.
export JAIL=jump export JAILHOSTNAME=jump export JAILDOMAIN=ahlawat.com export JAILIP=55 export JAILUSER=X export JAILUSERID=1000 export JAILUSERVNC=false /root/FreeBSD/jails/create.sh $JAIL $JAILHOSTNAME $JAILDOMAIN $JAILIP $JAILUSER $JAILUSERID $JAILUSERVNC iocage fstab -l $JAIL iocage set allow_vmm=1 children_max=8 securelevel=1 allow_mount=1 enforce_statfs=1 allow_mount_devfs=1 devfs_ruleset=300 allow_mount_procfs=1 exec_start="/bin/sh /mnt/config/setup_jail.sh" $JAIL iocage exec $JAIL "pkg install -y guacamole-server guacamole-client openldap-sasl-client wireguard libqrencode" iocage exec $JAIL sysrc "cp -r /mnt/config/guacamole-* /usr/local/etc/" iocage exec $JAIL sysrc "guacd_enable=YES" iocage exec $JAIL sysrc "tomcat9_enable=YES" iocage exec "$JAIL sysrc tomcat9_java_opts="-Xms1g -Xmx1g"" iocage exec "$JAIL sysrc wireguard_enable=YES" iocage exec "$JAIL sysrc wireguard_interfaces=wg0" iocage exec "$JAIL sysrc gateway_enable="YES""
tar -xvzf /usr/local/share/guacamole-client/guacamole-auth-ldap.tar.gz # copy schema file to ldap jail and edit slapd.conf to include it mkdir /usr/local/etc/guacamole-client/extensions mv guacamole-auth-ldap-1.2.0.jar /usr/local/etc/guacamole-client/extensions/ https://www.wireguard.com/quickstart/ wireguard installed on base system wg in rc.conf's kld_list wg genkey | tee server.private | wg pubkey > server.public wg genkey | tee peer.private | wg pubkey > peer.public chmod 400 *.private *.conf qrencode -t ansi < peer.conf https://play.google.com/store/apps/details?id=com.wireguard.android