talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Add sleep to shutting down jails.

Browse Source
This commit is contained in:
Tom Alexander 2024-07-07 18:09:15 -04:00
parent ab572079ac
commit f6152d92f1
Signed by: talexander
GPG Key ID: D3A179C9A53C0EDE
14 changed files with 22 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/roles/emacs/files/early-init.el
View File

@ -1,7 +1,7 @@
(setq gc-cons-threshold (* 128 1024 1024)) ;; Increase garbage collection threshold for performance (default 800000) (setq gc-cons-threshold (* 128 1024 1024)) ;; 128MiB Increase garbage collection threshold for performance (default 800000)
;; Increase amount of data read from processes, default 4k ;; Increase amount of data read from processes, default 4k
(when (version<= "27.0" emacs-version) (when (version<= "27.0" emacs-version)
(setq read-process-output-max (* 1024 1024)) ;; 1mb (setq read-process-output-max (* 10 1024 1024)) ;; 10MiB
) )
;; Suppress warnings ;; Suppress warnings

2
ansible/roles/jail/files/jails/admin_git.conf
View File

@ -2,7 +2,7 @@ admin_git {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

2
ansible/roles/jail/files/jails/bastion.conf
View File

@ -2,7 +2,7 @@ bastion {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

2
ansible/roles/jail/files/jails/certificate.conf
View File

@ -2,7 +2,7 @@ certificate {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

4
ansible/roles/jail/files/jails/cloak.conf
View File

@ -4,8 +4,8 @@ cloak {
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start restricted_nat jail${name} 10.215.2.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start restricted_nat jail${name} 10.215.2.1/24";
# Create a dummy interface that is never used, just to create the cloak bridge that is used by children. # Create a dummy interface that is never used, just to create the cloak bridge that is used by children.
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak dummy${name} 192.168.1.0/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak dummy${name} 192.168.1.0/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop cloak dummy{name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop cloak dummy{name}";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop restricted_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop restricted_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
vnet.interface += "cloak"; vnet.interface += "cloak";

2
ansible/roles/jail/files/jails/dagger.conf
View File

@ -4,7 +4,7 @@ dagger {
vnet.interface += "dagger"; vnet.interface += "dagger";
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak ${name} 192.168.1.0/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak ${name} 192.168.1.0/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop cloak ${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop cloak ${name}";
mount.fstab = "/etc/fstab.${name}"; mount.fstab = "/etc/fstab.${name}";

2
ansible/roles/jail/files/jails/nat_dhcp.conf
View File

@ -2,7 +2,7 @@ nat_dhcp {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

2
ansible/roles/jail/files/jails/olddagger.conf
View File

@ -4,7 +4,7 @@ olddagger {
vnet.interface += "olddagger"; vnet.interface += "olddagger";
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak ${name} 192.168.1.0/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak ${name} 192.168.1.0/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop cloak ${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop cloak ${name}";
mount.fstab = "/etc/fstab.${name}"; mount.fstab = "/etc/fstab.${name}";

2
ansible/roles/jail/files/jails/public_dns.conf
View File

@ -2,7 +2,7 @@ public_dns {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

2
ansible/roles/jail/files/jails/sample.conf
View File

@ -2,7 +2,7 @@ sample {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

2
ansible/roles/jail/files/jails/sftp.conf
View File

@ -2,7 +2,7 @@ sftp {
path = "/jail/${name}"; path = "/jail/${name}";
vnet; vnet;
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24"; exec.prestart += "/usr/local/bin/jail_netgraph_bridge start jail_nat jail${name} 10.215.1.1/24";
exec.poststop += "/usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}"; exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop jail_nat jail${name}";
vnet.interface += "jail${name}"; vnet.interface += "jail${name}";
devfs_ruleset = 14; devfs_ruleset = 14;

5
router/mediamtx_rc.bash
View File

@ -1,10 +1,11 @@
#!/bin/sh #!/bin/sh
# #
# REQUIRE: FILESYSTEMS kld
# PROVIDE: mediamtx # PROVIDE: mediamtx
# BEFORE: netif # REQUIRE: LOGIN opnsense
# KEYWORD: shutdown
. /etc/rc.subr . /etc/rc.subr
name=mediamtx name=mediamtx
rcvar=${name}_enable rcvar=${name}_enable
start_cmd="${name}_start" start_cmd="${name}_start"

5
router/opnsense_rc.bash
View File

@ -1,10 +1,11 @@
#!/bin/sh #!/bin/sh
# #
# REQUIRE: FILESYSTEMS kld
# PROVIDE: opnsense # PROVIDE: opnsense
# BEFORE: netif # REQUIRE: LOGIN
# KEYWORD: shutdown
. /etc/rc.subr . /etc/rc.subr
name=opnsense name=opnsense
rcvar=${name}_enable rcvar=${name}_enable
start_cmd="${name}_start" start_cmd="${name}_start"

5
router/unifi_rc.bash
View File

@ -1,10 +1,11 @@
#!/bin/sh #!/bin/sh
# #
# REQUIRE: FILESYSTEMS kld
# PROVIDE: unifi # PROVIDE: unifi
# BEFORE: netif # REQUIRE: LOGIN opnsense
# KEYWORD: shutdown
. /etc/rc.subr . /etc/rc.subr
name=unifi name=unifi
rcvar=${name}_enable rcvar=${name}_enable
start_cmd="${name}_start" start_cmd="${name}_start"