#!/bin/sh

# Auto UUID
uuid=$(uuidgen)

# pkg list, only used with the create subcommand
pkglist="none"

# Network defaults for jails start here
# detect VNET kernel and adjust jail default
# if supported turn it on by default
if [ ! -z $(sysctl -qn kern.features.vimage) ] ; then
    vnet="on"
else
    vnet="off"
fi

ipv6="on"

interfaces="vnet0:bridge0,vnet1:bridge1"
host_domainname="none"
host_hostname=$uuid
exec_fib=0
ip4_addr="none"
ip4_autostart="none"
ip4_autoend="none"
ip4_autosubnet="none"
ip4_saddrsel="1"
ip4="new"
ip6_addr="none"
ip6_saddrsel="1"
ip6="new"
defaultrouter="none"
defaultrouter6="none"
resolver="none"
mac_prefix="02ff60"
vnet0_mac="none"
vnet1_mac="none"
vnet2_mac="none"
vnet3_mac="none"
vnet4_mac="none"
vnet5_mac="none"
vnet6_mac="none"
vnet7_mac="none"
vnet8_mac="none"
vnet9_mac="none"
createbridge="on"
keepbridge="off"

# Standard jail properties
devfs_ruleset="4"
exec_start="/bin/sh /etc/rc"
exec_stop="/bin/sh /etc/rc.shutdown"
exec_prestart="/usr/bin/true"
exec_poststart="/usr/bin/true"
exec_prestop="/usr/bin/true"
exec_poststop="/usr/bin/true"
exec_clean=1
exec_timeout=60
stop_timeout=30
exec_jail_user=root
exec_system_jail_user=0
exec_system_user=root
mount_devfs=1
mount_fdescfs=1
enforce_statfs="2"
children_max="0"
login_flags='-f root'
securelevel="2"
host_hostuuid=$uuid
allow_set_hostname=1
allow_sysvipc=0
sysvmsg="new"
sysvsem="new"
sysvshm="new"
allow_raw_sockets=0
allow_chflags=0
allow_mount=0
allow_mount_devfs=0
allow_mount_nullfs=0
allow_mount_procfs=0
allow_mount_tmpfs=0
allow_mount_zfs=0
allow_quotas=0
allow_socket_af=0

# RCTL limits
cpuset="off"
rlimits="off"
memoryuse="8G:log"
memorylocked="off"
vmemoryuse="off"
maxproc="off"
cputime="off"
pcpu="off"
datasize="off"
stacksize="off"
coredumpsize="off"
openfiles="off"
pseudoterminals="off"
swapuse="off"
nthr="off"
msgqqueued="off"
msgqsize="off"
nmsgq="off"
nsemop="off"
nshm="off"
shmsize="off"
wallclock="off"

# Custom properties
pool="none"
iocroot=/iocell
tag=$(date "+%F@%T")
istemplate="no"
bpf="off"
dhcp="off"
boot="off"
notes="none"
owner="root"
priority="99"
last_started="none"
type="basejail"
release=$(uname -r|cut -f 1,2 -d'-')
template="none"
hostid=$(cat /etc/hostid)
jail_zfs="off"
jail_zfs_dataset="iocell/jails/${uuid}/data"
jail_zfs_mountpoint="none"
mount_procfs="0"
mount_linprocfs="0"
hack88="0"
count="1"

# Native ZFS properties
compression="lz4"
origin="readonly"
quota="none"
mountpoint="readonly"
compressratio="readonly"
available="readonly"
used="readonly"
dedup="off"
reservation="none"

# Sync properties
sync_state="none"
sync_target="none"
sync_tgt_zpool="none"

# FTP variables
ftphost="ftp.freebsd.org"
ftpfiles="base.txz lib32.txz src.txz"

# Git properties
gitlocation="https://github.com"

basedirs="bin
          boot
          lib
          libexec
          rescue
          sbin
          etcupdate
          usr/bin
          usr/include
          usr/lib
          usr/libexec
          usr/ports
          usr/sbin
          usr/share
          usr/src
          usr/libdata
          usr/lib32"

# Resource limits
CONF_RCTL="memoryuse
           memorylocked
           vmemoryuse
           maxproc
           cputime
           pcpu
           datasize
           stacksize
           coredumpsize
           openfiles
           pseudoterminals
           swapuse
           nthr
           msgqqueued
           msgqsize
           nmsgq
           nsemop
           nshm
           shmsize
           wallclock"

# Networking configuration
CONF_NET="interfaces
          vnet
          host_domainname
          host_hostname
          ip4_addr
          ip4_autostart
          ip4_autoend
          ip4_autosubnet
          ip4_saddrsel
          ip4
          ip6_addr
          ip6_saddrsel
          ip6
          defaultrouter
          defaultrouter6
          resolver
          exec_fib
          vnet0_mac
          vnet1_mac
          vnet2_mac
          vnet3_mac
          vnet4_mac
          vnet5_mac
          vnet6_mac
          vnet7_mac
          vnet8_mac
          vnet9_mac
          createbridge
          keepbridge"

# Native jail properties
CONF_JAIL="devfs_ruleset
           mount_devfs
           exec_start
           exec_stop
           exec_prestart
           exec_prestop
           exec_poststop
           exec_poststart
           exec_clean
           exec_timeout
           stop_timeout
           exec_jail_user
           exec_system_jail_user
           exec_system_user
           mount_fdescfs
           mount_procfs
           mount_linprocfs
           enforce_statfs
           children_max
           login_flags
           securelevel
           allow_set_hostname
           allow_sysvipc
           sysvmsg
           sysvsem
           sysvshm
           allow_raw_sockets
           allow_chflags
           allow_mount
           allow_mount_devfs
           allow_mount_nullfs
           allow_mount_procfs
           allow_mount_tmpfs
           allow_mount_zfs
           allow_quotas
           allow_socket_af
           host_hostuuid"

# Custom properties
CONF_CUSTOM="tag
             template
             istemplate
             rlimits
             bpf
             boot
             dhcp
             notes
             owner
             priority
             pkglist
             last_started
             type
             hostid
             cpuset
             jail_zfs
             jail_zfs_dataset
             jail_zfs_mountpoint
             release
             hack88
             start
             count
             pool"

# Native ZFS properties
CONF_ZFS="compression
          origin
          quota
          mountpoint
          compressratio
          available
          used
          dedup
          reservation"

# ZFS sync (not used yet)
CONF_SYNC="sync_stat
           sync_target
           sync_tgt_zpool"

# ftp properties
CONF_FTP="ftphost
          ftpfiles
          ftpdir
          ftplocaldir"

# git properties
CONF_GIT="gitlocation
          branch"
