Overview
This is a rsnapshot
jail that can be started with pot
but it can also be deployed via nomad
.
For more details about nomad
images, see about potluck.
The jail exposes these parameters that can either be set via the environment or by setting the cook
parameters (the latter either via nomad
, see example below, or by editing the downloaded jails pot.conf
file):
Environment | cook parameter | Content |
---|---|---|
ALPHA | -a | /etc/crontab frequency for alpha backup plan |
BETA | -b | Optional: /etc/crontab frequency for beta backup plan |
DELTA | -d | Optional: /etc/crontab frequency for delta backup plan |
GAMMA | -g | Optional: /etc/crontab frequency for gamma backup plan |
The frequency is given in the standard cron entry format, e.g. “0 */4 * * *” or “40 23 * * 6”.
Nomad Job Description Example
It is suggested to mount the jail directory /.snapshots
from outside as it contains the backups (or any other backup directory that you define in your configuration below).
Also, you should copy in the rsnapshot.conf
file to /usr/local/etc
with your configuration settings.
Last not least, since you probably will use ssh to access clients, you also want to copy your private/public key pair to /root/.ssh
so the BackupPC server can access your clients.
Assuming that you don’t copy in a known_hosts
file, ssh
would prompt on the first connection attempt to your clients that are to be backed up for your confirmation to add the unknown ssh
host keys to your known_hosts
file within the jail, a prompt that you won’t see of course as the job is run inside the jail via cron
. Therefore, it is suggested that you add ssh_args -o "StrictHostKeyChecking=no"
to your rsnapshot.conf
to suppress the prompt and make sure the backup runs correctly in batch mode.
Example with passing parameters to the cook
script:
job "rsnapshot" {
datacenters = ["mydc"]
type = "service"
group "group1" {
count = 1
task "rsnapshot1" {
driver = "pot"
config {
image = "https://potluck.honeyguide.net/rsnapshot-nomad"
pot = "rsnapshot-nomad-amd64-13_1"
tag = "1.0.7"
command = "/usr/local/bin/cook"
args = ["-a","\"40 23 * * 6\""]
mount = [
"/mnt/backups:/.snapshots"
]
copy = [
"/mnt/rsnapshot.conf:/usr/local/etc/rsnapshot.conf"
"/mnt/id_rsa:/root/.ssh/id_rsa",
"/mnt/id_rsa.pub:/root/.ssh/id_rsa.pub"
]
}
resources {
cpu = 500
memory = 1024
}
}
}
}
Getting Started
- Image Readme
- How To Use The Ready-Made Image
- Alternatively: Create a Jail With This Flavour Yourself
- Version History
- Manual Image Download Links
- Jenkins Pot Creation Logs
How To Use The Ready-Made Image
FreeBSD 13.1:
pot import -p rsnapshot-nomad-amd64-13_1 -t 1.0.7 -U https://potluck.honeyguide.net/rsnapshot-nomad
FreeBSD 12.4:
pot import -p rsnapshot-nomad-amd64-12_4 -t 1.0.7 -U https://potluck.honeyguide.net/rsnapshot-nomad
If you don’t want to use the default pot
bridged network configuration but instead need an individual network setup (e.g. assign a host IP address), after importing it you can simply clone the jail like that (em0 is the host network adapter in this example):
pot clone -P rsnapshot-nomad-amd64-13_1 -p my-cloned-jail -N alias -i "em0|10.10.10.10"
Note: Some images might require specific network configuration, double check the Overview-chapter at the top.
Alternatively: Create a Jail With This Flavour Yourself
1. Create Flavour Files
Save all files and directories from https://github.com/hny-gd/potluck/tree/master/rsnapshot-nomad to /usr/local/etc/pot/flavours/
2. Create Jail From Flavour
Run
pot create -b <FreeBSD Version> -p <jailname> -t single -N public-bridge -f fbsd-update
with your FreeBSD version (e.g. 13.1) and the name your jail should get.
Note: Some images might require specific network configuration, double check the Overview-chapter at the top.
