Overview
This is a flavour containing the nginx
load-balancing proxy with
consul
integration.
Please copy in your own nginx.conf
file, the default setup is
hard-coded example.
The flavour includes a local consul
agent instance to be available that it
can connect to (see configuration below). You can e.g. use the
consul pot
flavour on this
site to run consul
. If no consul
instance is available at first, make
sure it’s up within an hour and the certificate renewal process will restart
consul
. You can also connect to this host and service consul restart
manually.
Installation
-
Create a ZFS data set on the parent system beforehand
zfs create -o mountpoint=/mnt/nginxdata zroot/nginxdata
-
Create your local jail from the image or the flavour files.
-
Clone the local jail
-
Mount in the ZFS data set you created
pot mount-in -p <jailname> -m /mnt -d /mnt/nginxdata
-
Place your nginx.conf.in in that path
-
Adjust to your environment:
sudo pot set-env -p -E DATACENTER= -E NODENAME=
-E IP=
-E CONSULSERVERS=’’
-E VAULTSERVER= -E SERVERNAME=server_name [-E DNSFORWARDERS=<none|list of IPs>]
The CONSULSERVERS parameter defines the consul server instances, and must be set as
CONSULSERVERS='"10.0.0.2"'
orCONSULSERVERS='"10.0.0.2", "10.0.0.3", "10.0.0.4"'
orCONSULSERVERS='"10.0.0.2", "10.0.0.3", "10.0.0.4", "10.0.0.5", "10.0.0.6"'
The VAULTSERVER parameter is the IP address of the vault
server to
authenticate to, and obtain certificates from.
SERVERNAME is used in the server certificates SubjectAltName.
The DNSFORWARDERS parameter is a space delimited list of IPs to forward DNS
requests to. If set to none
or left out, no DNS forwarders are used.
Usage
To configure nginx
you must copy-in a nginx.conf
file with your specific
front-end and back-end parameters.
If you don’t copy-in your own nginx.conf
file, then please take note the
default is a webserver listening to localhost.
Persistent Storage
Persistent storage will be in the ZFS data set zroot/nginxdata, available inside the image at /mnt
If you stop the image, the data will still exist, and a new image can be started up and still use it.
If you need to change the directory parameters for the ZFS data set, adjust
the mount-in
command accordingly for the source directory as mounted by
the parent OS.
Do not adjust the image destination mount point at /mnt because nginx
is
configured to use this directory for data.
Getting Started
- Image Readme
- How To Use The Ready-Made Image
- Alternatively: Create a Jail With This Flavour Yourself
- Version History
- Manual Image Download Links
- Jenkins Pot Creation Logs
How To Use The Ready-Made Image
FreeBSD 13.0:
pot import -p nginx-consul-amd64-13_0 -t 0.1.3 -U https://potluck.honeyguide.net/nginx-consul
FreeBSD 12.3:
pot import -p nginx-consul-amd64-12_3 -t 0.1.3 -U https://potluck.honeyguide.net/nginx-consul
If you don’t want to use the default pot
bridged network configuration but instead need an individual network setup (e.g. assign a host IP address), after importing it you can simply clone the jail like that (em0 is the host network adapter in this example):
pot clone -P nginx-consul-amd64-13_0 -p my-cloned-jail -N alias -i "em0|10.10.10.10"
Note: Some images might require specific network configuration, double check the Overview-chapter at the top.
Alternatively: Create a Jail With This Flavour Yourself
1. Create Flavour Files
Save all files and directories from https://github.com/hny-gd/potluck/tree/master/nginx-consul to /usr/local/etc/pot/flavours/
2. Create Jail From Flavour
Run
pot create -b <FreeBSD Version> -p <jailname> -t single -N public-bridge -f fbsd-update
with your FreeBSD version (e.g. 12.1) and the name your jail should get.
Note: Some images might require specific network configuration, double check the Overview-chapter at the top.
Version History
0.1.3
- Add new parameter DNSFORWARDERS to allow controlling how unbound is configured
- Add reseason support to allow restarting grafana with fresh credentials
0.1.2
- Version bump for layered images
0.1.1
- Always a service server certificate
0.1.0
- Inititate new CHANGELOG
These images were built on Thu Aug 25 13:33:57 UTC 2022
Manual Image Download Links
nginx-consul-amd64-13_0_0.1.3.xz (
276.294 MB
)
nginx-consul-amd64-13_0_0.1.3.xz.skein (
0.250977 KB
)
nginx-consul-amd64-13_0_0.1.3.xz.meta (
0.0478516 KB
)
nginx-consul-amd64-12_3_0.1.3.xz (
575.914 MB
)
nginx-consul-amd64-12_3_0.1.3.xz.skein (
0.250977 KB
)
nginx-consul-amd64-12_3_0.1.3.xz.meta (
0.00195312 KB
)
Jenkins Pot Creation Logs
nginx-consul-amd64-13_0_0.1.3:
nginx-consul/nginx-consul:
copy-in -s /usr/local/etc/pot/flavours/nginx-consul.d/local -d /root/.pot_local
nginx-consul/nginx-consul.sh:
#!/bin/sh
# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
# make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
# contains the copy-in commands for the config files from <flavour>.d/
# Remember that the package directories don't exist yet, so likely copy
# to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
# Configure the config files that have been copied in where necessary
# Set this to true if this jail flavour is to be created as a nomad
# (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script
# is installed appropriately at the end of this script
RUNS_IN_NOMAD=false
# set the cook log path/filename
COOKLOG=/var/log/cook.log
# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
echo "Creating $COOKLOG" | tee -a $COOKLOG
else
echo "WARNING $COOKLOG already exists" | tee -a $COOKLOG
fi
date >> $COOKLOG
# -------------------- COMMON ---------------
STEPCOUNT=0
step() {
STEPCOUNT=$(("$STEPCOUNT" + 1))
STEP="$*"
echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}
exit_ok() {
trap - EXIT
exit 0
}
FAILED=" failed"
exit_error() {
STEP="$*"
FAILED=""
exit 1
}
set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT
# -------------- BEGIN PACKAGE SETUP -------------
step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# only modify repo if not already done in base image
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
>/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap
step "Touch /etc/rc.conf"
touch /etc/rc.conf
# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true
step "Disable sendmail"
service sendmail onedisable
step "Disable sshd"
service sshd onedisable || true
step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d
step "Update package repository"
pkg update -f
# we need consul for consul agent
step "Install package consul"
pkg install -y consul
step "Install package consul-template"
pkg install -y consul-template
step "Patching consul-template rc scripts"
sed -i '' 's/^\(start_precmd=consul_template_startprecmd\)$/\1;'\
'extra_commands=reload/' /usr/local/etc/rc.d/consul-template || true
step "Install package node_exporter"
pkg install -y node_exporter
step "Install package sudo"
pkg install -y sudo
step "Install package curl"
pkg install -y curl
step "Install package jq"
pkg install -y jq
step "Install package jo"
pkg install -y jo
step "Install package syslog-ng"
pkg install -y syslog-ng
step "Install package openssl"
pkg install -y openssl
step "Install package nginx"
pkg install -y nginx
step "Install package vault"
pkg install -y vault
step "Clean package installation"
pkg clean -y
# -------------- END PACKAGE SETUP -------------
#
# Create configurations
#
#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#
# this runs when image boots
# ----------------- BEGIN COOK ------------------
step "Clean cook artifacts"
rm -rf /usr/local/bin/cook /usr/local/share/cook
step "Install pot local"
tar -C /root/.pot_local -cf - . | tar -C /usr/local -xf -
rm -rf /root/.pot_local
step "Set file ownership on cook scripts"
chown -R root:wheel /usr/local/bin/cook /usr/local/share/cook
chmod 755 /usr/local/share/cook/bin/*
# ----------------- END COOK ------------------
# ---------- NO NEED TO EDIT BELOW ------------
step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
chmod u+x /usr/local/bin/cook
else
exit_error "there is no /usr/local/bin/cook to make executable"
fi
#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#
# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG
echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook
step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
chmod u+x /usr/local/etc/rc.d/cook
else
exit_error "/usr/local/etc/rc.d/cook does not exist"
fi
if [ "$RUNS_IN_NOMAD" != "true" ]
then
step "Enable cook service"
# This is a non-nomad (non-blocking) jail, so we need to make sure the script
# gets started when the jail is started:
# Otherwise, /usr/local/bin/cook will be set as start script by the pot
# flavour
echo "enabling cook" | tee -a $COOKLOG
service cook enable
fi
# -------------------- DONE ---------------
exit_ok
nginx-consul/nginx-consul+1:
nginx-consul/nginx-consul+1.sh:
nginx-consul/nginx-consul+2:
nginx-consul/nginx-consul+2.sh:
nginx-consul/nginx-consul+3:
nginx-consul/nginx-consul+3.sh:
nginx-consul/nginx-consul+4:
nginx-consul/nginx-consul+4.sh:
Password:=====> Create conf dir (/mnt/srv/pot/jails/nginx-consul-amd64-13_0/conf)
=====> Cloning freebsd-potluck-amd64-13_0_0_0_1 with snap
=====> clone zroot/srv/pot/jails/freebsd-potluck-amd64-13_0_0_0_1/m@1657450403 into zroot/srv/pot/jails/nginx-consul-amd64-13_0/m
=====> Flavour: nginx-consul
=====> Executing nginx-consul pot commands on nginx-consul-amd64-13_0
=====> mount /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/tmp
=====> Source /usr/local/etc/pot/flavours/nginx-consul.d/local copied in the pot nginx-consul-amd64-13_0
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/tmp
=====> /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/dev is already unmounted
=====> Starting nginx-consul-amd64-13_0 pot for the initial bootstrap
=====> mount /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===> Starting the pot nginx-consul-amd64-13_0
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:4b:f8:d3:fb:0b
inet 10.192.0.4 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Clearing /tmp (X related).
Updating motd:.
Updating /var/run/os-release done.
Creating and/or trimming log files.
Starting syslogd.
Starting sendmail_outbound.
Starting cook.
Cannot 'stop' sshd. Set sshd_enable to YES in /etc/rc.conf or use 'onestop' instead of 'stop'.
Cannot 'disable' sshd. Set sshd_enable to YES in /etc/rc.conf or use 'onedisable' instead of 'disable'.
2022-08-25T13:19:42 NODENAME is unset - see documentation to configure this flavour.
/etc/rc: WARNING: failed to start cook
Starting cron.
Thu Aug 25 13:19:42 UTC 2022
/usr/local/etc/pot/flavours/nginx-consul.sh -> /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/tmp/nginx-consul.sh
=====> Executing nginx-consul script on nginx-consul-amd64-13_0
WARNING /var/log/cook.log already exists
Step 1: Bootstrap package repo
pkg already bootstrapped at /usr/local/sbin/pkg
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_outbound disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Disable sshd
sshd disabled in /etc/rc.conf
Step 6: Create /usr/local/etc/rc.d
Step 7: Update package repository
Updating FreeBSD repository catalogue...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31623 packages processed.
All repositories are up to date.
Step 8: Install package consul
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
New version of pkg detected; it needs to be installed first.
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pkg: 1.17.5_1 -> 1.18.3
Number of packages to be upgraded: 1
8 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching pkg-1.18.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Upgrading pkg from 1.17.5_1 to 1.18.3...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting pkg-1.18.3: .......... done
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
consul: 1.11.3_2
Number of packages to be installed: 1
The process will require 85 MiB more space.
30 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching consul-1.11.3_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing consul-1.11.3_2...
===> Creating groups.
Creating group 'consul' with gid '469'.
===> Creating users
Creating user 'consul' with uid '469'.
===> Creating homedir(s)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting consul-1.11.3_2: ..... done
Step 9: Install package consul-template
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
consul-template: 0.27.2_2
Number of packages to be installed: 1
The process will require 9 MiB more space.
3 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching consul-template-0.27.2_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing consul-template-0.27.2_2...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting consul-template-0.27.2_2: ..... done
Step 10: Patching consul-template rc scripts
Step 11: Install package node_exporter
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
node_exporter: 1.3.1_2
Number of packages to be installed: 1
The process will require 11 MiB more space.
3 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching node_exporter-1.3.1_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing node_exporter-1.3.1_2...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting node_exporter-1.3.1_2: .......... done
=====
Message from node_exporter-1.3.1_2:
--
If upgrading from a version of node_exporter <0.15.0 you'll need to update any
custom command line flags that you may have set as it now requires a
double-dash (--flag) instead of a single dash (-flag).
The collector flags in 0.15.0 have now been replaced with individual boolean
flags and the -collector.procfs` and -collector.sysfs` flags have been renamed
to --path.procfs and --path.sysfs respectively.
Step 12: Install package sudo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 13: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
curl: 7.83.1 -> 7.84.0
Number of packages to be upgraded: 1
1 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching curl-7.84.0.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Upgrading curl from 7.83.1 to 7.84.0...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting curl-7.84.0: .......... done
Step 14: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 15: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 16: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 9 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
e2fsprogs-libuuid: 1.46.5
glib: 2.72.2,2
json-c: 0.16
libffi: 3.4.2
libxml2: 2.9.13_2
mpdecimal: 2.5.1
pcre: 8.45_1
python39: 3.9.13
syslog-ng: 3.37.1
Number of packages to be installed: 9
The process will require 190 MiB more space.
26 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Fetching libxml2-2.9.13_2.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Fetching mpdecimal-2.5.1.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Fetching python39-3.9.13.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Fetching pcre-8.45_1.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Fetching glib-2.72.2,2.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Fetching syslog-ng-3.37.1.pkg: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Fetching libffi-3.4.2.pkg: ...... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Fetching json-c-0.16.pkg: ......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Installing mpdecimal-2.5.1...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Extracting mpdecimal-2.5.1: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Installing libffi-3.4.2...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Extracting libffi-3.4.2: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Installing libxml2-2.9.13_2...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Extracting libxml2-2.9.13_2: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Installing python39-3.9.13...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Extracting python39-3.9.13: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Installing pcre-8.45_1...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Extracting pcre-8.45_1: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Installing glib-2.72.2,2...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Extracting glib-2.72.2,2: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Installing json-c-0.16...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Extracting json-c-0.16: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Installing e2fsprogs-libuuid-1.46.5...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Installing syslog-ng-3.37.1...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Extracting syslog-ng-3.37.1: .......... done
Generating GIO modules cache
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python39-3.9.13:
--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:
py39-gdbm databases/py-gdbm@py39
py39-sqlite3 databases/py-sqlite3@py39
py39-tkinter x11-toolkits/py-tkinter@py39
=====
Message from syslog-ng-3.37.1:
--
syslog-ng is now installed! To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:
1. Create a configuration file named /usr/local/etc/syslog-ng.conf
(a sample named syslog-ng.conf.sample has been included in
/usr/local/etc). Note that this is a change in 2.0.2
version, previous ones put the config file in
/usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
move that file in the right place
2. Configure syslog-ng to start automatically by adding the following
to /etc/rc.conf:
syslog_ng_enable="YES"
3. Prevent the standard FreeBSD syslogd from starting automatically by
adding a line to the end of your /etc/rc.conf file that reads:
syslogd_enable="NO"
4. Shut down the standard FreeBSD syslogd:
kill `cat /var/run/syslog.pid`
5. Start syslog-ng:
/usr/local/etc/rc.d/syslog-ng start
Step 17: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
openssl: 1.1.1p,1 -> 1.1.1q,1
Number of packages to be upgraded: 1
4 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1q,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Upgrading openssl from 1.1.1p,1 to 1.1.1q,1...
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1q,1: .......... done
Step 18: Install package nginx
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
nginx: 1.22.0_6,2
Number of packages to be installed: 1
The process will require 1 MiB more space.
461 KiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching nginx-1.22.0_6,2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing nginx-1.22.0_6,2...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting nginx-1.22.0_6,2: .......... done
=====
Message from nginx-1.22.0_6,2:
--
Recent version of the NGINX introduces dynamic modules support. In
FreeBSD ports tree this feature was enabled by default with the DSO
knob. Several vendor's and third-party modules have been converted
to dynamic modules. Unset the DSO knob builds an NGINX without
dynamic modules support.
To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks. When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.
Default path for the NGINX dynamic modules is
/usr/local/libexec/nginx.
Step 19: Install package vault
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
vault: 1.8.7_2
Number of packages to be installed: 1
The process will require 146 MiB more space.
52 MiB to be downloaded.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching vault-1.8.7_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing vault-1.8.7_2...
===> Creating groups.
Creating group 'vault' with gid '471'.
===> Creating users
Creating user 'vault' with uid '471'.
[nginx-consul-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting vault-1.8.7_2: ..... done
=====
Message from vault-1.8.7_2:
--
The vault user created by the vault package is now a member of the daemon
class, which will allow it to use mlock() when started by the rc script. This
will not be reflected in systems where the user already exists. Please add the
vault user to the daemon class manually by running:
pw usermod -L daemon -n vault
or delete the user and reinstall the package.
You may also need to increase memorylocked for the daemon class in
/etc/rc.conf to more than 1024M (the default) or more:
vault_limits_mlock="2048M"
Or to disable mlock, add:
disable_mlock = 1
to /usr/local/etc/vault.hcl
Step 20: Clean package installation
The following package files will be deleted:
/var/cache/pkg/zstd-1.5.2.pkg
/var/cache/pkg/gettext-runtime-0.21~3933da8903.pkg
/var/cache/pkg/libssh2-1.10.0,3~aff1c8adcf.pkg
/var/cache/pkg/bash-5.1.16.pkg
/var/cache/pkg/readline-8.1.2~29a6ae3084.pkg
/var/cache/pkg/sudo-1.9.11p3~8fbcc0ee82.pkg
/var/cache/pkg/curl-7.83.1~5bed7cccf6.pkg
/var/cache/pkg/readline-8.1.2.pkg
/var/cache/pkg/openssl-1.1.1p,1.pkg
/var/cache/pkg/rsync-3.2.3_1.pkg
/var/cache/pkg/zstd-1.5.2~aa5522d8cd.pkg
/var/cache/pkg/liblz4-1.9.3,1.pkg
/var/cache/pkg/libidn2-2.3.2.pkg
/var/cache/pkg/liblz4-1.9.3,1~d1cffb6beb.pkg
/var/cache/pkg/xxhash-0.8.1~e850ffc0a4.pkg
/var/cache/pkg/jq-1.6.pkg
/var/cache/pkg/indexinfo-0.3.1~105b7e3f3b.pkg
/var/cache/pkg/libnghttp2-1.46.0~53349257b3.pkg
/var/cache/pkg/indexinfo-0.3.1.pkg
/var/cache/pkg/ca_root_nss-3.76.pkg
/var/cache/pkg/rsync-3.2.3_1~6c5e896519.pkg
/var/cache/pkg/libidn2-2.3.2~4b4a4e19b1.pkg
/var/cache/pkg/sudo-1.9.11p3.pkg
/var/cache/pkg/nano-6.0~33ef2cc0d5.pkg
/var/cache/pkg/jo-1.6.pkg
/var/cache/pkg/bash-5.1.16~9ca26c7a67.pkg
/var/cache/pkg/jo-1.6~16239a4365.pkg
/var/cache/pkg/libiconv-1.16~1f11dd8bc1.pkg
/var/cache/pkg/gettext-runtime-0.21.pkg
/var/cache/pkg/xxhash-0.8.1.pkg
/var/cache/pkg/libunistring-1.0.pkg
/var/cache/pkg/libssh2-1.10.0,3.pkg
/var/cache/pkg/jq-1.6~e1e1aa63f6.pkg
/var/cache/pkg/libiconv-1.16.pkg
/var/cache/pkg/curl-7.83.1.pkg
/var/cache/pkg/libpsl-0.21.1_3~20c3395f93.pkg
/var/cache/pkg/oniguruma-6.9.7.1.pkg
/var/cache/pkg/nano-6.0.pkg
/var/cache/pkg/openssl-1.1.1p,1~c749a35c56.pkg
/var/cache/pkg/libunistring-1.0~8bc4bcd2cc.pkg
/var/cache/pkg/libnghttp2-1.46.0.pkg
/var/cache/pkg/libpsl-0.21.1_3.pkg
/var/cache/pkg/oniguruma-6.9.7.1~2469b6c5d1.pkg
/var/cache/pkg/ca_root_nss-3.76~b535a2070d.pkg
The cleanup will free 13 MiB
Deleting files: .......... done
All done
Step 21: Clean cook artifacts
Step 22: Install pot local
Step 23: Set file ownership on cook scripts
Step 24: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 25: Create rc.d script to start cook
creating rc.d script to start cook
Step 26: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 27: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====> Stop the pot nginx-consul-amd64-13_0
=====> Remove epair0[a|b] network interfaces
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/tmp
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-13_0/m/dev
=====> Flavour: nginx-consul+1
=====> Executing nginx-consul+1 pot commands on nginx-consul-amd64-13_0
=====> No shell script available for the flavour nginx-consul+1
=====> Flavour: nginx-consul+2
=====> Executing nginx-consul+2 pot commands on nginx-consul-amd64-13_0
=====> No shell script available for the flavour nginx-consul+2
=====> Flavour: nginx-consul+3
=====> Executing nginx-consul+3 pot commands on nginx-consul-amd64-13_0
=====> No shell script available for the flavour nginx-consul+3
=====> Flavour: nginx-consul+4
=====> Executing nginx-consul+4 pot commands on nginx-consul-amd64-13_0
=====> No shell script available for the flavour nginx-consul+4
nginx-consul-amd64-12_3_0.1.3:
nginx-consul/nginx-consul:
copy-in -s /usr/local/etc/pot/flavours/nginx-consul.d/local -d /root/.pot_local
nginx-consul/nginx-consul.sh:
#!/bin/sh
# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
# make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
# contains the copy-in commands for the config files from <flavour>.d/
# Remember that the package directories don't exist yet, so likely copy
# to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
# Configure the config files that have been copied in where necessary
# Set this to true if this jail flavour is to be created as a nomad
# (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script
# is installed appropriately at the end of this script
RUNS_IN_NOMAD=false
# set the cook log path/filename
COOKLOG=/var/log/cook.log
# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
echo "Creating $COOKLOG" | tee -a $COOKLOG
else
echo "WARNING $COOKLOG already exists" | tee -a $COOKLOG
fi
date >> $COOKLOG
# -------------------- COMMON ---------------
STEPCOUNT=0
step() {
STEPCOUNT=$(("$STEPCOUNT" + 1))
STEP="$*"
echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}
exit_ok() {
trap - EXIT
exit 0
}
FAILED=" failed"
exit_error() {
STEP="$*"
FAILED=""
exit 1
}
set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT
# -------------- BEGIN PACKAGE SETUP -------------
step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# only modify repo if not already done in base image
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
>/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap
step "Touch /etc/rc.conf"
touch /etc/rc.conf
# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true
step "Disable sendmail"
service sendmail onedisable
step "Disable sshd"
service sshd onedisable || true
step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d
step "Update package repository"
pkg update -f
# we need consul for consul agent
step "Install package consul"
pkg install -y consul
step "Install package consul-template"
pkg install -y consul-template
step "Patching consul-template rc scripts"
sed -i '' 's/^\(start_precmd=consul_template_startprecmd\)$/\1;'\
'extra_commands=reload/' /usr/local/etc/rc.d/consul-template || true
step "Install package node_exporter"
pkg install -y node_exporter
step "Install package sudo"
pkg install -y sudo
step "Install package curl"
pkg install -y curl
step "Install package jq"
pkg install -y jq
step "Install package jo"
pkg install -y jo
step "Install package syslog-ng"
pkg install -y syslog-ng
step "Install package openssl"
pkg install -y openssl
step "Install package nginx"
pkg install -y nginx
step "Install package vault"
pkg install -y vault
step "Clean package installation"
pkg clean -y
# -------------- END PACKAGE SETUP -------------
#
# Create configurations
#
#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#
# this runs when image boots
# ----------------- BEGIN COOK ------------------
step "Clean cook artifacts"
rm -rf /usr/local/bin/cook /usr/local/share/cook
step "Install pot local"
tar -C /root/.pot_local -cf - . | tar -C /usr/local -xf -
rm -rf /root/.pot_local
step "Set file ownership on cook scripts"
chown -R root:wheel /usr/local/bin/cook /usr/local/share/cook
chmod 755 /usr/local/share/cook/bin/*
# ----------------- END COOK ------------------
# ---------- NO NEED TO EDIT BELOW ------------
step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
chmod u+x /usr/local/bin/cook
else
exit_error "there is no /usr/local/bin/cook to make executable"
fi
#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#
# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG
echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook
step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
chmod u+x /usr/local/etc/rc.d/cook
else
exit_error "/usr/local/etc/rc.d/cook does not exist"
fi
if [ "$RUNS_IN_NOMAD" != "true" ]
then
step "Enable cook service"
# This is a non-nomad (non-blocking) jail, so we need to make sure the script
# gets started when the jail is started:
# Otherwise, /usr/local/bin/cook will be set as start script by the pot
# flavour
echo "enabling cook" | tee -a $COOKLOG
service cook enable
fi
# -------------------- DONE ---------------
exit_ok
nginx-consul/nginx-consul+1:
nginx-consul/nginx-consul+1.sh:
nginx-consul/nginx-consul+2:
nginx-consul/nginx-consul+2.sh:
nginx-consul/nginx-consul+3:
nginx-consul/nginx-consul+3.sh:
nginx-consul/nginx-consul+4:
nginx-consul/nginx-consul+4.sh:
Password:===> Creating a new pot
===> pot name : nginx-consul-amd64-12_3
===> type : single
===> base : 12.3
===> pot_base :
===> level : 0
===> network-type : public-bridge
===> network-stack: ipv4
===> ip : 10.192.0.5
===> bridge :
===> dns : inherit
===> flavours : fbsd-update nginx-consul nginx-consul+1 nginx-consul+2 nginx-consul+3 nginx-consul+4
===> Fetching FreeBSD 12.3
===> Extract the tarball
=====> Flavour: fbsd-update
=====> Starting nginx-consul-amd64-12_3 pot for the initial bootstrap
=====> mount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
defaultrouter: NO -> 10.192.0.1
===> Starting the pot nginx-consul-amd64-12_3
Generating host.conf.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:fe:bf:cf:c4:0b
inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Thu Aug 25 13:23:36 UTC 2022
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp/fbsd-update.sh
=====> Executing fbsd-update script on nginx-consul-amd64-12_3
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 12.3-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 44 patches.....10....20....30....40.. done.
Applying patches... done.
The following files will be added as part of updating to
12.3-RELEASE-p6:
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
12.3-RELEASE-p6:
/bin/freebsd-version
/lib/libalias.so.7
/lib/libcrypto.so.111
/lib/libz.so.6
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/usr/bin/c++
/usr/bin/cc
/usr/bin/clang
/usr/bin/clang++
/usr/bin/clang-cpp
/usr/bin/cpp
/usr/bin/ld.lld
/usr/include/net80211/ieee80211_input.h
/usr/lib/libalias.a
/usr/lib/libalias_p.a
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libz.a
/usr/lib/libz_p.a
/usr/sbin/bhyve
/usr/sbin/freebsd-update
/usr/share/zoneinfo/Africa/Accra
/usr/share/zoneinfo/America/Anguilla
/usr/share/zoneinfo/America/Antigua
/usr/share/zoneinfo/America/Aruba
/usr/share/zoneinfo/America/Atikokan
/usr/share/zoneinfo/America/Barbados
/usr/share/zoneinfo/America/Blanc-Sablon
/usr/share/zoneinfo/America/Coral_Harbour
/usr/share/zoneinfo/America/Creston
/usr/share/zoneinfo/America/Curacao
/usr/share/zoneinfo/America/Dominica
/usr/share/zoneinfo/America/Grenada
/usr/share/zoneinfo/America/Guadeloupe
/usr/share/zoneinfo/America/Guyana
/usr/share/zoneinfo/America/Kralendijk
/usr/share/zoneinfo/America/Lower_Princes
/usr/share/zoneinfo/America/Marigot
/usr/share/zoneinfo/America/Montserrat
/usr/share/zoneinfo/America/Nassau
/usr/share/zoneinfo/America/Port_of_Spain
/usr/share/zoneinfo/America/Punta_Arenas
/usr/share/zoneinfo/America/Santiago
/usr/share/zoneinfo/America/St_Barthelemy
/usr/share/zoneinfo/America/St_Kitts
/usr/share/zoneinfo/America/St_Lucia
/usr/share/zoneinfo/America/St_Thomas
/usr/share/zoneinfo/America/St_Vincent
/usr/share/zoneinfo/America/Tortola
/usr/share/zoneinfo/America/Virgin
/usr/share/zoneinfo/Antarctica/DumontDUrville
/usr/share/zoneinfo/Antarctica/Syowa
/usr/share/zoneinfo/Asia/Gaza
/usr/share/zoneinfo/Asia/Hebron
/usr/share/zoneinfo/Atlantic/Azores
/usr/share/zoneinfo/Atlantic/Madeira
/usr/share/zoneinfo/Chile/Continental
/usr/share/zoneinfo/Europe/Kiev
/usr/share/zoneinfo/Europe/Lisbon
/usr/share/zoneinfo/Europe/Simferopol
/usr/share/zoneinfo/Europe/Uzhgorod
/usr/share/zoneinfo/Europe/Zaporozhye
/usr/share/zoneinfo/Pacific/Enderbury
/usr/share/zoneinfo/Pacific/Niue
/usr/share/zoneinfo/Pacific/Rarotonga
/usr/share/zoneinfo/Pacific/Tongatapu
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
done.
=====> Stop the pot nginx-consul-amd64-12_3
=====> Remove epair0[a|b] network interfaces
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/dev
=====> Flavour: nginx-consul
=====> Executing nginx-consul pot commands on nginx-consul-amd64-12_3
=====> mount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
=====> Source /usr/local/etc/pot/flavours/nginx-consul.d/local copied in the pot nginx-consul-amd64-12_3
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
=====> /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/dev is already unmounted
=====> Starting nginx-consul-amd64-12_3 pot for the initial bootstrap
=====> mount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===> Starting the pot nginx-consul-amd64-12_3
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:1d:7c:b9:0d:0b
inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Thu Aug 25 13:24:42 UTC 2022
/usr/local/etc/pot/flavours/nginx-consul.sh -> /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp/nginx-consul.sh
=====> Executing nginx-consul script on nginx-consul-amd64-12_3
Creating /var/log/cook.log
Step 1: Bootstrap package repo
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.18.3...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.18.3: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Disable sshd
sshd disabled in /etc/rc.conf
Step 6: Create /usr/local/etc/rc.d
Step 7: Update package repository
Updating FreeBSD repository catalogue...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31691 packages processed.
