Skip to content

Instantly share code, notes, and snippets.

@msimerson

msimerson/gist:d4ae6be9e15241283f07

Last active May 18, 2023 06:56
Show Gist options
  • Save msimerson/d4ae6be9e15241283f07 to your computer and use it in GitHub Desktop.
Save msimerson/d4ae6be9e15241283f07 to your computer and use it in GitHub Desktop.
Download ZIP
Mail Toaster 6 - sample output - provision-base.sh
Raw
gistfile1.txt
[~/mt6]# provision base
172.16.15.2
*** skipping fetch, running from git ***
v: 20230507
loading mail-toaster.conf
mysql enabled
toaster host: freebsd.vmware.imac27.simerson.net
email domain: imac27.simerson.net
IPv6 jail network: fd7a:e5cd:1fc1:186f:dead:beef:cafe
shell: /usr/local/bin/bash
safe name: stage
*** skipping include d/l, running from git ***
zroot/jails/base-13.2-RELEASE
*** zfs create -o mountpoint=/jails zroot/jails ***
*** zfs create zroot/jails/base-13.2-RELEASE ***
done
*** downloading ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/13.2-RELEASE/base.txz ***
base.txz 190 MB 3650 kBps 54s
done
*** extracting FreeBSD package base.tgz to /jails/base-13.2-RELEASE ***
done
*** apply FreeBSD security updates to base jail ***
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 13.2-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.
No updates needed to update system to 13.2-RELEASE-p0.
No updates are available to install.
*** adding base jail resolv.conf ***
*** setting base jail timezone (to hosts) ***
*** setting base jail make.conf variables ***
WITH_PKGNG=yes
WRKDIRPREFIX?=/tmp/portbuild
hostname: -> base
cron_flags: -> -J 15
syslogd_flags: -s -> -s -cc
sendmail_enable: NO -> NONE
update_motd: YES -> NO
*** switching pkg from quarterly to latest ***
FreeBSD: {
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest"
}
*** disabling adjkerntz, save-entropy, & atrun ***
done
#!/bin/sh
auto_remove="vim-console"
for _pkg in $auto_remove;
do
/usr/sbin/pkg delete "$_pkg"
done
# packages to be updated automatically
auto_upgrade="curl expat libxml2 pkg sudo vim-tiny"
# add packages with:
# sysrc -f /usr/local/etc/periodic/daily/auto_security_upgrades auto_upgrade+=" $NEW"
for _pkg in $auto_upgrade;
do
/usr/sbin/pkg audit | grep "$_pkg" && pkg install -y "$_pkg"
done
*** forwarding syslog to host ***
*.* @syslog
*** disabling newsyslog ***
newsyslog_enable: YES -> NO
*** customizing bourne shell prompt ***
alias h='fc -l'
alias j=jobs
alias m=$PAGER
alias ll="ls -alFG"
alias l='ls -l'
alias g='egrep -i'
PS1="$(whoami)@$(hostname -s):\\w "
case $(id -u) in
0) PS1="${PS1}# ";;
*) PS1="${PS1}$ ";;
esac
*** configure C shell ***
alias h history 25
alias j jobs -l
alias la ls -aF
alias lf ls -FA
alias ll ls -lAFG
setenv EDITOR vi
setenv PAGER less
setenv BLOCKSIZE K
if ($?prompt) then
# An interactive shell -- set some stuff up
set prompt = "%N@%m:%~ %# "
set promptchars = "%#"
set filec
set history = 1000
set savehist = (1000 merge)
set autolist = ambiguous
# Use history to aid expansion
set autoexpand
set autorehash
if ( $?tcsh ) then
bindkey "^W" backward-delete-word
bindkey -k up history-search-backward
bindkey -k down history-search-forward
endif
endif
*** stage jail base startup ***
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Setting hostname: base.
Clearing /tmp (X related).
Updating /var/run/os-release done.
Starting syslogd.
Starting cron.
Wed May 17 23:54:02 PDT 2023
*** updating pkg database ***
Updating FreeBSD repository catalogue...
[base] Fetching meta.conf: 100% 163 B 0.2kB/s 00:01
[base] Fetching packagesite.pkg: 100% 7 MiB 3.5MB/s 00:02
Processing entries: 100%
FreeBSD repository update completed. 33157 packages processed.
All repositories are up to date.
*** installing packages desired in every jail ***
pkg -j stage install -y pkg vim-tiny ca_root_nss
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 3 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
ca_root_nss: 3.89
pkg: 1.19.1_1
vim-tiny: 9.0.1503
Number of packages to be installed: 3
The process will require 37 MiB more space.
10 MiB to be downloaded.
[base] [1/3] Fetching pkg-1.19.1_1.pkg: 100% 8 MiB 2.9MB/s 00:03
[base] [2/3] Fetching vim-tiny-9.0.1503.pkg: 100% 1 MiB 1.4MB/s 00:01
[base] [3/3] Fetching ca_root_nss-3.89.pkg: 100% 266 KiB 272.8kB/s 00:01
Checking integrity... done (0 conflicting)
[base] [1/3] Installing pkg-1.19.1_1...
[base] [1/3] Extracting pkg-1.19.1_1: 100%
[base] [2/3] Installing vim-tiny-9.0.1503...
[base] [2/3] Extracting vim-tiny-9.0.1503: 100%
[base] [3/3] Installing ca_root_nss-3.89...
[base] [3/3] Extracting ca_root_nss-3.89: 100%
=====
Message from ca_root_nss-3.89:
--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.
Assessment and verification of trust is the complete responsibility of the
system administrator.
This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.
This enables SSL Certificate Verification by client software without manual
intervention.
If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.
* /etc/ssl/cert.pem
* /usr/local/etc/ssl/cert.pem
* /usr/local/openssl/cert.pem
jexec stage newaliases
WARNING: local host name (base) is not qualified; see cf/README: WHO AM I?
/etc/mail/aliases: 29 aliases, longest 10 bytes, 297 bytes total
*** installing bash ***
pkg -j stage install -y bash
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
bash: 5.2.15
gettext-runtime: 0.21.1
indexinfo: 0.3.1
readline: 8.2.1
Number of packages to be installed: 4
The process will require 12 MiB more space.
2 MiB to be downloaded.
[base] [1/4] Fetching indexinfo-0.3.1.pkg: 100% 6 KiB 5.7kB/s 00:01
[base] [2/4] Fetching readline-8.2.1.pkg: 100% 367 KiB 375.8kB/s 00:01
[base] [3/4] Fetching bash-5.2.15.pkg: 100% 2 MiB 1.7MB/s 00:01
[base] [4/4] Fetching gettext-runtime-0.21.1.pkg: 100% 166 KiB 170.3kB/s 00:01
Checking integrity... done (0 conflicting)
[base] [1/4] Installing indexinfo-0.3.1...
[base] [1/4] Extracting indexinfo-0.3.1: 100%
[base] [2/4] Installing readline-8.2.1...
[base] [2/4] Extracting readline-8.2.1: 100%
[base] [3/4] Installing gettext-runtime-0.21.1...
[base] [3/4] Extracting gettext-runtime-0.21.1: 100%
[base] [4/4] Installing bash-5.2.15...
[base] [4/4] Extracting bash-5.2.15: 100%
jexec stage chpass -s /usr/local/bin/bash
chpass: user information updated
*** adding .bash_profile for root@jail ***
export EDITOR="vim"
export BLOCKSIZE=K;
export HISTSIZE=10000
export HISTCONTROL=ignoredups:erasedups
export HISTIGNORE="&:[bf]g:exit"
shopt -s histappend
shopt -s cdspell
alias h="history 200"
alias ll="ls -alFG"
PS1="$(whoami)@$(hostname -s):\\w # "
*** installing ssmtp ***
pkg -j stage install -y ssmtp
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
ssmtp: 2.64_7
Number of packages to be installed: 1
20 KiB to be downloaded.
[base] [1/1] Fetching ssmtp-2.64_7.pkg: 100% 20 KiB 20.6kB/s 00:01
Checking integrity... done (0 conflicting)
[base] [1/1] Installing ssmtp-2.64_7...
