Skip to content

Instantly share code, notes, and snippets.

@qis

qis/freebsd.md

Last active August 25, 2023 11:46
Show Gist options
  • Save qis/57d4dd179fd5b12ac56d78dd9ca81083 to your computer and use it in GitHub Desktop.
Save qis/57d4dd179fd5b12ac56d78dd9ca81083 to your computer and use it in GitHub Desktop.
Download ZIP
Installation and setup instructions for FreeBSD
Raw
freebsd.md

FreeBSD

Installation template for FreeBSD RELEASE, STABLE and CURRENT.

Distribution Select

[ ] doc
[*] src (for building ports)

System Configuration

[*] sshd
[*] ntpd

System Hardening

[*] 0 hide_uids
[*] 1 hide_gids
[*] 2 hide_jail
[ ] 3 read_msgbuf
[ ] 4 proc_debug
[ ] 5 random_pid
[*] 6 clear_tmp
[*] 7 disable_syslogd
[*] 8 disable_sendmail
[*] 9 secure_console

Manual Configuration

zfs create zroot/usr/obj
zfs rename zroot/usr/home zroot/home
zfs set mountpoint=/home zroot/home
rm -f /home
exit

System Setup

Show system information.

echo | clang -E - -march=native -### |& sed 's/.*-target-cpu" "\([^"]*\).*/Target CPU: \1/g'
sysctl hw.machine hw.machine_arch hw.model hw.ncpu
pkg query -e '%a = 0' %o

Configure system.

printf "fdesc\t\t\t/dev/fd\t\tfdescfs\trw\t\t0\t0\n" >> /etc/fstab
printf "proc\t\t\t/proc\t\tprocfs\trw\t\t0\t0\n" >> /etc/fstab

System Backup

Create backup.

tar cvzf /home/qis/`hostname -s`.tgz --exclude "bundle/ycm" /boot/loader.conf \
  /etc/{{devfs,mail/mailer,make,ntp,rc,resolv,sysctl,src}.conf,mergemaster.rc,ssh/sshd_config} \
  /home/qis/{.config/nvim,.cshrc,.gitconfig,.tmux.conf,.ssh/authorized_keys,.ssh/config,.vim} \
  /root/{.config/nvim,.cshrc,.tmux.conf,.ssh/authorized_keys,.ssh/config,.vim}

Restore backup.

tar xvpf /home/qis/`hostname -s`.tgz -C /
rm -f /home/qis/{.login,.login_conf,.mail_aliases,.mailrc,.profile,.rhosts,.shrc,root.tar.gz}
rm -f /root/{.k5login,.login,.profile}
chown -R qis:qis /home/qis
reboot

Create svn(1) symlink when using official releases.

ln -s /usr/bin/svnlite /usr/bin/svn

System Update

Update RELEASE.

freebsd-update fetch
freebsd-update install

Update STABLE.

svn co https://svn.freebsd.org/base/stable/11 /usr/src && \
cd /usr/src && make -j8 buildworld kernel KERNCONF=GENERIC && reboot
cd /usr/src && make installworld

Update CURRENT.

svn co https://svn.freebsd.org/base/head /usr/src && \
cd /usr/src && make -j8 buildworld kernel KERNCONF=GENERIC-NODEBUG && reboot
cd /usr/src && make installworld

Merge configuration files.

mergemaster -Ui

Delete old files and libraries.

cd /usr/src
make check-old       # yes | make delete-old
make check-old-libs  # yes | make delete-old-libs

Create installation media.

cd /usr/src/release
set kernel=`/bin/ls /usr/obj/usr/src/sys | grep -v boot | head -1`
make cdrom memstick KERNCONF=${kernel} NODOC=yes NOPORTS=yes && \
mv memstick.img /home/qis/r`svn info | grep Revision | cut -w -f2`.img && \
mv disc1.iso /home/qis/r`svn info | grep Revision | cut -w -f2`.iso

Ports

Install portmaster.

portsnap fetch && portsnap extract > /dev/null && \
cd /usr/ports/ports-mgmt/portmaster && make install clean distclean

Install ports.

portmaster -GDy sysutils/{htop,tmux,tree} security/{ca_root_nss,sudo} ftp/wget editors/neovim \
  lang/{python,python3} devel/{boost-all,cmake,git-lite,nasm,ninja,py-pip,py3-pip} \
  databases/sqlite3 www/nginx-lite net/samba46 benchmarks/wrk

Update ports.

portsnap fetch update
portmaster -L
portmaster -GDay
portmaster --clean-distfiles

Packages

Switch to the latest packages branch.

sed -i .orig 's/quarterly/latest/' /etc/pkg/FreeBSD.conf
pkg update
pkg upgrade

Install packages.

pkg install htop tmux tree ca_root_nss sudo wget neovim \
  cmake git-lite nasm ninja samba46 nginx-lite \
  python python3 py-pip py3-pip samba46 wrk

Update packages.

pkg update
pkg upgrade

neovim

Create nvim(1) symlink and install python packages.

ln -s /usr/local/bin/nvim /usr/local/bin/vim
pip-2.7 install --upgrade neovim
pip-3.6 install --upgrade neovim

Install YouCompleteMe as user.

cd ~/.vim/bundle && git clone --recursive https://github.com/Valloric/YouCompleteMe ycm && rm -rf ycm/.git
cd ~/.vim/bundle/ycm && python2.7 install.py --clang-completer --system-boost

sudo

Configure sudo(1) with set EDITOR=vim; visudo.

# FreeBSD pkg and fetch.
Defaults env_keep += "PKG_CACHEDIR PKG_DBDIR FTP_PASSIVE_MODE"

# FreeBSD portupgrade.
Defaults env_keep += "PORTSDIR PORTS_INDEX PORTS_DBDIR PACKAGES PKGTOOLS_CONF"

# Locale settings.
Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET MM_CHARSET"

# Applications.
Defaults env_keep += "EDITOR PAGER CLICOLOR LSCOLORS TMUX"

# User privilege specification.
root	ALL=(ALL) ALL
qis	ALL=(ALL) NOPASSWD: ALL

# See sudoers(5) for more information on "#include" directives:
#includedir /usr/local/etc/sudoers.d

clang++

Test C++ compiler and standard library fatures.

#include <experimental/filesystem>
#include <iostream>
#include <stdexcept>
#include <thread>

namespace fs = std::experimental::filesystem;

int main() {
  std::exception_ptr exception;
  auto thread = std::thread([&]() {
    try {
      std::cout << fs::current_path() << std::endl;
      throw std::runtime_error("success");
    }
    catch (...) {
      exception = std::current_exception();
    }
  });
  thread.join();
  try {
    std::rethrow_exception(exception);
  }
  catch (const std::exception& e) {
    std::cout << e.what() << std::endl;
  }
}
clang++ -std=c++17 -O3 -flto=thin -c main.cpp
clang++ -fuse-ld=lld main.o -pthread -lc++experimental

Development

Install development ports.

portmaster -GDy --update-if-newer devel/{googletest,libfmt} ftp/curl graphics/{libjpeg-turbo,png} print/freetype2

Install development packages.

pkg install googletest libfmt curl libjpeg-turbo png freetype2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment