Created
June 12, 2012 17:10
-
-
Save funglaub/2918745 to your computer and use it in GitHub Desktop.
FreeBSD Hetzner Setup
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CFLAGS= -O2 -fno-strict-aliasing -pipe -march=native -fno-omit-frame-pointer | |
| CXXFLAGS+= -fconserve-space | |
| WITHOUT_X11=YES | |
| # added by use.perl 2012-06-08 14:34:18 | |
| PERL_VERSION=5.12.4 | |
| MAKE_JOBS_NUMBER=8 | |
| RUBY_DEFAULT_VER=1.9 | |
| RUBY_VER=1.9 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| % mount !672 | |
| tank/root on / (zfs, local, nfsv4acls) | |
| devfs on /dev (devfs, local, multilabel) | |
| tank/root/usr/jails on /mnt/jails (zfs, local, nfsv4acls) | |
| tank/root/usr/ports on /mnt/ports (zfs, local, nosuid, nfsv4acls) | |
| tank/root/usr/ports/distfiles on /mnt/ports/distfiles (zfs, local, noexec, nosuid, nfsv4acls) | |
| tank/root/usr/ports/packages on /mnt/ports/packages (zfs, local, noexec, nosuid, nfsv4acls) | |
| tank/root/tmp on /tmp (zfs, local, nfsv4acls) | |
| tank/root/usr on /usr (zfs, local, nfsv4acls) | |
| tank/root/var on /var (zfs, local, nfsv4acls) | |
| /usr/jails/basejail on /usr/jails/www/basejail (nullfs, local, read-only) | |
| /usr/ports on /usr/jails/www/usr/ports (nullfs, local, read-only) | |
| devfs on /usr/jails/www/dev (devfs, local, multilabel) | |
| fdescfs on /usr/jails/www/dev/fd (fdescfs) | |
| procfs on /usr/jails/www/proc (procfs, local) | |
| /usr/jails/basejail on /usr/jails/database/basejail (nullfs, local, read-only) | |
| /usr/ports on /usr/jails/database/usr/ports (nullfs, local, read-only) | |
| devfs on /usr/jails/database/dev (devfs, local, multilabel) | |
| fdescfs on /usr/jails/database/dev/fd (fdescfs) | |
| procfs on /usr/jails/database/proc (procfs, local) | |
| /usr/jails/basejail on /usr/jails/mail/basejail (nullfs, local, read-only) | |
| devfs on /usr/jails/mail/dev (devfs, local, multilabel) | |
| fdescfs on /usr/jails/mail/dev/fd (fdescfs) | |
| procfs on /usr/jails/mail/proc (procfs, local) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ext_if="re0" | |
| all_ifs = "{" $ext_if lo0 "}" | |
| nat on $ext_if inet proto {tcp udp icmp} from lo0 to any -> ($ext_if) | |
| # Jails | |
| ####################################################################### | |
| rdr on $ext_if proto tcp from any to any port 80 -> 127.0.0.2 | |
| rdr on $ext_if proto tcp from any to any port 6000 -> 127.0.0.2 port 22 | |
| rdr on $ext_if proto tcp from any to any port 6001 -> 127.0.0.3 port 22 | |
| rdr on $ext_if proto tcp from any to any port 6002 -> 127.0.0.4 port 22 | |
| pass in on $ext_if inet proto tcp from any to 127.0.0.2 port 80 | |
| pass in on $ext_if inet proto tcp from any to 127.0.0.2 port 22 | |
| pass in on $ext_if inet proto tcp from any to 127.0.0.3 port 22 | |
| pass in on $ext_if inet proto tcp from any to 127.0.0.4 port 22 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| hostname="achilles" | |
| sshd_enable="YES" | |
| sendmail_enable="NONE" | |
| zfs_enable="YES" | |
| ntpd_enable="NO" | |
| openntpd_enable="YES" | |
| syslogd_enable="YES" | |
| syslogd_flags="-b 127.0.0.1" | |
| # IPv4 | |
| ################################################################################### | |
| ifconfig_re0="DHCP" | |
| # IPv6 | |
| ################################################################################### | |
| # Verwendbare IP-Adressen: 2a01:4f8:121:8::2 bis 2a01:4f8:121:8:ffff:ffff:ffff:ffff | |
| # Thanks Hetzner for placing the default router into another subnet m) | |
| #ipv6_activate_all_interfaces="YES" | |
| ipv6_enable="YES" | |
| ipv6_default_interface="re0" | |
| ipv6_static_routes="defgw def" | |
| ipv6_route_defgw="2a01:4f8:121::1/59 -prefixlen 59 -iface re0" | |
| ipv6_route_def="default 2a01:4f8:121::1" | |
| ifconfig_re0_ipv6="inet6 2a01:4f8:121:8:: prefixlen 64" | |
| ipv6_default_interface="re0" | |
| # Jails | |
| ################################################################################### | |
| jail_sysvipc_allow="YES" | |
| ezjail_enable="YES" | |
| pf_enable="YES" | |
| # WWW | |
| ifconfig_lo0_alias0="inet 127.0.0.2 netmask 255.255.255.255" | |
| ifconfig_re0_alias0="inet6 2a01:4f8:121:8::1 prefixlen 128" | |
| # DB | |
| ifconfig_lo0_alias1="inet 127.0.0.3 netmask 255.255.255.255" | |
| ifconfig_re0_alias1="inet6 2a01:4f8:121:8::2 prefixlen 128" | |
| ifconfig_lo0_alias2="inet 127.0.0.4 netmask 255.255.255.255" | |
| ifconfig_re0_alias2="inet6 2a01:4f8:121:8::3 prefixlen 128" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment