Last active
May 18, 2023 06:56
-
-
Save msimerson/d4ae6be9e15241283f07 to your computer and use it in GitHub Desktop.
Mail Toaster 6 - sample output - provision-base.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[~/mt6]# provision base | |
172.16.15.2 | |
*** skipping fetch, running from git *** | |
v: 20230507 | |
loading mail-toaster.conf | |
mysql enabled | |
toaster host: freebsd.vmware.imac27.simerson.net | |
email domain: imac27.simerson.net | |
IPv6 jail network: fd7a:e5cd:1fc1:186f:dead:beef:cafe | |
shell: /usr/local/bin/bash | |
safe name: stage | |
*** skipping include d/l, running from git *** | |
zroot/jails/base-13.2-RELEASE | |
*** zfs create -o mountpoint=/jails zroot/jails *** | |
*** zfs create zroot/jails/base-13.2-RELEASE *** | |
done | |
*** downloading ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/13.2-RELEASE/base.txz *** | |
base.txz 190 MB 3650 kBps 54s | |
done | |
*** extracting FreeBSD package base.tgz to /jails/base-13.2-RELEASE *** | |
done | |
*** apply FreeBSD security updates to base jail *** | |
Looking up update.FreeBSD.org mirrors... 2 mirrors found. | |
Fetching metadata signature for 13.2-RELEASE from update1.freebsd.org... done. | |
Fetching metadata index... done. | |
Inspecting system... done. | |
Preparing to download files... done. | |
No updates needed to update system to 13.2-RELEASE-p0. | |
No updates are available to install. | |
*** adding base jail resolv.conf *** | |
*** setting base jail timezone (to hosts) *** | |
*** setting base jail make.conf variables *** | |
WITH_PKGNG=yes | |
WRKDIRPREFIX?=/tmp/portbuild | |
hostname: -> base | |
cron_flags: -> -J 15 | |
syslogd_flags: -s -> -s -cc | |
sendmail_enable: NO -> NONE | |
update_motd: YES -> NO | |
*** switching pkg from quarterly to latest *** | |
FreeBSD: { | |
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest" | |
} | |
*** disabling adjkerntz, save-entropy, & atrun *** | |
done | |
#!/bin/sh | |
auto_remove="vim-console" | |
for _pkg in $auto_remove; | |
do | |
/usr/sbin/pkg delete "$_pkg" | |
done | |
# packages to be updated automatically | |
auto_upgrade="curl expat libxml2 pkg sudo vim-tiny" | |
# add packages with: | |
# sysrc -f /usr/local/etc/periodic/daily/auto_security_upgrades auto_upgrade+=" $NEW" | |
for _pkg in $auto_upgrade; | |
do | |
/usr/sbin/pkg audit | grep "$_pkg" && pkg install -y "$_pkg" | |
done | |
*** forwarding syslog to host *** | |
*.* @syslog | |
*** disabling newsyslog *** | |
newsyslog_enable: YES -> NO | |
*** customizing bourne shell prompt *** | |
alias h='fc -l' | |
alias j=jobs | |
alias m=$PAGER | |
alias ll="ls -alFG" | |
alias l='ls -l' | |
alias g='egrep -i' | |
PS1="$(whoami)@$(hostname -s):\\w " | |
case $(id -u) in | |
0) PS1="${PS1}# ";; | |
*) PS1="${PS1}$ ";; | |
esac | |
*** configure C shell *** | |
alias h history 25 | |
alias j jobs -l | |
alias la ls -aF | |
alias lf ls -FA | |
alias ll ls -lAFG | |
setenv EDITOR vi | |
setenv PAGER less | |
setenv BLOCKSIZE K | |
if ($?prompt) then | |
# An interactive shell -- set some stuff up | |
set prompt = "%N@%m:%~ %# " | |
set promptchars = "%#" | |
set filec | |
set history = 1000 | |
set savehist = (1000 merge) | |
set autolist = ambiguous | |
