2025-05-02 12:25:17 -06:00
|
|
|
Jail Startup Configuration
|
|
|
|
|
==========================
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
Bastille can start jails on system startup, and stop them on system shutdown.
|
|
|
|
|
To enable this functionality, we must first enable Bastille as a service using
|
|
|
|
|
``sysrc bastille_enable=YES``. Once you reboot your host, all jails with
|
|
|
|
|
``boot=on`` will be started when the host boots.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
If you have certain jails that must be started before other jails, you can use
|
|
|
|
|
the priority option. Jails will start in order starting at the lowest value, and
|
|
|
|
|
will stop in order starting at the highest value. So, jails with a priority value
|
|
|
|
|
of 1 will start first, and stop last.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-11-09 17:24:39 -07:00
|
|
|
See :doc:`Targeting <chapters/targeting>`for more info.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
|
|
|
|
Boot
|
|
|
|
|
----
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
The boot setting controls whether a jail will be started on system startup. If
|
|
|
|
|
you have enabled bastille with ``sysrc bastille_enable=YES``, all jails with
|
|
|
|
|
``boot=on`` will start on system startup. Any jail(s) with ``boot=off`` will not
|
|
|
|
|
be started on system startup.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
By default, when jails are created with Bastille, the boot setting is set to ``on``
|
|
|
|
|
by default. This can be overridden using the ``--no-boot`` flag.
|
|
|
|
|
See ``bastille create --no-boot TARGET...``.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
You can also use ``bastille start --boot TARGET`` to make Bastille respect the
|
|
|
|
|
boot setting. If ``-b|--boot`` is not used, the targeted jail(s) will start,
|
|
|
|
|
regardless of the boot setting.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
|
|
|
|
Jails will still shut down on system shutdown, regardless of this setting.
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
The ``-b|--boot`` can also be used with the ``stop`` command. Any jails with
|
|
|
|
|
``boot=off`` will not be touched if ``stop`` is called with ``-b|--boot``. Same
|
|
|
|
|
goes for the ``restart`` command.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-04-20 20:00:02 -07:00
|
|
|
This value can be changed using ``bastille config TARGET set boot [on|off]``.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
|
|
|
|
This value will be shown using ``bastille list all``.
|
|
|
|
|
|
2025-05-02 12:25:17 -06:00
|
|
|
Depend
|
|
|
|
|
------
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
Bastille supports configuring jails to depend on each other when started and
|
|
|
|
|
stopped. If jail1 "depends" on jail2, then jail2 will be started if it is not
|
|
|
|
|
running when ``bastille start jail1`` is called. Any jail that jail1 "depends"
|
|
|
|
|
on will first be verified running (started if stopped) before jail1 is started.
|
2025-05-02 12:25:17 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
For example, I have 3 jails called nginx, mariadb and nextcloud. I want to
|
|
|
|
|
ensure that nginx and mariadb are running before nextcloud is started.
|
2025-05-02 12:25:17 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
First we must add both jails to nextcloud's depend property with
|
|
|
|
|
``bastille config nextcloud set depend "mariadb nginx"``.
|
|
|
|
|
Then, when we start nextcloud with ``bastille start nextcloud`` it will verify
|
|
|
|
|
that nginx and mariadb are running (start if stopped) before starting nextcloud.
|
2025-05-02 12:25:17 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
When stopping a jail, any jail that "depends" on it will first be stopped.
|
|
|
|
|
For example, if we run ``bastille stop nginx``, then nextcloud will first be
|
|
|
|
|
stopped because it "depends" on nginx.
|
2025-05-02 12:25:17 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
Note that if we do a ``bastille restart nginx``, however, nextcloud will be
|
|
|
|
|
stopped, because it "depends" on nginx, but will not be started again, because
|
|
|
|
|
the jail we just restarted, nginx, does not depend on nextcloud.
|
2025-05-02 12:25:17 -06:00
|
|
|
|
2025-05-03 19:20:22 -06:00
|
|
|
Parallel Startup
|
|
|
|
|
----------------
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
Bastille supports starting, stopping and restarting jails in parallel mode using
|
|
|
|
|
the ``rc`` service script. To enable this functionality, set
|
2025-05-03 19:30:24 -06:00
|
|
|
``bastille_parallel_limit`` to a numeric value.
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
For example, if you run ``sysrc bastille_parallel_limit=4``, then Bastille will
|
|
|
|
|
start 4 jails at a time on system startup, as well as stop or restart 4 jails at
|
|
|
|
|
a time when ``service bastille...`` is called.
|
2025-05-03 19:20:22 -06:00
|
|
|
|
2025-05-03 19:30:24 -06:00
|
|
|
This value is set to 1 by default, to only start/stop/restart jails one at a time.
|
2025-05-03 19:20:22 -06:00
|
|
|
|
2025-04-20 12:57:43 -06:00
|
|
|
Startup Delay
|
|
|
|
|
-------------
|
|
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
Sometimes it is necessary to let a jail start fully before continuing to the
|
|
|
|
|
next jail.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
We can do this with another sysrc value called ``bastille_startup_delay``.
|
|
|
|
|
Setting ``bastille_startup_delay=5`` will tell Bastille to wait 5 seconds between
|
|
|
|
|
starting each jail.
|
2025-04-20 12:57:43 -06:00
|
|
|
|
2025-07-08 22:40:28 -05:00
|
|
|
You can also use ``bastille start -d|--delay 5 all`` or
|
|
|
|
|
``bastille restart -d|--delay 5 all`` to achieve the same thing.
|
