From f09844c03c89c06762ebd4168860d94d3a139cb7 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Sun, 30 Jun 2024 12:30:46 -0400
Subject: [PATCH] Use latest packages in jails.

---
 ansible/environments/home/host_vars/homeserver | 12 ++++++------
 ansible/roles/jail/templates/new_jail.bash.j2  | 18 ++++++++++++++++++
 .../roles/package_manager/files/FreeBSD.conf   |  6 +-----
 ansible/roles/sshd/files/sshd_config           |  1 -
 4 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/ansible/environments/home/host_vars/homeserver b/ansible/environments/home/host_vars/homeserver
index c0ea316..96f0987 100644
--- a/ansible/environments/home/host_vars/homeserver
+++ b/ansible/environments/home/host_vars/homeserver
@@ -54,12 +54,12 @@ jail_list:
   - name: sftp
     conf:
       src: sftp
-  - name: mumble
-    conf:
-      src: mumble
-    persist:
-      - name: mumbledb
-        mount: /var/db/murmur
+  # - name: mumble
+  #   conf:
+  #     src: mumble
+  #   persist:
+  #     - name: mumbledb
+  #       mount: /var/db/murmur
 bhyve_dataset: zmass/encrypted/vm
 bhyve_list: []
 bhyve_canmount: "on"
diff --git a/ansible/roles/jail/templates/new_jail.bash.j2 b/ansible/roles/jail/templates/new_jail.bash.j2
index f52e046..545e10e 100644
--- a/ansible/roles/jail/templates/new_jail.bash.j2
+++ b/ansible/roles/jail/templates/new_jail.bash.j2
@@ -22,6 +22,7 @@ function by_src {
     make -j 16 buildworld
     make installworld DESTDIR=$DESTDIR
     make distribution DESTDIR=$DESTDIR
+    switch_to_latest_packages
 }
 
 function by_bin {
@@ -29,6 +30,7 @@ function by_bin {
     DESTARCH=`uname -m`
     SOURCEURL=http://ftp.freebsd.org/pub/FreeBSD/releases/$DESTARCH/$DESTRELEASE/
     for component in base ports; do fetch $SOURCEURL/$component.txz -o - | tar -xf - -C "$DESTDIR" ; done
+    switch_to_latest_packages
 }
 
 function by_pkg {
@@ -46,6 +48,22 @@ base: {
 EOF
              )
     IGNORE_OSVERSION=yes pkg --rootdir "$DESTDIR" --config <(cat <<<"$config") install --repository base --yes --glob 'FreeBSD-*'
+    switch_to_latest_packages
+    cat > "$DESTDIR/usr/local/etc/pkg/repos/pkgbase.conf" <<<"$config"
+    # Post-install remove extra packages
+    # pkg remove --glob 'FreeBSD-*-lib32*' 'FreeBSD-*-dbg*' FreeBSD-src
+}
+
+function switch_to_latest_packages {
+    local latest_pkg
+    latest_pkg=$(cat <<EOF
+FreeBSD: {
+  url: "pkg+http://pkg.FreeBSD.org/\${ABI}/latest"
+}
+EOF
+              )
+    mkdir -p "$DESTDIR/usr/local/etc/pkg/repos"
+    cat > "$DESTDIR/usr/local/etc/pkg/repos/FreeBSD.conf" <<<"$latest_pkg"
 }
 
 if [ "$1" = "src" ]; then
diff --git a/ansible/roles/package_manager/files/FreeBSD.conf b/ansible/roles/package_manager/files/FreeBSD.conf
index 4a9614d..a5706e6 100644
--- a/ansible/roles/package_manager/files/FreeBSD.conf
+++ b/ansible/roles/package_manager/files/FreeBSD.conf
@@ -1,7 +1,3 @@
 FreeBSD: {
-  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
-  mirror_type: "srv",
-  signature_type: "fingerprints",
-  fingerprints: "/usr/share/keys/pkg",
-  enabled: yes
+  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest"
 }
diff --git a/ansible/roles/sshd/files/sshd_config b/ansible/roles/sshd/files/sshd_config
index 90bb0ac..e879dc4 100644
--- a/ansible/roles/sshd/files/sshd_config
+++ b/ansible/roles/sshd/files/sshd_config
@@ -106,7 +106,6 @@ KbdInteractiveAuthentication no
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20231004
 
 # no default banner path
 #Banner none