fixed bootstrap of chat jail, added rctl limit config stuff

roles/chat/files/devzat

@@ -13,7 +13,7 @@ devzat_user="nobody"
 devzat_command="/usr/local/sbin/devzat"
 pidfile="/tmp/${name}.pid"
 command="/usr/sbin/daemon"
-command_args="-P ${pidfile} ${devzat_command}"
+command_args="-P ${pidfile} -c ${devzat_command}"
 devzat_config="/usr/local/etc/devzat.yml"
 
 load_rc_config $name

roles/chat/tasks/main.yaml

@@ -34,7 +34,9 @@
     - usr/local/sbin
 
 - name: copy devzat binary
-  shell: install -m 755 /tmp/devzat/devzat /usr/local/bastille/templates/services/{{ role_name }}/usr/local/sbin/devzat
+  shell: |
+    install -m 755 /tmp/devzat/devzat /usr/local/bastille/templates/services/{{ role_name }}/usr/local/sbin/devzat
+    touch /tmp/.ansible.devzat
   args:
     creates: "/tmp/.ansible.devzat"
   
@@ -58,9 +60,11 @@
   shell: bastille start {{ role_name }} || true
 
 - name: template jail
-  shell: "bastille template {{ role_name }} services/{{ role_name }}"
+  shell: |
+    bastille template {{ role_name }} services/{{ role_name }}
+    touch /tmp/.ansible.devzattemplate
   args:
     # FIXME: might make it impossible to update, on the other hand w/o
     # it this command fails with "devzat binary busy" when the jail is
     # already running, since go binaries do not fork.
-    creates: "/tmp/.ansible.devzattemplate"
+    creates: /tmp/.ansible.devzattemplate

roles/chat/templates/Bastillefile.j2

@@ -6,7 +6,7 @@ SYSRC tmpmfs=AUTO
 SYSRC clear_tmp_enable=YES
 SYSRC devzat_enable=YES
 
-CMD if test -l /home; then rm /home; fi
+CMD if test -L /home; then rm /home; fi
 CMD mkdir -p /home
 FSTAB /home home nullfs rw 0 0