1 files changed, 21 insertions, 15 deletions
diff --git a/content-org/bsd.org b/content-org/bsd.org
index 37cec90..379391f 100644
--- a/content-org/bsd.org
+++ b/content-org/bsd.org
@@ -1403,8 +1403,8 @@ Monkey Island 2 running on ScummVM
 :EXPORT_HUGO_SECTION: bsd/freebsd-homelab
 :END:
 
-*** DONE Template for jail with external IP assigned via DHCP
-CLOSED: [2024-10-27 Sun 20:11]
+*** DONE Template for jail with an external IP assigned via DHCP
+CLOSED: [2024-10-29 Tue 22:03]
 :PROPERTIES:
 :EXPORT_FILE_NAME: dhcp-vnet-jail
 :EXPORT_HUGO_CUSTOM_FRONT_MATTER+: :abstract Running old adventure games
@@ -1418,17 +1418,14 @@ What I want is to have jails with:
 - IPs are assigned via DHCP server
 - I am able to access files outside if the jails
 
-I was able to achieve most of this by following [[https://docs.freebsd.org/en/books/handbook/jails/][FreeBSD handbook]], [[https://rubenerd.com/starting-with-freebsd-jails/][Rubenerd's post]], and [[https://wiki.freebsd.org/Jails][FreeBSD Wiki]], but I also received some help from different indiduals whose names I can't recall.
+I was able to achieve most of this by following [[https://docs.freebsd.org/en/books/handbook/jails/][FreeBSD handbook]], [[https://rubenerd.com/starting-with-freebsd-jails/][Rubenerd's post]], and [[https://wiki.freebsd.org/Jails][FreeBSD Wiki]], but I also received some help from different individuals whose names I can't recall.
 
 I use classic jails created from ZFS snapshots, but (as to the best of my knowledge), any jail will work with the following configuration.
 Unless specified, all code here goes to =/etc/jails.conf=.
 
-Note, that any configuration outside jail definition, will also apply to all jails.
-For example for this structure:
-
 #+begin_src  shell
   config1;
-
+   
   jail1 {
       config2;
   }
@@ -1444,7 +1441,7 @@ jail1 gets configured with =config1= and =config2=, while jail2 gets =config1= a
 
 First, we start with standard configuration regarding starting, stopping and logging.
 Notice the =#{name}=.
-It's a variable which fill be filled the name of the jail.
+It's a variable which fill be filled with the name of the jail.
 #+begin_src shell
   # STARTUP/LOGGING
   exec.clean;
@@ -1453,8 +1450,8 @@ It's a variable which fill be filled the name of the jail.
   exec.consolelog = "/var/log/jail_console_${name}.log";
 #+end_src
 
-Then we add permissions which will allow for =vnet= - the system allowing for jail to have their own, (virtual) network stack.
-Even though everything goes host's network, for all intends and purposes jails have their own NICs.
+Then we add permissions which will enable =vnet= - the system allowing for jail to have their own, (virtual) network stack.
+Even though everything goes through host's network stack, for all intends and purposes we can pretend that each jail has it's own (virtual) NIC.
 
 #+begin_src shell
   # PERMISSIONS
@@ -1465,7 +1462,7 @@ Even though everything goes host's network, for all intends and purposes jails h
   vnet;
 #+end_src
 
-Note, that we need to configure this ruleset. Create =etc/defvs.rules=:
+Note, that we need to configure this =devfs_ruleset=. Create =etc/defvs.rules=:
 
 #+begin_src shell
 [devfsrules_jails=5]
@@ -1477,15 +1474,16 @@ add path 'bpf*' unhide
 
 back to =jail.conf=, we set hostname and path for the container.
 Adjust to your liking.
+
 #+begin_src shell
   host.hostname = "${name}.dune.local";
   path = "/usr/local/jails/containers/${name}";
 #+end_src
 
 Now for the actual network configuration.
-We will configure for the shell to:
+We will configure for the jail system to:
 - create an =epair(4)= and use for network communication
-- destroy this =epair= upon stopping
+- destroy this =epair= upon stopping a jail
 
 #+begin_src shell
   $epair = "epair${id}";
@@ -1530,7 +1528,7 @@ Explanations:
 - =$mac= will force a given mac address for the virtual network card.
   This will ensure that FreeBSD won't change it, and we can assign fixed =IP= on the router level
 - This jail has attached network storage.
-  You don't want the jail itself to even know what it is, so we're forcing the host to execute =/etc/fstab.$name=, and mount the drives.
+  You don't want the jail itself to even know what it is, so we're forcing the host to execute =/etc/fstab.$name=, and mount the shares.
   Note, that you need to mount the drives in directory relative to *host's* root, so something like:
 
 #+begin_src shell
@@ -1541,7 +1539,7 @@ Explanations:
 
 **** Putting it all together
 
-The entire =jail.conf= here looks like:
+The entire =jail.conf= looks like:
 
 #+begin_src shell
     exec.clean;
@@ -1574,6 +1572,14 @@ The entire =jail.conf= here looks like:
         exec.poststop += "umount -a -F /etc/fstab.$name";
     }
 #+end_src
+
+**** Improve me
+
+Is this perfect?
+No!
+There are people doing magical things with jails.
+If this makes no sense to you, or if you've done it better - make sure to [[/contact][contact me]].
+
 * WIP
 ** TODO OpenBSD: XMPP (Jabber) server
 /intro/