FreeNAS – getting hacks to survive an upgrade

Update:

The first attempt at getting this to work failed miserably. Not only did the shell script mangle the additions to rc.conf, but the script created a reboot loop that was pretty much impossible to break.  THIS NEEDS MORE WORK! 

GOT IT WORKING!!!  CHECK IT OUT HERE!

I’ve been customizing FreeNAS to do more than it is meant to do out of the box.  I want to run OpenVPN on it.  I want it to have a firewall enabled on it.  I’ve got those things working, but the issue I have is after every OS upgrade, I have to remember to go back in and re-enable all of them.

What we really need is a way to make modifications to FreeNAS sticky.  So, I was thinking, why not write a script that will launch when the system is initializing and check to see if the modifications are in place or not.  The FreeNAS developers are pretty good about keeping things that are configured in the GUI and moving them forward with the OS upgrades.

Here are the basic steps involved:

  1. Write a shell script that checks /conf/base/etc/rc.conf for our customizations
  2. If they are not present, add them to the end of /conf/base/etc/rc.conf, then reboot
  3. If they are there, boot normally
  4. Run the script at startup by creating an init script in the GUI

I am not much of a code writer…and honestly this is my first shell script….so it isn’t going to be pretty.  So far here is what I have.

#!/bin/sh
if grep ‘pf_enable’ /conf/base/etc/rc.conf
then
echo “Hacks in Place”
else
mount -uw /
echo ‘#Turn on pf firewall’ >> /conf/base/etc/rc.conf
echo ‘pf_enable=”YES”‘ >> /conf/base/etc/rc.conf
echo ‘pf_rules=”/mnt/Files/joe/hacks/pf.conf”‘ >> /conf/base/etc/rc.conf
echo ‘gateway_enable=”YES”‘ >> /conf/base/etc/rc.conf
echo ‘ ‘ >> /conf/base/etc/rc.conf
echo ‘#Turn on OpenVPN’ >> /conf/base/etc/rc.conf
echo ‘openvpn_enable=”YES”‘ >> /conf/base/etc/rc.conf
echo ‘openvpn_if=”tun”‘ >> /conf/base/etc/rc.conf
echo ‘openvpn_configfile=”/mnt/Files/openvpn/openvpn.conf”‘ >> /conf/base/etc/rc.conf
echo ‘openvpn_dir=”/mnt/Files/openvpn”‘ >> /conf/base/etc/rc.conf
fi

So, that’s where I am on this so far.  Next step will be to test it out in a vm and see what it does.  Hopefully it does what I expect and then it is just a matter of setting it up in the GUI under Init Scripts.

More to come, so stay tuned.

Advertisements

One thought on “FreeNAS – getting hacks to survive an upgrade

  1. Pingback: FreeNAS – getting hacks to survive an upgrade Part 2 | The Joe Paetzel Method

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s