# Use history to aid expansion | |
set autoexpand | |
set autorehash | |
if ( $?tcsh ) then | |
bindkey "^W" backward-delete-word | |
bindkey -k up history-search-backward | |
bindkey -k down history-search-forward | |
endif | |
endif | |
*** stage jail base startup *** | |
ELF ldconfig path: /lib /usr/lib /usr/lib/compat | |
32-bit compatibility ldconfig path: /usr/lib32 | |
Setting hostname: base. | |
Clearing /tmp (X related). | |
Updating /var/run/os-release done. | |
Starting syslogd. | |
Starting cron. | |
Wed May 17 23:54:02 PDT 2023 | |
*** updating pkg database *** | |
Updating FreeBSD repository catalogue... | |
[base] Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 | |
[base] Fetching packagesite.pkg: 100% 7 MiB 3.5MB/s 00:02 | |
Processing entries: 100% | |
FreeBSD repository update completed. 33157 packages processed. | |
All repositories are up to date. | |
*** installing packages desired in every jail *** | |
pkg -j stage install -y pkg vim-tiny ca_root_nss | |
Updating FreeBSD repository catalogue... | |
FreeBSD repository is up to date. | |
All repositories are up to date. | |
The following 3 package(s) will be affected (of 0 checked): | |
New packages to be INSTALLED: | |
ca_root_nss: 3.89 | |
pkg: 1.19.1_1 | |
vim-tiny: 9.0.1503 | |
Number of packages to be installed: 3 | |
The process will require 37 MiB more space. | |
10 MiB to be downloaded. | |
[base] [1/3] Fetching pkg-1.19.1_1.pkg: 100% 8 MiB 2.9MB/s 00:03 | |
[base] [2/3] Fetching vim-tiny-9.0.1503.pkg: 100% 1 MiB 1.4MB/s 00:01 | |
[base] [3/3] Fetching ca_root_nss-3.89.pkg: 100% 266 KiB 272.8kB/s 00:01 | |
Checking integrity... done (0 conflicting) | |
[base] [1/3] Installing pkg-1.19.1_1... | |
[base] [1/3] Extracting pkg-1.19.1_1: 100% | |
[base] [2/3] Installing vim-tiny-9.0.1503... | |
[base] [2/3] Extracting vim-tiny-9.0.1503: 100% | |
[base] [3/3] Installing ca_root_nss-3.89... | |
[base] [3/3] Extracting ca_root_nss-3.89: 100% | |
===== | |
Message from ca_root_nss-3.89: | |
-- | |
FreeBSD does not, and can not warrant that the certification authorities | |
whose certificates are included in this package have in any way been | |
audited for trustworthiness or RFC 3647 compliance. | |
Assessment and verification of trust is the complete responsibility of the | |
system administrator. | |
This package installs symlinks to support root certificates discovery by | |
default for software that uses OpenSSL. | |
This enables SSL Certificate Verification by client software without manual | |
intervention. | |
If you prefer to do this manually, replace the following symlinks with | |
either an empty file or your site-local certificate bundle. | |
* /etc/ssl/cert.pem | |
* /usr/local/etc/ssl/cert.pem | |
* /usr/local/openssl/cert.pem | |
jexec stage newaliases | |
WARNING: local host name (base) is not qualified; see cf/README: WHO AM I? | |
/etc/mail/aliases: 29 aliases, longest 10 bytes, 297 bytes total | |
*** installing bash *** | |
pkg -j stage install -y bash | |
Updating FreeBSD repository catalogue... | |
FreeBSD repository is up to date. | |
All repositories are up to date. | |
The following 4 package(s) will be affected (of 0 checked): | |
New packages to be INSTALLED: | |
bash: 5.2.15 | |
gettext-runtime: 0.21.1 | |
