How to automatically load a new configuration in every boot
-
Changes made with the web interface should be persistent. Is it safer if the entire /cf/conf/ directory becomes the mount point for the private drive?
-
Neither is safe really. Both are untested and unsupported. It would be entirely down to you to decide if it's functional.
If it works then great but, as I say, it may well fail somewhere down the line when you update the firmware etc.
Steve
-
Does it make any difference if you specify additional drives and mounting directories during installation? Or these too may not be honored in future versions?
-
By the way, a config.xml in the separate drive mounted at /myconfig does not seem to be read at all during boot. That is, after these commands in a brand new VM:
mkdir /myconfig echo "/dev/ada1s1 /myconfig msdosfs rw,noatime 1 1" >> /etc/fstab mount /dev/ada1s1 cp /cf/conf/config.xml /myconfig/ sed -ic 's/bannedsite/nothing/g' /myconfig/config.xml
Bannedsite is still banned in the DNS resolver after this and a reboot.
EDIT: forgot the mount command above. But still the same problem.
-
That's with the linked config file?
Did that actually alter it as expected?
Where/when is that script run?
Steve
-
@stephenw10 said in How to automatically load a new configuration in every boot:
That's with the linked config file?
No, this is brand new, starting from scratch in a freshly installed pfsense. EDIT: Plus a few sites configured in the DNS resolver to point to the local host so they are effectively banned.
Did that actually alter it as expected?
There is no linked file and the actual config.xml file in the second drive has been modified as expected, but going to the DNS resolver after boot no modification appears there.
Where/when is that script run?
Commands run one by one in the web interface under Diagnostics.
-
Just an untested idea.
What if you configure the xml rpc sync from master to slave, in a daisy chain fashion.
Changing something on master would make a ripple propagation to all.
The downside is that if one pf is missing the chain breaks.. -
Ah OK check the boot log. Just after root is mounted you will see the ECL looking for config files.
If it finds one:External config loader 1.0 is now starting... da0s1 -> found config.xml Backing up old configuration... Restoring [da0s1] /tmp/mnt/cf/config.xml... Cleaning up...
Steve
-
OK, it works as long as you do NOT mount the extra drive with a line in /etc/fstab. Or my line in /etc/fstab is wrong. Here it is again:
/dev/ada1s1 /myconfig msdosfs rw,noatime 1 1
It is useful to have an extra drive mounted automatically for reasons other than config. Should a bug be filed for this?
-
There is almost certainly a feature request open for this already. It's a request most often asked by folks wanting to use a separate driver as a cache or for logs etc.
pfSense does not support a config running from multiple drives though and that's unlikely to change.Steve
-
Let's not mount that extra drive at boot then but well after the ECL does its thing. Where's a proper place to put the mount command? Would also need to remember to manually save (backup) any changes to the config to the extra drive or perhaps modify another script?