Nginx-rsync-ssh

Overview

This is a development flavour containing the nginx webserver, along with acme.sh, openssl, rsync and ssh.

It has been put together specifically for use in custom images and you MUST copy in files and set the parameter to 1 to enable:

  • sshd_config
  • authorized_keys
  • nginx.conf
  • rsyncd.conf
  • setup.sh
  • postsetup.sh

You can adjust this flavour and rebuild your own pot image if you have other requirements.

Installation

  • Create a ZFS data set on the parent system beforehand, for example: zfs create -o mountpoint=/mnt/<name> zroot/jaildata_<name>
  • Create your local jail from the image or the flavour files.
  • Clone the local jail
  • Mount in the ZFS data set you created:
    pot mount-in -p <jailname> -d <src> -m <dest>
  • Optionally copy in SSH authorized_keys file:
    pot copy-in -p <jailname> -s /path/to/authorized_keys -d /root/authorized_keys_in
  • Optionally copy in SSH sshd_config file:
    pot copy-in -p <jailname> -s /path/to/sshd_config -d /root/sshd_config_in
  • Optionally copy in nginx.conf file:
    pot copy-in -p <jailname> -s /path/to/nginx.conf -d /root/nginx.conf
  • Optionally copy in rsyncd.conf file:
    pot copy-in -p <jailname> -s /path/to/rsyncd.conf -d /root/rsyncd.conf
  • Optionally copy in setup.sh file for early commands to run:
    pot copy-in -p <jailname> -s /path/to/setup.sh -d /root/setup.sh
  • Optionally copy in postsetup.sh file for late commands to run after services are setup:
    pot copy-in -p <jailname> -s /path/to/postsetup.sh -d /root/postsetup.sh
  • Optionally export the ports after creating the jail:
    pot export-ports -p <jailname> -e 80:80
  • Adjust to your environment:
    sudo pot set-env -p <jailname> \
     -E SETUPSCRIPT=<1 | 0 default> \
     -E IMPORTAUTHKEY=<1 | 0 default> \
     -E IMPORTSSH=<1 | 0 default> \
     -E IMPORTNGINX=<1 | 0 default> \
     -E IMPORTRSYNC=<1 | 0 default> \
     -E POSTSCRIPT=<1 | 0 default>
     [ -E REMOTELOG=<IP of syslog-ng server> ]
    

SETUPSCRIPT will run copied-in /root/setup.sh when set to 1. You can set custom commands here like creating directories needed for nginx.

IMPORTAUTHKEY will add copied-in /root/authorized_keys_in to /root/.ssh/authorized_keys when set to 1.

IMPORTSSH will add copied-in /root/sshd_config_in to /etc/sshd/sshd_config when set to 1. You can specify a custom sshd_config this way.

IMPORTNGINX will add copied-in /root/nginx.conf to /usr/local/etc/nginx/nginx.conf when set to 1. You can specify a custom nginx.conf this way.

IMPORTRSYNC will add copied-in /root/rsyncd.conf to /usr/local/etc/rsync/rsyncd.conf when set to 1. You can specify a custom rsyncd.conf this way.

POSTSCRIPT will run copied-in /root/postsetup.sh when set to 1. You can add additional commands to run to a script postsetup.sh here, which run AFTER all the services have been setup.

REMOTELOG is an optional parameter for a remote syslog service, such as via the loki or beast-of-argh images on potluck site.

Usage

To access nginx:

  • http://hostname

Persistent storage

To use persistent storage make sure to mount-in a pre-configured data set to the applicable directory.

Getting Started

How To Use The Ready-Made Image

FreeBSD 13.0:
pot import -p nginx-rsync-ssh-amd64-13_0 -t 0.0.6 -U https://potluck.honeyguide.net/nginx-rsync-ssh

FreeBSD 12.3:
pot import -p nginx-rsync-ssh-amd64-12_3 -t 0.0.6 -U https://potluck.honeyguide.net/nginx-rsync-ssh

If you don’t want to use the default pot bridged network configuration but instead need an individual network setup (e.g. assign a host IP address), after importing it you can simply clone the jail like that (em0 is the host network adapter in this example):
pot clone -P nginx-rsync-ssh-amd64-13_0 -p my-cloned-jail -N alias -i "em0|10.10.10.10"

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Alternatively: Create a Jail With This Flavour Yourself

1. Create Flavour Files

Save all files and directories from https://github.com/hny-gd/potluck/tree/master/nginx-rsync-ssh to /usr/local/etc/pot/flavours/

2. Create Jail From Flavour

Run
pot create -b <FreeBSD Version> -p <jailname> -t single -N public-bridge -f fbsd-update

with your FreeBSD version (e.g. 12.1) and the name your jail should get.

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Version History

0.0.6

  • Fixing goaccess conf parameter as not working. Using custom goaccess.conf now.

0.0.5

  • Adding syslog-ng and remote logging

0.0.4

  • Fixing goaccess.conf error as installs to /usr/local/etc instead of /usr/local/etc/goaccess

0.0.3

  • Header and tags fixes

0.0.2

  • Typos and README fixes

0.0.1

  • Standard image with nginx, rsync, ssh all requiring files be copied in

0.0.0

  • Initiate file

These images were built on Fri Apr 29 20:19:06 UTC 2022

Manual Image Download Links

nginx-rsync-ssh-amd64-13_0_0.0.6.xz ( 364.626 MB )
nginx-rsync-ssh-amd64-13_0_0.0.6.xz.skein ( 0.250977 KB ) nginx-rsync-ssh-amd64-13_0_0.0.6.xz.meta ( 0.00195312 KB )

nginx-rsync-ssh-amd64-12_3_0.0.6.xz ( 410.112 MB )
nginx-rsync-ssh-amd64-12_3_0.0.6.xz.skein ( 0.250977 KB ) nginx-rsync-ssh-amd64-12_3_0.0.6.xz.meta ( 0.00195312 KB )

Jenkins Pot Creation Logs

nginx-rsync-ssh-amd64-13_0_0.0.6:


nginx-rsync-ssh/nginx-rsync-ssh:
copy-in -s /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/syslog-ng.conf.in -d /root/syslog-ng.conf.in
copy-in -s /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/goaccess.conf.in -d /root/goaccess.conf.in
nginx-rsync-ssh/nginx-rsync-ssh.sh:
#!/bin/sh

# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
#    make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
#    contains the copy-in commands for the config files from <flavour>.d/
#    Remember that the package directories don't exist yet, so likely copy
#    to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
#    Configure the config files that have been copied in where necessary

# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=false

# set the cook log path/filename
COOKLOG=/var/log/cook.log

# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
    echo "Creating $COOKLOG" | tee -a $COOKLOG
else
    echo "WARNING $COOKLOG already exists"  | tee -a $COOKLOG
fi
date >> $COOKLOG

# -------------------- COMMON ---------------

STEPCOUNT=0
step() {
  STEPCOUNT=$(expr "$STEPCOUNT" + 1)
  STEP="$@"
  echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}

exit_ok() {
  trap - EXIT
  exit 0
}

FAILED=" failed"
exit_error() {
  STEP="$@"
  FAILED=""
  exit 1
}

set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT

# -------------- BEGIN PACKAGE SETUP -------------

step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
  echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
    >/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap

step "Touch /etc/rc.conf"
touch /etc/rc.conf

# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true

step "Disable sendmail"
service sendmail onedisable

step "Enable SSH"
service sshd enable

step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d

step "Install package sudo"
pkg install -y sudo

step "Install package curl"
pkg install -y curl

step "Install package jq"
pkg install -y jq

step "Install package jo"
pkg install -y jo

step "Install package nginx"
pkg install -y nginx

step "Install package goaccess"
pkg install -y goaccess

step "Install package acme.sh"
pkg install -y acme.sh

step "Install package openssl"
pkg install -y openssl

step "Install package rsync"
pkg install -y rsync

step "Install package syslog-ng"
pkg install -y syslog-ng

step "Clean package installation"
pkg autoremove -y
pkg clean -y

# -------------- END PACKAGE SETUP -------------

#
# Create configurations
#

#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#

# clear any old cook runtime file
step "Remove pre-existing cook script (if any)"
rm -f /usr/local/bin/cook

# this runs when image boots
# ----------------- BEGIN COOK ------------------

step "Create cook script"
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# declare this again for the pot image, might work carrying variable through like
# with above
COOKLOG=/var/log/cook.log
# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
    # If this pot flavour is blocking (i.e. it should not return),
    # we block indefinitely
    if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
    then
        /bin/sh /etc/rc
        tail -f /dev/null
    fi
    exit 0
fi

# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
# not needed, not started automatically, needs configuring

# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
    . /tmp/environment.sh
fi

#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
#

# Check config variables are set
#
if [ -z \${SETUPSCRIPT+x} ]; then
    echo 'SETUPSCRIPT is unset - see documentation to configure this flavour to run a script'
    SETUPSCRIPT=0
fi
if [ -z \${IMPORTAUTHKEY+x} ]; then
    echo 'IMPORTAUTHKEY is unset - see documentation to configure this flavour for adding SSH keys to authorized_keys file.'
    IMPORTAUTHKEY=0
fi
if [ -z \${IMPORTSSH+x} ]; then
    echo 'IMPORTSSH is unset - see documentation to configure this flavour to import sshd config.'
    IMPORTSSH=0
fi
if [ -z \${IMPORTNGINX+x} ]; then
    echo 'IMPORTNGINX is unset - see documentation to configure this flavour to import nginx config.'
    IMPORTNGINX=0
fi
if [ -z \${IMPORTRSYNC+x} ]; then
    echo 'IMPORTRSYNC is unset - see documentation to configure this flavour to import rsync config.'
    IMPORTRSYNC=0
fi
if [ -z \${POSTSCRIPT+x} ]; then
    echo 'POSTSCRIPT is unset - see documentation to configure this flavour to run a script at the end'
    POSTSCRIPT=0
fi
# Remotelog is a remote syslog server, need to pass in IP
if [ -z \${REMOTELOG+x} ]; then
    echo 'REMOTELOG is unset - see documentation how to configure this flavour'
    REMOTELOG=0
fi

# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE CREATED:
# Don't forget to double(!)-escape quotes and dollar signs in the config files

# add custom commands to setup.sh such as directory creation or doing stuff to files
if [ \${SETUPSCRIPT} -eq 1 ]; then
    if [ -f /root/setup.sh ]; then
        chmod +x /root/setup.sh
        /root/setup.sh
    fi
fi

# create root ssh keys
mkdir -p /root/.ssh
/usr/bin/ssh-keygen -q -N '' -f /root/.ssh/id_rsa -t rsa
chown -R root:wheel /root/.ssh
chmod 700 /root/.ssh
chmod 600 /root/.ssh/id_rsa

# add imported key to authorized_keys
if [ \${IMPORTAUTHKEY} -eq 1 ]; then
    if [ -f /root/authorized_keys_in ]; then
        echo \"Adding imported keys to /root/.ssh/authorized_keys\"
        cat /root/authorized_keys_in > /root/.ssh/authorized_keys
        chown -R root:wheel /root/.ssh
    else
        echo \"Error: no /root/authorized_keys_in file found\"
        echo \"#command=\\\"rsync --server --daemon .\\\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa key#\" > /root/.ssh/authorized_keys
    fi
fi

# setup ssh server with remote root access with a key
if [ \${IMPORTSSH} -eq 1 ]; then
    if [ -f /root/sshd_config_in ]; then
        echo \"Setting up ssh server\"
        cp -f /root/sshd_config_in /etc/ssh/sshd_config
        echo \"Manually setting up host keys\"
        cd /etc/ssh
        /usr/bin/ssh-keygen -A
        cd /root/
        echo \"Restarting ssh\"
        service sshd restart
    else
        echo \"There is no /root/sshd_config_in file\"
    fi
fi

# setup nginx and enable and start
if [ \${IMPORTNGINX} -eq 1 ]; then
    if [ -f /root/nginx.conf ]; then
        cp -f /root/nginx.conf /usr/local/etc/nginx/nginx.conf
        service nginx enable
        service nginx start
    else
        echo \"There is no /root/nginx.conf file\"
    fi
fi

# setup rsync
if [ \${IMPORTRSYNC} -eq 1 ]; then
    if [ -f /root/rsyncd.conf ]; then
        cp -f /root/rsyncd.conf /usr/local/etc/rsync/rsyncd.conf
    else
        echo \"There is no /root/rsyncd.conf file\"
    fi
fi

# goaccess
# this seems to be needed as install places in /usr/local/etc/goaccess.conf
# but default for goaccess is /usr/local/etc/goaccess/goaccess.conf
# using custom goaccess.conf with nginx accesslog hardcoded in
if [ -f /root/goaccess.conf.in ]; then
    cp -f /root/goaccess.conf.in /usr/local/etc/goaccess/goaccess.conf
    mv /usr/local/etc/goaccess.conf /usr/local/etc/goaccess.conf.ignore
fi
sysrc goaccess_config=\"/usr/local/etc/goaccess/goaccess.conf\"
sysrc goaccess_log=\"/var/log/nginx/access.log\"
service goaccess enable
service goaccess start || true

# add custom commands to postsetup.sh
if [ \${POSTSCRIPT} -eq 1 ]; then
    if [ -f /root/postsetup.sh ]; then
        chmod +x /root/postsetup.sh
        /root/postsetup.sh
    else
        echo \"There is no /root/postsetup.sh file\"
    fi
fi

## remote syslogs
if [ \"\${REMOTELOG}\" != \"0\" ]; then
    config_version=\$(/usr/local/sbin/syslog-ng --version | grep '^Config version:' | awk -F: '{ print \$2 }' | xargs)

    # read in template conf file, update remote log IP address, and
    # write to correct destination
    < /root/syslog-ng.conf.in \
      sed \"s|%%config_version%%|\$config_version|g\" | \
      sed \"s|%%remotelogip%%|\$REMOTELOG|g\" > /usr/local/etc/syslog-ng.conf

    # stop and disable syslogd
    service syslogd onestop || true
    service syslogd disable

    # enable and start syslog-ng
    service syslog-ng enable
    sysrc syslog_ng_flags=\"-R /tmp/syslog-ng.persist\"
    service syslog-ng start
fi

#
# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION



#
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned

# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
then
    /bin/sh /etc/rc
    tail -f /dev/null
fi
" > /usr/local/bin/cook

# ----------------- END COOK ------------------


# ---------- NO NEED TO EDIT BELOW ------------

step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
    echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
    chmod u+x /usr/local/bin/cook
else
    exit_error "there is no /usr/local/bin/cook to make executable"
fi

#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#

# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG

echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook

step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
  echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
  chmod u+x /usr/local/etc/rc.d/cook
else
  exit_error "/usr/local/etc/rc.d/cook does not exist"
fi

if [ "$RUNS_IN_NOMAD" != "true" ]
then
  step "Enable cook service"
  # This is a non-nomad (non-blocking) jail, so we need to make sure the script
  # gets started when the jail is started:
  # Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
  echo "enabling cook" | tee -a $COOKLOG
  service cook enable
fi

# -------------------- DONE ---------------
exit_ok

nginx-rsync-ssh/nginx-rsync-ssh+1:
nginx-rsync-ssh/nginx-rsync-ssh+1.sh:

nginx-rsync-ssh/nginx-rsync-ssh+2:
nginx-rsync-ssh/nginx-rsync-ssh+2.sh:

nginx-rsync-ssh/nginx-rsync-ssh+3:
nginx-rsync-ssh/nginx-rsync-ssh+3.sh:

nginx-rsync-ssh/nginx-rsync-ssh+4:
nginx-rsync-ssh/nginx-rsync-ssh+4.sh:
Password:===>  Creating a new pot
===>  pot name     : nginx-rsync-ssh-amd64-13_0
===>  type         : single
===>  base         : 13.0
===>  pot_base     : 
===>  level        : 0
===>  network-type : public-bridge
===>  network-stack: ipv4
===>  ip           : 10.192.0.5
===>  bridge       : 
===>  dns          : inherit
===>  flavours     : fbsd-update nginx-rsync-ssh nginx-rsync-ssh+1 nginx-rsync-ssh+2 nginx-rsync-ssh+3 nginx-rsync-ssh+4
===>  Fetching FreeBSD 13.0
===>  Extract the tarball
=====>  Flavour: fbsd-update
=====>  Starting nginx-rsync-ssh-amd64-13_0 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
===>  Internal network not found! Calling vnet-start to fix the issue
net.inet.ip.forwarding: 0 -> 1
=====>  Bridge created bridge0
=====>  Bridge bridge0 configured with IP 10.192.0.1 netmask 255.192.0.0
=====>  Pot anchors are missing - load /etc/pf.conf
nat on vtnet0 inet from 10.192.0.0/10 to any -> (vtnet0:0)
pf enabled
defaultrouter: NO -> 10.192.0.1
===>  Starting the pot nginx-rsync-ssh-amd64-13_0
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:e3:e6:9c:5a:0b
	inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.

Fri Apr 29 20:06:21 UTC 2022
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp/fbsd-update.sh
=====>  Executing fbsd-update script on nginx-rsync-ssh-amd64-13_0
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update2.freebsd.org... done.
Fetching metadata signature for 13.0-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 194 patches.....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190.. done.
Applying patches... done.
Fetching 15 files... ....10.. done.
The following files will be removed as part of updating to
13.0-RELEASE-p11:
/etc/ssl/certs/080911ac.0
/etc/ssl/certs/0b7c536a.0
/etc/ssl/certs/0c4c9b6c.0
/etc/ssl/certs/116bf586.0
/etc/ssl/certs/1320b215.0
/etc/ssl/certs/26312675.0
/etc/ssl/certs/349f2832.0
/etc/ssl/certs/442adcac.0
/etc/ssl/certs/5a4d6896.0
/etc/ssl/certs/9c2e7d30.0
/etc/ssl/certs/a8dee976.0
/etc/ssl/certs/b1b8a7f3.0
/etc/ssl/certs/c01cdfa2.0
/etc/ssl/certs/c47d9980.0
/etc/ssl/certs/cb59f961.0
/etc/ssl/certs/d853d49e.0
/etc/ssl/certs/dc45b0bd.0
/etc/ssl/certs/ee1365c0.0
/etc/ssl/certs/f90208f7.0
/usr/share/certs/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/trusted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/trusted/Certum_Root_CA.pem
/usr/share/certs/trusted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/trusted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/trusted/EC-ACC.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA.pem
/usr/share/certs/trusted/Sonera_Class_2_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_Root_CA_-_G3.pem
/usr/share/certs/trusted/SwissSign_Platinum_CA_-_G2.pem
/usr/share/certs/trusted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Trustis_FPS_Root_CA.pem
/usr/share/certs/trusted/VeriSign_Universal_Root_Certification_Authority.pem
/usr/share/certs/trusted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
The following files will be added as part of updating to
13.0-RELEASE-p11:
/etc/ssl/blacklisted/080911ac.0
/etc/ssl/blacklisted/0b7c536a.0
/etc/ssl/blacklisted/0c4c9b6c.0
/etc/ssl/blacklisted/116bf586.0
/etc/ssl/blacklisted/1320b215.0
/etc/ssl/blacklisted/26312675.0
/etc/ssl/blacklisted/349f2832.0
/etc/ssl/blacklisted/442adcac.0
/etc/ssl/blacklisted/5a4d6896.0
/etc/ssl/blacklisted/9c2e7d30.0
/etc/ssl/blacklisted/a8dee976.0
/etc/ssl/blacklisted/b1b8a7f3.0
/etc/ssl/blacklisted/c01cdfa2.0
/etc/ssl/blacklisted/c47d9980.0
/etc/ssl/blacklisted/cb59f961.0
/etc/ssl/blacklisted/d853d49e.0
/etc/ssl/blacklisted/dc45b0bd.0
/etc/ssl/blacklisted/ee1365c0.0
/etc/ssl/blacklisted/f90208f7.0
/etc/ssl/certs/002c0b4f.0
/etc/ssl/certs/9482e63a.0
/etc/ssl/certs/b433981b.0
/etc/ssl/certs/b81b93f0.0
/etc/ssl/certs/e35234b1.0
/etc/ssl/certs/fa5da96b.0
/etc/ssl/certs/feffd413.0
/usr/include/c++/v1/barrier
/usr/include/c++/v1/concepts
/usr/include/c++/v1/execution
/usr/include/c++/v1/latch
/usr/include/c++/v1/numbers
/usr/include/c++/v1/semaphore
/usr/include/c++/v1/tr1/barrier
/usr/include/c++/v1/tr1/concepts
/usr/include/c++/v1/tr1/execution
/usr/include/c++/v1/tr1/latch
/usr/include/c++/v1/tr1/numbers
/usr/include/c++/v1/tr1/semaphore
/usr/share/certs/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/blacklisted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/blacklisted/Certum_Root_CA.pem
/usr/share/certs/blacklisted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/blacklisted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/blacklisted/EC-ACC.pem
/usr/share/certs/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/blacklisted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/blacklisted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/blacklisted/QuoVadis_Root_CA.pem
/usr/share/certs/blacklisted/Sonera_Class_2_Root_CA.pem
/usr/share/certs/blacklisted/Staat_der_Nederlanden_Root_CA_-_G3.pem
/usr/share/certs/blacklisted/SwissSign_Platinum_CA_-_G2.pem
/usr/share/certs/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/blacklisted/Trustis_FPS_Root_CA.pem
/usr/share/certs/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem
/usr/share/certs/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
/usr/share/certs/trusted/ANF_Secure_Server_Root_CA.pem
/usr/share/certs/trusted/Certum_EC-384_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Root_CA.pem
/usr/share/certs/trusted/GLOBALTRUST_2020.pem
/usr/share/certs/trusted/GlobalSign_Root_E46.pem
/usr/share/certs/trusted/GlobalSign_Root_R46.pem
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
13.0-RELEASE-p11:
/bin/freebsd-version
/lib/libalias.so.7
/lib/libcasper.so.1
/lib/libcrypto.so.111
/lib/libz.so.6
/lib/libzpool.so.2
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/sbin/fsck_4.2bsd
/sbin/fsck_ffs
/sbin/fsck_ufs
/sbin/fsdb
/sbin/ggatec
/usr/bin/bc
/usr/bin/dc
/usr/bin/openssl
/usr/bin/tail
/usr/include/net80211/ieee80211_input.h
/usr/include/openssl/opensslv.h
/usr/include/private/event1/event.h
/usr/lib/libalias.a
/usr/lib/libalias_p.a
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libfetch.a
/usr/lib/libfetch.so.6
/usr/lib/libfetch_p.a
/usr/lib/libprivateevent1.a
/usr/lib/libprivateevent1.so.1
/usr/lib/libprivateevent1_p.a
/usr/lib/libradius.a
/usr/lib/libradius.so.4
/usr/lib/libradius_p.a
/usr/lib/libssl.a
/usr/lib/libssl.so.111
/usr/lib/libssl_p.a
/usr/lib/libz.a
/usr/lib/libz_p.a
/usr/lib/libzpool.a
/usr/sbin/bhyve
/usr/sbin/ftp-proxy
/usr/sbin/hostapd
/usr/sbin/ntp-keygen
/usr/sbin/wpa_cli
/usr/sbin/wpa_supplicant
/usr/sbin/ypldap
/usr/sbin/zdb
/usr/share/certs/trusted/ACCVRAIZ1.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM.pem
/usr/share/certs/trusted/Actalis_Authentication_Root_CA.pem
/usr/share/certs/trusted/AffirmTrust_Commercial.pem
/usr/share/certs/trusted/AffirmTrust_Networking.pem
/usr/share/certs/trusted/AffirmTrust_Premium.pem
/usr/share/certs/trusted/AffirmTrust_Premium_ECC.pem
/usr/share/certs/trusted/Amazon_Root_CA_1.pem
/usr/share/certs/trusted/Amazon_Root_CA_2.pem
/usr/share/certs/trusted/Amazon_Root_CA_3.pem
/usr/share/certs/trusted/Amazon_Root_CA_4.pem
/usr/share/certs/trusted/Atos_TrustedRoot_2011.pem
/usr/share/certs/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
/usr/share/certs/trusted/Baltimore_CyberTrust_Root.pem
/usr/share/certs/trusted/Buypass_Class_2_Root_CA.pem
/usr/share/certs/trusted/Buypass_Class_3_Root_CA.pem
/usr/share/certs/trusted/CA_Disig_Root_R2.pem
/usr/share/certs/trusted/CFCA_EV_ROOT.pem
/usr/share/certs/trusted/COMODO_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_ECC_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_RSA_Certification_Authority.pem
/usr/share/certs/trusted/Certigna.pem
/usr/share/certs/trusted/Certigna_Root_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA_2.pem
/usr/share/certs/trusted/Comodo_AAA_Services_root.pem
/usr/share/certs/trusted/Cybertrust_Global_Root.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
/usr/share/certs/trusted/DST_Root_CA_X3.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G3.pem
/usr/share/certs/trusted/DigiCert_Global_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G3.pem
/usr/share/certs/trusted/DigiCert_High_Assurance_EV_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Trusted_Root_G4.pem
/usr/share/certs/trusted/E-Tugra_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_EC1.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G4.pem
/usr/share/certs/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem
/usr/share/certs/trusted/GDCA_TrustAUTH_R5_ROOT.pem
/usr/share/certs/trusted/GTS_Root_R1.pem
/usr/share/certs/trusted/GTS_Root_R2.pem
/usr/share/certs/trusted/GTS_Root_R3.pem
/usr/share/certs/trusted/GTS_Root_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R5.pem
/usr/share/certs/trusted/GlobalSign_Root_CA.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R2.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R3.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R6.pem
/usr/share/certs/trusted/Go_Daddy_Class_2_CA.pem
/usr/share/certs/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_1.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_3.pem
/usr/share/certs/trusted/ISRG_Root_X1.pem
/usr/share/certs/trusted/IdenTrust_Commercial_Root_CA_1.pem
/usr/share/certs/trusted/IdenTrust_Public_Sector_Root_CA_1.pem
/usr/share/certs/trusted/Izenpe_com.pem
/usr/share/certs/trusted/Microsec_e-Szigno_Root_CA_2009.pem
/usr/share/certs/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/NAVER_Global_Root_Certification_Authority.pem
/usr/share/certs/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem
/usr/share/certs/trusted/Network_Solutions_Certificate_Authority.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_1_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3_G3.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_RSA.pem
/usr/share/certs/trusted/SZAFIR_ROOT_CA2.pem
/usr/share/certs/trusted/SecureSign_RootCA11.pem
/usr/share/certs/trusted/SecureTrust_CA.pem
/usr/share/certs/trusted/Secure_Global_CA.pem
/usr/share/certs/trusted/Security_Communication_RootCA2.pem
/usr/share/certs/trusted/Security_Communication_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_EV_Root_CA.pem
/usr/share/certs/trusted/Starfield_Class_2_CA.pem
/usr/share/certs/trusted/Starfield_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/SwissSign_Gold_CA_-_G2.pem
/usr/share/certs/trusted/SwissSign_Silver_CA_-_G2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_3.pem
/usr/share/certs/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
/usr/share/certs/trusted/TWCA_Global_Root_CA.pem
/usr/share/certs/trusted/TWCA_Root_Certification_Authority.pem
/usr/share/certs/trusted/TeliaSonera_Root_CA_v1.pem
/usr/share/certs/trusted/TrustCor_ECA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-2.pem
/usr/share/certs/trusted/Trustwave_Global_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem
/usr/share/certs/trusted/UCA_Extended_Validation_Root.pem
/usr/share/certs/trusted/UCA_Global_G2_Root.pem
/usr/share/certs/trusted/USERTrust_ECC_Certification_Authority.pem
/usr/share/certs/trusted/USERTrust_RSA_Certification_Authority.pem
/usr/share/certs/trusted/XRamp_Global_CA_Root.pem
/usr/share/certs/trusted/certSIGN_ROOT_CA.pem
/usr/share/certs/trusted/certSIGN_Root_CA_G2.pem
/usr/share/certs/trusted/e-Szigno_Root_CA_2017.pem
/usr/share/certs/trusted/ePKI_Root_Certification_Authority.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_C3.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_G3.pem
/usr/share/certs/trusted/emSign_Root_CA_-_C1.pem
/usr/share/certs/trusted/emSign_Root_CA_-_G1.pem
/usr/share/zoneinfo/Africa/Accra
/usr/share/zoneinfo/America/Anguilla
/usr/share/zoneinfo/America/Antigua
/usr/share/zoneinfo/America/Aruba
/usr/share/zoneinfo/America/Atikokan
/usr/share/zoneinfo/America/Barbados
/usr/share/zoneinfo/America/Blanc-Sablon
/usr/share/zoneinfo/America/Coral_Harbour
/usr/share/zoneinfo/America/Creston
/usr/share/zoneinfo/America/Curacao
/usr/share/zoneinfo/America/Dominica
/usr/share/zoneinfo/America/Grenada
/usr/share/zoneinfo/America/Guadeloupe
/usr/share/zoneinfo/America/Guyana
/usr/share/zoneinfo/America/Kralendijk
/usr/share/zoneinfo/America/Lower_Princes
/usr/share/zoneinfo/America/Marigot
/usr/share/zoneinfo/America/Montserrat
/usr/share/zoneinfo/America/Nassau
/usr/share/zoneinfo/America/Port_of_Spain
/usr/share/zoneinfo/America/Punta_Arenas
/usr/share/zoneinfo/America/Santiago
/usr/share/zoneinfo/America/St_Barthelemy
/usr/share/zoneinfo/America/St_Kitts
/usr/share/zoneinfo/America/St_Lucia
/usr/share/zoneinfo/America/St_Thomas
/usr/share/zoneinfo/America/St_Vincent
/usr/share/zoneinfo/America/Tortola
/usr/share/zoneinfo/America/Virgin
/usr/share/zoneinfo/Antarctica/DumontDUrville
/usr/share/zoneinfo/Antarctica/Syowa
/usr/share/zoneinfo/Asia/Amman
/usr/share/zoneinfo/Asia/Gaza
/usr/share/zoneinfo/Asia/Hebron
/usr/share/zoneinfo/Atlantic/Azores
/usr/share/zoneinfo/Atlantic/Madeira
/usr/share/zoneinfo/Chile/Continental
/usr/share/zoneinfo/Europe/Kiev
/usr/share/zoneinfo/Europe/Lisbon
/usr/share/zoneinfo/Europe/Simferopol
/usr/share/zoneinfo/Europe/Uzhgorod
/usr/share/zoneinfo/Europe/Zaporozhye
/usr/share/zoneinfo/Pacific/Apia
/usr/share/zoneinfo/Pacific/Enderbury
/usr/share/zoneinfo/Pacific/Fiji
/usr/share/zoneinfo/Pacific/Niue
/usr/share/zoneinfo/Pacific/Rarotonga
/usr/share/zoneinfo/Pacific/Tongatapu
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
 done.
=====>  Stop the pot nginx-rsync-ssh-amd64-13_0
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/dev
=====>  Flavour: nginx-rsync-ssh
=====>  Executing nginx-rsync-ssh pot commands on nginx-rsync-ssh-amd64-13_0
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  Source /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/syslog-ng.conf.in copied in the pot nginx-rsync-ssh-amd64-13_0
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/dev is already unmounted
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  Source /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/goaccess.conf.in copied in the pot nginx-rsync-ssh-amd64-13_0
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/dev is already unmounted
=====>  Starting nginx-rsync-ssh-amd64-13_0 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot nginx-rsync-ssh-amd64-13_0
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:af:bd:c0:39:0b
	inet 10.192.0.5 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating /var/run/os-release done.
Creating and/or trimming log files.
Clearing /tmp (X related).
Updating motd:.
Starting syslogd.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Starting cron.