indexinfo: 0.3.1 | |
readline: 8.2.1 | |
Number of packages to be installed: 4 | |
The process will require 12 MiB more space. | |
2 MiB to be downloaded. | |
[base] [1/4] Fetching indexinfo-0.3.1.pkg: 100% 6 KiB 5.7kB/s 00:01 | |
[base] [2/4] Fetching readline-8.2.1.pkg: 100% 367 KiB 375.8kB/s 00:01 | |
[base] [3/4] Fetching bash-5.2.15.pkg: 100% 2 MiB 1.7MB/s 00:01 | |
[base] [4/4] Fetching gettext-runtime-0.21.1.pkg: 100% 166 KiB 170.3kB/s 00:01 | |
Checking integrity... done (0 conflicting) | |
[base] [1/4] Installing indexinfo-0.3.1... | |
[base] [1/4] Extracting indexinfo-0.3.1: 100% | |
[base] [2/4] Installing readline-8.2.1... | |
[base] [2/4] Extracting readline-8.2.1: 100% | |
[base] [3/4] Installing gettext-runtime-0.21.1... | |
[base] [3/4] Extracting gettext-runtime-0.21.1: 100% | |
[base] [4/4] Installing bash-5.2.15... | |
[base] [4/4] Extracting bash-5.2.15: 100% | |
jexec stage chpass -s /usr/local/bin/bash | |
chpass: user information updated | |
*** adding .bash_profile for root@jail *** | |
export EDITOR="vim" | |
export BLOCKSIZE=K; | |
export HISTSIZE=10000 | |
export HISTCONTROL=ignoredups:erasedups | |
export HISTIGNORE="&:[bf]g:exit" | |
shopt -s histappend | |
shopt -s cdspell | |
alias h="history 200" | |
alias ll="ls -alFG" | |
PS1="$(whoami)@$(hostname -s):\\w # " | |
*** installing ssmtp *** | |
pkg -j stage install -y ssmtp | |
Updating FreeBSD repository catalogue... | |
FreeBSD repository is up to date. | |
All repositories are up to date. | |
The following 1 package(s) will be affected (of 0 checked): | |
New packages to be INSTALLED: | |
ssmtp: 2.64_7 | |
Number of packages to be installed: 1 | |
20 KiB to be downloaded. | |
[base] [1/1] Fetching ssmtp-2.64_7.pkg: 100% 20 KiB 20.6kB/s 00:01 | |
Checking integrity... done (0 conflicting) | |
[base] [1/1] Installing ssmtp-2.64_7... | |
===> Creating groups. | |
Creating group 'ssmtp' with gid '916'. | |
[base] [1/1] Extracting ssmtp-2.64_7: 100% | |
===== | |
Message from ssmtp-2.64_7: | |
-- | |
sSMTP has been installed successfully. | |
Firstly, edit /etc/mail/mailer.conf to replace sendmail with ssmtp: | |
sendmail /usr/local/sbin/ssmtp | |
send-mail /usr/local/sbin/ssmtp | |
mailq /usr/local/sbin/ssmtp | |
newaliases /usr/local/sbin/ssmtp | |
hoststat /usr/bin/true | |
purgestat /usr/bin/true | |
Hint: in case sSMPT is being installed directly from ports, | |
editing /etc/mail/mailer.conf can be done by running "make replace". | |
Secondly, edit the following files to configure sSMTP: | |
- /usr/local/etc/ssmtp/revaliases | |
- /usr/local/etc/ssmtp/ssmtp.conf | |
At this point sSMTP should be ready to go. | |
-- | |
===> NOTICE: | |
The ssmtp port currently does not have a maintainer. As a result, it is | |
more likely to have unresolved issues, not be up-to-date, or even be removed in | |
the future. To volunteer to maintain this port, please create an issue at: | |
https://bugs.freebsd.org/bugzilla | |
More information about port maintainership is available at: | |
https://docs.freebsd.org/en/articles/contributing/#ports-contributing | |
*** configuring ssmtp *** | |
sendmail /usr/local/sbin/ssmtp | |
send-mail /usr/local/sbin/ssmtp | |
mailq /usr/local/sbin/ssmtp | |
newaliases /usr/local/sbin/ssmtp | |
hoststat /usr/bin/true | |
purgestat /usr/bin/true | |
*** disabling passwordless root account *** | |
jexec stage pwd_mkdb /etc/master.passwd | |
*** installing /etc/periodic.conf *** | |
# periodic.conf tuned for periodic inside jails | |
# increase the signal, decrease the noise | |
# some versions of FreeBSD bark b/c these are defined in | |
# /etc/defaults/periodic.conf and do not exist. Hush. | |
daily_local="" | |
weekly_local="" | |
monthly_local="" | |
# in case /etc/aliases isn't set up properly | |
daily_output="postmaster@simerson.net" | |
weekly_output="postmaster@simerson.net" | |
monthly_output="postmaster@simerson.net" | |
security_show_success="NO" | |
security_show_info="NO" | |
security_status_pkgaudit_enable="NO" | |
security_status_pkgaudit_quiet="YES" | |
security_status_tcpwrap_enable="YES" | |
daily_status_security_inline="NO" | |
weekly_status_security_inline="NO" | |
monthly_status_security_inline="NO" | |
# These are redundant within a jail | |
security_status_chkmounts_enable="NO" | |
security_status_chksetuid_enable="NO" | |
security_status_neggrpperm_enable="NO" | |
security_status_ipfwlimit_enable="NO" | |
security_status_ipfwdenied_enable="NO" | |
security_status_pfdenied_enable="NO" | |
security_status_kernelmsg_enable="NO" | |
daily_accounting_enable="NO" | |
daily_accounting_compress="YES" | |
daily_backup_gpart_enable="NO" | |
daily_backup_pkg_enable="NO" | |
daily_backup_pkgdb_enable="NO" | |
daily_backup_pkgng_enable="NO" | |
daily_clean_disks_enable="NO" | |
daily_clean_disks_verbose="NO" | |
daily_clean_hoststat_enable="NO" | |
daily_clean_tmps_enable="YES" | |
daily_clean_tmps_verbose="NO" | |
daily_news_expire_enable="NO" | |
daily_ntpd_leapfile_enable="NO" | |
daily_show_success="NO" | |
daily_show_info="NO" | |
daily_show_badconfig="YES" | |
daily_status_disks_enable="NO" | |
daily_status_include_submit_mailq="NO" | |
daily_status_mail_rejects_enable="NO" | |
daily_status_mailq_enable="NO" | |
daily_status_network_enable="NO" | |
daily_status_rwho_enable="NO" | |
daily_submit_queuerun="NO" | |
weekly_accounting_enable="NO" | |
weekly_show_success="NO" | |
weekly_show_info="NO" | |
weekly_show_badconfig="YES" | |
weekly_whatis_enable="NO" | |
monthly_accounting_enable="NO" | |
monthly_show_success="NO" | |
monthly_show_info="NO" | |
monthly_show_badconfig="YES" | |
*** installing a jail-wide vimrc *** | |
"========================================== | |
" ProjectLink: https://github.com/wklken/vim-for-server | |
" Author: wklken | |
" Version: 0.2 | |
" Email: wklken@yeah.net | |
" BlogPost: http://www.wklken.me | |
" Donation: http://www.wklken.me/pages/donation.html | |
" ReadMe: README.md | |
" Last_modify: 2015-07-07 | |
" Desc: simple vim config for server, without any plugins. | |
"========================================== | |
" leader | |
let mapleader = ',' | |
let g:mapleader = ',' | |
" syntax | |
"syntax on | |
" history : how many lines of history VIM has to remember | |
set history=2000 | |
" filetype | |
filetype on | |
" Enable filetype plugins | |
filetype plugin on | |
filetype indent on | |
" base | |
set nocompatible " don't bother with vi compatibility | |
set autoread " reload files when changed on disk | |
