diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 735278cd..c56df890 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -29,4 +29,3 @@ jobs: cd bastille make install rocinante template tests/masterTest - diff --git a/Makefile b/Makefile index 529cbbc2..e45ab625 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,6 @@ BASTILLE_BRANCH=$$(git branch --show-current) BASTILLE_VERSION=$$(git rev-parse --short HEAD) +BASTILLE_DEV_VERSION="${BASTILLE_BRANCH}-${BASTILLE_VERSION}" .PHONY: all all: @@ -9,8 +10,8 @@ install: @echo "Installing Bastille" @echo @echo "Updating Bastille version to match git revision." - @echo "BASTILLE_VERSION: ${BASTILLE_BRANCH}-${BASTILLE_VERSION}" - @sed -i '' "s/BASTILLE_VERSION=.*/BASTILLE_VERSION=${BASTILLE_BRANCH}-${BASTILLE_VERSION}/" usr/local/bin/bastille + @echo "BASTILLE_VERSION: ${BASTILLE_DEV_VERSION}" + @sed -i '' "s|BASTILLE_VERSION=.*|BASTILLE_VERSION=${BASTILLE_DEV_VERSION}|" usr/local/bin/bastille @cp -Rv usr / @gzip -f -n /usr/local/share/man/man8/bastille.8 @echo diff --git a/README.md b/README.md index 3e95a15f..95c464e3 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -Bastille 1.0.x +Bastille 1.x ======== [Bastille](https://bastillebsd.org/) is an open-source system for automating deployment and management of containerized applications on FreeBSD. @@ -6,7 +6,7 @@ deployment and management of containerized applications on FreeBSD. Check the [Bastille Documentation](https://bastille.readthedocs.io/en/latest/) -Potentially breaking changes in 1.0 ⚠️ +Potentially breaking changes since 1.0 ⚠️ ======================================== Up until version 1.0.20250714, Bastille has handled epairs for -V jails using the jib script included in FreeBSD installs. However, for -B jails, @@ -159,7 +159,7 @@ Use "bastille command -h|--help" for more information about a command. Use "bastille -c|--config config.conf command" to specify a non-default config file. ``` -## 1.0.x +## 1.x This document outlines the basic usage of the Bastille container management framework. This release is still considered beta. diff --git a/docs/chapters/installation.rst b/docs/chapters/installation.rst index 3766477d..69a96891 100644 --- a/docs/chapters/installation.rst +++ b/docs/chapters/installation.rst @@ -4,7 +4,7 @@ Bastille is available in the official FreeBSD ports tree at ``sysutils/bastille``. Binary packages are available in quarterly and latest repositories. -Current version is ``1.0.1.250714``. +Current version is ``1.1.0.251001``. To install from the FreeBSD package repository: diff --git a/docs/chapters/networking.rst b/docs/chapters/networking.rst index eebd1eaa..25be017f 100644 --- a/docs/chapters/networking.rst +++ b/docs/chapters/networking.rst @@ -2,8 +2,8 @@ Networking ========== Bastille is very flexible with its networking options. Below are the supported -networking modes, how they work, and some tips on where you might want to use each -one. +networking modes, how they work, and some tips on where you might want to use +each one. Bastille also supports VLANs to some extent. See the VLAN section below. @@ -22,8 +22,8 @@ VNET whatever your interface is called. This will be used for the host/jail epairs. Bastille will create/destroy these epairs as the jail is started/stopped. -* This mode works best if you want your jail to be in your local network, acting as - a physical device with its own MAC address and IP. +* This mode works best if you want your jail to be in your local network, acting + as a physical device with its own MAC address and IP. Bridged VNET ^^^^^^^^^^^^ @@ -33,9 +33,9 @@ Bridged VNET the host/jail epairs to this interface when the jail starts, and remove them\ when it stops. -* This mode is identical to `VNET` above, with one exception. The interface it is - attached to is a manually created bridge, as opposed to a regular interface that - is used with `VNET` above. +* This mode is identical to `VNET` above, with one exception. The interface it + is attached to is a manually created bridge, as opposed to a regular interface + that is used with `VNET` above. Alias/Shared Interface ^^^^^^^^^^^^^^^^^^^^^^ @@ -44,12 +44,12 @@ Alias/Shared Interface within your local subnet (alias mode) Bastille will add the IP to the specified interface as an alias. -* This mode