===> Creating groups.
Creating group 'ssmtp' with gid '916'.
[base] [1/1] Extracting ssmtp-2.64_7: 100%
=====
Message from ssmtp-2.64_7:
--
sSMTP has been installed successfully.
Firstly, edit /etc/mail/mailer.conf to replace sendmail with ssmtp:
sendmail /usr/local/sbin/ssmtp
send-mail /usr/local/sbin/ssmtp
mailq /usr/local/sbin/ssmtp
newaliases /usr/local/sbin/ssmtp
hoststat /usr/bin/true
purgestat /usr/bin/true
Hint: in case sSMPT is being installed directly from ports,
editing /etc/mail/mailer.conf can be done by running "make replace".
Secondly, edit the following files to configure sSMTP:
- /usr/local/etc/ssmtp/revaliases
- /usr/local/etc/ssmtp/ssmtp.conf
At this point sSMTP should be ready to go.
--
===> NOTICE:
The ssmtp port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:
https://bugs.freebsd.org/bugzilla
More information about port maintainership is available at:
https://docs.freebsd.org/en/articles/contributing/#ports-contributing
*** configuring ssmtp ***
sendmail /usr/local/sbin/ssmtp
send-mail /usr/local/sbin/ssmtp
mailq /usr/local/sbin/ssmtp
newaliases /usr/local/sbin/ssmtp
hoststat /usr/bin/true
purgestat /usr/bin/true
*** disabling passwordless root account ***
jexec stage pwd_mkdb /etc/master.passwd
*** installing /etc/periodic.conf ***
# periodic.conf tuned for periodic inside jails
# increase the signal, decrease the noise
# some versions of FreeBSD bark b/c these are defined in
# /etc/defaults/periodic.conf and do not exist. Hush.
daily_local=""
weekly_local=""
monthly_local=""
# in case /etc/aliases isn't set up properly
daily_output="postmaster@simerson.net"
weekly_output="postmaster@simerson.net"
monthly_output="postmaster@simerson.net"
security_show_success="NO"
security_show_info="NO"
security_status_pkgaudit_enable="NO"
security_status_pkgaudit_quiet="YES"
security_status_tcpwrap_enable="YES"
daily_status_security_inline="NO"
weekly_status_security_inline="NO"
monthly_status_security_inline="NO"
# These are redundant within a jail
security_status_chkmounts_enable="NO"
security_status_chksetuid_enable="NO"
security_status_neggrpperm_enable="NO"
security_status_ipfwlimit_enable="NO"
security_status_ipfwdenied_enable="NO"
security_status_pfdenied_enable="NO"
security_status_kernelmsg_enable="NO"
daily_accounting_enable="NO"
daily_accounting_compress="YES"
daily_backup_gpart_enable="NO"
daily_backup_pkg_enable="NO"
daily_backup_pkgdb_enable="NO"
daily_backup_pkgng_enable="NO"
daily_clean_disks_enable="NO"
daily_clean_disks_verbose="NO"
daily_clean_hoststat_enable="NO"
daily_clean_tmps_enable="YES"
daily_clean_tmps_verbose="NO"
daily_news_expire_enable="NO"
daily_ntpd_leapfile_enable="NO"
daily_show_success="NO"
daily_show_info="NO"
daily_show_badconfig="YES"
daily_status_disks_enable="NO"
daily_status_include_submit_mailq="NO"
daily_status_mail_rejects_enable="NO"
daily_status_mailq_enable="NO"
daily_status_network_enable="NO"
daily_status_rwho_enable="NO"
daily_submit_queuerun="NO"
weekly_accounting_enable="NO"
weekly_show_success="NO"
weekly_show_info="NO"
weekly_show_badconfig="YES"
weekly_whatis_enable="NO"
monthly_accounting_enable="NO"
monthly_show_success="NO"
monthly_show_info="NO"
monthly_show_badconfig="YES"
*** installing a jail-wide vimrc ***
"==========================================
" ProjectLink: https://github.com/wklken/vim-for-server
" Author: wklken
" Version: 0.2
" Email: wklken@yeah.net
" BlogPost: http://www.wklken.me
" Donation: http://www.wklken.me/pages/donation.html
" ReadMe: README.md
" Last_modify: 2015-07-07
" Desc: simple vim config for server, without any plugins.
