fixes for freebsd 15

author: Cullum Smith <cullum@sacredheartsc.com> 2025-12-23 02:29:46 -0500
committer: Cullum Smith <cullum@sacredheartsc.com> 2025-12-23 02:29:46 -0500
commit: 53024f3a9ec6eba6830015d0ea015a4ee3e6d955 (patch)
tree: abcacdb3148584e72372f8e44d9bb31c8cddce3d
parent: ac216a9476eaf0f64105e992a7d8d461ccda9d69 (diff)
download: infrastructure-53024f3a9ec6eba6830015d0ea015a4ee3e6d955.tar.gz
32 files changed, 84 insertions, 59 deletions
diff --git a/files/etc/cron.d/poudriere.pkg_repository b/files/etc/cron.d/poudriere.pkg_repository
index 57d9dac..dc9c598 100644
--- a/files/etc/cron.d/poudriere.pkg_repository
+++ b/files/etc/cron.d/poudriere.pkg_repository
@@ -1 +1 @@
-@weekly root lockf -t 0 /tmp/poudriere-cron.lock /usr/local/libexec/poudriere-cron $(echo "$poudriere_versions" | tr . _)
+@weekly root lockf -t 0 /tmp/poudriere-cron.lock /usr/local/libexec/poudriere-cron $(echo "$poudriere_versions" | tr . _) idm $(echo "$poudriere_idm_versions" | tr . _)
diff --git a/files/etc/profile.d/local-homedir.sh.common b/files/etc/profile.d/local-homedir.sh.common
index 2310d7c..422e967 100644
--- a/files/etc/profile.d/local-homedir.sh.common
+++ b/files/etc/profile.d/local-homedir.sh.common
@@ -13,7 +13,6 @@ export PYTHONUSERBASE="${LOCAL_HOME}/.local"
 export npm_config_cache="${LOCAL_HOME}/.npm"
 export CARGO_HOME="${LOCAL_HOME}/.cargo"
 export GOPATH="${LOCAL_HOME}/go"
-export WINE_i386_ROOT="${LOCAL_HOME}/.i386-wine-pkg"
 export WINEPREFIX="${LOCAL_HOME}/.wine"
 
 # firefox
diff --git a/files/usr/local/etc/pkg/repos/FreeBSD.conf.common b/files/usr/local/etc/pkg/repos/FreeBSD.conf.common
index fa41366..dd7ce6e 100644
--- a/files/usr/local/etc/pkg/repos/FreeBSD.conf.common
+++ b/files/usr/local/etc/pkg/repos/FreeBSD.conf.common
@@ -1,3 +1,4 @@
-FreeBSD: { enabled: no }
-
-FreeBSD-kmods: { enabled: no }
+FreeBSD: { enabled: no}
+FreeBSD-kmods: { enabled: no}
+FreeBSD-ports: { enabled: no}
+FreeBSD-ports-kmods: { enabled: no }
diff --git a/files/usr/local/etc/pkg/repos/onprem.conf.freebsd b/files/usr/local/etc/pkg/repos/onprem.conf.freebsd
index 953ae20..cd87b7e 100644
--- a/files/usr/local/etc/pkg/repos/onprem.conf.freebsd
+++ b/files/usr/local/etc/pkg/repos/onprem.conf.freebsd
@@ -2,5 +2,5 @@ ${site}: {
   enabled: yes,
   url: "http://${pkg_host}/\${ABI}/latest",
   signature_type: "pubkey",
-  pubkey: "/usr/local/etc/ssl/repo.crt"
+  pubkey: "/usr/local/etc/pkg/repos/repo.crt"
 }
diff --git a/files/usr/local/etc/pkg/repos/onprem.conf.idm_server b/files/usr/local/etc/pkg/repos/onprem.conf.idm_server
index 5ffad74..a7950b1 100644
--- a/files/usr/local/etc/pkg/repos/onprem.conf.idm_server
+++ b/files/usr/local/etc/pkg/repos/onprem.conf.idm_server
@@ -5,5 +5,5 @@ ${site}: {
   enabled: yes,
   url: "http://${pkg_host}/\${ABI}/latest-idm",
   signature_type: "pubkey",
-  pubkey: "/usr/local/etc/ssl/repo.crt"
+  pubkey: "/usr/local/etc/pkg/repos/repo.crt"
 }
diff --git a/files/usr/local/etc/ssl/repo.crt.readme b/files/usr/local/etc/pkg/repos/repo.crt.readme
index 1c1ad53..1c1ad53 100644
--- a/files/usr/local/etc/ssl/repo.crt.readme
+++ b/files/usr/local/etc/pkg/repos/repo.crt.readme
diff --git a/files/usr/local/etc/poudriere.d/i386-pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/i386-pkglist.pkg_repository
deleted file mode 100644
index 4753451..0000000
--- a/files/usr/local/etc/poudriere.d/i386-pkglist.pkg_repository
+++ /dev/null
@@ -1,2 +0,0 @@
-emulators/wine
-graphics/mesa-dri
diff --git a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
index 1aede6a..ae195bc 100644
--- a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
@@ -4,8 +4,8 @@ DEFAULT_VERSIONS+=${poudriere_default_versions:-}
 MAKE_JOBS_NUMBER=${poudriere_make_jobs_number}
 
