BastilleBSD_bastille/docs/chapters/jail-startup-configuration.rst

Jail Startup Configuration
==========================

Bastille can start jails on system startup, and stop them on system shutdown.
To enable this functionality, we must first enable Bastille as a service using
``sysrc bastille_enable=YES``. Once you reboot your host, all jails with
``boot=on`` will be started when the host boots.

If you have certain jails that must be started before other jails, you can use
the priority option. Jails will start in order starting at the lowest value, and
will stop in order starting at the highest value. So, jails with a priority value
of 1 will start first, and stop last.

See :doc:`Targeting <chapters/targeting>`for more info.

Boot
----

The boot setting controls whether a jail will be started on system startup. If
you have enabled bastille with ``sysrc bastille_enable=YES``, all jails with
``boot=on`` will start on system startup. Any jail(s) with ``boot=off`` will not
be started on system startup.

By default, when jails are created with Bastille, the boot setting is set to ``on``
by default. This can be overridden using the ``--no-boot`` flag.
See ``bastille create --no-boot TARGET...``.

You can also use ``bastille start --boot TARGET`` to make Bastille respect the
boot setting. If ``-b|--boot`` is not used, the targeted jail(s) will start,
regardless of the boot setting.

Jails will still shut down on system shutdown, regardless of this setting.

The ``-b|--boot`` can also be used with the ``stop`` command. Any jails with
``boot=off`` will not be touched if ``stop`` is called with ``-b|--boot``. Same
goes for the ``restart`` command.

This value can be changed using ``bastille config TARGET set boot [on|off]``.

This value will be shown using ``bastille list all``.

Depend
------

Bastille supports configuring jails to depend on each other when started and
stopped. If jail1 "depends" on jail2, then jail2 will be started if it is not
running when ``bastille start jail1`` is called. Any jail that jail1 "depends"
on will first be verified running (started if stopped) before jail1 is started.

For example, I have 3 jails called nginx, mariadb and nextcloud. I want to
ensure that nginx and mariadb are running before nextcloud is started.

First we must add both jails to nextcloud's depend property with
``bastille config nextcloud set depend "mariadb nginx"``.
Then, when we start nextcloud with ``bastille start nextcloud`` it will verify
that nginx and mariadb are running (start if stopped) before starting nextcloud.

When stopping a jail, any jail that "depends" on it will first be stopped.
For example, if we run ``bastille stop nginx``, then nextcloud will first be
stopped because it "depends" on nginx.

Note that if we do a ``bastille restart nginx``, however, nextcloud will be
stopped, because it "depends" on nginx, but will not be started again, because
the jail we just restarted, nginx, does not depend on nextcloud.

Parallel Startup
----------------

Bastille supports starting, stopping and restarting jails in parallel mode using
the ``rc`` service script. To enable this functionality, set
``bastille_parallel_limit`` to a numeric value.

For example, if you run ``sysrc bastille_parallel_limit=4``, then Bastille will
start 4 jails at a time on system startup, as well as stop or restart 4 jails at
a time when ``service bastille...`` is called.

This value is set to 1 by default, to only start/stop/restart jails one at a time.

Startup Delay
-------------

Sometimes it is necessary to let a jail start fully before continuing to the
next jail.

We can do this with another sysrc value called ``bastille_startup_delay``.
Setting ``bastille_startup_delay=5`` will tell Bastille to wait 5 seconds between
starting each jail.

You can also use ``bastille start -d|--delay 5 all`` or
``bastille restart -d|--delay 5 all`` to achieve the same thing.