mirror of
https://github.com/JRGTH/xigmanas-bastille-extension.git
synced 2025-12-11 17:31:09 +01:00
Check/update bastille config parameters on runtime
This commit is contained in:
JRGTH
@@ -3,6 +3,7 @@
|
|||||||
======================
|
======================
|
||||||
Version Description
|
Version Description
|
||||||
|
|
||||||
|
1.2.21......Check/update bastille config parameters on runtime.
|
||||||
1.2.20......Allow install in zroot platform with optional zfs dataset.
|
1.2.20......Allow install in zroot platform with optional zfs dataset.
|
||||||
1.2.19......Fix typo in tarballs page and cleanup, thanks to Lux.
|
1.2.19......Fix typo in tarballs page and cleanup, thanks to Lux.
|
||||||
1.2.18......Fix typo in tarballs download page, thanks to Lux.
|
1.2.18......Fix typo in tarballs download page, thanks to Lux.
|
||||||
|
|||||||
30
bastille-init
Executable file → Normal file
30
bastille-init
Executable file → Normal file
@@ -122,7 +122,7 @@ if [ "${bastille_zfs_enable}" = "YES" ] || [ "${bastille_zfs_enable}" = "yes" ];
|
|||||||
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | grep -q "/${ZROOT}"; then
|
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | grep -q "/${ZROOT}"; then
|
||||||
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM="/${ZROOT}"
|
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM="/${ZROOT}"
|
||||||
CWDIR_TRIM=$(echo "${CWDIR}" | sed "s|/mnt/||;s|/${DAFAULT_BASTILLE_PREFIX}||")
|
CWDIR_TRIM=$(echo "${CWDIR}" | sed "s|/mnt/||;s|/${DAFAULT_BASTILLE_PREFIX}||")
|
||||||
if zfs get -H -o value mountpoint "${ZROOT}/${CWDIR_TRIM}"; then
|
if zfs get -H -o value mountpoint "${ZROOT}/${CWDIR_TRIM}" >/dev/null 2>&1; then
|
||||||
CWDIR_TRIM="/${ZROOT}"
|
CWDIR_TRIM="/${ZROOT}"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@@ -1417,7 +1417,10 @@ update_config()
|
|||||||
{
|
{
|
||||||
# Update config based on minimum version.
|
# Update config based on minimum version.
|
||||||
|
|
||||||
# Network parameters.
|
# Update network parameters.
|
||||||
|
if grep -qw 'bastille_jail_loopback=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sed -i '' 's/bastille_jail_loopback=/bastille_network_loopback=/' ${INSTALLPATH}/${BASTILLECONF}
|
||||||
|
fi
|
||||||
if grep -qw 'bastille_jail_loopback=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if grep -qw 'bastille_jail_loopback=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sed -i '' 's/bastille_jail_loopback=/bastille_network_loopback=/' ${INSTALLPATH}/${BASTILLECONF}
|
sed -i '' 's/bastille_jail_loopback=/bastille_network_loopback=/' ${INSTALLPATH}/${BASTILLECONF}
|
||||||
fi
|
fi
|
||||||
@@ -1427,6 +1430,8 @@ update_config()
|
|||||||
if grep -qw 'bastille_jail_gateway=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if grep -qw 'bastille_jail_gateway=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sed -i '' 's/bastille_jail_gateway=/bastille_network_gateway=/' ${INSTALLPATH}/${BASTILLECONF}
|
sed -i '' 's/bastille_jail_gateway=/bastille_network_gateway=/' ${INSTALLPATH}/${BASTILLECONF}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Fetch parameters.
|
||||||
if ! grep -qw 'bastille_url_freebsd=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_url_freebsd=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_url_freebsd="${URL_FREEBSD}"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_url_freebsd="${URL_FREEBSD}"
|
||||||
fi
|
fi
|
||||||
@@ -1437,17 +1442,30 @@ update_config()
|
|||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_url_midnightbsd="${URL_MIDNIGHTBSD}"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_url_midnightbsd="${URL_MIDNIGHTBSD}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check/append network parameters.
|
||||||
|
if ! grep -qw 'bastille_network_vnet_type=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_vnet_type="if_bridge"
|
||||||
|
fi
|
||||||
|
if ! grep -qw 'bastille_network_loopback=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_loopback=""
|
||||||
|
fi
|
||||||
if ! grep -qw 'bastille_network_pf_ext_if=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_network_pf_ext_if=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_pf_ext_if="ext_if"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_pf_ext_if="ext_if"
|
||||||
fi
|
fi
|
||||||
if ! grep -qw 'bastille_network_pf_table=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_network_pf_table=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_pf_table="jails"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_pf_table="jails"
|
||||||
fi
|
fi
|
||||||
|
if ! grep -qw 'bastille_network_shared=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_shared=""
|
||||||
|
fi
|
||||||
|
if ! grep -qw 'bastille_network_gateway=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_gateway=""
|
||||||
|
fi
|
||||||
if ! grep -qw 'bastille_network_gateway6=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_network_gateway6=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_gateway6=""
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_network_gateway6=""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Template parameters.
|
# Check/append template parameters.
|
||||||
if ! grep -qw 'bastille_template_base=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_template_base=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_base="default/base"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_base="default/base"
|
||||||
fi
|
fi
|
||||||
@@ -1457,12 +1475,18 @@ update_config()
|
|||||||
if ! grep -qw 'bastille_template_thick=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_template_thick=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_thick="default/thick"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_thick="default/thick"
|
||||||
fi
|
fi
|
||||||
|
if ! grep -qw 'bastille_template_clone=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_clone="default/clone"
|
||||||
|
fi
|
||||||
if ! grep -qw 'bastille_template_thin=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_template_thin=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_thin="default/thin"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_thin="default/thin"
|
||||||
fi
|
fi
|
||||||
if ! grep -qw 'bastille_template_vnet=' ${INSTALLPATH}/${BASTILLECONF}; then
|
if ! grep -qw 'bastille_template_vnet=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_vnet="default/vnet"
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_vnet="default/vnet"
|
||||||
fi
|
fi
|
||||||
|
if ! grep -qw 'bastille_template_vlan=' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_template_vlan="default/vlan"
|
||||||
|
fi
|
||||||
|
|
||||||
# Remove deprecated parameters based on minimum version.
|
# Remove deprecated parameters based on minimum version.
|
||||||
if grep -qw 'bastille_jail_interface' ${INSTALLPATH}/${BASTILLECONF}; then
|
if grep -qw 'bastille_jail_interface' ${INSTALLPATH}/${BASTILLECONF}; then
|
||||||
|
|||||||
Reference in New Issue
Block a user