Mail Toaster 6 - sample output - provision-dns.sh

gistfile1.txt

# sh provision-dns.sh 
mysql enabled
toaster host: freebsd-10-2.vmware.imac27.simerson.net
toaster domain: imac27.simerson.net
shell: /usr/local/bin/bash
safe name: stage
zroot/jails/base-10.2-RELEASE@p8 snapshot exists

   ***   stage cleanup   ***

service jail stop stage
Stopping jails:.
jail -r stage

   ***   stage jail filesystem setup   ***

zfs clone zroot/jails/base-10.2-RELEASE@p8 zroot/jails/stage
sysrc -R /jails/stage hostname=dns
hostname: base -> dns
mount /jails/stage/usr/ports
mount /jails/stage/var/cache/pkg


   ***   stage jail stage startup   ***

Setting hostname: dns.
Creating and/or trimming log files.
Starting syslogd.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib
32-bit compatibility ldconfig path: /usr/lib32
Clearing /tmp (X related).
Updating motd:.
Starting cron.

Mon Dec 28 13:37:39 EST 2015
Updating FreeBSD repository catalogue...
[dns] Fetching meta.txz: 100%    944 B   0.9kB/s    00:01    
[dns] Fetching packagesite.txz: 100%    5 MiB   2.8MB/s    00:02    
Processing entries: 100%
FreeBSD repository update completed. 24608 packages processed.

   ***   installing unbound   ***

pkg -j stage install -y unbound
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
Checking integrity... done (0 conflicting)
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	unbound: 1.5.4_1
	expat: 2.1.0_3
	ldns: 1.6.17_5

The process will require 7 MiB more space.
[dns] [1/3] Installing expat-2.1.0_3...
[dns] [1/3] Extracting expat-2.1.0_3: 100%
[dns] [2/3] Installing ldns-1.6.17_5...
[dns] [2/3] Extracting ldns-1.6.17_5: 100%
[dns] [3/3] Installing unbound-1.5.4_1...
===> Creating users and/or groups.
Using existing group 'unbound'.
Using existing user 'unbound'.
[dns] [3/3] Extracting unbound-1.5.4_1: 100%

   ***   installing unbound.conf.local   ***


   ***   configuring unbound-control   ***

jexec stage /usr/local/sbin/unbound-control-setup
setup in directory /usr/local/etc/unbound
generating unbound_server.key
Generating RSA private key, 3072 bit long modulus
.................++
.............................................++
e is 65537 (0x10001)
generating unbound_control.key
Generating RSA private key, 3072 bit long modulus
...................................++
...............................................................................................................................++
e is 65537 (0x10001)
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
subject=/CN=unbound-control
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use

   ***   installing unbound/toaster.conf   ***

	   include: "/usr/local/etc/unbound/unbound.conf.local"

	   hide-identity: yes
	   hide-version: yes

	   access-control: 0.0.0.0/0 refuse
	   access-control: 127.0.0.0/8 allow
	   access-control: 172.16.15.0/12 allow
	   access-control: 10.1.1.43 allow

	   local-data: "3.15.16.172.in-addr.arpa PTR base"
	   local-data: "3.15.16.172.in-addr.arpa PTR dns"
	   local-data: "4.15.16.172.in-addr.arpa PTR mysql"
	   local-data: "5.15.16.172.in-addr.arpa PTR clamav"
	   local-data: "6.15.16.172.in-addr.arpa PTR spamassassin"
	   local-data: "7.15.16.172.in-addr.arpa PTR dspam"
	   local-data: "8.15.16.172.in-addr.arpa PTR vpopmail"
	   local-data: "8.15.16.172.in-addr.arpa PTR haraka"
	   local-data: "10.15.16.172.in-addr.arpa PTR webmail"
	   local-data: "11.15.16.172.in-addr.arpa PTR monitor"
	   local-data: "12.15.16.172.in-addr.arpa PTR haproxy"
	   local-data: "13.15.16.172.in-addr.arpa PTR rspamd"
	   local-data: "14.15.16.172.in-addr.arpa PTR avg"
	   local-data: "15.15.16.172.in-addr.arpa PTR dovecot"
	   local-data: "16.15.16.172.in-addr.arpa PTR redis"
	   local-data: "17.15.16.172.in-addr.arpa PTR geoip"
	   local-data: "254.15.16.172.in-addr.arpa PTR stage"

	   local-data: "base         A 172.16.15.3"
	   local-data: "dns          A 172.16.15.3"
	   local-data: "mysql        A 172.16.15.4"
	   local-data: "clamav       A 172.16.15.5"
	   local-data: "spamassassin A 172.16.15.6"
	   local-data: "dspam        A 172.16.15.7"
	   local-data: "vpopmail     A 172.16.15.8"
	   local-data: "haraka       A 172.16.15.9"
	   local-data: "webmail      A 172.16.15.10"
	   local-data: "monitor      A 172.16.15.11"
	   local-data: "haproxy      A 172.16.15.12"
	   local-data: "rspamd       A 172.16.15.13"
	   local-data: "avg          A 172.16.15.14"
	   local-data: "dovecot      A 172.16.15.15"
	   local-data: "redis        A 172.16.15.16"
	   local-data: "geoip        A 172.16.15.17"
	   local-data: "stage        A 172.16.15.254"

sysrc -R /jails/stage unbound_enable=YES
unbound_enable:  -> YES
jexec stage service unbound start
Obtaining a trust anchor:Starting unbound.
[1451327874] unbound[58285:0] warning: IPv6 protocol not available
nameserver 172.16.15.254
jexec stage host dns
dns has address 172.16.15.3
nameserver 172.16.15.3

   ***   promoting jail dns   ***

service jail stop stage
Stopping jails: stage.
jail -r stage
nameserver 172.16.15.3
umount /jails/stage/dev
unmount /jails/stage/usr/ports
unmount /jails/stage/var/cache/pkg
zfs rename zroot/jails/stage zroot/jails/dns.ready
service jail stop dns
Stopping jails: dns.
jail -r dns
zroot/jails/dns.last filesystem exists
zfs destroy zroot/jails/dns.last
zroot/jails/dns filesystem exists
zfs rename zroot/jails/dns zroot/jails/dns.last
zfs rename zroot/jails/dns.ready zroot/jails/dns

   ***   service jail start dns   ***

Starting jails: dns.

Success! A new 'dns' jail is provisioned

# jls
   JID  IP Address      Hostname                      Path
     3  172.16.15.3     dns                           /jails/dns