Move FreeBSD posts to blog

4 files changed, 120 insertions, 105 deletions

diff --git a/freebsd.md b/_posts/2018-09-17-freebsd-prologue.md
index 7ba8995..d31104d 100644
--- a/freebsd.md
+++ b/_posts/2018-09-17-freebsd-prologue.md
@@ -1,11 +1,8 @@
 ---
 title: Notes on setting up a FreeBSD home server
+redirect_from: /freebsd.html
 ---
 
-# Notes on setting up a FreeBSD home server
-
-## 2018-09-17: Prologue
-
 A few months ago, I purchased a beefy second-hand tower to act as a home server.
 I was looking to bring some of the services that I was previously outsourcing
 into a single location, and to expand my familiarity with networking and systems
@@ -21,6 +18,8 @@ administration. Specifically, I wanted to:
   (I've been playing around with pen testing and trying to learn more about
   Windows as a part of this).
 
+<!--more-->
+
 My initial solution was to install a free version of VMWare ESXi as a hypervisor
 and create several virtual machines. It was actually quite easy to get ESXi up
 and running and start creating VMs. For the past several months, my home network
@@ -79,100 +78,3 @@ which will no doubt be helpful in my transition from pfSense to pure pf.
 
 I intend to update this page with notes as I continue on my FreeBSD journey.
 Stay tuned!
-
-## 2018-09-20: Experiment 1: Jails
-
-In my preparations for removing ESXi, I tried creating a simple jail on my test
-box `helios`. As part of my purpose is to learn as much as possible, I decided
-against using a tool like `ezjail` in favor of doing it "by hand." While the
-FreeBSD Handbook has some information on creating jails without using additional
-tools, pretty much every other document I found suggested using ezjail. There's
-a chance I'll revisit ezjail in the future, as it seems to have some helpful
-features like having a "base jail" so you only need one copy of the FreeBSD base
-system, but for now I'd like to do as much as possible without additional tools.
-
-My goal for this experiment was to set up a simple web server (nginx) inside a
-jail. To start, I edited `/etc/jail.conf` to contain the following:
-
-```
-www {
-  host.hostname = www.local;
-  ip4.addr = 10.0.2.202;
-  path = "/usr/jail/www";
-  exec.start = "/bin/sh /etc/rc";
-  exec.stop = "/bin/sh /etc/rc.shutdown";
-}
-```
-
-Next, I used `bsdinstall(8)` to install the base system instead of compiling
-from source:
-
-```
-root@helios:~ # bsdinstall jail /usr/jail/www
-```
-
-I then added `jail_enable="YES"` to `/etc/rc.conf` and started the jail:
-
-```
-root@helios:~ # service jail start www
-```
-
-This took a few seconds to complete, and then the jail showed up when I ran
-`jls`:
-
-```
-root@helios:~ # jls
-   JID  IP Address      Hostname                      Path
-     1  10.0.2.202      www.local                     /usr/jail/www
-```
-
-I was able to enter the jail:
-
-```
-root@helios:~ # jexec www /bin/sh
-#
-```
-
-But I seem not to have Internet connectivity, as attempting to use `pkg-ng`
-fails:
-
-```
-# pkg install nginx
-The package management tool is not yet installed on your system.
-Do you want to fetch and install it now? [y/N]: y
-Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly, please wait...
-pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly/Latest/pkg.txz: Non-recoverable resolver failure
-A pre-built version of pkg could not be found for your system.
-Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'.
-```
-
-Running `ifconfig` inside the jail shows that I do not seem to have an IP
-address, nor can I seem to communicate with any hosts. Interestingly when I
-attempt to ping my gateway, I get the message:
-
-```
-ping: ssend socket: Operation not permitted
-```
-
-Clearly there's something I've not yet figured out.
-
-## 2018-10-13: Experiment 2: Jail Networking Continued
-
-I decided to take another crack at the jail configuration I started in
-[Experiment 1](#2018-09-20-experiment-1-jails). After reading bits and pieces of
-a few random websites (including various ServerFault posts), on an inkling I
-added the line `interface = "bge0";` to my `/etc/jail.conf` file and ran
-`service jail restart www` (`bge0` is my LAN interface on the host). After
-`jexec`ing in, I tried `pkg install nginx` again and it worked like a charm!
-
-I also noticed that when I run `ifconfig` on my host now, both the original
-10.0.2.201 and the jail's 10.0.2.202 addresses had been added to the `bge0`
-interface. I wondered whether that meant that I could now SSH into the host
-using the jail's IP address. So on my laptop, I ran `ssh bb@10.0.2.202` and lo
-and behold, it worked. The opposite, however, is _not_ true: loading
-http://10.0.2.201 in a web browser does not give me the beautiful "welcome to
-nginx" page that http://10.0.2.202 has.
-
-I'm sure some trickier stuff will arise when dealing with NAT and multiple
-interfaces, but for now I'm satisfied that I have a basic understanding of how
-to set up a service in a jail and expose it to the network.
diff --git a/_posts/2018-09-20-freebsd-jails.md b/_posts/2018-09-20-freebsd-jails.md
new file mode 100644
index 0000000..ad860de
--- /dev/null
+++ b/_posts/2018-09-20-freebsd-jails.md
@@ -0,0 +1,79 @@
+---
+title: "FreeBSD Experiment 1: Jails"
+---
+
+In my preparations for removing ESXi, I tried creating a simple jail on my test
+box `helios`. As part of my purpose is to learn as much as possible, I decided
+against using a tool like `ezjail` in favor of doing it "by hand." While the
+FreeBSD Handbook has some information on creating jails without using additional
+tools, pretty much every other document I found suggested using ezjail. There's
+a chance I'll revisit ezjail in the future, as it seems to have some helpful
+features like having a "base jail" so you only need one copy of the FreeBSD base
+system, but for now I'd like to do as much as possible without additional tools.
+
+<!--more-->
+
+My goal for this experiment was to set up a simple web server (nginx) inside a
+jail. To start, I edited `/etc/jail.conf` to contain the following:
+
+```
+www {
+  host.hostname = www.local;
+  ip4.addr = 10.0.2.202;
+  path = "/usr/jail/www";
+  exec.start = "/bin/sh /etc/rc";
+  exec.stop = "/bin/sh /etc/rc.shutdown";
+}
+```
+
+Next, I used `bsdinstall(8)` to install the base system instead of compiling
+from source:
+
+```
+root@helios:~ # bsdinstall jail /usr/jail/www
+```
+
+I then added `jail_enable="YES"` to `/etc/rc.conf` and started the jail:
+
+```
+root@helios:~ # service jail start www
+```
+
+This took a few seconds to complete, and then the jail showed up when I ran
+`jls`:
+
+```
+root@helios:~ # jls
+   JID  IP Address      Hostname                      Path
+     1  10.0.2.202      www.local                     /usr/jail/www
+```
+
+I was able to enter the jail:
+
+```
+root@helios:~ # jexec www /bin/sh
+#
+```
+
+But I seem not to have Internet connectivity, as attempting to use `pkg-ng`
+fails:
+
+```
+# pkg install nginx
+The package management tool is not yet installed on your system.
+Do you want to fetch and install it now? [y/N]: y
+Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly, please wait...
+pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly/Latest/pkg.txz: Non-recoverable resolver failure
+A pre-built version of pkg could not be found for your system.
+Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'.
+```
+
+Running `ifconfig` inside the jail shows that I do not seem to have an IP
+address, nor can I seem to communicate with any hosts. Interestingly when I
+attempt to ping my gateway, I get the message:
+
+```
+ping: ssend socket: Operation not permitted
+```
+
+Clearly there's something I've not yet figured out.
diff --git a/_posts/2018-10-13-freebsd-jail-networking-continued.md b/_posts/2018-10-13-freebsd-jail-networking-continued.md
new file mode 100644
index 0000000..9653410
--- /dev/null
+++ b/_posts/2018-10-13-freebsd-jail-networking-continued.md
@@ -0,0 +1,24 @@
+---
+title: FreeBSD Jail Networking Continued
+---
+
+I decided to take another crack at the jail configuration I started in
+[Experiment 1]({% post_url 2018-09-20-freebsd-jails %}). After reading bits and
+pieces of a few random websites (including various ServerFault posts), on an
+inkling I added the line `interface = "bge0";` to my `/etc/jail.conf` file and
+ran `service jail restart www` (`bge0` is my LAN interface on the host). After
+`jexec`ing in, I tried `pkg install nginx` again and it worked like a charm!
+
+<!--more-->
+
+I also noticed that when I run `ifconfig` on my host now, both the original
+10.0.2.201 and the jail's 10.0.2.202 addresses had been added to the `bge0`
+interface. I wondered whether that meant that I could now SSH into the host
+using the jail's IP address. So on my laptop, I ran `ssh bb@10.0.2.202` and lo
+and behold, it worked. The opposite, however, is _not_ true: loading
+http://10.0.2.201 in a web browser does not give me the beautiful "welcome to
+nginx" page that http://10.0.2.202 has.
+
+I'm sure some trickier stuff will arise when dealing with NAT and multiple
+interfaces, but for now I'm satisfied that I have a basic understanding of how
+to set up a service in a jail and expose it to the network.
diff --git a/index.md b/index.md
index 8c35fee..6c2d7e8 100644
--- a/index.md
+++ b/index.md
@@ -5,7 +5,17 @@ title: Ben Burwell
 
 # Ben Burwell
 
-- [blog](/posts/)
-- [theatre](/theatre.html)
-- [freebsd notes](/freebsd.html)
-- mail: anything you'd like @benburwell.com
+- [Blog](/posts/)
+- [Tech theatre](/theatre.html)
+- Email: anything @benburwell.com
+
+**Around the net…**
+
+- [GitHub](https://github.com/benburwell)
+- [Sourcehut](https://git.sr.ht/~benburwell)
+
+**Projects**
+
+- [HowToChooseAPassword.com](https://howtochooseapassword.com)
+- [PlateZero](https://platezero.com)
+- [MedicMate](https://medicmate.io)