fixes:

- finally fixed pf.conf
- got Bastillefile working (sshd_config missing yet)
- re-activated network role to set net variables
- fixed make [all]
- use hetzner volume for jail home
- use ramdisk for /tmp inside jail

roles/pubnix/tasks/main.yaml

@@ -6,9 +6,9 @@
     recurse: yes
 
 - name: copy template config files
-  copy:
-    src: Bastillefile
-    dest: "/usr/local/bastille/templates/services/{{ role_name }}/"
+  template:
+    src: Bastillefile.j2
+    dest: "/usr/local/bastille/templates/services/{{ role_name }}/Bastillefile"
 
 - name: create config path
   file:
@@ -21,17 +21,14 @@
     src: sshd_config
     dest: "/usr/local/bastille/templates/services/{{ role_name }}/etc/ssh/"
 
-- name: create data/home dataset
-  community.general.zfs:
-    name: zroot/home
-    state: present
-    extra_zfs_properties:
-      mountpoint: /data/home
+# - name: create data/home dataset
+#   community.general.zfs:
+#     name: zroot/home
+#     state: present
+#     extra_zfs_properties:
+#       mountpoint: /data/home
+
 
-- name: determine ipv6 address
-  shell: ifconfig {{ netif.primary }} inet6 | awk '{ if (/2a01/) { sub(/::.$/, "::2", $2); print $2 }}'
-  register: jailip
-      
 - name: create jail
   shell: "bastille create -B {{ role_name }} {{ release }} {{ jailip.stdout }}/64 bridge0"
   args: