# Setting up an OpenBSD Virtual Machine on Linux using KVM # Install the OpenBSD VM on the Linux host: # virsh pool-list --all --details Name State Autostart Persistent Capacity Allocation Available ---------------------------------------------------------------------------------- data-libvirt running yes yes 468.45 GiB 180.09 GiB 288.36 GiB --- bava !5106 ~ % osinfo-query os | grep openbsd | tail -1 openbsd5.8 | OpenBSD 5.8 | 5.8 | http://openbsd.org/openbsd/5.8 $ curl https://fastly.cdn.openbsd.org/pub/OpenBSD/6.2/amd64/install62.iso -o ~/Downloads/openbsd-install62.iso # xhost local:root # virt-install \ --name=openbsd62 \ --disk pool=data-libvirt,cache=none,format=qcow2,size=20 \ --os-variant=openbsd5.8 \ --cdrom $HOME/Downloads/openbsd-install62.iso \ --vcpus=1 \ --ram=512 \ --graphics spice \ --network bridge=br0 We configure the guest with the IP address 10.0.0.80. Remember to remove the CD after guest installation: # virsh change-media openbsd62 /home/paulgorman/Downloads/openbsd-install62.iso --eject Configure the new OpenBSD guest as a web server, and also to provide resolving DNS for one other host (10.0.0.10). Edit `/var/unbound/etc/unbound.conf`: server: interface: 10.0.0.80 access-control: 10.0.0.10 allow Note the existence of `/etc/examples/httpd.conf` and the man page `httpd.conf(5)`. Edit `/etc/httpd.conf`: # # Macros # ext_addr="127.0.0.1" # # Global Options # prefork 3 types { include "/usr/share/misc/mime.types" } # # Servers # server "example.com" { listen on $ext_addr port 80 listen on $ext_addr port 443 root "/example.com" tls certificate "/etc/ssl/letsencrypt/fullchain.pem" tls key "/etc/ssl/letsencrypt/private/privkey.pem" directory { auto index, index "index.html" } location "/private/*" { authenticate with "/htpasswd" directory index "index.php" } location "/.well-known/acme-challenge/*" { root { "/acme" strip 2 } } } Enable and start the services: # rcctl enable unbound # rcctl start unbound # rcctl enable httpd # rcctl start httpd Sun Nov 5 10:58:05 EST 2017