Fri Apr 29 20:07:21 UTC 2022
/usr/local/etc/pot/flavours/nginx-rsync-ssh.sh -> /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp/nginx-rsync-ssh.sh
=====>  Executing nginx-rsync-ssh script on nginx-rsync-ssh-amd64-13_0
Creating /var/log/cook.log
Step 1: Bootstrap package repo
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.17.5_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.17.5_1: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait...
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Enable SSH
sshd enabled in /etc/rc.conf
Step 6: Create /usr/local/etc/rc.d
Step 7: Install package sudo
Updating FreeBSD repository catalogue...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31188 packages processed.
All repositories are up to date.
Updating database digests format: . done
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	gettext-runtime: 0.21
	indexinfo: 0.3.1
	sudo: 1.9.10

Number of packages to be installed: 3

The process will require 8 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching sudo-1.9.10.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching gettext-runtime-0.21.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching indexinfo-0.3.1.pkg: . done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Installing indexinfo-0.3.1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting indexinfo-0.3.1: .... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Installing gettext-runtime-0.21...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting gettext-runtime-0.21: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Installing sudo-1.9.10...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting sudo-1.9.10: .......... done
Step 8: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	ca_root_nss: 3.76
	curl: 7.82.0
	libnghttp2: 1.46.0
	libssh2: 1.10.0,3

Number of packages to be installed: 4

The process will require 6 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Fetching curl-7.82.0.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Fetching libnghttp2-1.46.0.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Fetching libssh2-1.10.0,3.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Fetching ca_root_nss-3.76.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Installing libnghttp2-1.46.0...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/4] Extracting libnghttp2-1.46.0: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Installing libssh2-1.10.0,3...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/4] Extracting libssh2-1.10.0,3: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Installing ca_root_nss-3.76...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/4] Extracting ca_root_nss-3.76: ........ done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Installing curl-7.82.0...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/4] Extracting curl-7.82.0: .......... done
=====
Message from ca_root_nss-3.76:

--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.


This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem
Step 9: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jq: 1.6
	oniguruma: 6.9.7.1

Number of packages to be installed: 2

The process will require 2 MiB more space.
500 KiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching jq-1.6.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching oniguruma-6.9.7.1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Installing oniguruma-6.9.7.1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting oniguruma-6.9.7.1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Installing jq-1.6...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting jq-1.6: .......... done
Step 10: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jo: 1.6

Number of packages to be installed: 1

20 KiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching jo-1.6.pkg: ... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing jo-1.6...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting jo-1.6: ....... done
Step 11: Install package nginx
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	nginx: 1.20.2_9,2
	pcre: 8.45_1

Number of packages to be installed: 2

The process will require 8 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching nginx-1.20.2_9,2.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching pcre-8.45_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Installing pcre-8.45_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting pcre-8.45_1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Installing nginx-1.20.2_9,2...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting nginx-1.20.2_9,2: .......... done
=====
Message from nginx-1.20.2_9,2:

--
Recent version of the NGINX introduces dynamic modules support.  In
FreeBSD ports tree this feature was enabled by default with the DSO
knob.  Several vendor's and third-party modules have been converted
to dynamic modules.  Unset the DSO knob builds an NGINX without
dynamic modules support.

To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks.  When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.

Default path for the NGINX dynamic modules is

/usr/local/libexec/nginx.
Step 12: Install package goaccess
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	goaccess: 1.5.5
	libmaxminddb: 1.6.0

Number of packages to be installed: 2

The process will require 1 MiB more space.
334 KiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching goaccess-1.5.5.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching libmaxminddb-1.6.0.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Installing libmaxminddb-1.6.0...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting libmaxminddb-1.6.0: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Installing goaccess-1.5.5...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting goaccess-1.5.5: .......... done
Step 13: Install package acme.sh
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	acme.sh: 3.0.2
	socat: 1.7.4.3

Number of packages to be installed: 2

The process will require 2 MiB more space.
363 KiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching acme.sh-3.0.2.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching socat-1.7.4.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Installing socat-1.7.4.3...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting socat-1.7.4.3: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Installing acme.sh-3.0.2...
===> Creating groups.
Creating group 'acme' with gid '169'.
===> Creating users
Creating user 'acme' with uid '169'.
===> Creating homedir(s)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting acme.sh-3.0.2: .......... done
=====
Message from acme.sh-3.0.2:

--
This script will create the following directories if they do not exist:

 ~acme/.acme.sh
 ~acme/certs

The script will also install ~acme/.acme.sh/account.conf.sample which has
sane defaults.  Copy this to ~acme/.acme.sh/account.conf and edit contents
to suit.

In the /usr/local/share/examples/acme.sh directory, you can find the dnsapi 
scripts which will be useful if you decide to use dns-01 challenges. Also 
included are the deploy scripts.

A newsyslog.conf sample file is provided at /usr/local/share/examples/acme.sh/acme.sh.conf
and you could create a symlink from that to /usr/local/etc/newsyslog.conf.d/

Your sample cronjob looks like this:

############################################################################
$ sudo crontab -l -u acme
# use /bin/sh to run commands, overriding the default set by cron
SHELL=/bin/sh
# mail any output to here, no matter whose crontab this is
MAILTO=dan@example.org

7 22 * * * /usr/local/sbin/acme.sh --cron --home /var/db/acme/.acme.sh > /dev/null
############################################################################

Change x & y to some minute and hour of the day.
Step 14: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	openssl: 1.1.1n,1

Number of packages to be installed: 1

The process will require 14 MiB more space.
4 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1n,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Installing openssl-1.1.1n,1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1n,1: .......... done
Step 15: Install package rsync
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	libiconv: 1.16
	liblz4: 1.9.3,1
	rsync: 3.2.3_1
	xxhash: 0.8.1
	zstd: 1.5.2

Number of packages to be installed: 5

The process will require 6 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching rsync-3.2.3_1.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching xxhash-0.8.1.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching libiconv-1.16.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching zstd-1.5.2.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching liblz4-1.9.3,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Installing liblz4-1.9.3,1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting liblz4-1.9.3,1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Installing xxhash-0.8.1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting xxhash-0.8.1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Installing libiconv-1.16...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting libiconv-1.16: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Installing zstd-1.5.2...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting zstd-1.5.2: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Installing rsync-3.2.3_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting rsync-3.2.3_1: .......... done
Step 16: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 9 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	e2fsprogs-libuuid: 1.46.5
	glib: 2.70.4_3,2
	json-c: 0.15_1
	libffi: 3.3_1
	libxml2: 2.9.13_1
	mpdecimal: 2.5.1
	python38: 3.8.13
	readline: 8.1.2
	syslog-ng: 3.36.1

Number of packages to be installed: 9

The process will require 172 MiB more space.
30 MiB to be downloaded.
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Fetching syslog-ng-3.36.1.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Fetching json-c-0.15_1.pkg: ........ done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Fetching glib-2.70.4_3,2.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Fetching libxml2-2.9.13_1.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Fetching readline-8.1.2.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Fetching python38-3.8.13.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Fetching mpdecimal-2.5.1.pkg: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Fetching libffi-3.3_1.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Installing readline-8.1.2...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [1/9] Extracting readline-8.1.2: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Installing mpdecimal-2.5.1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [2/9] Extracting mpdecimal-2.5.1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Installing libffi-3.3_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [3/9] Extracting libffi-3.3_1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Installing libxml2-2.9.13_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [4/9] Extracting libxml2-2.9.13_1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Installing python38-3.8.13...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [5/9] Extracting python38-3.8.13: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Installing e2fsprogs-libuuid-1.46.5...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [6/9] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Installing json-c-0.15_1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [7/9] Extracting json-c-0.15_1: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Installing glib-2.70.4_3,2...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [8/9] Extracting glib-2.70.4_3,2: .......... done
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Installing syslog-ng-3.36.1...
[nginx-rsync-ssh-amd64-13_0.vsf00001.cpt.za.honeyguide.net] [9/9] Extracting syslog-ng-3.36.1: .......... done
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python38-3.8.13:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py38-gdbm       databases/py-gdbm@py38
py38-sqlite3    databases/py-sqlite3@py38
py38-tkinter    x11-toolkits/py-tkinter@py38
=====
Message from syslog-ng-3.36.1:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start
Step 17: Clean package installation
Checking integrity... done (0 conflicting)
Nothing to do.
Nothing to do.
Step 18: Remove pre-existing cook script (if any)
Step 19: Create cook script
Step 20: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 21: Create rc.d script to start cook
creating rc.d script to start cook
Step 22: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 23: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====>  Stop the pot nginx-rsync-ssh-amd64-13_0
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/tmp
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-13_0/m/dev
=====>  Flavour: nginx-rsync-ssh+1
=====>  Executing nginx-rsync-ssh+1 pot commands on nginx-rsync-ssh-amd64-13_0
=====>  No shell script available for the flavour nginx-rsync-ssh+1
=====>  Flavour: nginx-rsync-ssh+2
=====>  Executing nginx-rsync-ssh+2 pot commands on nginx-rsync-ssh-amd64-13_0
=====>  No shell script available for the flavour nginx-rsync-ssh+2
=====>  Flavour: nginx-rsync-ssh+3
=====>  Executing nginx-rsync-ssh+3 pot commands on nginx-rsync-ssh-amd64-13_0
=====>  No shell script available for the flavour nginx-rsync-ssh+3
=====>  Flavour: nginx-rsync-ssh+4
=====>  Executing nginx-rsync-ssh+4 pot commands on nginx-rsync-ssh-amd64-13_0
=====>  No shell script available for the flavour nginx-rsync-ssh+4

nginx-rsync-ssh-amd64-12_3_0.0.6:


nginx-rsync-ssh/nginx-rsync-ssh:
copy-in -s /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/syslog-ng.conf.in -d /root/syslog-ng.conf.in
copy-in -s /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/goaccess.conf.in -d /root/goaccess.conf.in
nginx-rsync-ssh/nginx-rsync-ssh.sh:
#!/bin/sh

# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
#    make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
#    contains the copy-in commands for the config files from <flavour>.d/
#    Remember that the package directories don't exist yet, so likely copy
#    to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
#    Configure the config files that have been copied in where necessary

# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=false

# set the cook log path/filename
COOKLOG=/var/log/cook.log

# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
    echo "Creating $COOKLOG" | tee -a $COOKLOG
else
    echo "WARNING $COOKLOG already exists"  | tee -a $COOKLOG
fi
date >> $COOKLOG

# -------------------- COMMON ---------------

STEPCOUNT=0
step() {
  STEPCOUNT=$(expr "$STEPCOUNT" + 1)
  STEP="$@"
  echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}

exit_ok() {
  trap - EXIT
  exit 0
}

FAILED=" failed"
exit_error() {
  STEP="$@"
  FAILED=""
  exit 1
}

set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT

# -------------- BEGIN PACKAGE SETUP -------------

step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
  echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
    >/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap

step "Touch /etc/rc.conf"
touch /etc/rc.conf

# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true

step "Disable sendmail"
service sendmail onedisable

step "Enable SSH"
service sshd enable

step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d

step "Install package sudo"
pkg install -y sudo

step "Install package curl"
pkg install -y curl

step "Install package jq"
pkg install -y jq

step "Install package jo"
pkg install -y jo

step "Install package nginx"
pkg install -y nginx

step "Install package goaccess"
pkg install -y goaccess

step "Install package acme.sh"
pkg install -y acme.sh

step "Install package openssl"
pkg install -y openssl

step "Install package rsync"
pkg install -y rsync

step "Install package syslog-ng"
pkg install -y syslog-ng

step "Clean package installation"
pkg autoremove -y
pkg clean -y

# -------------- END PACKAGE SETUP -------------

#
# Create configurations
#

#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#

# clear any old cook runtime file
step "Remove pre-existing cook script (if any)"
rm -f /usr/local/bin/cook

# this runs when image boots
# ----------------- BEGIN COOK ------------------

step "Create cook script"
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# declare this again for the pot image, might work carrying variable through like
# with above
COOKLOG=/var/log/cook.log
# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
    # If this pot flavour is blocking (i.e. it should not return),
    # we block indefinitely
    if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
    then
        /bin/sh /etc/rc
        tail -f /dev/null
    fi
    exit 0
fi

# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
# not needed, not started automatically, needs configuring

# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
    . /tmp/environment.sh
fi

#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
#

# Check config variables are set
#
if [ -z \${SETUPSCRIPT+x} ]; then
    echo 'SETUPSCRIPT is unset - see documentation to configure this flavour to run a script'
    SETUPSCRIPT=0
fi
if [ -z \${IMPORTAUTHKEY+x} ]; then
    echo 'IMPORTAUTHKEY is unset - see documentation to configure this flavour for adding SSH keys to authorized_keys file.'
    IMPORTAUTHKEY=0
fi
if [ -z \${IMPORTSSH+x} ]; then
    echo 'IMPORTSSH is unset - see documentation to configure this flavour to import sshd config.'
    IMPORTSSH=0
fi
if [ -z \${IMPORTNGINX+x} ]; then
    echo 'IMPORTNGINX is unset - see documentation to configure this flavour to import nginx config.'
    IMPORTNGINX=0
fi
if [ -z \${IMPORTRSYNC+x} ]; then
    echo 'IMPORTRSYNC is unset - see documentation to configure this flavour to import rsync config.'
    IMPORTRSYNC=0
fi
if [ -z \${POSTSCRIPT+x} ]; then
    echo 'POSTSCRIPT is unset - see documentation to configure this flavour to run a script at the end'
    POSTSCRIPT=0
fi
# Remotelog is a remote syslog server, need to pass in IP
if [ -z \${REMOTELOG+x} ]; then
    echo 'REMOTELOG is unset - see documentation how to configure this flavour'
    REMOTELOG=0
fi

# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE CREATED:
# Don't forget to double(!)-escape quotes and dollar signs in the config files

# add custom commands to setup.sh such as directory creation or doing stuff to files
if [ \${SETUPSCRIPT} -eq 1 ]; then
    if [ -f /root/setup.sh ]; then
        chmod +x /root/setup.sh
        /root/setup.sh
    fi
fi

# create root ssh keys
mkdir -p /root/.ssh
/usr/bin/ssh-keygen -q -N '' -f /root/.ssh/id_rsa -t rsa
chown -R root:wheel /root/.ssh
chmod 700 /root/.ssh
chmod 600 /root/.ssh/id_rsa

# add imported key to authorized_keys
if [ \${IMPORTAUTHKEY} -eq 1 ]; then
    if [ -f /root/authorized_keys_in ]; then
        echo \"Adding imported keys to /root/.ssh/authorized_keys\"
        cat /root/authorized_keys_in > /root/.ssh/authorized_keys
        chown -R root:wheel /root/.ssh
    else
        echo \"Error: no /root/authorized_keys_in file found\"
        echo \"#command=\\\"rsync --server --daemon .\\\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa key#\" > /root/.ssh/authorized_keys
    fi
fi

# setup ssh server with remote root access with a key
if [ \${IMPORTSSH} -eq 1 ]; then
    if [ -f /root/sshd_config_in ]; then
        echo \"Setting up ssh server\"
        cp -f /root/sshd_config_in /etc/ssh/sshd_config
        echo \"Manually setting up host keys\"
        cd /etc/ssh
        /usr/bin/ssh-keygen -A
        cd /root/
        echo \"Restarting ssh\"
        service sshd restart
    else
        echo \"There is no /root/sshd_config_in file\"
    fi
fi

# setup nginx and enable and start
if [ \${IMPORTNGINX} -eq 1 ]; then
    if [ -f /root/nginx.conf ]; then
        cp -f /root/nginx.conf /usr/local/etc/nginx/nginx.conf
        service nginx enable
        service nginx start
    else
        echo \"There is no /root/nginx.conf file\"
    fi
fi

# setup rsync
if [ \${IMPORTRSYNC} -eq 1 ]; then
    if [ -f /root/rsyncd.conf ]; then
        cp -f /root/rsyncd.conf /usr/local/etc/rsync/rsyncd.conf
    else
        echo \"There is no /root/rsyncd.conf file\"
    fi
fi

# goaccess
# this seems to be needed as install places in /usr/local/etc/goaccess.conf
# but default for goaccess is /usr/local/etc/goaccess/goaccess.conf
# using custom goaccess.conf with nginx accesslog hardcoded in
if [ -f /root/goaccess.conf.in ]; then
    cp -f /root/goaccess.conf.in /usr/local/etc/goaccess/goaccess.conf
    mv /usr/local/etc/goaccess.conf /usr/local/etc/goaccess.conf.ignore
fi
sysrc goaccess_config=\"/usr/local/etc/goaccess/goaccess.conf\"
sysrc goaccess_log=\"/var/log/nginx/access.log\"
service goaccess enable
service goaccess start || true

# add custom commands to postsetup.sh
if [ \${POSTSCRIPT} -eq 1 ]; then
    if [ -f /root/postsetup.sh ]; then
        chmod +x /root/postsetup.sh
        /root/postsetup.sh
    else
        echo \"There is no /root/postsetup.sh file\"
    fi
fi

## remote syslogs
if [ \"\${REMOTELOG}\" != \"0\" ]; then
    config_version=\$(/usr/local/sbin/syslog-ng --version | grep '^Config version:' | awk -F: '{ print \$2 }' | xargs)

    # read in template conf file, update remote log IP address, and
    # write to correct destination
    < /root/syslog-ng.conf.in \
      sed \"s|%%config_version%%|\$config_version|g\" | \
      sed \"s|%%remotelogip%%|\$REMOTELOG|g\" > /usr/local/etc/syslog-ng.conf

    # stop and disable syslogd
    service syslogd onestop || true
    service syslogd disable

    # enable and start syslog-ng
    service syslog-ng enable
    sysrc syslog_ng_flags=\"-R /tmp/syslog-ng.persist\"
    service syslog-ng start
fi

#
# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION



#
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned

# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \"\$RUNS_IN_NOMAD\" = \"true\" ]
then
    /bin/sh /etc/rc
    tail -f /dev/null
fi
" > /usr/local/bin/cook

# ----------------- END COOK ------------------


# ---------- NO NEED TO EDIT BELOW ------------

step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
    echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
    chmod u+x /usr/local/bin/cook
else
    exit_error "there is no /usr/local/bin/cook to make executable"
fi

