Last active
December 28, 2015 18:39
-
-
Save msimerson/81013613e1d4ba20913d to your computer and use it in GitHub Desktop.
Mail Toaster 6 - sample output - provision-dns.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# sh provision-dns.sh | |
mysql enabled | |
toaster host: freebsd-10-2.vmware.imac27.simerson.net | |
toaster domain: imac27.simerson.net | |
shell: /usr/local/bin/bash | |
safe name: stage | |
zroot/jails/base-10.2-RELEASE@p8 snapshot exists | |
*** stage cleanup *** | |
service jail stop stage | |
Stopping jails:. | |
jail -r stage | |
*** stage jail filesystem setup *** | |
zfs clone zroot/jails/base-10.2-RELEASE@p8 zroot/jails/stage | |
sysrc -R /jails/stage hostname=dns | |
hostname: base -> dns | |
mount /jails/stage/usr/ports | |
mount /jails/stage/var/cache/pkg | |
*** stage jail stage startup *** | |
Setting hostname: dns. | |
Creating and/or trimming log files. | |
Starting syslogd. | |
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib | |
32-bit compatibility ldconfig path: /usr/lib32 | |
Clearing /tmp (X related). | |
Updating motd:. | |
Starting cron. | |
Mon Dec 28 13:37:39 EST 2015 | |
Updating FreeBSD repository catalogue... | |
[dns] Fetching meta.txz: 100% 944 B 0.9kB/s 00:01 | |
[dns] Fetching packagesite.txz: 100% 5 MiB 2.8MB/s 00:02 | |
Processing entries: 100% | |
FreeBSD repository update completed. 24608 packages processed. | |
*** installing unbound *** | |
pkg -j stage install -y unbound | |
Updating FreeBSD repository catalogue... | |
FreeBSD repository is up-to-date. | |
All repositories are up-to-date. | |
Checking integrity... done (0 conflicting) | |
The following 3 package(s) will be affected (of 0 checked): | |
New packages to be INSTALLED: | |
unbound: 1.5.4_1 | |
expat: 2.1.0_3 | |
ldns: 1.6.17_5 | |
The process will require 7 MiB more space. | |
[dns] [1/3] Installing expat-2.1.0_3... | |
[dns] [1/3] Extracting expat-2.1.0_3: 100% | |
[dns] [2/3] Installing ldns-1.6.17_5... | |
[dns] [2/3] Extracting ldns-1.6.17_5: 100% | |
[dns] [3/3] Installing unbound-1.5.4_1... | |
===> Creating users and/or groups. | |
Using existing group 'unbound'. | |
Using existing user 'unbound'. | |
[dns] [3/3] Extracting unbound-1.5.4_1: 100% | |
*** installing unbound.conf.local *** | |
*** configuring unbound-control *** | |
jexec stage /usr/local/sbin/unbound-control-setup | |
setup in directory /usr/local/etc/unbound | |
generating unbound_server.key | |
Generating RSA private key, 3072 bit long modulus | |
.................++ | |
.............................................++ | |
e is 65537 (0x10001) | |
generating unbound_control.key | |
Generating RSA private key, 3072 bit long modulus | |
...................................++ | |
...............................................................................................................................++ | |
e is 65537 (0x10001) | |
create unbound_server.pem (self signed certificate) | |
create unbound_control.pem (signed client certificate) | |
Signature ok | |
subject=/CN=unbound-control | |
Getting CA Private Key | |
Setup success. Certificates created. Enable in unbound.conf file to use | |
*** installing unbound/toaster.conf *** | |
include: "/usr/local/etc/unbound/unbound.conf.local" | |
hide-identity: yes | |
hide-version: yes | |
access-control: 0.0.0.0/0 refuse | |
access-control: 127.0.0.0/8 allow | |
access-control: 172.16.15.0/12 allow | |
access-control: 10.1.1.43 allow | |
local-data: "3.15.16.172.in-addr.arpa PTR base" | |
local-data: "3.15.16.172.in-addr.arpa PTR dns" | |
local-data: "4.15.16.172.in-addr.arpa PTR mysql" | |
local-data: "5.15.16.172.in-addr.arpa PTR clamav" | |
local-data: "6.15.16.172.in-addr.arpa PTR spamassassin" | |
local-data: "7.15.16.172.in-addr.arpa PTR dspam" | |
local-data: "8.15.16.172.in-addr.arpa PTR vpopmail" | |
local-data: "8.15.16.172.in-addr.arpa PTR haraka" | |
local-data: "10.15.16.172.in-addr.arpa PTR webmail" | |
local-data: "11.15.16.172.in-addr.arpa PTR monitor" | |
local-data: "12.15.16.172.in-addr.arpa PTR haproxy" | |
local-data: "13.15.16.172.in-addr.arpa PTR rspamd" | |
local-data: "14.15.16.172.in-addr.arpa PTR avg" | |
local-data: "15.15.16.172.in-addr.arpa PTR dovecot" | |
local-data: "16.15.16.172.in-addr.arpa PTR redis" | |
local-data: "17.15.16.172.in-addr.arpa PTR geoip" | |
local-data: "254.15.16.172.in-addr.arpa PTR stage" | |
local-data: "base A 172.16.15.3" | |
local-data: "dns A 172.16.15.3" | |
local-data: "mysql A 172.16.15.4" | |
local-data: "clamav A 172.16.15.5" | |
local-data: "spamassassin A 172.16.15.6" | |
local-data: "dspam A 172.16.15.7" | |
local-data: "vpopmail A 172.16.15.8" | |
local-data: "haraka A 172.16.15.9" | |
local-data: "webmail A 172.16.15.10" | |
local-data: "monitor A 172.16.15.11" | |
local-data: "haproxy A 172.16.15.12" | |
local-data: "rspamd A 172.16.15.13" | |
local-data: "avg A 172.16.15.14" | |
local-data: "dovecot A 172.16.15.15" | |
local-data: "redis A 172.16.15.16" | |
local-data: "geoip A 172.16.15.17" | |
local-data: "stage A 172.16.15.254" | |
sysrc -R /jails/stage unbound_enable=YES | |
unbound_enable: -> YES | |
jexec stage service unbound start | |
Obtaining a trust anchor:Starting unbound. | |
[1451327874] unbound[58285:0] warning: IPv6 protocol not available | |
nameserver 172.16.15.254 | |
jexec stage host dns | |
dns has address 172.16.15.3 | |
nameserver 172.16.15.3 | |
*** promoting jail dns *** | |
service jail stop stage | |
Stopping jails: stage. | |
jail -r stage | |
nameserver 172.16.15.3 | |
umount /jails/stage/dev | |
unmount /jails/stage/usr/ports | |
unmount /jails/stage/var/cache/pkg | |
zfs rename zroot/jails/stage zroot/jails/dns.ready | |
service jail stop dns | |
Stopping jails: dns. | |
jail -r dns | |
zroot/jails/dns.last filesystem exists | |
zfs destroy zroot/jails/dns.last | |
zroot/jails/dns filesystem exists | |
zfs rename zroot/jails/dns zroot/jails/dns.last | |
zfs rename zroot/jails/dns.ready zroot/jails/dns | |
*** service jail start dns *** | |
Starting jails: dns. | |
Success! A new 'dns' jail is provisioned | |
# jls | |
JID IP Address Hostname Path | |
3 172.16.15.3 dns /jails/dns |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment