EvoBSD is a set of Ansible playbooks and roles providing a customisation of the OpenBSD operating system used by Evolix.
Go to file
Jérémy Dubois 213e4a7bcd
continuous-integration/drone/push Build is failing Details
Comment on checks that cannot be used as is - v2
2020-10-14 14:55:10 +02:00
roles Comment on checks that cannot be used as is - v2 2020-10-14 14:55:10 +02:00
tasks Fix commit_etc_git.yml task author 2020-08-26 09:50:05 +02:00
vars Stricter ssh and doas access - better version 2020-10-13 16:03:54 +02:00
.drone.yml fix forgotten quote in .drone.yml 2020-06-04 13:02:47 -04:00
.gitignore Add file to .gitignore 2020-04-21 19:24:02 +02:00
CHANGELOG Update CHANGELOG and bump to version 6.7.2 2020-10-13 14:46:14 +02:00
CONTRIBUTING.md Apply fix in last commit to other markdown files 2020-06-04 13:23:06 -04:00
LICENSE Update copyright to 2020 2020-09-10 11:55:43 +02:00
README.md Update CHANGELOG and bump to version 6.7.2 2020-10-13 14:46:14 +02:00
evolixisation.yml Add a pf tag that we skip for subsequent use 2020-10-14 09:40:59 +02:00
hosts Add initial project 2018-12-28 11:23:49 +01:00
prerequisite.yml Fix yaml lint lines too long 2020-06-04 12:51:53 -04:00

README.md

EvoBSD 6.7.2

EvoBSD is an ansible project used for customising OpenBSD hosts used by Evolix.

How to install an OpenBSD machine

Note : The system must be installed with a root account only. Put your public key in the remote root's autorized_keys (/root/.ssh/authorized_keys)

  1. Install ansible's prerequisites
ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
  1. Run it

First use (become_method: su, and var_files uncommented) :

ansible-playbook evolixisation.yml --ask-vault-pass -CDki hosts -l HOSTNAME -u root

Subsequent use (become_method: sudo) :

ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts -l HOSTNAME

Testing

Changes can be tested by using Packer and vmm(4) :

  • This process depends on the Go programming language.

Packages

Needing a Golang eco system and some basics

pkg_add go-- packer-- git--
git clone https://github.com/double-p/packer-builder-openbsd-vmm.git

builds

Set GOPATH (default: ~/go), if the 1.4GB dependencies wont fit.

make
make install
  • You need your unprivileged user to be able to run vmctl(8) through doas(1)
echo "permit nopass myunprivilegeduser as root cmd /usr/sbin/vmctl" >> /etc/doas.conf

See packer-builder-openbsd-vmm/examples/README.examples for further instructions

  • Enable NAT on your host machine
pass out on em0 inet from tap0:network to any nat-to (em0)

assuming em0 is your egress interface

Contributions

See the contribution guidelines

License

MIT License