standardize options in create matrix

.readthedocs.yaml

@@ -3,5 +3,7 @@ version: 2
 sphinx:
   configuration: docs/conf.py
 
-python:
+build:
-  version: 3.11
+  os: "ubuntu-22.04"
+  tools:
+    python: "3.11"

README.md

@@ -30,7 +30,7 @@ make install
 **enable at boot**
 ```shell
 sysrc bastille_enable=YES
-sysrc bastille_list="azkaban alcatraz" # (optional whitelist of jails to start at boot; default: ALL)
+sysrc bastille_rcorder=YES
 ```
 
 Upgrading from a previous version
@@ -40,7 +40,7 @@ When upgrading from a previous version of bastille (e.g. 0.10.20230714 to
 
 ```shell
 cd /usr/local/etc/bastille
-vimdiff bastille.conf bastille.conf.sample
+diff -u bastille.conf bastille.conf.sample
 ```
 
 Merge the lines that are present in the new bastille.conf.sample into
@@ -75,6 +75,7 @@ Available Commands:
   mount       Mount a volume inside the targeted container(s).
   pkg         Manipulate binary packages within targeted container(s). See pkg(8).
   rdr         Redirect host port to container port.
+  rcp         reverse cp(1) files from a single container to the host.
   rename      Rename a container.
   restart     Restart a running container.
   service     Manage services within targeted container(s).
@@ -131,7 +132,7 @@ Example (create, start, console)
 This example creates, starts and consoles into the container.
 
 ```shell
-ishmael ~ # bastille create alcatraz 13.2-RELEASE 10.17.89.10
+ishmael ~ # bastille create alcatraz 14.0-RELEASE 10.17.89.10/24
 ```
 
 ```shell
@@ -143,7 +144,7 @@ alcatraz: created
 ```shell
 ishmael ~ # bastille console alcatraz
 [alcatraz]:
-FreeBSD 13.2-RELEASE-p4 GENERIC
+FreeBSD 14.0-RELEASE GENERIC
 
 Welcome to FreeBSD!
 

docs/chapters/installation.rst

@@ -4,7 +4,7 @@ Bastille is available in the official FreeBSD ports tree at
 `sysutils/bastille`. Binary packages available in `quarterly` and `latest`
 repositories.
 
-Current version is `0.10.20231013`.
+Current version is `0.10.20231125`.
 
 To install from the FreeBSD package repository:
 
@@ -19,6 +19,7 @@ PKG
 
   pkg install bastille
   sysrc bastille_enable=YES
+  sysrc bastille_rcorder=YES
 
 
 To install from source (don't worry, no compiling):
@@ -30,6 +31,7 @@ ports
 
   make -C /usr/ports/sysutils/bastille install clean
   sysrc bastille_enable=YES
+  sysrc bastille_rcorder=YES
 
 
 GIT
@@ -41,6 +43,7 @@ GIT
   cd bastille
   make install
   sysrc bastille_enable=YES
+  sysrc bastille_rcorder=YES
 
 This method will install the latest files from GitHub directly onto your
 system. It is verbose about the files it installs (for later removal), and also

docs/chapters/networking.rst

@@ -128,6 +128,11 @@ host system:
   ## /etc/devfs.rules (NOT .conf)
   
   [bastille_vnet=13]
+  add include $devfsrules_hide_all
+  add include $devfsrules_unhide_basic
+  add include $devfsrules_unhide_login
+  add include $devfsrules_jail
+  add include $devfsrules_jail_vnet
   add path 'bpf*' unhide
 
 Lastly, you may want to consider these three `sysctl` values:
@@ -155,8 +160,6 @@ Below is the definition of what these three parameters are used for and mean:
 				    interface, set to 0	to disable it.
 
   
-
-
 **Regarding Routes**
 
 Bastille will attempt to auto-detect the default route from the host system and

docs/chapters/subcommands/bootstrap.rst

@@ -27,7 +27,7 @@ release version as the argument.
 
 .. code-block:: shell
 
-  ishmael ~ # bastille bootstrap 12.4-RELEASE [update]
+  ishmael ~ # bastille bootstrap 14.0-RELEASE [update]
   ishmael ~ # bastille bootstrap 13.2-RELEASE [update]
 
 To `bootstrap` a HardenedBSD release, run the bootstrap sub-command with the
@@ -43,6 +43,21 @@ download the requested release. For each requested release, `bootstrap` will
 download the base.txz. These files are verified (sha256 via MANIFEST file)
 before they are extracted for use.
 