All repositories are up to date.
Step 8: Install package consul
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Updating database digests format: . done
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
consul: 1.11.3_2
Number of packages to be installed: 1
The process will require 85 MiB more space.
30 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching consul-1.11.3_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing consul-1.11.3_2...
===> Creating groups.
Creating group 'consul' with gid '469'.
===> Creating users
Creating user 'consul' with uid '469'.
===> Creating homedir(s)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting consul-1.11.3_2: ..... done
Step 9: Install package consul-template
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
consul-template: 0.27.2_2
Number of packages to be installed: 1
The process will require 9 MiB more space.
3 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching consul-template-0.27.2_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing consul-template-0.27.2_2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting consul-template-0.27.2_2: ..... done
Step 10: Patching consul-template rc scripts
Step 11: Install package node_exporter
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
node_exporter: 1.3.1_2
Number of packages to be installed: 1
The process will require 11 MiB more space.
3 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching node_exporter-1.3.1_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing node_exporter-1.3.1_2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting node_exporter-1.3.1_2: .......... done
=====
Message from node_exporter-1.3.1_2:
--
If upgrading from a version of node_exporter <0.15.0 you'll need to update any
custom command line flags that you may have set as it now requires a
double-dash (--flag) instead of a single dash (-flag).
The collector flags in 0.15.0 have now been replaced with individual boolean
flags and the -collector.procfs` and -collector.sysfs` flags have been renamed
to --path.procfs and --path.sysfs respectively.
Step 12: Install package sudo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 3 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
gettext-runtime: 0.21
indexinfo: 0.3.1
sudo: 1.9.11p3
Number of packages to be installed: 3
The process will require 8 MiB more space.
2 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching indexinfo-0.3.1.pkg: . done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching sudo-1.9.11p3.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching gettext-runtime-0.21.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Installing indexinfo-0.3.1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting indexinfo-0.3.1: .... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Installing gettext-runtime-0.21...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting gettext-runtime-0.21: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Installing sudo-1.9.11p3...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting sudo-1.9.11p3: .......... done
Step 13: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 7 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
ca_root_nss: 3.78
curl: 7.84.0
libidn2: 2.3.2
libnghttp2: 1.48.0
libpsl: 0.21.1_4
libssh2: 1.10.0,3
libunistring: 1.0
Number of packages to be installed: 7
The process will require 10 MiB more space.
3 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/7] Fetching libnghttp2-1.48.0.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/7] Fetching libidn2-2.3.2.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/7] Fetching libunistring-1.0.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/7] Fetching libssh2-1.10.0,3.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/7] Fetching libpsl-0.21.1_4.pkg: ........ done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/7] Fetching curl-7.84.0.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/7] Fetching ca_root_nss-3.78.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/7] Installing libunistring-1.0...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/7] Extracting libunistring-1.0: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/7] Installing libidn2-2.3.2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/7] Extracting libidn2-2.3.2: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/7] Installing libnghttp2-1.48.0...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/7] Extracting libnghttp2-1.48.0: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/7] Installing libssh2-1.10.0,3...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/7] Extracting libssh2-1.10.0,3: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/7] Installing libpsl-0.21.1_4...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/7] Extracting libpsl-0.21.1_4: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/7] Installing ca_root_nss-3.78...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/7] Extracting ca_root_nss-3.78: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/7] Installing curl-7.84.0...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/7] Extracting curl-7.84.0: .......... done
=====
Message from ca_root_nss-3.78:
--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.
Assessment and verification of trust is the complete responsibility of the
system administrator.
This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.
This enables SSL Certificate Verification by client software without manual
intervention.
If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.
* /etc/ssl/cert.pem
* /usr/local/etc/ssl/cert.pem
* /usr/local/openssl/cert.pem
Step 14: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
jq: 1.6
oniguruma: 6.9.8_1
Number of packages to be installed: 2
The process will require 2 MiB more space.
493 KiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching jq-1.6.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching oniguruma-6.9.8_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing oniguruma-6.9.8_1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting oniguruma-6.9.8_1: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing jq-1.6...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting jq-1.6: .......... done
Step 15: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
jo: 1.6
Number of packages to be installed: 1
20 KiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching jo-1.6.pkg: ... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing jo-1.6...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting jo-1.6: ....... done
Step 16: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 11 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
e2fsprogs-libuuid: 1.46.5
glib: 2.72.2,2
json-c: 0.16
libffi: 3.4.2
libiconv: 1.16
libxml2: 2.9.13_2
mpdecimal: 2.5.1
pcre: 8.45_1
python39: 3.9.13
readline: 8.1.2
syslog-ng: 3.37.1
Number of packages to be installed: 11
The process will require 194 MiB more space.