 # Global port options
-OPTIONS_UNSET=TEST DEBUG GSSAPI_HEIMDAL GSSAPI_BASE GSSAPI_NONE HEIMDAL HEIMDAL_BASE NLS DOCS AVAHI LIBWRAP MYSQL MSQLND ODBC READLINE PULSEAUDIO UPNP BASH ZSH INFO SAMBA TCP_WRAPPERS COMPAT32 JACK KDEPIM WAYLAND PLATFORM_WAYLAND PIPEWIRE VLC
-OPTIONS_SET=GSSAPI GSSAPI_MIT MIT NONFREE LIBEDIT
+OPTIONS_UNSET=TEST DEBUG GSSAPI_HEIMDAL GSSAPI_BASE GSSAPI_NONE HEIMDAL HEIMDAL_BASE NLS DOCS AVAHI LIBWRAP MYSQL MSQLND ODBC READLINE UPNP BASH ZSH INFO SAMBA TCP_WRAPPERS COMPAT32 JACK KDEPIM PIPEWIRE VLC ALSA
+OPTIONS_SET=GSSAPI GSSAPI_MIT MIT NONFREE LIBEDIT WAYLAND PLATFORM_WAYLAND PULSEAUDIO
 
 WINE_CROSS_BUILD=yes
 
@@ -55,9 +55,6 @@ multimedia_kdemultimedia_SET=KMIX
 multimedia_kdenlive_UNSET=DVDWIZARD
 multimedia_mpv_SET=CDIO LIBBLURAY
 multimedia_mpv_UNSET=NVDEC
-multimedia_qt6-multimedia_SET=PULSEAUDIO
-multimedia_qt6-multimedia_UNSET=ALSA
-multimedia_simplescreenrecorder_SET=ALSA
 multimedia_vlc_SET=FLAC MPEG2 X264 X265 VPX DCA FAAD AOM
 multimedia_webcamd_UNSET=DVB INPUT RADIO
 net-im_py-matrix-synapse_SET=PGSQL URLPREVIEW LDAP
diff --git a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
index 5f01a99..63c2bf6 100644
--- a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
@@ -9,10 +9,8 @@ audio/fooyin
 audio/freedesktop-sound-theme
 audio/gsound
 audio/kid3@kf6
-audio/kmix
 audio/musescore
 audio/pulseaudio
-audio/virtual_oss
 converters/php${php_version}-iconv
 converters/php${php_version}-mbstring
 databases/luadbi
diff --git a/files/usr/local/etc/pulse/daemon.conf.desktop b/files/usr/local/etc/pulse/daemon.conf.desktop
new file mode 100644
index 0000000..f5fe0c1
--- /dev/null
+++ b/files/usr/local/etc/pulse/daemon.conf.desktop
@@ -0,0 +1,3 @@
+# This seems to solve lots of skipping/distortion with digikam video playback.
+default-fragments = 8
+default-fragment-size-msec = 5
diff --git a/files/usr/local/etc/pulse/daemon.conf.laptop b/files/usr/local/etc/pulse/daemon.conf.laptop
new file mode 120000
index 0000000..7241ea6
--- /dev/null
+++ b/files/usr/local/etc/pulse/daemon.conf.laptop
@@ -0,0 +1 @@
+daemon.conf.desktop
+\ No newline at end of file
diff --git a/files/usr/local/etc/pulse/daemon.conf.roadwarrior_laptop b/files/usr/local/etc/pulse/daemon.conf.roadwarrior_laptop
new file mode 120000
index 0000000..7241ea6
--- /dev/null
+++ b/files/usr/local/etc/pulse/daemon.conf.roadwarrior_laptop
@@ -0,0 +1 @@
+daemon.conf.desktop
+\ No newline at end of file
diff --git a/files/usr/local/etc/sddm.conf.desktop b/files/usr/local/etc/sddm.conf.desktop
index 09c2000..482ed9a 100644
--- a/files/usr/local/etc/sddm.conf.desktop
+++ b/files/usr/local/etc/sddm.conf.desktop
@@ -1,6 +1,8 @@
 [General]
 DisplayServer = x11
 
