feat: add FreeBSD CI Ansible
diff --git a/freebsd/README.md b/freebsd/README.md
new file mode 100644
index 0000000..bd4e3a5
--- /dev/null
+++ b/freebsd/README.md
@@ -0,0 +1,24 @@
+# Creating a FreeBSD CI node
+
+## Goals
+
+- [x] given a FreeBSD host, turn it into a fully functional CI node
+ - [x] eventually intel & arm
+- [x] be able to run CouchDB CI jobs
+- eventually, cover erlang@23, erlang@24, erlang@25 and matching elixirs
+ - but start with erlang@25 (latest) for now
+
+## Requirements
+
+`~/.ansible/couchdb-ansible-vault` set up. Talk to the PMC if you don’t have this.
+
+## Dependencies:
+
+- Ansible (`brew/apt/yum install ansible`)
+
+## Usage
+
+```shell
+cd playbook
+ansible-playbook freebsd.yml
+```
diff --git a/freebsd/playbook/ansible.cfg b/freebsd/playbook/ansible.cfg
new file mode 100644
index 0000000..95485e2
--- /dev/null
+++ b/freebsd/playbook/ansible.cfg
@@ -0,0 +1,6 @@
+[defaults]
+inventory = ./inventory/dch
+vault_password_file = ~/.ansible/couchdb-ansible-vault
+
+[ssh_connection]
+pipelining = True
diff --git a/freebsd/playbook/freebsd.yml b/freebsd/playbook/freebsd.yml
new file mode 100644
index 0000000..509d27d
--- /dev/null
+++ b/freebsd/playbook/freebsd.yml
@@ -0,0 +1,102 @@
+---
+- hosts: ci
+ remote_user: freebsd
+ become: yes
+ tasks:
+
+ - name: install tmux
+ ansible.builtin.package:
+ name: tmux
+ state: present
+
+ - name: install emacs-nox
+ ansible.builtin.package:
+ name: emacs-nox
+ state: present
+
+ - name: install erlang 24
+ ansible.builtin.package:
+ name: erlang
+ state: present
+
+ - name: install elixir
+ ansible.builtin.package:
+ name: elixir
+ state: present
+
+ - name: install node
+ ansible.builtin.package:
+ name: node
+ state: present
+
+ - name: install py39-pip
+ ansible.builtin.package:
+ name: py39-pip
+ state: present
+
+ - name: install spidermonkey 91
+ ansible.builtin.package:
+ name: spidermonkey91
+ state: present
+
+ - name: install help2man
+ ansible.builtin.package:
+ name: help2man
+ state: present
+
+ - name: install openjre 11
+ ansible.builtin.package:
+ name: openjdk11-jre
+ state: present
+
+ - name: install runit
+ ansible.builtin.package:
+ name: runit
+ state: present
+
+ - name: install sphinx
+ ansible.builtin.pip:
+ name: sphinx
+
+ - name: install docutils
+ ansible.builtin.pip:
+ name: docutils
+
+ - name: install pygments
+ ansible.builtin.pip:
+ name: pygments
+
+ - name: install sphinx_rtd_theme
+ ansible.builtin.pip:
+ name: sphinx_rtd_theme
+
+ - name: create jenkins user
+ user:
+ name: jenkins
+ system: true
+
+ - name: set up runit - create service dir
+ file:
+ state: directory
+ dest: /var/service/jenkins
+ recurse: true
+
+ - name: set up runit - upload run script
+ template:
+ src: templates/run.sh.j2
+ dest: /var/service/jenkins/run
+ owner: jenkins
+ mode: 0755
+
+ - name: set up runit - enable runit
+ lineinfile:
+ path: /etc/rc.conf
+ line: runsvdir_enable=yes
+
+ - name: set up runit - start runit service
+ service:
+ name: runsvdir
+ state: started
+
+ - name: set up runit - start jenkins service
+ command: sv start jenkins
diff --git a/freebsd/playbook/inventory/dch/group_vars/arm.yml b/freebsd/playbook/inventory/dch/group_vars/arm.yml
new file mode 100644
index 0000000..b82d116
--- /dev/null
+++ b/freebsd/playbook/inventory/dch/group_vars/arm.yml
@@ -0,0 +1,13 @@
+---
+jenkins_secret: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 61353033373036336534623665666664623737336665633162336130633536386564653637663166
+ 3330623830326261356663363237666264623637326232300a396630363265383930393836336164
+ 30306662336236623739313736313730383862633834373664643736343636386232376365613235
+ 6163633132323534370a313031613735313262323565626531303730306266313432303465643639
+ 61373364346463393334623838656264366631363831336430613966373430386431363939656335
+ 66383039336666383763656539306135643033633131303862353131326561613638663966643433
+ 36343766376566306130356634653466346438326661316161633533346436613634633163666436
+ 30336334316337663231
+
+jenkins_node_url: https://ci-couchdb.apache.org/computer/couchdb%2Dfreebsd%2Darm64/jenkins-agent.jnlp
\ No newline at end of file
diff --git a/freebsd/playbook/inventory/dch/group_vars/intel.yml b/freebsd/playbook/inventory/dch/group_vars/intel.yml
new file mode 100644
index 0000000..ce86bef
--- /dev/null
+++ b/freebsd/playbook/inventory/dch/group_vars/intel.yml
@@ -0,0 +1,13 @@
+---
+jenkins_secret: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 38326463363230316266383463613738303838306237623630386139336466333139396234396631
+ 3262653862633630333532643233353763363661363136660a346664316139643663646436313638
+ 37663630373732356234343335643462653131373862633165353038356261366334366131353637
+ 3362613135653038390a633064386333643335633039613263616630626661383230336238313762
+ 65396338616435303432366439326333653364303336393432316463373731303664373163346634
+ 30646534353837633862396162636536656561346230383534353031623039333665343730303238
+ 36386661343964346133343839393166303466646366663763613236316364313832383032303965
+ 33333639316438366234
+
+jenkins_node_url: https://ci-couchdb.apache.org/computer/couchdb%2Dfreebsd%2Dx86/jenkins-agent.jnlp
\ No newline at end of file
diff --git a/freebsd/playbook/inventory/dch/hosts b/freebsd/playbook/inventory/dch/hosts
new file mode 100644
index 0000000..6297ad7
--- /dev/null
+++ b/freebsd/playbook/inventory/dch/hosts
@@ -0,0 +1,9 @@
+[ci:children]
+intel
+arm
+
+[intel]
+130.61.62.183
+
+[arm]
+130.61.143.37
diff --git a/freebsd/playbook/templates/run.sh.j2 b/freebsd/playbook/templates/run.sh.j2
new file mode 100755
index 0000000..5d4dd05
--- /dev/null
+++ b/freebsd/playbook/templates/run.sh.j2
@@ -0,0 +1,5 @@
+#!/bin/sh -x
+cd /home/jenkins
+curl -O https://ci-couchdb.apache.org/jnlpJars/agent.jar
+
+chpst -ujenkins java -jar agent.jar -jnlpUrl {{ jenkins_node_url }} -workDir "/home/jenkins" -secret {{ jenkins_secret }}