After booting

mtu hostname tso

The image is not tuned, and has only been configured to boot in as many providers as possible, therefore extra adjustments need to be done after booting, starting by removing/changing the password for the user devops

In case not using GCE the mtu 1460 option may be removed from the rc.conf:

ifconfig_DEFAULT="SYNCDHCP mtu 1460"

To:

ifconfig_DEFAULT="SYNCDHCP"

The image has been build using this src.conf, this kernel and the jail using this src-jail.conf.

The zfs layout used looks like this:

> zfs list
NAME                           USED  AVAIL  REFER  MOUNTPOINT
zroot                          496M  13.2G    88K  /zroot
zroot/ROOT                     254M  13.2G    88K  none
zroot/ROOT/default             254M  13.2G   254M  /
zroot/jails                    226M  13.2G    88K  /jails
zroot/jails/base               226M  9.78G   226M  /jails/base
zroot/jails/base/tmp            88K  9.78G    88K  /jails/base/tmp
zroot/tmp                       88K  13.2G    88K  /tmp
zroot/usr                     13.5M  13.2G    88K  /usr
zroot/usr/doc                   88K  13.2G    88K  /usr/doc
zroot/usr/home                 128K  13.2G   128K  /usr/home
zroot/usr/local               12.8M  13.2G  12.8M  /usr/local
zroot/usr/obj                   88K  13.2G    88K  /usr/obj
zroot/usr/ports                264K  13.2G    88K  /usr/ports
zroot/usr/ports/distfiles       88K  13.2G    88K  /usr/ports/distfiles
zroot/usr/ports/packages        88K  13.2G    88K  /usr/ports/packages
zroot/usr/src                   88K  13.2G    88K  /usr/src
zroot/var                     1.49M  13.2G    88K  /var
zroot/var/audit                 88K  13.2G    88K  /var/audit
zroot/var/crash                 88K  13.2G    88K  /var/crash
zroot/var/db                   608K  13.2G   412K  /var/db
zroot/var/db/pkg               196K  13.2G   196K  /var/db/pkg
zroot/var/empty                 88K  13.2G    88K  /var/empty
zroot/var/log                  120K  13.2G   120K  /var/log
zroot/var/mail                  88K  13.2G    88K  /var/mail
zroot/var/ports                 88K  13.2G    88K  /var/ports
zroot/var/spool                184K  13.2G    96K  /var/spool
zroot/var/spool/clientmqueue    88K  13.2G    88K  /var/spool/clientmqueue
zroot/var/tmp                   88K  13.2G    88K  /var/tmp

The /etc/rc.conf looks like:

> cat /etc/rc.conf
aws_firstboot_enable="YES"
gce_firstboot_enable="YES"
pf_firstboot_enable="YES"
zfs_firstboot_enable="YES"
zfs_enable="YES"
gateway_enable="YES"
hostname="fabrik" # change to your desired hostname
ifconfig_DEFAULT="SYNCDHCP mtu 1460" # change this to match your host
clear_tmp_enable="YES"
dumpdev="NO"
ntpd_enable="YES"
ntpdate_enable="YES"
sendmail_enable="NONE"
sshd_enable="YES"
syslogd_flags="-ssC"
cloned_interfaces="lo1"
ifconfig_lo1_aliases="inet 172.16.13.1/24 inet 172.16.13.2-5/32"
#-----------------------------------------------------------------------
# pf
#-----------------------------------------------------------------------
pf_enable="YES"
pf_rules="/etc/pf.conf"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
#-----------------------------------------------------------------------
# jails
#-----------------------------------------------------------------------
jail_enable="YES"
jail_list="base"

And the /etc/pf.conf like:

> cat /etc/pf.conf
ext_if = "em0"
set skip on lo
scrub in all
nat on $ext_if from lo1:network to any -> ($ext_if)
pass all

Read more