This repository contains script to automate the setup of SmartOS Global Zones.

transfer_to_gz.sh copies features (subfolders) to /opt/custom. E.g. ./transfer_to_gz.sh 192.168.114.130 ssh_authorized_keys snaptransfer/ copies the content of the folders ssh_authorized_keys, and snaptransfer to /opt/custom on 192.168.114.130.

   | transfer_to_gz.sh
   |
   +- ipfilter        <-- package name
      +- ipfilter     <-- gets copied to /opt/custom
         + ipf.conf
      +- runonce.sh    <-- will be run after the package contents has been copied over

Installs ipfilter rules that prohibit any non-ssh network access to the gz.

Copies all from setup_ssh/setup_ssh/root.ssh into ~/root/.ssh on every boot of the zone. authorized_keys is also copied into /usbkey/config.inc, this makes SmartOS use it. This is achieved by running an SMF service (svc:/ssh-key-import-atboot:default) on each boot.

please make sure, that the key in authorized_keys is your key, not my key!

Provides a custom build of msmtp without SSL support, which would use OpenSSL, which in turn is not available in the GZ. Installed as /opt/custom/msmtp/msmtp.

Periodically take ZFS snapshots, and send them to a backup host. Basically a mesh up of a patched version of zfSnap, zxfer, and snapxfer.

The backup host, the source, and the target volume is configured in the snapxfer script.

An SMF service installs a root crontab defined here.