "${host_interface_name}"
         # (set +e; service netif start wlan0) &
     fi
 }

router/launch_unifi.bash

@@ -0,0 +1,149 @@
+#!/usr/local/bin/bash
+#
+set -euo pipefail
+IFS=$'\n\t'
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+: ${CD:=""}
+: ${VNC_ENABLE:="NO"}
+: ${VNC_LISTEN:="127.0.0.1:5900"}
+: ${PID_FILE:="/var/run/unifi.pid"}
+
+############## Setup #########################
+
+function cleanup {
+    for vm in "${vms[@]}"; do
+        log "Destroying bhyve vm $vm"
+        bhyvectl "--vm=$vm" --destroy
+        log "Destroyed bhyve vm $vm"
+    done
+}
+vms=()
+for sig in EXIT INT QUIT HUP TERM; do
+  trap "set +e; sleep 10; cleanup" "$sig"
+done
+
+function die {
+    local status_code="$1"
+    shift
+    (>&2 echo "${@}")
+    exit "$status_code"
+}
+
+function log {
+    (>&2 echo "${@}")
+}
+
+############## Program #########################
+
+function main {
+    start_vm
+}
+
+function start_vm {
+    local name="unifi"
+
+
+
+    # -H release the CPU when guest issues HLT instruction. Otherwise 100% of core will be consumed.
+         # -s 3,ahci-cd,/vm/.iso/archlinux-2023.04.01-x86_64.iso \
+             # -s 29,fbuf,tcp=0.0.0.0:5900,w=1920,h=1080,wait \
+            # -s 29,fbuf,tcp=0.0.0.0:5900,w=1920,h=1080 \
+
+    # TODO: Look into using nmdm instead of stdio for serial console
+    if [ -n "$CD" ]; then
+        additional_args+=("-s" "5,ahci-cd,$CD")
+    fi
+    if [ "$VNC_ENABLE" = "YES" ]; then
+        additional_args+=("-s" "29,fbuf,tcp=$VNC_LISTEN,w=1920,h=1080")
+    fi
+
+    local bridge_name="bridge_vm"
+    wait_for_bridge "$bridge_name"
+
+    local mac_address
+    mac_address=$(calculate_mac_address "$name")
+
+    local bridge_link_name
+    bridge_link_name=$(detect_available_link "${bridge_name}")
+
+    additional_args+=("-s" "2:0,virtio-net,netgraph,path=${bridge_name}:,peerhook=${bridge_link_name},mac=${mac_address}")
+    vms+=("$name")
+    while true; do
+        set -x
+        set +e
+        bhyve \
+            -D \
+            -c 1 \
+            -m 2G \
+            -H \
+            -s 0,hostbridge \
+            -s "4,nvme,/dev/zvol/zroot/vm/unifi/disk0" \
+            -s 30,xhci,tablet \
+            -s 31,lpc -l com1,stdio \
+            -l "bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd,/vm/unifi/BHYVE_UEFI_VARS.fd" \
+            "${additional_args[@]}" \
+            "$name"
+        # local bhyvepid=$!
+        # echo "$bhyvepid" > "$PID_FILE"
+        # wait $bhyvepid
+        local exit_code=$?
+        set +x
+        set -e
+        if [ $exit_code -eq 0 ]; then
+            echo "Rebooting."
+            sleep 5
+        elif [ $exit_code -eq 1 ]; then
+            echo "Powered off."
+            break
+        elif [ $exit_code -eq 2 ]; then
+            echo "Halted."
+            break
+        elif [ $exit_code -eq 3 ]; then
+            echo "Triple fault."
+            break
+        elif [ $exit_code -eq 4 ]; then
+            echo "Exited due to an error."
+            break
+        fi
+    done
+}
+
+function ng_exists {
+    ngctl status "${1}" >/dev/null 2>&1
+}
+
+function wait_for_bridge {
+    local bridge_name="$1"
+    while ! ng_exists "${bridge_name}:"; do
+        echo "${bridge_name} does not yet exist, sleeping."
+        sleep 10
+    done
+}
+
+function detect_available_link {
+    local bridge_name="$1"
+    local linknum=1
+    while true; do
+        local link_name="link${linknum}"
+        if ! ng_exists "${bridge_name}:${link_name}"; then
+            echo "$link_name"
+            return
+        fi
+        linknum=$((linknum + 1))
+        if [ "$linknum" -gt 90 ]; then
+            (>&2 echo "No available links on bridge $bridge_name")
+            exit 1
+        fi
+    done
+}
+
+function calculate_mac_address {
+    local name="$1"
+    local source
+    source=$(md5 -r -s "$name" | awk '{print $1}')
+    echo "06:${source:0:2}:${source:2:2}:${source:4:2}:${source:6:2}:${source:8:2}"
+}
+
+
+main "${@}"