Version History
1.0.7
- Version bump for new base image
- This image is still old formats
1.0.6
- Version bump for new base image
- This image is still old formats
1.0.5
- Version bump for FreeBSD-13.1 image
1.0.4
- Rebuild for FreeBSD 12_3 and 13 & pot 13
1.0.3
- Rebuild for FreeBSD 13 & new packages
1.0.2
- Apply epair0b patch from https://raw.githubusercontent.com/grembo/potman/master/flavours/example/example.sh
1.0.1
- Trigger build of FreeBSD 12.2 image & rebuild FreeBSD 11.4 image to update packages
1.0
- Initial complete release
These images were built on Mon Feb 20 22:39:13 UTC 2023
Manual Image Download Links
rsnapshot-nomad-amd64-13_1_1.0.7.xz (
29.635 MB
)
rsnapshot-nomad-amd64-13_1_1.0.7.xz.skein (
0.250977 KB
)
rsnapshot-nomad-amd64-13_1_1.0.7.xz.meta (
0.0478516 KB
)
rsnapshot-nomad-amd64-12_4_1.0.7.xz (
310.381 MB
)
rsnapshot-nomad-amd64-12_4_1.0.7.xz.skein (
0.250977 KB
)
rsnapshot-nomad-amd64-12_4_1.0.7.xz.meta (
0.00195312 KB
)
Jenkins Pot Creation Logs
rsnapshot-nomad-amd64-13_1_1.0.7:
rsnapshot-nomad/rsnapshot-nomad:
set-attribute -A persistent -V OFF
set-attribute -A no-rc-script -V ON
rsnapshot-nomad/rsnapshot-nomad.sh:
#!/bin/sh
# POTLUCK TEMPLATE v2.0
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - yes or no
# 2. Create a matching <flavour> file with this <flavour>.sh file that
# contains the copy-in commands for the config files from <flavour>.d/
# Remember that the package directories don't exist yet, so likely copy to /root
# 3. Adjust package installation between BEGIN & END PACKAGE SETUP
# 4. Adjust jail configuration script generation between BEGIN & END COOK
# Configure the config files that have been copied in where necessary
# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=true
# -------- BEGIN PACKAGE & MOUNTPOINT SETUP -------------
ASSUME_ALWAYS_YES=yes pkg bootstrap
touch /etc/rc.conf
service sendmail onedisable
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true
# Install packages
pkg install -y rsnapshot
pkg clean -y
# Create mountpoints
mkdir -p /.snapshots
mkdir -p /root/.ssh
# ---------- END PACKAGE & MOUNTPOINT SETUP -------------
#
# Create configurations
#
#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#
# ----------------- BEGIN COOK ------------------
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
# If this pot flavour is blocking (i.e. it should not return),
# we block indefinitely
if [ \$RUNS_IN_NOMAD ]
then
/bin/sh /etc/rc
tail -f /dev/null
fi
exit 0
fi
# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
. /tmp/environment.sh
fi
#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
#
# Convert parameters to variables if passed (overwrite environment)
while getopts a:b:d:g: option
do
case \"\${option}\"
in
a) ALPHA=\${OPTARG};;
b) BETA=\${OPTARG};;
d) DELTA=\${OPTARG};;
g) GAMMA=\${OPTARG};;
esac
done
# Check config variables are set
if [ -z \${ALPHA+x} ];
then
echo 'ALPHA is unset - see documentation how to configure this flavour' >> /var/log/cook.log
echo 'ALPHA is unset - see documentation how to configure this flavour'
exit 1
fi
# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE ADJUSTED & COPIED:
if [ -n \${ALPHA+x} ];
then
echo \"\$ALPHA root /usr/local/bin/rsnapshot alpha\" >> /etc/crontab
fi
if [ -n \${BETA+x} ];
then
echo \"\$BETA root /usr/local/bin/rsnapshot beta\" >> /etc/crontab
fi
if [ -n \${DELTA+x} ];
then
echo \"\$DELTA root /usr/local/bin/rsnapshot delta\" >> /etc/crontab
fi
if [ -n \${GAMMA+x} ];
then
echo \"\$GAMMA root /usr/local/bin/rsnapshot gamma\" >> /etc/crontab
fi
chown -R root:wheel /root/.ssh
chmod -R 700 /root/.ssh
chmod 644 /root/.ssh/*.pub || true
chmod 600 /root/.ssh/id_rsa || true
# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned
# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \$RUNS_IN_NOMAD ]
then
/bin/sh /etc/rc
tail -f /dev/null
fi
" > /usr/local/bin/cook
# ----------------- END COOK ------------------
# ---------- NO NEED TO EDIT BELOW ------------
chmod u+x /usr/local/bin/cook
#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#
# Create rc.d script for "normal" mode:
# shellcheck disable=SC2016
echo '#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name="cook"
rcvar="cook_enable"
load_rc_config $name
: ${cook_enable:="NO"}
: ${cook_env:=""}
command="/usr/local/bin/cook"
command_args=""
run_rc_command "$1"
' > /usr/local/etc/rc.d/cook
chmod u+x /usr/local/etc/rc.d/cook
if [ $RUNS_IN_NOMAD = false ]
then
# This is a non-nomad (non-blocking) jail, so we need to make sure the script
# gets started when the jail is started:
# Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
echo "cook_enable=\"YES\"" >> /etc/rc.conf
fi
rsnapshot-nomad/rsnapshot-nomad+1:
rsnapshot-nomad/rsnapshot-nomad+1.sh:
rsnapshot-nomad/rsnapshot-nomad+2:
rsnapshot-nomad/rsnapshot-nomad+2.sh:
rsnapshot-nomad/rsnapshot-nomad+3:
rsnapshot-nomad/rsnapshot-nomad+3.sh:
rsnapshot-nomad/rsnapshot-nomad+4:
set-cmd -c "/usr/local/bin/cook"
rsnapshot-nomad/rsnapshot-nomad+4.sh:
Password:=====> Create conf dir (/mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/conf)
=====> Cloning freebsd-potluck-amd64-13_1_0_0_8 with snap
=====> clone zroot/srv/pot/jails/freebsd-potluck-amd64-13_1_0_0_8/m@1676918384 into zroot/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m
=====> Flavour: fbsd-update
=====> Starting rsnapshot-nomad-amd64-13_1 pot for the initial bootstrap
=====> mount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===> Starting the pot rsnapshot-nomad-amd64-13_1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:7e:7a:54:4b:0b
inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating motd:.
Creating and/or trimming log files.
Updating /var/run/os-release done.
Clearing /tmp (X related).
Starting syslogd.
Starting cron.
Starting sendmail_outbound.
Mon Feb 20 22:32:05 UTC 2023
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp/fbsd-update.sh
=====> Executing fbsd-update script on rsnapshot-nomad-amd64-13_1
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 13.1-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.
No updates needed to update system to 13.1-RELEASE-p7.
No updates are available to install.
=====> Stop the pot rsnapshot-nomad-amd64-13_1
=====> Remove p463f3f4df4513 epair network interfaces
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/dev
=====> Flavour: rsnapshot-nomad
=====> Executing rsnapshot-nomad pot commands on rsnapshot-nomad-amd64-13_1
=====> Starting rsnapshot-nomad-amd64-13_1 pot for the initial bootstrap
=====> Setting pot rsnapshot-nomad-amd64-13_1 temporarily to persistent
=====> mount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp
===> Starting the pot rsnapshot-nomad-amd64-13_1
add net default: gateway 10.192.0.1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:9c:5d:36:b7:0b
inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating motd:.
Creating and/or trimming log files.
Updating /var/run/os-release done.
Clearing /tmp (X related).
Starting syslogd.
Starting cron.
Starting sendmail_outbound.
Mon Feb 20 22:32:32 UTC 2023
/usr/local/etc/pot/flavours/rsnapshot-nomad.sh -> /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp/rsnapshot-nomad.sh
=====> Executing rsnapshot-nomad script on rsnapshot-nomad-amd64-13_1
pkg already bootstrapped at /usr/local/sbin/pkg
sendmail disabled in /etc/rc.conf
sendmail_outbound disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 3 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
p5-Lchown: 1.01_2
perl5: 5.32.1_3
rsnapshot: 1.4.4_1
Number of packages to be installed: 3
The process will require 60 MiB more space.
14 MiB to be downloaded.
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [1/3] Fetching p5-Lchown-1.01_2.pkg: . done
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [2/3] Fetching rsnapshot-1.4.4_1.pkg: .......... done
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [3/3] Fetching perl5-5.32.1_3.pkg: .......... done
Checking integrity... done (0 conflicting)
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [1/3] Installing perl5-5.32.1_3...
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [1/3] Extracting perl5-5.32.1_3: .......... done
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [2/3] Installing p5-Lchown-1.01_2...
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [2/3] Extracting p5-Lchown-1.01_2: .... done
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [3/3] Installing rsnapshot-1.4.4_1...
[rsnapshot-nomad-amd64-13_1.vsf00001.cpt.za.honeyguide.net] [3/3] Extracting rsnapshot-1.4.4_1: .......... done
Nothing to do.
=====> Stop the pot rsnapshot-nomad-amd64-13_1
=====> Remove p463f3f4fd4513 epair network interfaces
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/tmp
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-13_1/m/dev
=====> Reverting pot rsnapshot-nomad-amd64-13_1 to non-persistent
=====> Flavour: rsnapshot-nomad+1
=====> Executing rsnapshot-nomad+1 pot commands on rsnapshot-nomad-amd64-13_1
=====> No shell script available for the flavour rsnapshot-nomad+1
=====> Flavour: rsnapshot-nomad+2
=====> Executing rsnapshot-nomad+2 pot commands on rsnapshot-nomad-amd64-13_1
=====> No shell script available for the flavour rsnapshot-nomad+2
=====> Flavour: rsnapshot-nomad+3
=====> Executing rsnapshot-nomad+3 pot commands on rsnapshot-nomad-amd64-13_1
=====> No shell script available for the flavour rsnapshot-nomad+3
=====> Flavour: rsnapshot-nomad+4
=====> Executing rsnapshot-nomad+4 pot commands on rsnapshot-nomad-amd64-13_1
=====> No shell script available for the flavour rsnapshot-nomad+4
Password:Password:===> exporting rsnapshot-nomad-amd64-13_1 @ 1676932366 to /tmp/rsnapshot-nomad-amd64-13_1_1.0.7.xz
rsnapshot-nomad-amd64-12_4_1.0.7:
rsnapshot-nomad/rsnapshot-nomad:
set-attribute -A persistent -V OFF
set-attribute -A no-rc-script -V ON
rsnapshot-nomad/rsnapshot-nomad.sh:
#!/bin/sh
# POTLUCK TEMPLATE v2.0
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - yes or no
# 2. Create a matching <flavour> file with this <flavour>.sh file that
# contains the copy-in commands for the config files from <flavour>.d/
# Remember that the package directories don't exist yet, so likely copy to /root
# 3. Adjust package installation between BEGIN & END PACKAGE SETUP
# 4. Adjust jail configuration script generation between BEGIN & END COOK
# Configure the config files that have been copied in where necessary
# Set this to true if this jail flavour is to be created as a nomad (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script is installed
# appropriately at the end of this script
RUNS_IN_NOMAD=true
# -------- BEGIN PACKAGE & MOUNTPOINT SETUP -------------
ASSUME_ALWAYS_YES=yes pkg bootstrap
touch /etc/rc.conf
service sendmail onedisable
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true
# Install packages
pkg install -y rsnapshot
pkg clean -y
# Create mountpoints
mkdir -p /.snapshots
mkdir -p /root/.ssh
# ---------- END PACKAGE & MOUNTPOINT SETUP -------------
#
# Create configurations
#
#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#
# ----------------- BEGIN COOK ------------------
echo "#!/bin/sh
RUNS_IN_NOMAD=$RUNS_IN_NOMAD
# No need to change this, just ensures configuration is done only once
if [ -e /usr/local/etc/pot-is-seasoned ]
then
# If this pot flavour is blocking (i.e. it should not return),
# we block indefinitely
if [ \$RUNS_IN_NOMAD ]
then
/bin/sh /etc/rc
tail -f /dev/null
fi
exit 0
fi
# ADJUST THIS: STOP SERVICES AS NEEDED BEFORE CONFIGURATION
# No need to adjust this:
# If this pot flavour is not blocking, we need to read the environment first from /tmp/environment.sh
# where pot is storing it in this case
if [ -e /tmp/environment.sh ]
then
. /tmp/environment.sh
fi
#
# ADJUST THIS BY CHECKING FOR ALL VARIABLES YOUR FLAVOUR NEEDS:
#
# Convert parameters to variables if passed (overwrite environment)
while getopts a:b:d:g: option
do
case \"\${option}\"
in
a) ALPHA=\${OPTARG};;
b) BETA=\${OPTARG};;
d) DELTA=\${OPTARG};;
g) GAMMA=\${OPTARG};;
esac
done
# Check config variables are set
if [ -z \${ALPHA+x} ];
then
echo 'ALPHA is unset - see documentation how to configure this flavour' >> /var/log/cook.log
echo 'ALPHA is unset - see documentation how to configure this flavour'
exit 1
fi
# ADJUST THIS BELOW: NOW ALL THE CONFIGURATION FILES NEED TO BE ADJUSTED & COPIED:
if [ -n \${ALPHA+x} ];
then
echo \"\$ALPHA root /usr/local/bin/rsnapshot alpha\" >> /etc/crontab
fi
if [ -n \${BETA+x} ];
then
echo \"\$BETA root /usr/local/bin/rsnapshot beta\" >> /etc/crontab
fi
if [ -n \${DELTA+x} ];
then
echo \"\$DELTA root /usr/local/bin/rsnapshot delta\" >> /etc/crontab
fi
if [ -n \${GAMMA+x} ];
then
echo \"\$GAMMA root /usr/local/bin/rsnapshot gamma\" >> /etc/crontab
fi
chown -R root:wheel /root/.ssh
chmod -R 700 /root/.ssh
chmod 644 /root/.ssh/*.pub || true
chmod 600 /root/.ssh/id_rsa || true
# ADJUST THIS: START THE SERVICES AGAIN AFTER CONFIGURATION
# Do not touch this:
touch /usr/local/etc/pot-is-seasoned
# If this pot flavour is blocking (i.e. it should not return), there is no /tmp/environment.sh
# created by pot and we now after configuration block indefinitely
if [ \$RUNS_IN_NOMAD ]
then
/bin/sh /etc/rc
tail -f /dev/null
fi
" > /usr/local/bin/cook
# ----------------- END COOK ------------------
# ---------- NO NEED TO EDIT BELOW ------------
chmod u+x /usr/local/bin/cook
#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#
# Create rc.d script for "normal" mode:
# shellcheck disable=SC2016
echo '#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name="cook"
rcvar="cook_enable"
load_rc_config $name
: ${cook_enable:="NO"}
: ${cook_env:=""}
command="/usr/local/bin/cook"
command_args=""
run_rc_command "$1"
' > /usr/local/etc/rc.d/cook
chmod u+x /usr/local/etc/rc.d/cook
if [ $RUNS_IN_NOMAD = false ]
then
# This is a non-nomad (non-blocking) jail, so we need to make sure the script
# gets started when the jail is started:
# Otherwise, /usr/local/bin/cook will be set as start script by the pot flavour
echo "cook_enable=\"YES\"" >> /etc/rc.conf
fi
rsnapshot-nomad/rsnapshot-nomad+1:
rsnapshot-nomad/rsnapshot-nomad+1.sh:
rsnapshot-nomad/rsnapshot-nomad+2:
rsnapshot-nomad/rsnapshot-nomad+2.sh:
rsnapshot-nomad/rsnapshot-nomad+3:
rsnapshot-nomad/rsnapshot-nomad+3.sh:
rsnapshot-nomad/rsnapshot-nomad+4:
set-cmd -c "/usr/local/bin/cook"
rsnapshot-nomad/rsnapshot-nomad+4.sh:
Password:===> Creating a new pot
===> pot name : rsnapshot-nomad-amd64-12_4
===> type : single
===> base : 12.4
===> pot_base :
===> level : 0
===> network-type : public-bridge
===> network-stack: ipv4
===> ip : 10.192.0.8
===> bridge :
===> dns : inherit
===> flavours : fbsd-update rsnapshot-nomad rsnapshot-nomad+1 rsnapshot-nomad+2 rsnapshot-nomad+3 rsnapshot-nomad+4
===> Fetching FreeBSD 12.4
===> Extract the tarball
=====> Flavour: fbsd-update
=====> Starting rsnapshot-nomad-amd64-12_4 pot for the initial bootstrap
=====> mount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp
defaultrouter: NO -> 10.192.0.1
===> Starting the pot rsnapshot-nomad-amd64-12_4
Generating host.conf.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:7d:84:54:ac:0b
inet 10.192.0.8 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating motd:.
Updating /var/run/os-release done.
Creating and/or trimming log files.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Mon Feb 20 22:33:35 UTC 2023
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp/fbsd-update.sh
=====> Executing fbsd-update script on rsnapshot-nomad-amd64-12_4
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 12.4-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 36 patches.....10....20....30... done.
Applying patches... done.
Fetching 1 files... done.
The following files will be added as part of updating to
12.4-RELEASE-p2:
/usr/share/zoneinfo/America/Ciudad_Juarez
The following files will be updated as part of updating to
12.4-RELEASE-p2:
/bin/freebsd-version
/lib/geom/geom_eli.so
/lib/libcrypto.so.111
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/usr/bin/openssl
/usr/bin/svnlite
/usr/bin/svnlitebench
/usr/bin/svnlitemucc
/usr/bin/svnliterdump
/usr/bin/svnlitesync
/usr/include/openssl/bnerr.h
/usr/include/openssl/x509v3.h
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libfetch.a
/usr/lib/libfetch.so.6
/usr/lib/libfetch_p.a
/usr/lib/libprivatessh.a
/usr/lib/libprivatessh.so.5
/usr/lib/libprivatessh_p.a
/usr/sbin/hostapd
/usr/sbin/wpa_supplicant
/usr/share/zoneinfo/America/Bogota
/usr/share/zoneinfo/America/Cambridge_Bay
/usr/share/zoneinfo/America/Godthab
/usr/share/zoneinfo/America/Inuvik
/usr/share/zoneinfo/America/Iqaluit
/usr/share/zoneinfo/America/Nuuk
/usr/share/zoneinfo/America/Ojinaga
/usr/share/zoneinfo/America/Pangnirtung
/usr/share/zoneinfo/America/Rankin_Inlet
/usr/share/zoneinfo/America/Resolute
/usr/share/zoneinfo/America/Whitehorse
/usr/share/zoneinfo/America/Yellowknife
/usr/share/zoneinfo/Asia/Kuala_Lumpur
/usr/share/zoneinfo/Asia/Singapore
/usr/share/zoneinfo/Canada/Yukon
/usr/share/zoneinfo/Singapore
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
done.
=====> Stop the pot rsnapshot-nomad-amd64-12_4
=====> Remove p463f3f53c5e4e epair network interfaces
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/dev
=====> Flavour: rsnapshot-nomad
=====> Executing rsnapshot-nomad pot commands on rsnapshot-nomad-amd64-12_4
=====> Starting rsnapshot-nomad-amd64-12_4 pot for the initial bootstrap
=====> Setting pot rsnapshot-nomad-amd64-12_4 temporarily to persistent
=====> mount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp
===> Starting the pot rsnapshot-nomad-amd64-12_4
add net default: gateway 10.192.0.1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:4d:d1:03:53:0b
inet 10.192.0.8 netmask 0xffc00000 broadcast 10.255.255.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Updating motd:.
Updating /var/run/os-release done.
Creating and/or trimming log files.
Starting syslogd.
Clearing /tmp (X related).
Starting cron.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Mon Feb 20 22:34:15 UTC 2023
/usr/local/etc/pot/flavours/rsnapshot-nomad.sh -> /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp/rsnapshot-nomad.sh
=====> Executing rsnapshot-nomad script on rsnapshot-nomad-amd64-12_4
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] Installing pkg-1.19.0...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] Extracting pkg-1.19.0: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
sendmail disabled in /etc/rc.conf
sendmail_submit disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Updating FreeBSD repository catalogue...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] Fetching meta.conf: . done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] Fetching packagesite.pkg: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 32394 packages processed.
All repositories are up to date.
Updating database digests format: . done
The following 8 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
libiconv: 1.17
liblz4: 1.9.4,1
p5-Lchown: 1.01_2
perl5: 5.32.1_3
rsnapshot: 1.4.4_1
rsync: 3.2.7
xxhash: 0.8.1_2
zstd: 1.5.2_1
Number of packages to be installed: 8
The process will require 68 MiB more space.
16 MiB to be downloaded.
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [1/8] Fetching p5-Lchown-1.01_2.pkg: . done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [2/8] Fetching rsync-3.2.7.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [3/8] Fetching liblz4-1.9.4,1.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [4/8] Fetching rsnapshot-1.4.4_1.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [5/8] Fetching perl5-5.32.1_3.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [6/8] Fetching zstd-1.5.2_1.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [7/8] Fetching xxhash-0.8.1_2.pkg: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [8/8] Fetching libiconv-1.17.pkg: .......... done
Checking integrity... done (0 conflicting)
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [1/8] Installing liblz4-1.9.4,1...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [1/8] Extracting liblz4-1.9.4,1: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [2/8] Installing perl5-5.32.1_3...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [2/8] Extracting perl5-5.32.1_3: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [3/8] Installing zstd-1.5.2_1...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [3/8] Extracting zstd-1.5.2_1: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [4/8] Installing xxhash-0.8.1_2...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [4/8] Extracting xxhash-0.8.1_2: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [5/8] Installing libiconv-1.17...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [5/8] Extracting libiconv-1.17: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [6/8] Installing p5-Lchown-1.01_2...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [6/8] Extracting p5-Lchown-1.01_2: .... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [7/8] Installing rsync-3.2.7...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [7/8] Extracting rsync-3.2.7: .......... done
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [8/8] Installing rsnapshot-1.4.4_1...
[rsnapshot-nomad-amd64-12_4.vsf00001.cpt.za.honeyguide.net] [8/8] Extracting rsnapshot-1.4.4_1: .......... done
=====
Message from rsync-3.2.7:
--
Some scripts provided by rsync such as rrsync requires
python which is not installed by default
Nothing to do.
=====> Stop the pot rsnapshot-nomad-amd64-12_4
=====> Remove p463f3f5645e4e epair network interfaces
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/tmp
=====> unmount /mnt/srv/pot/jails/rsnapshot-nomad-amd64-12_4/m/dev
=====> Reverting pot rsnapshot-nomad-amd64-12_4 to non-persistent
=====> Flavour: rsnapshot-nomad+1
=====> Executing rsnapshot-nomad+1 pot commands on rsnapshot-nomad-amd64-12_4
=====> No shell script available for the flavour rsnapshot-nomad+1
=====> Flavour: rsnapshot-nomad+2
=====> Executing rsnapshot-nomad+2 pot commands on rsnapshot-nomad-amd64-12_4
=====> No shell script available for the flavour rsnapshot-nomad+2
=====> Flavour: rsnapshot-nomad+3
=====> Executing rsnapshot-nomad+3 pot commands on rsnapshot-nomad-amd64-12_4
=====> No shell script available for the flavour rsnapshot-nomad+3
=====> Flavour: rsnapshot-nomad+4
=====> Executing rsnapshot-nomad+4 pot commands on rsnapshot-nomad-amd64-12_4
=====> No shell script available for the flavour rsnapshot-nomad+4