2025-11-09 12:31:39 -07:00
|
|
|
<p align="center">
|
|
|
|
|
<img src="docs/images/bastille.jpeg" width="60%" height="auto" />
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
----
|
2018-04-06 13:40:48 -06:00
|
|
|
|
2019-08-02 10:00:03 -06:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
Table of Contents
|
|
|
|
|
=================
|
2025-07-09 09:41:10 -05:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
* [Table of Contents](#table-of-contents)
|
|
|
|
|
* [Bastille](#bastille)
|
|
|
|
|
* [Installation](#installation)
|
|
|
|
|
* [Usage](#usage)
|
|
|
|
|
* [Getting Started](#getting-started)
|
|
|
|
|
* [Documentation](#documentation)
|
|
|
|
|
* [Comparing](#comparing)
|
2025-11-09 12:31:39 -07:00
|
|
|
* [Breaking Changes](#breaking-changes)
|
|
|
|
|
* [Support](#support)
|
2025-07-09 09:41:10 -05:00
|
|
|
|
2025-07-20 08:04:25 -06:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
# Bastille
|
2025-07-09 09:41:10 -05:00
|
|
|
|
2025-11-09 12:31:39 -07:00
|
|
|
Bastille is an open-source system for automating
|
2025-11-09 12:25:32 -07:00
|
|
|
deployment and management of containerized applications on FreeBSD.
|
2025-05-01 10:38:50 -07:00
|
|
|
|
2025-11-09 12:31:39 -07:00
|
|
|
[Official BastilleBSD Website](https://bastillebsd.org)
|
|
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
## Installation
|
2025-05-01 10:15:43 -07:00
|
|
|
|
2023-10-10 19:51:10 -06:00
|
|
|
Bastille is available for installation from the official FreeBSD ports tree.
|
2018-11-18 20:37:03 -07:00
|
|
|
|
2019-06-22 09:28:42 -06:00
|
|
|
**pkg**
|
|
|
|
|
```shell
|
2019-03-11 17:51:32 -06:00
|
|
|
pkg install bastille
|
|
|
|
|
```
|
2018-11-18 20:37:03 -07:00
|
|
|
|
2019-06-22 09:28:42 -06:00
|
|
|
**ports**
|
|
|
|
|
```shell
|
2019-11-22 21:59:11 -07:00
|
|
|
portsnap fetch auto
|
2019-06-22 09:28:42 -06:00
|
|
|
make -C /usr/ports/sysutils/bastille install clean
|
2018-11-18 20:37:03 -07:00
|
|
|
```
|
|
|
|
|
|
2020-02-16 14:23:05 -07:00
|
|
|
**Git** (bleeding edge / unstable -- primarily for developers)
|
2019-11-28 09:21:13 -07:00
|
|
|
```shell
|
2023-10-10 19:51:10 -06:00
|
|
|
git clone https://github.com/bastillebsd/bastille.git
|
2019-11-28 09:21:13 -07:00
|
|
|
cd bastille
|
|
|
|
|
make install
|
|
|
|
|
```
|
|
|
|
|
|
2019-11-23 13:50:55 -07:00
|
|
|
**enable at boot**
|
|
|
|
|
```shell
|
|
|
|
|
sysrc bastille_enable=YES
|
|
|
|
|
```
|
|
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
### Upgrading
|
|
|
|
|
|
2025-09-23 18:51:04 +02:00
|
|
|
When upgrading from a previous version of bastille (e.g. 0.10.20230714 to
|
2023-11-13 20:00:41 +11:00
|
|
|
0.10.20231013) you will need to update your bastille.conf
|
|
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
Be sure to read the [Breaking Changes](#breaking-changes) below.
|
|
|
|
|
|
2023-11-13 20:00:41 +11:00
|
|
|
```shell
|
|
|
|
|
cd /usr/local/etc/bastille
|
2023-11-24 15:20:15 -07:00
|
|
|
diff -u bastille.conf bastille.conf.sample
|
2023-11-13 20:00:41 +11:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Merge the lines that are present in the new bastille.conf.sample into
|
|
|
|
|
your bastille.conf
|
|
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
## Usage
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
See [Usage](https://bastille.readthedocs.io/en/latest/chapters/usage.html)
|
2018-04-07 14:57:48 -06:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
## Getting Started
|
2019-11-22 21:59:11 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
See [Getting Started](https://bastille.readthedocs.io/en/latest/chapters/getting-started.html)
|
2018-04-07 14:57:48 -06:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
## Documentation
|
|
|
|
|
|
|
|
|
|
See [Documentation](https://bastille.readthedocs.io/en/latest/)
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
## Comparing
|
2018-04-07 14:57:48 -06:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
See [Comparing](https://bastille.readthedocs.io/en/latest/chapters/comparing.html)
|
2020-02-01 16:06:13 +00:00
|
|
|
|
2025-11-09 12:32:44 -07:00
|
|
|
## Breaking Changes
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
### Version 1.x
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
Up until version 1.0.20250714, Bastille has handled epairs for -V jails
|
|
|
|
|
using the jib script included in FreeBSD installs. However, for -B jails,
|
|
|
|
|
Bastille statically assigned an epair to each jail. This means you can only
|
|
|
|
|
run one type (-V or -B) of VNET jails on a given system.
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
Starting with version 1.0.20250714, we are now handling all epairs
|
|
|
|
|
dynamically, allowing the use of both types of VNET jails without issue. We
|
|
|
|
|
have also selected a naming scheme that will allow for consistency across
|
|
|
|
|
these jail types. The naming scheme is as follows:
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
`e0a_jailname` and `e0b_jailname` are the default epair interfaces for every
|
|
|
|
|
jail. The `e0a` side is on the host, while the `e0b` is in the jail. This will
|
|
|
|
|
allow better management when trying to figure out which jail a given epair is
|
|
|
|
|
linked to. Due to a limitations in how long an interface name can be, Bastille
|
|
|
|
|
will name any epairs whose jail names exceed the maximum length, to
|
|
|
|
|
`e0b_bastille1` and `e0b_bastille1` with the `1` incrementing by 1 for
|
|
|
|
|
each new epair. So, mylongjailname will be `e0a_bastille2` and `e0b_bastille2`.
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
If you decide to add an interface using the network sub-command, they will
|
|
|
|
|
be named `e1a_jailname` and `e1b_jailname` respectively. The number included
|
|
|
|
|
in the prefix `eXa_` will increment by 1 for each interface you add.
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2025-11-09 12:25:32 -07:00
|
|
|
### Mandatory
|
|
|
|
|
|
|
|
|
|
We have tried our best to auto-convert each jails jail.conf and rc.conf
|
|
|
|
|
to the new syntax (this happens when the jail is stopped). It isn't a huge
|
|
|
|
|
change (only a handful of lines), but if you do have an issue please open a
|
|
|
|
|
bug report.
|
|
|
|
|
|
|
|
|
|
After updating, you must restart all your jails (probably one at a time, in
|
|
|
|
|
case of issues) to have Bastille convert the jail.conf and rc.conf files.
|
|
|
|
|
This simply involves renaming the epairs to the new syntax.
|
|
|
|
|
|
|
|
|
|
If you have used the network sub-command to add any number of interfaces, you
|
|
|
|
|
will have to edit the jail.conf and rc.conf files for each jail to update
|
|
|
|
|
the names of the epair interfaces. This is because all epairs will have been
|
|
|
|
|
renamed to e0... in both files. For each additional one, simply increment
|
|
|
|
|
the number by 1.
|
|
|
|
|
|
|
|
|
|
### Important Limitations
|
|
|
|
|
|
|
|
|
|
Due to the JIB script that gets used when creating VNET jails, you
|
|
|
|
|
will face changes with the MAC address if these jails.
|
|
|
|
|
|
|
|
|
|
If you have any VNET jails (created with -V), the MAC addresses
|
|
|
|
|
will change if you did not also use -M when creating them. This
|
|
|
|
|
is due to the JIB script generating a MAC based on the jail interface
|
|
|
|
|
name.
|
|
|
|
|
|
|
|
|
|
If you did use -M when creating them, the MAC should stay the same.
|
|
|
|
|
|
2025-11-09 12:31:39 -07:00
|
|
|
## Support
|
2018-11-07 10:36:54 -07:00
|
|
|
|
2018-11-18 23:11:02 -07:00
|
|
|
If you've found a bug in Bastille, please submit it to the [Bastille Issue
|
2025-11-09 12:25:32 -07:00
|
|
|
Tracker](https://github.com/bastillebsd/bastille/issues/new)
|