"==========================================
" leader
let mapleader = ','
let g:mapleader = ','
" syntax
"syntax on
" history : how many lines of history VIM has to remember
set history=2000
" filetype
filetype on
" Enable filetype plugins
filetype plugin on
filetype indent on
" base
set nocompatible " don't bother with vi compatibility
set autoread " reload files when changed on disk
set shortmess=atI
set magic " For regular expressions turn magic on
set title " change the terminal's title
set nobackup " do not keep a backup file
set novisualbell " turn off visual bell
set noerrorbells " don't beep
set visualbell t_vb= " turn off error beep/flash
set t_vb=
set tm=500
" show location
set cursorcolumn
set cursorline
" movement
set scrolloff=7 " keep 3 lines when scrolling
" show
set ruler " show the current row and column
set number " show line numbers
set nowrap
set showcmd " display incomplete commands
set showmode " display current modes
set showmatch " jump to matches when entering parentheses
set matchtime=2 " tenths of a second to show the matching parenthesis
" search
set hlsearch " highlight searches
set incsearch " do incremental searching, search as you type
set ignorecase " ignore case when searching
set smartcase " no ignorecase if Uppercase char present
" tab
set expandtab " expand tabs to spaces
set smarttab
set shiftround
" indent
set autoindent smartindent shiftround
set shiftwidth=4
set tabstop=4
set softtabstop=4 " insert mode tab and backspace use 4 spaces
" NOT SUPPORT
" fold
set foldenable
set foldmethod=indent
set foldlevel=99
let g:FoldMethod = 0
map <leader>zz :call ToggleFold()<cr>
fun! ToggleFold()
if g:FoldMethod == 0
exe "normal! zM"
let g:FoldMethod = 1
else
exe "normal! zR"
let g:FoldMethod = 0
endif
endfun
" encoding
set encoding=utf-8
set fileencodings=ucs-bom,utf-8,cp936,gb18030,big5,euc-jp,euc-kr,latin1
set termencoding=utf-8
set ffs=unix,dos,mac
set formatoptions+=m
set formatoptions+=B
" select & complete
set selection=inclusive
set selectmode=mouse,key
set completeopt=longest,menu
set wildmenu " show a navigable menu for tab completion"
set wildmode=longest,list,full
set wildignore=*.o,*~,*.pyc,*.class
" others
set backspace=indent,eol,start " make that backspace key work the way it should
set whichwrap+=<,>,h,l
" if this not work ,make sure .viminfo is writable for you
if has("autocmd")
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
endif
" NOT SUPPORT
" Enable basic mouse behavior such as resizing buffers.