+EOL Releases
+------------
+
+It is sometimes necessary to run end-of-life releases for testing or legacy
+application support. Dy default Bastille will only install supported releases
+but you can bootstrap EOL / unsupported releases with a simple trick.
+
+.. code-block:: shell
+
+   ishmael ~ # export BASTILLE_URL_FREEBSD=http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/
+   ishmael ~ # bastille bootstrap 11.2-RELEASE
+
+By overriding the BASTILLE_URL_FREEBSD variable you can now bootstrap archived
+releases from the FTP archive.
+
 Tips
 ----
 

docs/conf.py

@@ -12,9 +12,9 @@ copyright = '2018-2023, Christer Edwards'
 author = 'Christer Edwards'
 
 # The short X.Y version
-version = '0.10.20231013'
+version = '0.10.20231125'
 # The full version, including alpha/beta/rc tags
-release = '0.10.20231013-beta'
+release = '0.10.20231125-beta'
 
 
 # -- General configuration ---------------------------------------------------
@@ -26,10 +26,10 @@ templates_path = ['_templates']
 
 source_suffix = ['.rst', '.md']
 
-from recommonmark.parser import CommonMarkParser
+#from recommonmark.parser import CommonMarkParser
-source_parsers = {
+#source_parsers = {
-    '.md': CommonMarkParser,
+#    '.md': CommonMarkParser,
-}
+#}
 
 master_doc = 'index'
 language = None

usr/local/bin/bastille

@@ -62,7 +62,7 @@ bastille_perms_check() {
 bastille_perms_check
 
 ## version
-BASTILLE_VERSION="0.10.20231013"
+BASTILLE_VERSION="0.10.20231125"
 
 usage() {
     cat << EOF

usr/local/share/bastille/bootstrap.sh

@@ -473,6 +473,11 @@ if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" !=
     fi
 fi
 
+## allow override bootstrap URLs via environment variables
+[ -n ${BASTILLE_URL_FREEBSD} ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
+[ -n ${BASTILLE_URL_HARDENEDBSD} ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
+[ -n ${BASTILLE_URL_MIDNIGHTBSD} ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
+
 ## Filter sane release names
 case "${1}" in
 2.[0-9]*)
@@ -491,7 +496,7 @@ case "${1}" in
     ;;
 *-RELEASE|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
     ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
+    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([0-9]{1,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
     UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
     PLATFORM_OS="FreeBSD"
     validate_release_url

usr/local/share/bastille/create.sh

@@ -607,36 +607,80 @@ LINUX_JAIL=""
 # Handle and parse options
 while [ $# -gt 0 ]; do
     case "${1}" in
-        -E|--empty|empty)
+        -E|--empty)
             EMPTY_JAIL="1"
             shift
             ;;
-        -L|--linux|linux)
+        -L|--linux)
             LINUX_JAIL="1"
             shift
             ;;
-        -T|--thick|thick)
+        -T|--thick)
             THICK_JAIL="1"
             shift
             ;;
-        -V|--vnet|vnet)
+        -V|--vnet)
             VNET_JAIL="1"
             shift
             ;;
-        -B|--bridge|bridge)
+        -B|--bridge)
             VNET_JAIL="1"
             VNET_JAIL_BRIDGE="1"
             shift
             ;;
-        -C|--clone|clone)
+        -C|--clone)
             CLONE_JAIL="1"
             shift
             ;;
+        -CV|-VC|--clone-vnet)
+            CLONE_JAIL="1"
+            VNET_JAIL="1"
+            shift
+            ;;
+        -CB|-BC|--clone-bridge)
+            CLONE_JAIL="1"
+            VNET_JAIL="1"
+            VNET_JAIL_BRIDGE="1"
+            shift
+            ;;
+        -TV|-VT|--thick-vnet)
+            THICK_JAIL="1"
+            VNET_JAIL="1"
+            shift
+            ;;
+        -TB|-BT|--thick-bridge)
+            THICK_JAIL="1"
+            VNET_JAIL="1"
+            VNET_JAIL_BRIDGE="1"
+            shift
+            ;;
+        -EB|-BE|--empty-bridge)
+            EMPTY_JAIL="1"
+            VNET_JAIL="1"
+            VNET_JAIL_BRIDGE="1"
+            shift
+            ;;
+        -EV|-VE|--empty-vnet)
+            EMPTY_JAIL="1"
+            VNET_JAIL="1"
+            shift
+            ;;
+        -LV|-VL|--linux-vnet)
+            LINUX_JAIL="1"
+            VNET_JAIL="1"
+            shift
+            ;;
+        -LB|-BL|--linux-bridge)
+            LINUX_JAIL="1"
+            VNET_JAIL="1"
+            VNET_JAIL_BRIDGE="1"
+            shift
+            ;;
         -*|--*)
             error_notify "Unknown Option."
             usage
             ;;
-       *)
+        *)
             break
             ;;
     esac