Skip to main content

OpnSense

Settings

  • System -> Access -> Users [root]: Add ssh pubkey to Authorized keys.
  • System -> Settings -> Administration:
    • Enable SSH
    • Permit root user login
    • SSH Port set random

Plugins

  • os-api-backup
  • os-ddclient
  • os-haproxy

Install ports

# Install from package
pkg install bash vim

# Install from ports
opnsense-code ports tools # Need to download 500MB data, use proxy.
cd /usr/ports/shells/zsh && make reinstall
# cd /usr/ports/devel/py-setuptools && make reinstall
cd /usr/ports/lang/go && make install

cd /usr/ports/devel/autoconf && make install
cd /usr/ports/devel/automake && make install
cd /usr/ports/lang/rust && make install

cargo install starship --locked
cargo install navi starship

Install cloudflared

# /usr/ports/distfiles/
  • Remove BATCH variable from /etc/make.conf

Install v2ray

# cd /usr/ports/net/v2ray && make clean reinstall

Manual install v2ray

  1. Create Firewall Rules, go to Firewall -> Rules -> LAN, to create:
    • Source: any
    • Destination: LAN address
    • Destination port range: 8889
# Save release package to /tmp/v2ray-freebsd-64.zip
mkdir -p /usr/share/v2ray /var/log/v2ray && unzip /tmp/v2ray-freebsd-64.zip -d /usr/share/v2ray

# Copy service file from local
scp ~/.dotfiles/config/v2ray/v2ray os:/usr/local/etc/rc.d/v2ray

cat > /usr/local/etc/rc.syshook.d/start/96-v2ray <<EOF
#!/bin/sh
cd /tmp && nohup /usr/share/v2ray/v2ray &
EOF

# Update /usr/share/v2ray/config.json with
scp ~/.dotfiles/config/v2ray/config.json os:/usr/share/v2ray/config.json

service v2ray start

# Auto start, append `v2ray_enable="YES"`
vim /etc/rc.conf