42 lines
1.0 KiB
YAML
42 lines
1.0 KiB
YAML
|
---
|
||
|
|
- name: install bastille
|
||
|
|
pkgng:
|
||
|
|
name: bastille
|
||
|
|
|
||
|
|
- name: enable bastille
|
||
|
|
community.general.sysrc:
|
||
|
|
name: bastille_enable
|
||
|
|
value: "YES"
|
||
|
|
|
||
|
|
- name: add bastille devfs rule
|
||
|
|
blockinfile:
|
||
|
|
path: /etc/devfs.rules
|
||
|
|
marker: "<!-- {mark} ANSIBLE MANAGED vnet -->"
|
||
|
|
create: yes
|
||
|
|
block: |
|
||
|
|
[bastille_vnet=13]
|
||
|
|
add path 'bpf*' unhide
|
||
|
|
|
||
|
|
- name: enable zfs for bastille
|
||
|
|
community.general.sysrc:
|
||
|
|
name: "{{ item.name }}"
|
||
|
|
value: "{{ item.value }}"
|
||
|
|
path: /usr/local/etc/bastille/bastille.conf
|
||
|
|
loop:
|
||
|
|
- { name: "bastille_zfs_enable", value: "YES" }
|
||
|
|
- { name: "bastille_zfs_zpool", value: "zroot" }
|
||
|
|
|
||
|
|
- name: bootstrap {{ release }} release
|
||
|
|
shell: "bastille bootstrap {{ release }}"
|
||
|
|
args:
|
||
|
|
creates: "/usr/local/bastille/releases/{{ release }}"
|
||
|
|
|
||
|
|
- name: configure bootstrap to use latest pkgs
|
||
|
|
replace:
|
||
|
|
path: "/usr/local/bastille/releases/{{ release }}/etc/pkg/FreeBSD.conf"
|
||
|
|
regexp: '^(.*)quarterly(.*)$'
|
||
|
|
replace: '\1latest\2'
|
||
|
|
|
||
|
|
# - name: update bootstrap
|
||
|
|
# shell: "bastille update {{ release }}"
|