desperate tries to get the v6 jail up

2024-11-19 18:38:45 +01:00 · 2024-11-19 18:38:45 +01:00 · 2617b3860b
commit 2617b3860b
parent 8e23c090d9
5 changed files with 24 additions and 13 deletions
--- a/3
+++ b/3
@ -46,3 +46,6 @@ editvars:
 	ansible-vault decrypt $(VARS)
 	vi $(VARS)
 	ansible-vault encrypt $(VARS)
+
+showvars:
+	ansible-vault decrypt $(VARS) --output -
--- a/deploy.yaml
+++ b/deploy.yaml
@ -9,5 +9,5 @@
    - role: network
    - role: firewall
    - role: ssh
-    #- role: jails
-    #- role: pubnix
+    - role: jails
+    - role: pubnix
--- a/group_vars/all/all.yaml
+++ b/group_vars/all/all.yaml
@ -44,6 +44,7 @@ kernel:
    security.bsd.see_other_uids: 0
    security.bsd.see_other_gids: 0
    security.bsd.see_jail_proc: 0
+  sysctlsoff:
    security.bsd.unprivileged_read_msgbuf: 0
    security.bsd.unprivileged_proc_debug: 0
    kern.randompid: 1
--- a/group_vars/all/vars.yaml
+++ b/group_vars/all/vars.yaml
@ -1,12 +1,12 @@
 $ANSIBLE_VAULT;1.1;AES256
-66323661356665373037316136353833646231623531323031306336613065326431643138336430
-3438323839633335333963306638323137333664366466310a623862636139366336393835353238
-38613934383631633134386564616233326234333637636162626632633762656366303036313539
-3365646662386263650a333636366132363662376362383737383233646531616632376234303062
-32366464613630396463326236643361386637616664663066326337663037663639613433316462
-33636665653930346265323237363238626463666163616439393332313639343863343764323639
-34353834393236643530346238323164656339653365393563383938316461393730333536343365
-63303865626534653237383634633937613039663761313038303461303837643066306161383661
-65326237366536306632633539656335373536336231303330386332646363333131393664656365
-36366539616230623338396434376565346435636331353963366438376437343233373735393730
-346162343166373762626664363866663536
+30386430356466633261653236656333623835666363653766313864376439663739666539373466
+6133333563663839306331373863623064656330363234660a613235386230353233336134333665
+33323865646238363862663334343738326339623939663036643833356466633062656362653061
+3661626430303038360a303961356566663239656337333833323036343432656332386234623131
+34323538326435643534663239613438333037646261663462323661306536383435626133663562
+34326239363138656666353563396132303633373539646330303536346637346532616462393332
+64613233373331396364613466303535383964313836356365393735326136323832313731653936
+31633637643632323139303132336663626532623037343139363839626165323062303335363237
+31646234393337366330353261383465316632663232303464346566333738326164363935613933
+63393139663665343861363434396664383965613437383963343861333565356135656335383234
+656638656239636133646562383734323835
--- a/roles/network/tasks/main.yaml
+++ b/roles/network/tasks/main.yaml
@ -12,6 +12,13 @@
    value: "up"
  notify: netif cloneup

+- name: Setup bridge interface
+  community.general.sysrc:
+    name: ifconfig_bridge0
+    state: value_present
+    value: "addm vtnet0"
+  notify: netif cloneup
+  
 - name: Setup bridge interface ipv6
  community.general.sysrc:
    name: ifconfig_bridge0_ipv6