set shortmess=atI | |
set magic " For regular expressions turn magic on | |
set title " change the terminal's title | |
set nobackup " do not keep a backup file | |
set novisualbell " turn off visual bell | |
set noerrorbells " don't beep | |
set visualbell t_vb= " turn off error beep/flash | |
set t_vb= | |
set tm=500 | |
" show location | |
set cursorcolumn | |
set cursorline | |
" movement | |
set scrolloff=7 " keep 3 lines when scrolling | |
" show | |
set ruler " show the current row and column | |
set number " show line numbers | |
set nowrap | |
set showcmd " display incomplete commands | |
set showmode " display current modes | |
set showmatch " jump to matches when entering parentheses | |
set matchtime=2 " tenths of a second to show the matching parenthesis | |
" search | |
set hlsearch " highlight searches | |
set incsearch " do incremental searching, search as you type | |
set ignorecase " ignore case when searching | |
set smartcase " no ignorecase if Uppercase char present | |
" tab | |
set expandtab " expand tabs to spaces | |
set smarttab | |
set shiftround | |
" indent | |
set autoindent smartindent shiftround | |
set shiftwidth=4 | |
set tabstop=4 | |
set softtabstop=4 " insert mode tab and backspace use 4 spaces | |
" NOT SUPPORT | |
" fold | |
set foldenable | |
set foldmethod=indent | |
set foldlevel=99 | |
let g:FoldMethod = 0 | |
map <leader>zz :call ToggleFold()<cr> | |
fun! ToggleFold() | |
if g:FoldMethod == 0 | |
exe "normal! zM" | |
let g:FoldMethod = 1 | |
else | |
exe "normal! zR" | |
let g:FoldMethod = 0 | |
endif | |
endfun | |
" encoding | |
set encoding=utf-8 | |
set fileencodings=ucs-bom,utf-8,cp936,gb18030,big5,euc-jp,euc-kr,latin1 | |
set termencoding=utf-8 | |
set ffs=unix,dos,mac | |
set formatoptions+=m | |
set formatoptions+=B | |
" select & complete | |
set selection=inclusive | |
set selectmode=mouse,key | |
set completeopt=longest,menu | |
set wildmenu " show a navigable menu for tab completion" | |
set wildmode=longest,list,full | |
set wildignore=*.o,*~,*.pyc,*.class | |
" others | |
set backspace=indent,eol,start " make that backspace key work the way it should | |
set whichwrap+=<,>,h,l | |
" if this not work ,make sure .viminfo is writable for you | |
if has("autocmd") | |
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif | |
endif | |
" NOT SUPPORT | |
" Enable basic mouse behavior such as resizing buffers. | |
" set mouse=a | |
" set mark column color | |
hi! link SignColumn LineNr | |
hi! link ShowMarksHLl DiffAdd | |
hi! link ShowMarksHLu DiffChange | |
" status line | |
set statusline=%<%f\ %h%m%r%=%k[%{(&fenc==\"\")?&enc:&fenc}%{(&bomb?\",BOM\":\"\")}]\ %-14.(%l,%c%V%)\ %P | |
set laststatus=2 " Always show the status line - use 2 lines for the status bar | |
" ============================ specific file type =========================== | |
autocmd FileType python set tabstop=4 shiftwidth=4 expandtab ai | |
autocmd FileType ruby set tabstop=2 shiftwidth=2 softtabstop=2 expandtab ai | |
autocmd BufRead,BufNew *.md,*.mkd,*.markdown set filetype=markdown.mkd | |
autocmd BufNewFile *.sh,*.py exec ":call AutoSetFileHead()" | |
function! AutoSetFileHead() | |
" .sh | |
if &filetype == 'sh' | |
call setline(1, "\#!/bin/sh") | |