+# Alt-F2 (krunner) freezes the entire session under wayland.
+# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286592
 [Wayland]
 SessionDir = /dev/null
 
diff --git a/files/usr/local/libexec/poudriere-cron.pkg_repository b/files/usr/local/libexec/poudriere-cron.pkg_repository
index e0dee52..aa5ebbb 100644
--- a/files/usr/local/libexec/poudriere-cron.pkg_repository
+++ b/files/usr/local/libexec/poudriere-cron.pkg_repository
@@ -14,14 +14,22 @@ for patch in /usr/local/etc/poudriere.d/patches/*.patch; do
   patch -s -d /usr/local/poudriere/ports/latest -u < "$patch"
 done
 
+idm=false
 for jail in "$@"; do
+  if [ "$jail" = idm ]; then
+    idm=true
+    continue
+  fi
+
   poudriere jail -u  -j "$jail" > /dev/null
-  poudriere bulk     -j "$jail"        -f /usr/local/etc/poudriere.d/idm-pkglist   -p "$ports_tree" -z idm
-  poudriere pkgclean -j "$jail"        -f /usr/local/etc/poudriere.d/idm-pkglist   -p "$ports_tree" -z idm -y > /dev/null 2>&1
-  poudriere bulk     -j "$jail"        -f /usr/local/etc/poudriere.d/pkglist       -p "$ports_tree"
-  poudriere pkgclean -j "$jail"        -f /usr/local/etc/poudriere.d/pkglist       -p "$ports_tree" -y        > /dev/null 2>&1
-  poudriere bulk     -j "${jail}-i386" -f /usr/local/etc/poudriere.d/i386-pkglist  -p "$ports_tree"
-  poudriere pkgclean -j "${jail}-i386" -f /usr/local/etc/poudriere.d/i386-pkglist  -p "$ports_tree" -y        > /dev/null 2>&1
+
+  if [ "$idm" = true ]; then
+    poudriere bulk     -j "$jail"        -f /usr/local/etc/poudriere.d/idm-pkglist   -p "$ports_tree" -z idm
+    poudriere pkgclean -j "$jail"        -f /usr/local/etc/poudriere.d/idm-pkglist   -p "$ports_tree" -z idm -y > /dev/null 2>&1
+  else
+    poudriere bulk     -j "$jail"        -f /usr/local/etc/poudriere.d/pkglist       -p "$ports_tree"
+    poudriere pkgclean -j "$jail"        -f /usr/local/etc/poudriere.d/pkglist       -p "$ports_tree" -y        > /dev/null 2>&1
+  fi
 done
 
 poudriere distclean -p "$ports_tree" -a -y > /dev/null
diff --git a/scripts/hostclass/asterisk_server b/scripts/hostclass/asterisk_server
index 30699d8..8babcb7 100644
--- a/scripts/hostclass/asterisk_server
+++ b/scripts/hostclass/asterisk_server
@@ -41,7 +41,7 @@ asterisk_user=asterisk
 
 # Install packages.
 pkg install -y \
-  asterisk18 \
+  asterisk22 \
   ca_root_nss
 
 # Create ZFS dataset for Asterisk DB.
diff --git a/scripts/hostclass/desktop b/scripts/hostclass/desktop
index e57bae0..13277b6 100644
--- a/scripts/hostclass/desktop
+++ b/scripts/hostclass/desktop
@@ -191,6 +191,9 @@ for user in $digikam_db_users; do
   mysql_create_database "$digikam_db_host" digikam "$user"
 done
 
+# Fix pulseaudio choppiness
+install_file /usr/local/etc/pulse/daemon.conf
+
 # Mount linux filesystems.
 add_mountpoint(){
   awk -vpath="$1" 'BEGIN {rc=1} $2 == path {rc=0} END {exit rc}' /etc/fstab \
diff --git a/scripts/hostclass/idm_server/10-slapd b/scripts/hostclass/idm_server/10-slapd
index 0dc7d1d..dcce783 100644
--- a/scripts/hostclass/idm_server/10-slapd
+++ b/scripts/hostclass/idm_server/10-slapd
@@ -1,5 +1,15 @@
 #!/bin/sh
 
+case $BOXCONF_OS_VERSION in
+  14.*)
+    : # ok
+    ;;
+  *)
+    # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291828
+    die "Only FreeBSD versions < 15 are supported for hostclass idm_server!"
+    ;;
+esac
+
 : ${slapd_root_dn:='cn=admin'}
 : ${slapd_replicator_dn:="cn=replicator,${basedn}"}
 : ${slapd_result_size_limit:='10000'}
diff --git a/scripts/hostclass/idm_server/30-kdc b/scripts/hostclass/idm_server/30-kdc
index 9347ed0..62be22c 100644
--- a/scripts/hostclass/idm_server/30-kdc
+++ b/scripts/hostclass/idm_server/30-kdc
@@ -22,7 +22,7 @@ install_template -m 0644 \
 if is_primary_server && ! ldap_dn_exists "$kdc_basedn"; then
   kdb5_ldap_util -P "$kdc_master_key" create -subtrees "$accounts_basedn" -sscope SUB -s
 elif ! [ -f "$kdc_master_key_path" ]; then
-  kdb5_util -P "$kdc_master_key" stash
+  /usr/local/sbin/kdb5_util -P "$kdc_master_key" stash
 fi
 
 # Start the KDC and kadmind.
diff --git a/scripts/hostclass/idm_server/90-idm b/scripts/hostclass/idm_server/90-idm
index bd6fb61..26e673b 100644
--- a/scripts/hostclass/idm_server/90-idm
+++ b/scripts/hostclass/idm_server/90-idm
@@ -40,22 +40,22 @@ associatedDomain: ${rdns}
 EOF
 
 # Create host principal.
-kadmin.local get_principal "host/${fqdn}" \
-  || kadmin.local add_principal -nokey -x "dn=cn=${BOXCONF_HOSTNAME},${hosts_basedn}" "host/${fqdn}"
+/usr/local/sbin/kadmin.local get_principal "host/${fqdn}" \
+  || /usr/local/sbin/kadmin.local add_principal -nokey -x "dn=cn=${BOXCONF_HOSTNAME},${hosts_basedn}" "host/${fqdn}"
 
 # Create ldap service principal.
-kadmin.local get_principal "ldap/${fqdn}" \
-  || kadmin.local add_principal -nokey -x "containerdn=${services_basedn}" "ldap/${fqdn}"
+/usr/local/sbin/kadmin.local get_principal "ldap/${fqdn}" \
+  || /usr/local/sbin/kadmin.local add_principal -nokey -x "containerdn=${services_basedn}" "ldap/${fqdn}"
 
 # Create state dataset to persist keytabs across OS rebuilds.
 create_dataset -o "mountpoint=${keytab_dir}" "${state_dataset}/keytabs"
 
 # Export host keytab.
-[ -f "${keytab_dir}/host.keytab" ] || kadmin.local ktadd -k "${keytab_dir}/host.keytab" -q "host/${fqdn}"
+[ -f "${keytab_dir}/host.keytab" ] || /usr/local/sbin/kadmin.local ktadd -k "${keytab_dir}/host.keytab" -q "host/${fqdn}"
 ln -snfv "${keytab_dir}/host.keytab" /etc/krb5.keytab
 
 # Export slapd keytab.
-[ -f "$slapd_keytab" ] || kadmin.local ktadd -k "$slapd_keytab" -q "ldap/${fqdn}"
+[ -f "$slapd_keytab" ] || /usr/local/sbin/kadmin.local ktadd -k "$slapd_keytab" -q "ldap/${fqdn}"
 chown "$slapd_user" "$slapd_keytab"
 
 # Install PAM/NSS integration packages.
@@ -115,5 +115,5 @@ uid: ${boxconf_username}
 userPassword: {SASL}${boxconf_username}@${realm}
 EOF
 
-  kadmin.local add_principal -x "dn=${boxconf_dn}" -pw "$boxconf_password" "$boxconf_username"
+  /usr/local/sbin/kadmin.local add_principal -x "dn=${boxconf_dn}" -pw "$boxconf_password" "$boxconf_username"
 fi
diff --git a/scripts/hostclass/imap_server/10-solr b/scripts/hostclass/imap_server/10-solr
index 7d89ea2..fe0850c 100644
--- a/scripts/hostclass/imap_server/10-solr
+++ b/scripts/hostclass/imap_server/10-solr
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-: ${solr_version:='9.8.1'}
+: ${solr_version:='9.10.0'}
 
 solr_uid=161
 solr_user=solr
diff --git a/scripts/hostclass/imap_server/20-tika b/scripts/hostclass/imap_server/20-tika
index 6577ff2..d282214 100644
--- a/scripts/hostclass/imap_server/20-tika
+++ b/scripts/hostclass/imap_server/20-tika
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-: ${tika_version:='3.2.0'}
+: ${tika_version:='3.2.3'}
 : ${tika_uid:='787'}
 
 tika_user=tika
diff --git a/scripts/hostclass/pkg_repository b/scripts/hostclass/pkg_repository
index 7f4da96..054d2ef 100644
--- a/scripts/hostclass/pkg_repository
+++ b/scripts/hostclass/pkg_repository
@@ -1,6 +1,7 @@
 #!/bin/sh
 
-: ${poudriere_versions:='14.3-RELEASE'}
+: ${poudriere_versions:='15.0-RELEASE'}
+: ${poudriere_idm_versions:='14.3-RELEASE'}
 : ${poudriere_jobs:="$nproc"}
 : ${poudriere_dataset:="${state_dataset:-zroot}"}
 : ${poudriere_make_jobs_number:='4'}
@@ -41,8 +42,7 @@ install_template -m 0644 \
  "${poudriere_conf_dir}/make.conf" \
  "${poudriere_conf_dir}/idm-make.conf" \
  "${poudriere_conf_dir}/pkglist" \
- "${poudriere_conf_dir}/idm-pkglist" \
- "${poudriere_conf_dir}/i386-pkglist"
+ "${poudriere_conf_dir}/idm-pkglist"
 install_file -m 0400 /usr/local/etc/ssl/repo.key
 install_directory -m 0755 /usr/ports/distfiles
 install_directory -m 0755 -o nobody -g nobody "${poudriere_data_dir}/ccache"
@@ -87,25 +87,25 @@ for version in $poudriere_versions; do
   [ -d "${poudriere_data_dir}/jails/${jail}" ] || poudriere jail -c -j "$jail" -v "$version"
 
   poudriere jail -u  -j "$jail"
-  poudriere bulk -v  -j "$jail" -f "${poudriere_conf_dir}/idm-pkglist" -p latest -z idm
-  poudriere pkgclean -j "$jail" -f "${poudriere_conf_dir}/idm-pkglist" -p latest -z idm -y
   poudriere bulk -v  -j "$jail" -f "${poudriere_conf_dir}/pkglist"     -p latest
   poudriere pkgclean -j "$jail" -f "${poudriere_conf_dir}/pkglist"     -p latest -y
 
   install_directory -m 0755 "${poudriere_data_dir}/data/packages/${abi}"
   ln -snfv "../${jail}-latest" "${poudriere_data_dir}/data/packages/${abi}/latest"
-  ln -snfv "../${jail}-latest-idm" "${poudriere_data_dir}/data/packages/${abi}/latest-idm"
+done
 
-  # Build 32-bit WINE (lol)
-  jail="$(echo "$version" | tr . _)-i386"
-  abi="FreeBSD:${version%%.*}:i386"
+for version in $poudriere_idm_versions; do
+  jail=$(echo "$version" | tr . _)
+  abi="FreeBSD:${version%%.*}:$(uname -p)"
 
-  [ -d "${poudriere_data_dir}/jails/${jail}" ] || poudriere jail -c -j "$jail" -a i386 -v "$version"
-  poudriere bulk -v  -j "$jail" -f "${poudriere_conf_dir}/i386-pkglist" -p latest
-  poudriere pkgclean -j "$jail" -f "${poudriere_conf_dir}/i386-pkglist" -p latest -y
+  [ -d "${poudriere_data_dir}/jails/${jail}" ] || poudriere jail -c -j "$jail" -v "$version"
+
+  poudriere jail -u  -j "$jail"
+  poudriere bulk -v  -j "$jail" -f "${poudriere_conf_dir}/idm-pkglist" -p latest -z idm
+  poudriere pkgclean -j "$jail" -f "${poudriere_conf_dir}/idm-pkglist" -p latest -z idm -y
 
   install_directory -m 0755 "${poudriere_data_dir}/data/packages/${abi}"
-  ln -snfv "../${jail}-latest" "${poudriere_data_dir}/data/packages/${abi}/latest"
+  ln -snfv "../${jail}-latest-idm" "${poudriere_data_dir}/data/packages/${abi}/latest-idm"
 done
 
 # Clean stale distfiles and logs.
diff --git a/scripts/hostclass/ttrss_server b/scripts/hostclass/ttrss_server
index 5ff4cac..8a40273 100644
--- a/scripts/hostclass/ttrss_server
+++ b/scripts/hostclass/ttrss_server
@@ -11,8 +11,8 @@
 ttrss_dn="uid=${ttrss_username},${robots_basedn}"
 ttrss_https_cert="${nginx_conf_dir}/ttrss.crt"
 ttrss_https_key="${nginx_conf_dir}/ttrss.key"
-ttrss_repo='https://git.tt-rss.org/fox/tt-rss.git/'
-ttrss_branch=master
+ttrss_repo='https://github.com/tt-rss/tt-rss/'
+ttrss_branch=main
 ttrss_repo_dir=/usr/local/www/tt-rss
 ttrss_keytab="${keytab_dir}/ttrss.keytab"
 ttrss_client_keytab="${keytab_dir}/ttrss.client.keytab"
@@ -93,6 +93,9 @@ install_template -m 0644 "${ttrss_repo_dir}/config.php"
 postgres_create_role "$ttrss_dbhost" "$ttrss_username"
 postgres_create_database "$ttrss_dbhost" "$ttrss_dbname" "$ttrss_username"
 
+# Allow git to run as nginx user despite mismatched webroot ownership
+git config --system --add safe.directory "$ttrss_repo_dir"
+
 # Initialize the database schema.
 su -m "$nginx_user" -c "${ttrss_repo_dir}/update.php --update-schema=force-yes"
 
diff --git a/scripts/hostname/desktop1 b/scripts/hostname/desktop1
index d8bd6d3..3fb96db 100644
--- a/scripts/hostname/desktop1
+++ b/scripts/hostname/desktop1
@@ -15,7 +15,6 @@ buffer_ms=4
 microphone_gain=50
 max_channels=2
 
-pkg install -y virtual_oss
 sysrc -v \
   virtual_oss_enable=YES \
   virtual_oss_dsp="-C "$max_channels" -c "$max_channels" -S -r ${samplerate} -b ${bits} -s ${buffer_ms}ms -O /dev/dsp${playback_device} -R /dev/dsp${recording_device} -d dsp -t vsdp.ctl"
diff --git a/scripts/hostname/desktop2 b/scripts/hostname/desktop2
index d8bd6d3..3fb96db 100644
--- a/scripts/hostname/desktop2
+++ b/scripts/hostname/desktop2
@@ -15,7 +15,6 @@ buffer_ms=4
 microphone_gain=50
 max_channels=2
 
-pkg install -y virtual_oss
 sysrc -v \
   virtual_oss_enable=YES \
   virtual_oss_dsp="-C "$max_channels" -c "$max_channels" -S -r ${samplerate} -b ${bits} -s ${buffer_ms}ms -O /dev/dsp${playback_device} -R /dev/dsp${recording_device} -d dsp -t vsdp.ctl"
diff --git a/scripts/hostname/rlaptop1 b/scripts/hostname/rlaptop1
new file mode 100644
index 0000000..b6e127f
--- /dev/null
+++ b/scripts/hostname/rlaptop1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+set_loader_conf "exec=copy_staging enable"
diff --git a/scripts/os/freebsd/10-sysctls b/scripts/os/freebsd/10-sysctls
index 1f5d70f..b40186a 100644
--- a/scripts/os/freebsd/10-sysctls
+++ b/scripts/os/freebsd/10-sysctls
@@ -33,7 +33,7 @@ set_sysctl \
   net.inet.tcp.minmss=536 \
   net.inet.tcp.msl=2500 \
   net.inet.tcp.mssdflt=1448 \
-  net.inet.tcp.nolocaltimewait=1 \
+  net.inet.tcp.msl_local=1 \
   net.inet.tcp.path_mtu_discovery=1 \
   net.inet.tcp.recvbuf_max="$tcp_buffer_size" \
   net.inet.tcp.recvspace=65536 \
@@ -72,7 +72,7 @@ if [ "$BOXCONF_VIRTUALIZATION_TYPE" != jail ]; then
     security.bsd.unprivileged_read_msgbuf=0 \
     vfs.nfsd.enable_locallocks=1 \
     vfs.nfsd.issue_delegations=0 \
-    vfs.zfs.min_auto_ashift=12
+    vfs.zfs.vdev.min_auto_ashift=12
 
   # FreeBSD automatically scales kern.maxfilesperproc with the amount of memory.
   # On systems with large amounts of RAM, this can cause strange lags with some 
diff --git a/scripts/os/freebsd/20-root-ca b/scripts/os/freebsd/20-root-ca
index 1f88c69..260af7b 100644
--- a/scripts/os/freebsd/20-root-ca
+++ b/scripts/os/freebsd/20-root-ca
@@ -2,9 +2,9 @@
 
 # Create local CA certificates directory.
 install_directory -m 0755  \
-  /usr/local/etc           \
-  /usr/local/etc/ssl       \
-  /usr/local/etc/ssl/certs
+  /usr/local/share         \
+  /usr/local/share/certs   \
+  /usr/local/share/certs/trusted
 
 # Install our root CA.
 install_ca_certificate "$site_cacert_path"
diff --git a/scripts/os/freebsd/40-pkg b/scripts/os/freebsd/40-pkg
index 7c1c828..b858aa1 100644
--- a/scripts/os/freebsd/40-pkg
+++ b/scripts/os/freebsd/40-pkg
@@ -13,7 +13,7 @@ case $BOXCONF_HOSTCLASS in
       /usr/local/etc/pkg/repos
 
     install_file -m 0644 \
-      /usr/local/etc/ssl/repo.crt \
+      /usr/local/etc/pkg/repos/repo.crt \
       /usr/local/etc/pkg/repos/FreeBSD.conf
 
     install_template -m 0644 /usr/local/etc/pkg/repos/onprem.conf
diff --git a/site b/site
-Subproject 924dbe60bd038cdd26f06a7360450e549e483fb
+Subproject 8ba0fe510e3502c2ab32d62fc6b841736092923
diff --git a/vars/hostname/rlaptop1 b/vars/hostname/rlaptop1
index b9bef40..1ec979a 100644
--- a/vars/hostname/rlaptop1
+++ b/vars/hostname/rlaptop1
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 pf_egress_interfaces='wlan0 em0 ue0'
-wireless_type=iwm8265
+wireless_type=iwlwifi8000
 console_font=spleen-12x24
 laptop_type=thinkpad
 vt_suspendswitch=0
diff --git a/vars/os/freebsd b/vars/os/freebsd
index e76fc35..fc84b0f 100644
--- a/vars/os/freebsd
+++ b/vars/os/freebsd
@@ -19,12 +19,12 @@ nfscbd_port=7745
 nginx_user=www
 nginx_conf_dir=/usr/local/etc/nginx
 nslcd_user=nslcd
-php_version=83
+php_version=84
 postgresql_version=17
 python_version=311
 saslauthd_runtime_dir=/var/run/saslauthd
 saslauthd_user=cyrus
-site_cacert_path=/usr/local/etc/ssl/certs/ca.crt
+site_cacert_path=/usr/local/share/certs/trusted/ca.crt
 system_cadir_path=/etc/ssl/certs
 ssh_host_key_dir=/var/db/ssh
 xdg_override_dir=/usr/local/share-override
author	Cullum Smith <cullum@sacredheartsc.com>	2025-12-23 02:29:46 -0500
committer	Cullum Smith <cullum@sacredheartsc.com>	2025-12-23 02:29:46 -0500
commit	53024f3a9ec6eba6830015d0ea015a4ee3e6d955 (patch)
tree	abcacdb3148584e72372f8e44d9bb31c8cddce3d
parent	ac216a9476eaf0f64105e992a7d8d461ccda9d69 (diff)
download	infrastructure-53024f3a9ec6eba6830015d0ea015a4ee3e6d955.tar.gz