" set mouse=a
" set mark column color
hi! link SignColumn LineNr
hi! link ShowMarksHLl DiffAdd
hi! link ShowMarksHLu DiffChange
" status line
set statusline=%<%f\ %h%m%r%=%k[%{(&fenc==\"\")?&enc:&fenc}%{(&bomb?\",BOM\":\"\")}]\ %-14.(%l,%c%V%)\ %P
set laststatus=2 " Always show the status line - use 2 lines for the status bar
" ============================ specific file type ===========================
autocmd FileType python set tabstop=4 shiftwidth=4 expandtab ai
autocmd FileType ruby set tabstop=2 shiftwidth=2 softtabstop=2 expandtab ai
autocmd BufRead,BufNew *.md,*.mkd,*.markdown set filetype=markdown.mkd
autocmd BufNewFile *.sh,*.py exec ":call AutoSetFileHead()"
function! AutoSetFileHead()
" .sh
if &filetype == 'sh'
call setline(1, "\#!/bin/sh")
endif
" python
if &filetype == 'python'
call setline(1, "\#!/usr/bin/env python")
call append(1, "\# encoding: utf-8")
endif
normal G
normal o
normal o
endfunc
autocmd FileType c,cpp,java,go,php,javascript,puppet,python,rust,twig,xml,yml,perl autocmd BufWritePre <buffer> :call <SID>StripTrailingWhitespaces()
fun! <SID>StripTrailingWhitespaces()
let l = line(".")
let c = col(".")
%s/\s\+$//e
call cursor(l, c)
endfun
" ============================ key map ============================
nnoremap k gk
nnoremap gk k
nnoremap j gj
nnoremap gj j
map <C-j> <C-W>j
map <C-k> <C-W>k
map <C-h> <C-W>h
map <C-l> <C-W>l
nnoremap <F2> :set nu! nu?<CR>
nnoremap <F3> :set list! list?<CR>
nnoremap <F4> :set wrap! wrap?<CR>
set pastetoggle=<F5> " when in insert mode, press <F5> to go to
" paste mode, where you can paste mass data
" that won't be autoindented
au InsertLeave * set nopaste
nnoremap <F6> :exec exists('syntax_on') ? 'syn off' : 'syn on'<CR>
" kj 替换 Esc
inoremap kj <Esc>
" Quickly close the current window
nnoremap <leader>q :q<CR>
" Quickly save the current file
nnoremap <leader>w :w<CR>
" select all
map <Leader>sa ggVG"
" remap U to <C-r> for easier redo
nnoremap U <C-r>
" switch # *
" nnoremap # *
" nnoremap * #
"Keep search pattern at the center of the screen."
nnoremap <silent> n nzz
nnoremap <silent> N Nzz
nnoremap <silent> * *zz
nnoremap <silent> # #zz
nnoremap <silent> g* g*zz
" remove highlight
noremap <silent><leader>/ :nohls<CR>
"Reselect visual block after indent/outdent.调整缩进后自动选中,方便再次操作
vnoremap < <gv
vnoremap > >gv
" y$ -> Y Make Y behave like other capitals
map Y y$
"Map ; to : and save a million keystrokes
" ex mode commands made easy 用于快速进入命令行
nnoremap ; :
" save
cmap w!! w !sudo tee >/dev/null %
" command mode, ctrl-a to head, ctrl-e to tail
cnoremap <C-j> <t_kd>
cnoremap <C-k> <t_ku>
cnoremap <C-a> <Home>
cnoremap <C-e> <End>
jexec stage pkg upgrade -y
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking for upgrades (0 candidates): 100%
Processing candidates (0 candidates): 100%
Checking integrity... done (0 conflicting)
Your packages are up to date.
service jail stop stage
Stopping jails: stagejail: stage: chdir /jails/stage: No such file or directory
jail: stage: /bin/sh /etc/rc.shutdown: failed
.
jail -r stage
zfs snapshot zroot/jails/base-13.2-RELEASE@p0
*** creating /etc/jail.conf.d/base.conf ***
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
devfs_ruleset=5;
path = "/jails/$name";
interface = lo1;
host.hostname = $name;
base {
ip4.addr = lo1|172.16.15.2;
ip6.addr = lo1|fd7a:e5cd:1fc1:186f:dead:beef:cafe:0002;
mount += "/data/base $path/data nullfs rw 0 0";
}
Success! A new 'base' jail is provisioned
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment