EvoBSD is a set of Ansible playbooks and roles providing a customisation of the OpenBSD operating system used by Evolix.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Jérémy Dubois e9a1373a30 Add file to .gitignore il y a 19 heures
roles Add file to .gitignore il y a 19 heures
tasks Fix commit_etc_git.yml task author il y a 2 mois
vars Add empty vars_files for them not to generate errors il y a 4 jours
.drone.yml fix forgotten quote in .drone.yml il y a 4 mois
CHANGELOG Update CHANGELOG and bump to version 6.8.1 il y a 1 jour
CONTRIBUTING.md Apply fix in last commit to other markdown files il y a 4 mois
LICENSE Update copyright to 2020 il y a 1 mois
README.md Update README with new version il y a 1 jour
evolixisation.yml Add a pf tag that we skip for subsequent use il y a 1 semaine
hosts Change default Python version to 3.x il y a 4 jours
prerequisite.yml Change default Python version to 3.x il y a 4 jours


EvoBSD 6.8.1

EvoBSD is an ansible project used for customising OpenBSD hosts used by Evolix.

How to install an OpenBSD machine

Note : The system must be installed with a root account only. Put your public key in the remote root’s autorized_keys (/root/.ssh/authorized_keys)

  1. Install ansible’s prerequisites
ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
  1. Run it

First use (become_method: su) :

ansible-playbook evolixisation.yml --ask-vault-pass -CDki hosts -u root -l HOSTNAME

Subsequent use (become_method: sudo) :

ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf -l HOSTNAME


Changes can be tested by using Packer and vmm(4) :

  • This process depends on the Go programming language.


Needing a Golang eco system and some basics

pkg_add go-- packer-- git--
git clone https://github.com/double-p/packer-builder-openbsd-vmm.git


Set GOPATH (default: ~/go), if the 1.4GB dependencies wont fit.

make install
  • You need your unprivileged user to be able to run vmctl(8) through doas(1)
echo "permit nopass myunprivilegeduser as root cmd /usr/sbin/vmctl" >> /etc/doas.conf

See packer-builder-openbsd-vmm/examples/README.examples for further instructions

  • Enable NAT on your host machine
pass out on em0 inet from tap0:network to any nat-to (em0)

assuming em0 is your egress interface


See the contribution guidelines


MIT License