router/opnsense_rc.bash

@@ -1,7 +1,8 @@
 #!/bin/sh
 #
-# REQUIRE: LOGIN
+# REQUIRE: FILESYSTEMS kld
 # PROVIDE: opnsense
+# BEFORE: netif
 
 . /etc/rc.subr
 name=opnsense

router/reboot

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+#
+: ${PID:="95762"}
+: ${TMUX_NAME:="opnsense"}
+
+doas kill "$PID"
+while doas tmux has-session -t "$TMUX_NAME" 2>/dev/null; do sleep 1; done
+doas shutdown -r now

router/reload

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+#
+: ${PID:="19711"}
+: ${TMUX_NAME:="opnsense"}
+
+doas kill "$PID"
+while doas tmux has-session -t "$TMUX_NAME" 2>/dev/null; do sleep 1; done
+sleep 1
+doas service opnsense start

router/rollback

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+#
+: ${PID:="37880"}
+: ${SNAPSHOT:="zroot/vm/opnsense/disk0@20240108_00_initial_working_state"}
+: ${TMUX_NAME:="opnsense"}
+
+doas kill "$PID"
+while doas tmux has-session -t "$TMUX_NAME" 2>/dev/null; do sleep 1; done
+doas zfs rollback -r "$SNAPSHOT"
+doas service opnsense start

router/snapshot

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+#
+: ${PID:="74229"}
+: ${SNAPSHOT:="zroot/vm/opnsense/disk0@20240108_02_configured"}
+: ${TMUX_NAME:="opnsense"}
+
+doas kill "$PID"
+while doas tmux has-session -t "$TMUX_NAME" 2>/dev/null; do sleep 1; done
+doas zfs snapshot -r "$SNAPSHOT"
+doas service opnsense start

router/unifi_rc.bash

@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# REQUIRE: FILESYSTEMS kld
+# PROVIDE: unifi
+# BEFORE: netif
+
+. /etc/rc.subr
+name=opnsense
+rcvar=${name}_enable
+start_cmd="${name}_start"
+stop_cmd="${name}_stop"
+status_cmd="${name}_status"
+load_rc_config $name
+
+tmux_name="unifi"
+
+opnsense_start() {
+    # /usr/local/bin/tmux new-session -d -s "$tmux_name" "/usr/bin/env VNC_ENABLE=YES VNC_LISTEN=0.0.0.0:5900 /usr/local/bin/bash /home/talexander/launch_opnsense.bash"
+    /usr/local/bin/tmux new-session -d -s "$tmux_name" "/usr/bin/env VNC_ENABLE=NO VNC_LISTEN=0.0.0.0:5900 /usr/local/bin/bash /home/talexander/launch_unifi.bash"
+}
+
+opnsense_status() {
+    if /usr/local/bin/tmux has-session -t $tmux_name 2>/dev/null; then
+	echo "$tmux_name is running."
+    else
+	echo "$tmux_name is not running."
+	return 1
+    fi
+}
+
+opnsense_stop() {
+    /usr/local/bin/tmux has-session -t $tmux_name 2>/dev/null && (
+        /usr/local/bin/tmux kill-session -t $tmux_name
+        sleep 10
+        bhyvectl --vm=unifi --destroy
+        # kill `cat /var/run/opnsense.pid`
+    )
+    opnsense_wait_for_end
+}
+
+opnsense_wait_for_end() {
+    while /usr/local/bin/tmux has-session -t $tmux_name 2>dev/null; do
+        sleep 1
+    done
+}
+
+run_rc_command "$1"

router/unifi_vm_efibootmgr

@@ -0,0 +1 @@
+efibootmgr --create --disk /dev/nvme0n1p1 --label "Arch Linux" --loader /vmlinuz-linux-lts --unicode 'rw root=/dev/disk/by-partlabel/Arch rw initrd=\initramfs-linux-lts.img console=ttyS0,115200n8'