This is an old revision of the document!

Information

FreeBSD ¹⁾
14.2-RELEASE ²⁾

FreeBSD 14.2-RELEASE-p3

TODOs

freebsd
Lastest pkgs freebsd-latest
Oak = ASUS motherboard Legacy/MBR with Phenom II X4 (TODO: mobo name)
Alira = Dell Precision M6500 Legacy/MBR (UFS, no local-unbound; various notes need updating)

Download

https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/14.2/

FreeBSD-14.2-RELEASE-amd64-mini-memstick.img

Installation Notes

Partitioning

https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-partitioning

ZFS
stripe (1 SATA SSD)
Not forced 4K Sectors
GPT (BIOS)

System Configuration

https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-sysconf

[x] sshd
[x] ntpd
[x] ntpd_sync_on_start

System Hardening

https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-hardening

[x] Everything

User

https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-addusers

Invite to other groups: wheel
Shell: sh

Network

Static on Ethernet (em0)

Update

Post-install

FreeBSD

https://docs.freebsd.org/en/books/handbook/cutting-edge/#freebsdupdate-security-patches

su -

freebsd-update fetch install

sync && reboot

pkg

su -

pkg update --force

pkg upgrade

AIO

freebsd-update fetch install && pkg update --force && pkg upgrade

su - 'root' -c 'freebsd-update fetch install && pkg update --force && pkg upgrade'

SSH

ssh '192.168.1.152' -t "su - 'root' -c 'freebsd-update fetch install && pkg update --force && pkg upgrade'"

Software

General

su -

pkg install aria2 en-freebsd-doc htop libressl unar wget

Settings

Groups

operator to allow general reboot/power-off

su -

pw groupmod 'operator' -m 'espionage724'

loader.conf

Oak

su -

ee '/boot/loader.conf'

security.bsd.allow_destructive_dtrace=0
kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
cryptodev_load="YES"
zfs_load="YES"
autoboot_delay="2"
hw.usb.no_boot_wait="1"

rc.conf

Oak

su -

ee '/etc/rc.conf'

clear_tmp_enable="YES"
syslogd_flags="-ss"
hostname="Oak"
ifconfig_em0="inet 192.168.1.152 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
ifconfig_em0_ipv6="inet6 accept_rtadv"
local_unbound_enable="YES"
sshd_enable="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
moused_nondefault_enable="NO"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"
zfs_enable="YES"
nginx_enable="YES"
php_fpm_enable="YES"

Network

local-unbound DNS

https://docs.freebsd.org/en/books/handbook/network/#configuring-nameserver
Already done during install by local_unbound

cat '/etc/rc.conf' | grep 'local_unbound_enable'

cat '/etc/resolv.conf'

su -

ee '/etc/resolv.conf'

nameserver 127.0.0.1
options edns0

Secure Shell

TODO

Drive Maintenance

ZFS

TODO zfs_nas_format

Notable Folders and Commands

See misc

¹⁾

https://www.freebsd.org/

²⁾

relnotes, announce

RoE | Wiki

Table of Contents

Information

TODOs

Download

Installation Notes

Partitioning

System Configuration

System Hardening

User

Network

Update

FreeBSD

pkg

AIO

SSH

Software

General

Settings

Groups

loader.conf

Oak

rc.conf

Oak

Network

local-unbound DNS

Secure Shell

Drive Maintenance

ZFS

Notable Folders and Commands