endif | |
" python | |
if &filetype == 'python' | |
call setline(1, "\#!/usr/bin/env python") | |
call append(1, "\# encoding: utf-8") | |
endif | |
normal G | |
normal o | |
normal o | |
endfunc | |
autocmd FileType c,cpp,java,go,php,javascript,puppet,python,rust,twig,xml,yml,perl autocmd BufWritePre <buffer> :call <SID>StripTrailingWhitespaces() | |
fun! <SID>StripTrailingWhitespaces() | |
let l = line(".") | |
let c = col(".") | |
%s/\s\+$//e | |
call cursor(l, c) | |
endfun | |
" ============================ key map ============================ | |
nnoremap k gk | |
nnoremap gk k | |
nnoremap j gj | |
nnoremap gj j | |
map <C-j> <C-W>j | |
map <C-k> <C-W>k | |
map <C-h> <C-W>h | |
map <C-l> <C-W>l | |
nnoremap <F2> :set nu! nu?<CR> | |
nnoremap <F3> :set list! list?<CR> | |
nnoremap <F4> :set wrap! wrap?<CR> | |
set pastetoggle=<F5> " when in insert mode, press <F5> to go to | |
" paste mode, where you can paste mass data | |
" that won't be autoindented | |
au InsertLeave * set nopaste | |
nnoremap <F6> :exec exists('syntax_on') ? 'syn off' : 'syn on'<CR> | |
" kj 替换 Esc | |
inoremap kj <Esc> | |
" Quickly close the current window | |
nnoremap <leader>q :q<CR> | |
" Quickly save the current file | |
nnoremap <leader>w :w<CR> | |
" select all | |
map <Leader>sa ggVG" | |
" remap U to <C-r> for easier redo | |
nnoremap U <C-r> | |
" switch # * | |
" nnoremap # * | |
" nnoremap * # | |
"Keep search pattern at the center of the screen." | |
nnoremap <silent> n nzz | |
nnoremap <silent> N Nzz | |
nnoremap <silent> * *zz | |
nnoremap <silent> # #zz | |
nnoremap <silent> g* g*zz | |
" remove highlight | |
noremap <silent><leader>/ :nohls<CR> | |
"Reselect visual block after indent/outdent.调整缩进后自动选中,方便再次操作 | |
vnoremap < <gv | |
vnoremap > >gv | |
" y$ -> Y Make Y behave like other capitals | |
map Y y$ | |
"Map ; to : and save a million keystrokes | |
" ex mode commands made easy 用于快速进入命令行 | |
nnoremap ; : | |
" save | |
cmap w!! w !sudo tee >/dev/null % | |
" command mode, ctrl-a to head, ctrl-e to tail | |
cnoremap <C-j> <t_kd> | |
cnoremap <C-k> <t_ku> | |
cnoremap <C-a> <Home> | |
cnoremap <C-e> <End> | |
jexec stage pkg upgrade -y | |
Updating FreeBSD repository catalogue... | |
FreeBSD repository is up to date. | |
All repositories are up to date. | |
Checking for upgrades (0 candidates): 100% | |
Processing candidates (0 candidates): 100% | |
Checking integrity... done (0 conflicting) | |
Your packages are up to date. | |
service jail stop stage | |
Stopping jails: stagejail: stage: chdir /jails/stage: No such file or directory | |
jail: stage: /bin/sh /etc/rc.shutdown: failed | |
. | |
jail -r stage | |
zfs snapshot zroot/jails/base-13.2-RELEASE@p0 | |
*** creating /etc/jail.conf.d/base.conf *** | |
exec.start = "/bin/sh /etc/rc"; | |
exec.stop = "/bin/sh /etc/rc.shutdown"; | |
exec.clean; | |
mount.devfs; | |
devfs_ruleset=5; | |
path = "/jails/$name"; | |
interface = lo1; | |
host.hostname = $name; | |
base { | |
ip4.addr = lo1|172.16.15.2; | |
ip6.addr = lo1|fd7a:e5cd:1fc1:186f:dead:beef:cafe:0002; | |
mount += "/data/base $path/data nullfs rw 0 0"; | |
} | |
Success! A new 'base' jail is provisioned |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment