proxy - new web proxy machine
guest os: FreeBSD / amd64
cpu: 2
memory size: 1024 MB
storage: file - 4 GB
tmux commands: ls - list session, attach - t
tmux keys: ctrl-B command key, ctrl-b i information, ctrl-b t time, ctrl-b d detach,
back to virtual machines page.
Links
local links: c2, vm3,
Work log
2021-06-20: from c2 - upgrade packages via ansible
tingo@kg-core2$ pwd /home/tingo/personal/projects/2020/ansible_fbsd/infrastructure_home tingo@kg-core2$ ansible-playbook -l proxy fbsd-pkg-upgrade.yml PLAY [all] ****************************************************************************************************** TASK [Gathering Facts] ****************************************************************************************** ok: [proxy] TASK [fbsd-upgrade : pkg upgrade pkg] *************************************************************************** ok: [proxy] TASK [fbsd-upgrade : register installed packages] *************************************************************** changed: [proxy] TASK [fbsd-upgrade : pkg upgrade all packages] ****************************************************************** changed: [proxy] PLAY RECAP ****************************************************************************************************** proxy : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
and in /var/log/messages on proxy, I see this
Jun 20 19:18:06 proxy pkg: ca_root_nss upgraded: 3.58 -> 3.63 Jun 20 19:18:09 proxy pkg: nginx upgraded: 1.18.0_45,2 -> 1.18.0_49,2 Jun 20 19:18:23 proxy pkg: readline upgraded: 8.0.4 -> 8.1.0 Jun 20 19:19:13 proxy pkg: python37 upgraded: 3.7.9_1 -> 3.7.10 Jun 20 19:19:18 proxy pkg: sudo upgraded: 1.9.5p2 -> 1.9.7p1
still doesn't upgrade from python 3.7 to 3.8. Perhaps I should use the python3 metapackage instead.
2020-07-19: from c2 - I now have a working ansible playbook for configuring this as a reverse proxy for my web server(s). Test:
tingo@kg-core2$ ansible-playbook proxy.yml -l proxy PLAY [proxy] ************************************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************************** ok: [proxy] TASK [nginx : install nginx] ********************************************************************************************************** ok: [proxy] TASK [nginx : enable nginx] *********************************************************************************************************** ok: [proxy] TASK [reverse-proxy : configure nginx as reverse proxy] ******************************************************************************* ok: [proxy] PLAY RECAP **************************************************************************************************************************** proxy : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
good.
2020-07-19: from c2 - check to see which repository pkg uses
tingo@kg-core2$ ansible -m raw -a "pkg -vv | grep url" proxy proxy | CHANGED | rc=0 >> url : "pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly", Shared connection to proxy.kg4.no closed.
so - quarterly.
2020-07-19: from c2, install and configure ansible on the vm:
tingo@kg-core2$ pwd /home/tingo/personal/projects/2020/ansible_fbsd/infrastructure_home
bootstrap ansible
tingo@kg-core2$ ansible-playbook --become-method su --ask-become-pass -l proxy fbsd-bootstrap.yml BECOME password: PLAY [all] **************************************************************************************************************************** TASK [pkg bootstrap] ****************************************************************************************************************** changed: [proxy] TASK [pkg update] ********************************************************************************************************************* changed: [proxy] TASK [install python and sudo] ******************************************************************************************************** changed: [proxy] TASK [set up wheel group to have passwordless sudo] *********************************************************************************** [WARNING]: Platform freebsd on host proxy is using the discovered Python interpreter at /usr/local/bin/python3.7, but future installation of another Python interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information. changed: [proxy] PLAY RECAP **************************************************************************************************************************** proxy : ok=4 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
the playbook looks like this
tingo@kg-core2$ cat fbsd-bootstrap.yml - hosts: all gather_facts: no become: yes tasks: - name: pkg bootstrap raw: ASSUME_ALWAYS_YES=yes pkg bootstrap - name: pkg update raw: pkg update - name: install python and sudo raw: pkg install -y python37 sudo - name: set up wheel group to have passwordless sudo lineinfile: path: /usr/local/etc/sudoers state: present regexp: '^%wheel ALL=' line: '%wheel ALL=(ALL) NOPASSWD: ALL' validate: /usr/local/sbin/visudo -cf %s
from here on, ansible works normally. Quick test
tingo@kg-core2$ ansible -m ping proxy proxy | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/local/bin/python3.7" }, "changed": false, "ping": "pong" }
check out the facts
tingo@kg-core2$ ansible -m setup proxy proxy | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "10.1.10.100" ], "ansible_all_ipv6_addresses": [], "ansible_apparmor": { "status": "disabled" }, "ansible_architecture": "amd64", "ansible_bios_date": "NA", "ansible_bios_version": "NA", "ansible_date_time": { "date": "2020-07-19", "day": "19", "epoch": "1595168505", "hour": "16", "iso8601": "2020-07-19T14:21:45Z", "iso8601_basic": "20200719T162145496682", "iso8601_basic_short": "20200719T162145", "iso8601_micro": "2020-07-19T14:21:45.498379Z", "minute": "21", "month": "07", "second": "45", "time": "16:21:45", "tz": "CEST", "tz_offset": "+0200", "weekday": "Sunday", "weekday_number": "0", "weeknumber": "28", "year": "2020" }, [.. snipped ..] "ansible_distribution": "FreeBSD", "ansible_distribution_major_version": "11", "ansible_distribution_release": "11.4-RELEASE", "ansible_distribution_version": "11.4", [.. snipped ..] "ansible_is_chroot": false, "ansible_iscsi_iqn": "", "ansible_kernel": "11.4-RELEASE", "ansible_kernel_version": "FreeBSD 11.4-RELEASE #0 r362094: Fri Jun 12 18:27:15 UTC 2020 root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC", [.. snipped ..] "discovered_interpreter_python": "/usr/local/bin/python3.7", "gather_subset": [ "all" ], "module_setup": true }, "changed": false }
ok
2020-07-19: from vm3, create the machine, see below.
2020-07-19: ada0p2 - vm - install FreeBSD 11.4 on the vm 'proxy'
root@kg-vm3# vm install proxy FreeBSD-11.4-RELEASE-amd64-disc1.iso Starting proxy * found guest in /zs/vms/proxy * booting...
followed by
root@kg-vm3# vm console proxy
(do the install the usual way). Finished:
root@kg-vm3# vm info proxy ------------------------ Virtual Machine: proxy ------------------------ state: running (89210) datastore: default loader: bhyveload uuid: abeefa3f-c9b4-11ea-96a2-600292b5cd2c uefi: default cpu: 2 memory: 1024M memory-resident: 145133568 (138.410M) console-ports com1: tmux/proxy network-interface number: 0 emulation: virtio-net virtual-switch: public fixed-mac-address: 58:9c:fc:04:99:e3 fixed-device: - active-device: tap5 desc: vmnet-proxy-0-public mtu: 1500 bridge: vm-public bytes-in: 491227 (479.713K) bytes-out: 7284 (7.113K) virtual-disk number: 0 device-type: file emulation: virtio-blk options: - system-path: /zs/vms/proxy/disk0.img bytes-size: 4294967296 (4.000G) bytes-used: 1125253120 (1.047G) ok.
2020-07-19: ada0p2 - vm - create a new vm with 2 cpus, 1024M memory and 4G disk
root@kg-vm3# vm create -m 1024M -c 2 -s 4G proxy
2020-07-19: ada0p2 - vm - get an iso of FreeBSD 11.4:
root@kg-vm3# vm iso https://download.freebsd.org/ftp/releases/ISO-IMAGES/11.4/FreeBSD-11.4-RELEASE-amd64-disc1.iso /zs/vms/.iso/FreeBSD-11.4-RELEASE-amd64-disc1. 715 MB 27 MBps 26s