#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#

# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG

echo "#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=\"cook\"
rcvar=\"cook_enable\"
load_rc_config \$name
: \${cook_enable:=\"NO\"}
: \${cook_env:=\"\"}
command=\"/usr/local/bin/cook\"
command_args=\"\"
run_rc_command \"\$1\"
" > /usr/local/etc/rc.d/cook

step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
  echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
  chmod u+x /usr/local/etc/rc.d/cook
else
  exit_error "/usr/local/etc/rc.d/cook does not exist"
fi

if [ "$RUNS_IN_NOMAD" != "true" ]
then
  step "Enable cook service"
  # This is a non-nomad (non-blocking) jail, so we need to make sure the script
  # gets started when the jail is started:
  # Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
  echo "enabling cook" | tee -a $COOKLOG
  service cook enable
fi

# -------------------- DONE ---------------
exit_ok

nginx-rsync-ssh/nginx-rsync-ssh+1:
nginx-rsync-ssh/nginx-rsync-ssh+1.sh:

nginx-rsync-ssh/nginx-rsync-ssh+2:
nginx-rsync-ssh/nginx-rsync-ssh+2.sh:

nginx-rsync-ssh/nginx-rsync-ssh+3:
nginx-rsync-ssh/nginx-rsync-ssh+3.sh:

nginx-rsync-ssh/nginx-rsync-ssh+4:
nginx-rsync-ssh/nginx-rsync-ssh+4.sh:
Password:===>  Creating a new pot
===>  pot name     : nginx-rsync-ssh-amd64-12_3
===>  type         : single
===>  base         : 12.3
===>  pot_base     : 
===>  level        : 0
===>  network-type : public-bridge
===>  network-stack: ipv4
===>  ip           : 10.192.0.6
===>  bridge       : 
===>  dns          : inherit
===>  flavours     : fbsd-update nginx-rsync-ssh nginx-rsync-ssh+1 nginx-rsync-ssh+2 nginx-rsync-ssh+3 nginx-rsync-ssh+4
===>  Fetching FreeBSD 12.3
===>  Extract the tarball
=====>  Flavour: fbsd-update
=====>  Starting nginx-rsync-ssh-amd64-12_3 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
defaultrouter: NO -> 10.192.0.1
===>  Starting the pot nginx-rsync-ssh-amd64-12_3
Generating host.conf.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:02:04:03:96:0b
	inet 10.192.0.6 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.

Fri Apr 29 20:12:31 UTC 2022
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp/fbsd-update.sh
=====>  Executing fbsd-update script on nginx-rsync-ssh-amd64-12_3
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 12.3-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 44 patches.....10....20....30....40.. done.
Applying patches... done.
The following files will be added as part of updating to
12.3-RELEASE-p5:
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
12.3-RELEASE-p5:
/bin/freebsd-version
/lib/libalias.so.7
/lib/libcrypto.so.111
/lib/libz.so.6
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/usr/bin/c++
/usr/bin/cc
/usr/bin/clang
/usr/bin/clang++
/usr/bin/clang-cpp
/usr/bin/cpp
/usr/bin/ld.lld
/usr/include/net80211/ieee80211_input.h
/usr/lib/libalias.a
/usr/lib/libalias_p.a
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libz.a
/usr/lib/libz_p.a
/usr/sbin/bhyve
/usr/sbin/freebsd-update
/usr/share/zoneinfo/Africa/Accra
/usr/share/zoneinfo/America/Anguilla
/usr/share/zoneinfo/America/Antigua
/usr/share/zoneinfo/America/Aruba
/usr/share/zoneinfo/America/Atikokan
/usr/share/zoneinfo/America/Barbados
/usr/share/zoneinfo/America/Blanc-Sablon
/usr/share/zoneinfo/America/Coral_Harbour
/usr/share/zoneinfo/America/Creston
/usr/share/zoneinfo/America/Curacao
/usr/share/zoneinfo/America/Dominica
/usr/share/zoneinfo/America/Grenada
/usr/share/zoneinfo/America/Guadeloupe
/usr/share/zoneinfo/America/Guyana
/usr/share/zoneinfo/America/Kralendijk
/usr/share/zoneinfo/America/Lower_Princes
/usr/share/zoneinfo/America/Marigot
/usr/share/zoneinfo/America/Montserrat
/usr/share/zoneinfo/America/Nassau
/usr/share/zoneinfo/America/Port_of_Spain
/usr/share/zoneinfo/America/Punta_Arenas
/usr/share/zoneinfo/America/Santiago
/usr/share/zoneinfo/America/St_Barthelemy
/usr/share/zoneinfo/America/St_Kitts
/usr/share/zoneinfo/America/St_Lucia
/usr/share/zoneinfo/America/St_Thomas
/usr/share/zoneinfo/America/St_Vincent
/usr/share/zoneinfo/America/Tortola
/usr/share/zoneinfo/America/Virgin
/usr/share/zoneinfo/Antarctica/DumontDUrville
/usr/share/zoneinfo/Antarctica/Syowa
/usr/share/zoneinfo/Asia/Gaza
/usr/share/zoneinfo/Asia/Hebron
/usr/share/zoneinfo/Atlantic/Azores
/usr/share/zoneinfo/Atlantic/Madeira
/usr/share/zoneinfo/Chile/Continental
/usr/share/zoneinfo/Europe/Kiev
/usr/share/zoneinfo/Europe/Lisbon
/usr/share/zoneinfo/Europe/Simferopol
/usr/share/zoneinfo/Europe/Uzhgorod
/usr/share/zoneinfo/Europe/Zaporozhye
/usr/share/zoneinfo/Pacific/Enderbury
/usr/share/zoneinfo/Pacific/Niue
/usr/share/zoneinfo/Pacific/Rarotonga
/usr/share/zoneinfo/Pacific/Tongatapu
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
 done.
=====>  Stop the pot nginx-rsync-ssh-amd64-12_3
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/dev
=====>  Flavour: nginx-rsync-ssh
=====>  Executing nginx-rsync-ssh pot commands on nginx-rsync-ssh-amd64-12_3
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  Source /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/syslog-ng.conf.in copied in the pot nginx-rsync-ssh-amd64-12_3
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/dev is already unmounted
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  Source /usr/local/etc/pot/flavours/nginx-rsync-ssh.d/goaccess.conf.in copied in the pot nginx-rsync-ssh-amd64-12_3
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/dev is already unmounted
=====>  Starting nginx-rsync-ssh-amd64-12_3 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot nginx-rsync-ssh-amd64-12_3
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:85:43:52:85:0b
	inet 10.192.0.6 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.

Fri Apr 29 20:13:29 UTC 2022
/usr/local/etc/pot/flavours/nginx-rsync-ssh.sh -> /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp/nginx-rsync-ssh.sh
=====>  Executing nginx-rsync-ssh script on nginx-rsync-ssh-amd64-12_3
Creating /var/log/cook.log
Step 1: Bootstrap package repo
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.17.5_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.17.5_1: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Enable SSH
sshd enabled in /etc/rc.conf
Step 6: Create /usr/local/etc/rc.d
Step 7: Install package sudo
Updating FreeBSD repository catalogue...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 31257 packages processed.
All repositories are up to date.
Updating database digests format: . done
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	gettext-runtime: 0.21
	indexinfo: 0.3.1
	sudo: 1.9.10

Number of packages to be installed: 3

The process will require 8 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching sudo-1.9.10.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching gettext-runtime-0.21.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching indexinfo-0.3.1.pkg: . done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Installing indexinfo-0.3.1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting indexinfo-0.3.1: .... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Installing gettext-runtime-0.21...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting gettext-runtime-0.21: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Installing sudo-1.9.10...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting sudo-1.9.10: .......... done
Step 8: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	ca_root_nss: 3.76
	curl: 7.82.0
	libnghttp2: 1.46.0
	libssh2: 1.10.0,3

Number of packages to be installed: 4

The process will require 6 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Fetching curl-7.82.0.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Fetching libnghttp2-1.46.0.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Fetching libssh2-1.10.0,3.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Fetching ca_root_nss-3.76.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Installing libnghttp2-1.46.0...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/4] Extracting libnghttp2-1.46.0: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Installing libssh2-1.10.0,3...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/4] Extracting libssh2-1.10.0,3: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Installing ca_root_nss-3.76...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/4] Extracting ca_root_nss-3.76: ........ done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Installing curl-7.82.0...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/4] Extracting curl-7.82.0: .......... done
=====
Message from ca_root_nss-3.76:

--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.


This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem
Step 9: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jq: 1.6
	oniguruma: 6.9.7.1

Number of packages to be installed: 2

The process will require 2 MiB more space.
498 KiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching jq-1.6.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching oniguruma-6.9.7.1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing oniguruma-6.9.7.1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting oniguruma-6.9.7.1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing jq-1.6...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting jq-1.6: .......... done
Step 10: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	jo: 1.6

Number of packages to be installed: 1

20 KiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching jo-1.6.pkg: ... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing jo-1.6...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting jo-1.6: ....... done
Step 11: Install package nginx
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	nginx: 1.20.2_9,2
	pcre: 8.45_1

Number of packages to be installed: 2

The process will require 8 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching nginx-1.20.2_9,2.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching pcre-8.45_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing pcre-8.45_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting pcre-8.45_1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing nginx-1.20.2_9,2...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting nginx-1.20.2_9,2: .......... done
=====
Message from nginx-1.20.2_9,2:

--
Recent version of the NGINX introduces dynamic modules support.  In
FreeBSD ports tree this feature was enabled by default with the DSO
knob.  Several vendor's and third-party modules have been converted
to dynamic modules.  Unset the DSO knob builds an NGINX without
dynamic modules support.

To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks.  When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.

Default path for the NGINX dynamic modules is

/usr/local/libexec/nginx.
Step 12: Install package goaccess
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	goaccess: 1.5.5
	libmaxminddb: 1.6.0

Number of packages to be installed: 2

The process will require 1 MiB more space.
334 KiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching goaccess-1.5.5.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching libmaxminddb-1.6.0.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing libmaxminddb-1.6.0...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting libmaxminddb-1.6.0: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing goaccess-1.5.5...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting goaccess-1.5.5: .......... done
Step 13: Install package acme.sh
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	acme.sh: 3.0.2
	socat: 1.7.4.3

Number of packages to be installed: 2

The process will require 2 MiB more space.
362 KiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching acme.sh-3.0.2.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching socat-1.7.4.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Installing socat-1.7.4.3...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting socat-1.7.4.3: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Installing acme.sh-3.0.2...
===> Creating groups.
Creating group 'acme' with gid '169'.
===> Creating users
Creating user 'acme' with uid '169'.
===> Creating homedir(s)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting acme.sh-3.0.2: .......... done
=====
Message from acme.sh-3.0.2:

--
This script will create the following directories if they do not exist:

 ~acme/.acme.sh
 ~acme/certs

The script will also install ~acme/.acme.sh/account.conf.sample which has
sane defaults.  Copy this to ~acme/.acme.sh/account.conf and edit contents
to suit.

In the /usr/local/share/examples/acme.sh directory, you can find the dnsapi 
scripts which will be useful if you decide to use dns-01 challenges. Also 
included are the deploy scripts.

A newsyslog.conf sample file is provided at /usr/local/share/examples/acme.sh/acme.sh.conf
and you could create a symlink from that to /usr/local/etc/newsyslog.conf.d/

Your sample cronjob looks like this:

############################################################################
$ sudo crontab -l -u acme
# use /bin/sh to run commands, overriding the default set by cron
SHELL=/bin/sh
# mail any output to here, no matter whose crontab this is
MAILTO=dan@example.org

7 22 * * * /usr/local/sbin/acme.sh --cron --home /var/db/acme/.acme.sh > /dev/null
############################################################################

Change x & y to some minute and hour of the day.
Step 14: Install package openssl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	openssl: 1.1.1n,1

Number of packages to be installed: 1

The process will require 14 MiB more space.
4 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching openssl-1.1.1n,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Installing openssl-1.1.1n,1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting openssl-1.1.1n,1: .......... done
Step 15: Install package rsync
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	libiconv: 1.16
	liblz4: 1.9.3,1
	rsync: 3.2.3_1
	xxhash: 0.8.1
	zstd: 1.5.2

Number of packages to be installed: 5

The process will require 6 MiB more space.
2 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Fetching rsync-3.2.3_1.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Fetching xxhash-0.8.1.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Fetching libiconv-1.16.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Fetching zstd-1.5.2.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Fetching liblz4-1.9.3,1.pkg: .......... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Installing liblz4-1.9.3,1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/5] Extracting liblz4-1.9.3,1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Installing xxhash-0.8.1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/5] Extracting xxhash-0.8.1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Installing libiconv-1.16...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/5] Extracting libiconv-1.16: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Installing zstd-1.5.2...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/5] Extracting zstd-1.5.2: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Installing rsync-3.2.3_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/5] Extracting rsync-3.2.3_1: .......... done
Step 16: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 9 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	e2fsprogs-libuuid: 1.46.5
	glib: 2.70.4_3,2
	json-c: 0.15_1
	libffi: 3.3_1
	libxml2: 2.9.13_1
	mpdecimal: 2.5.1
	python38: 3.8.13
	readline: 8.1.2
	syslog-ng: 3.36.1

Number of packages to be installed: 9

The process will require 172 MiB more space.
30 MiB to be downloaded.
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/9] Fetching syslog-ng-3.36.1.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/9] Fetching e2fsprogs-libuuid-1.46.5.pkg: ..... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/9] Fetching json-c-0.15_1.pkg: ........ done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/9] Fetching glib-2.70.4_3,2.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/9] Fetching libxml2-2.9.13_1.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/9] Fetching readline-8.1.2.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/9] Fetching python38-3.8.13.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/9] Fetching mpdecimal-2.5.1.pkg: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/9] Fetching libffi-3.3_1.pkg: ..... done
Checking integrity... done (0 conflicting)
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/9] Installing readline-8.1.2...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [1/9] Extracting readline-8.1.2: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/9] Installing mpdecimal-2.5.1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [2/9] Extracting mpdecimal-2.5.1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/9] Installing libffi-3.3_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [3/9] Extracting libffi-3.3_1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/9] Installing libxml2-2.9.13_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [4/9] Extracting libxml2-2.9.13_1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/9] Installing python38-3.8.13...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [5/9] Extracting python38-3.8.13: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/9] Installing e2fsprogs-libuuid-1.46.5...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [6/9] Extracting e2fsprogs-libuuid-1.46.5: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/9] Installing json-c-0.15_1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [7/9] Extracting json-c-0.15_1: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/9] Installing glib-2.70.4_3,2...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [8/9] Extracting glib-2.70.4_3,2: .......... done
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/9] Installing syslog-ng-3.36.1...
[nginx-rsync-ssh-amd64-12_3.vsf00001.cpt.za.honeyguide.net] [9/9] Extracting syslog-ng-3.36.1: .......... done
Compiling glib schemas
No schema files found: doing nothing.
=====
Message from python38-3.8.13:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py38-gdbm       databases/py-gdbm@py38
py38-sqlite3    databases/py-sqlite3@py38
py38-tkinter    x11-toolkits/py-tkinter@py38
=====
Message from syslog-ng-3.36.1:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start
Step 17: Clean package installation
Checking integrity... done (0 conflicting)
Nothing to do.
Nothing to do.
Step 18: Remove pre-existing cook script (if any)
Step 19: Create cook script
Step 20: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 21: Create rc.d script to start cook
creating rc.d script to start cook
Step 22: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 23: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====>  Stop the pot nginx-rsync-ssh-amd64-12_3
=====>  Remove epair0[a|b] network interfaces
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/tmp
=====>  unmount /mnt/srv/pot/jails/nginx-rsync-ssh-amd64-12_3/m/dev
=====>  Flavour: nginx-rsync-ssh+1
=====>  Executing nginx-rsync-ssh+1 pot commands on nginx-rsync-ssh-amd64-12_3
=====>  No shell script available for the flavour nginx-rsync-ssh+1
=====>  Flavour: nginx-rsync-ssh+2
=====>  Executing nginx-rsync-ssh+2 pot commands on nginx-rsync-ssh-amd64-12_3
=====>  No shell script available for the flavour nginx-rsync-ssh+2
=====>  Flavour: nginx-rsync-ssh+3
=====>  Executing nginx-rsync-ssh+3 pot commands on nginx-rsync-ssh-amd64-12_3
=====>  No shell script available for the flavour nginx-rsync-ssh+3
=====>  Flavour: nginx-rsync-ssh+4
=====>  Executing nginx-rsync-ssh+4 pot commands on nginx-rsync-ssh-amd64-12_3
=====>  No shell script available for the flavour nginx-rsync-ssh+4

This site © Honeyguide Group (Pty) Ltd, all the hosted software their respective license owners 2020 - 2021 - Disclaimer