27 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/11] Fetching libxml2-2.9.13_2.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/11] Fetching mpdecimal-2.5.1.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/11] Fetching python39-3.9.13.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/11] Fetching pcre-8.45_1.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/11] Fetching glib-2.72.2,2.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/11] Fetching syslog-ng-3.37.1.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/11] Fetching libffi-3.4.2.pkg: ...... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/11] Fetching readline-8.1.2.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/11] Fetching libiconv-1.16.pkg: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/11] Fetching json-c-0.16.pkg: ........ done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/11] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/11] Installing mpdecimal-2.5.1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/11] Extracting mpdecimal-2.5.1: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/11] Installing libffi-3.4.2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/11] Extracting libffi-3.4.2: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/11] Installing readline-8.1.2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/11] Extracting readline-8.1.2: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/11] Installing libxml2-2.9.13_2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/11] Extracting libxml2-2.9.13_2: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/11] Installing python39-3.9.13...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/11] Extracting python39-3.9.13: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/11] Installing pcre-8.45_1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/11] Extracting pcre-8.45_1: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/11] Installing libiconv-1.16...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/11] Extracting libiconv-1.16: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/11] Installing glib-2.72.2,2...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/11] Extracting glib-2.72.2,2: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/11] Installing json-c-0.16...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/11] Extracting json-c-0.16: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/11] Installing e2fsprogs-libuuid-1.46.5...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [10/11] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/11] Installing syslog-ng-3.37.1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [11/11] Extracting syslog-ng-3.37.1: .......... done
Generating GIO modules cache
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python39-3.9.13:
--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:
py39-gdbm databases/py-gdbm@py39
py39-sqlite3 databases/py-sqlite3@py39
py39-tkinter x11-toolkits/py-tkinter@py39
=====
Message from syslog-ng-3.37.1:
--
syslog-ng is now installed! To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:
1. Create a configuration file named /usr/local/etc/syslog-ng.conf
(a sample named syslog-ng.conf.sample has been included in
/usr/local/etc). Note that this is a change in 2.0.2
version, previous ones put the config file in
/usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
move that file in the right place
2. Configure syslog-ng to start automatically by adding the following
to /etc/rc.conf:
syslog_ng_enable="YES"
3. Prevent the standard FreeBSD syslogd from starting automatically by
adding a line to the end of your /etc/rc.conf file that reads:
syslogd_enable="NO"
4. Shut down the standard FreeBSD syslogd:
kill `cat /var/run/syslog.pid`
5. Start syslog-ng:
/usr/local/etc/rc.d/syslog-ng start
Step 17: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
openssl: 1.1.1q,1
Number of packages to be installed: 1
The process will require 14 MiB more space.
4 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1q,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing openssl-1.1.1q,1...
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1q,1: .......... done
Step 18: Install package nginx
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
nginx: 1.22.0_6,2
Number of packages to be installed: 1
The process will require 1 MiB more space.
457 KiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching nginx-1.22.0_6,2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing nginx-1.22.0_6,2...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting nginx-1.22.0_6,2: .......... done
=====
Message from nginx-1.22.0_6,2:
--
Recent version of the NGINX introduces dynamic modules support. In
FreeBSD ports tree this feature was enabled by default with the DSO
knob. Several vendor's and third-party modules have been converted
to dynamic modules. Unset the DSO knob builds an NGINX without
dynamic modules support.
To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks. When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.
Default path for the NGINX dynamic modules is
/usr/local/libexec/nginx.
Step 19: Install package vault
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
vault: 1.8.7_2
Number of packages to be installed: 1
The process will require 146 MiB more space.
52 MiB to be downloaded.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching vault-1.8.7_2.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing vault-1.8.7_2...
===> Creating groups.
Creating group 'vault' with gid '471'.
===> Creating users
Creating user 'vault' with uid '471'.
[nginx-consul-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting vault-1.8.7_2: ..... done
=====
Message from vault-1.8.7_2:
--
The vault user created by the vault package is now a member of the daemon
class, which will allow it to use mlock() when started by the rc script. This
will not be reflected in systems where the user already exists. Please add the
vault user to the daemon class manually by running:
pw usermod -L daemon -n vault
or delete the user and reinstall the package.
You may also need to increase memorylocked for the daemon class in
/etc/rc.conf to more than 1024M (the default) or more:
vault_limits_mlock="2048M"
Or to disable mlock, add:
disable_mlock = 1
to /usr/local/etc/vault.hcl
Step 20: Clean package installation
Nothing to do.
Step 21: Clean cook artifacts
Step 22: Install pot local
Step 23: Set file ownership on cook scripts
Step 24: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 25: Create rc.d script to start cook
creating rc.d script to start cook
Step 26: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 27: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====> Stop the pot nginx-consul-amd64-12_3
=====> Remove epair0[a|b] network interfaces
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/tmp
=====> unmount /mnt/srv/pot/jails/nginx-consul-amd64-12_3/m/dev
=====> Flavour: nginx-consul+1
=====> Executing nginx-consul+1 pot commands on nginx-consul-amd64-12_3
=====> No shell script available for the flavour nginx-consul+1
=====> Flavour: nginx-consul+2
=====> Executing nginx-consul+2 pot commands on nginx-consul-amd64-12_3
=====> No shell script available for the flavour nginx-consul+2
=====> Flavour: nginx-consul+3
=====> Executing nginx-consul+3 pot commands on nginx-consul-amd64-12_3
=====> No shell script available for the flavour nginx-consul+3
=====> Flavour: nginx-consul+4
=====> Executing nginx-consul+4 pot commands on nginx-consul-amd64-12_3
=====> No shell script available for the flavour nginx-consul+4