etc/jail.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

exec.start		= "/bin/sh /etc/rc";
exec.stop		= "/bin/sh /etc/rc.shutdown jail";
exec.clean;
path			= "/var/jail/${name}";
host.hostname		= ${name};
mount.devfs;
allow.mount.tmpfs;

www {
    $id		= 1;
    $ipaddr	= 95.179.223.82;
    $netmask	= 255.255.255.255;
    $gw		= 10.0.0.254;
    jid		= ${id};
    ip4.addr	= ${ipaddr};
}

git {
    $id		= 2;
    $ipaddr	= 95.179.223.82;
    $netmask	= 255.255.255.255;
    $gw		= 10.0.0.254;
    jid		= ${id};
    ip4.addr	= ${ipaddr};
}

i2p {
    $id		= 3;
    $ipaddr	= 95.179.223.82;
    $netmask	= 255.255.255.255;
    $gw		= 10.0.0.254;
    jid		= ${id};
    ip4.addr	= ${ipaddr};
}

wireguard {
    $id		= 4;
    $ipaddr	= 10.0.0.${id};
    $netmask	= 255.255.255.255;
    $gw		= 10.0.0.254;
    jid		= ${id};
    vnet;
    vnet.interface	 = "epair${id}b";
    allow.raw_sockets;

    exec.prestart	 = "ifconfig epair${id} create up";
    exec.prestart	+= "ifconfig epair${id}a up descr vnet-${name}";
    exec.prestart	+= "ifconfig bridge0 addm epair${id}a up";

    exec.start		 = "/sbin/ifconfig lo0 127.0.0.1 up";
    exec.start		+= "/sbin/ifconfig epair${id}b inet ${ipaddr} netmask ${netmask}";
    exec.start		+= "/sbin/route add default ${gw}";
    exec.start		+= "/bin/sh /etc/rc";

    exec.prestop	 = "ifconfig epair${id}b -vnet ${name}";

    exec.poststop	 = "ifconfig bridge0 deletem epair${id}a";
    exec.poststop	+= "ifconfig epair${id}a destroy";
}
#    vnet;
#    devfs_ruleset = "5";
#    vnet.interface = "vn0_wireguard";
#    exec.prestart += "jib addm wireguard vtnet0";
#    exec.poststop += "jib destroy wireguard";
#    #exec.start += "echo epair0b";
#    #ip4.addr = 95.179.223.82;

#nextcloud {
#    ip4.addr = 95.179.223.82;
#}