is best used if you have one interface, and don't want the jail to have its - own MAC address. The jail IP will simply be added to the specified interface as an additional - IP, and will inherit the rest of the interface. +* This mode is best used if you have one interface, and don't want the jail to + have its own MAC address. The jail IP will simply be added to the specified + interface as an additional IP, and will inherit the rest of the interface. -* Note that this mode does not function as the two `VNET` modes above, but still allows the jail - to have an IP address inside your local network. +* Note that this mode does not function as the two `VNET` modes above, but still + allows the jail to have an IP address inside your local network. NAT/Loopback Interface ^^^^^^^^^^^^^^^^^^^^^^ @@ -59,14 +59,15 @@ NAT/Loopback Interface additionally, add it to the pf firewall table (if available) to allow the jail outbound access. If you do not specify an interface, Bastille will assume you have run the ``bastille setup`` command and will attempt to use ``bastille0`` - (which is created using the setup command) as its interface. If you have not run - ``bastille setup`` and do not specify an interface, Bastille will error. + (which is created using the setup command) as its interface. If you have not + run ``bastille setup`` and do not specify an interface, Bastille will error. -* This mode works best if you want your jail to be in its own private network. Bastille - will dynamically add each jail IP to the firewall table to ensure network connectivity. +* This mode works best if you want your jail to be in its own private network. + Bastille will dynamically add each jail IP to the firewall table to ensure + network connectivity. -* This mode is similar to the Alias/Shared Interface mode, except that it is not limited to - IP addresses within your local network. +* This mode is similar to the Alias/Shared Interface mode, except that it is not + limited to IP addresses within your local network. Inherit ^^^^^^^ @@ -84,7 +85,8 @@ IP Hostname bastille will simply set ``ip4`` to ``ip_hostname`` inside the jail config. The jail will then function according the jail(8) documentation. -* This is an advanced parameter. See the official FreeBSD jail(8) documentation for details. +* This is an advanced parameter. See the official FreeBSD jail(8) documentation + for details. You cannot use ``-V|--vnet`` with any interface that is already a member of another bridge. For example, if you create a bridge, and assign ``vtnet0`` as a @@ -143,13 +145,17 @@ For the ``inherit`` and ``ip_hostname`` options, you can also specify Networking Limitations ---------------------- -* Bastille handles the epair naming scheme by creating an epair, then naming it ``e0a_JAILNAME`` for - host, and ``e0b_JAILNAME`` for the jail. A know limitaion is that interface cannot exceed 16 - characters. If it is more that 16 characters, FreeBSD will complain and fail to bring it up. To mitigate - this, Bastille will truncate the interface name if it exceeds the character limit in the following manner. - If your jail is called ``mylongjailnamehere``, Bastille will truncate the epairs to ``e0a_mylongjxxre`` and - ``e0b_mylongjxxre``, by using the first 11 characters, then ``xx``, then the last two characters. - This can cause issues if your jail naming scheme is similar to the follwoing example... +* Bastille handles the epair naming scheme by creating an epair, then naming it + ``e0a_JAILNAME`` for host, and ``e0b_JAILNAME`` for the jail. A know limitaion + is that interface cannot exceed 16 characters. If it is more that 16 characters, + FreeBSD will complain and fail to bring it up. To mitigate this, Bastille will + truncate the interface name if it exceeds the character limit in the following + manner. + If your jail is called ``mylongjailnamehere``, Bastille will truncate the + epairs to ``e0a_mylongjxxre`` and ``e0b_mylongjxxre``, by using the first 11 + characters, then ``xx``, then the last two characters. + This can cause issues if your jail naming scheme is similar to the following + example... ``nextcloud1jail`` ``nextcloud2jail`` ``nextcloud3jail`` diff --git a/docs/chapters/subcommands/restart.rst b/docs/chapters/subcommands/restart.rst index 77462c7b..9079779c 100644 --- a/docs/chapters/subcommands/restart.rst +++ b/docs/chapters/subcommands/restart.rst @@ -3,9 +3,9 @@ restart Restart jail(s). -Bastille will attempt to stop, then start the targetted jail(s). If a jail is not running, Bastille -will still start it. To avoid this, run the restart command with ``-i|--ignore`` to skip any -stopped jail(s). +Bastille will attempt to stop, then start the targetted jail(s). If a jail is +not running, Bastille will still start it. To avoid this, run the restart +command with ``-i|--ignore`` to skip any stopped jail(s). .. code-block:: shell @@ -26,4 +26,4 @@ stopped jail(s). -d | --delay VALUE Time (seconds) to wait after starting each jail. -i | --ignore Ignore stopped jails (do not start if stopped). -v | --verbose Print every action on jail restart. - -x | --debug Enable debug mode. \ No newline at end of file + -x | --debug Enable debug mode. diff --git a/docs/chapters/subcommands/zfs.rst b/docs/chapters/subcommands/zfs.rst index dc7a8c62..f0726c71 100644 --- a/docs/chapters/subcommands/zfs.rst +++ b/docs/chapters/subcommands/zfs.rst @@ -1,20 +1,22 @@ zfs === -Manage ZFS properties, create, destroy and rollback snapshots, jail and unjail datasets (ZFS only), -and check ZFS usage for targeted jail(s). +Manage ZFS properties, create, destroy and rollback snapshots, jail and unjail +datasets (ZFS only), and check ZFS usage for targeted jail(s). Snapshot Management ------------------- -Bastille has the ability to create, destroy, and rollback snapshots when using ZFS. To create a snapshot, -run ``bastille zfs TARGET snapshot``. This will create a snapshot with the default ``bastille_TARGET_DATE`` -naming scheme. You can also specify a TAG to use as the naming scheme, such as ``bastille zfs TARGET snapshot mytag``. +Bastille has the ability to create, destroy, and rollback snapshots when using +ZFS. To create a snapshot, run ``bastille zfs TARGET snapshot``. This will create +a snapshot with the default ``bastille_TARGET_DATE`` naming scheme. You can also +specify a TAG to use as the naming scheme, such as ``bastille zfs TARGET snapshot mytag``. Bastille will then create the snapshot with ``@mytag`` as the snapshot name. -Rolling back a snapshot follows the same syntax. If no TAG is supplied, Bastille will attempt to use the -most recent snapshot following the default naming scheme above. To rollback a snapshot with a custom tag, run -``bastille zfs TARGET rollback`` or ``bastille zfs TARGET rollback mytag``. +Rolling back a snapshot follows the same syntax. If no TAG is supplied, Bastille +will attempt to use the most recent snapshot following the default naming scheme +above. To rollback a snapshot with a custom tag, run ``bastille zfs TARGET rollback`` +or ``bastille zfs TARGET rollback mytag``. To destroy a snaphot however, you must supply a TAG. To destroy a snapshot, run ``bastille zfs TARGET destroy mytag``. @@ -32,4 +34,4 @@ To destroy a snaphot however, you must supply a TAG. To destroy a snapshot, run -a | --auto Auto mode. Start/stop jail(s) if required. -v | --verbose Enable verbose mode. - -x | --debug Enable debug mode. \ No newline at end of file + -x | --debug Enable debug mode. diff --git a/docs/conf.py b/docs/conf.py index 68dd29f6..e114e41f 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -5,9 +5,9 @@ copyright = '2018-2025, Christer Edwards' author = 'Christer Edwards' # The short X.Y version -version = '1.0.1' +version = '1.1.0' # The full version, including alpha/beta/rc tags -release = '1.0.1.250714' +release = '1.1.0.251001' # -- General configuration --------------------------------------------------- diff --git a/usr/local/bin/bastille b/usr/local/bin/bastille index 7e2c81a6..edeb1161 100755 --- a/usr/local/bin/bastille +++ b/usr/local/bin/bastille @@ -32,7 +32,7 @@ PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin -BASTILLE_VERSION=1.0.1.250714 +BASTILLE_VERSION=1.1.0.251001 # Validate config file # Copy default when 'setup' is called diff --git a/usr/local/share/bastille/common.sh b/usr/local/share/bastille/common.sh index 69340e3f..b0206e52 100644 --- a/usr/local/share/bastille/common.sh +++ b/usr/local/share/bastille/common.sh @@ -530,7 +530,7 @@ update_jail_syntax_v1() { warn "\n[WARNING]\n" warn "Updating jail.conf file..." warn "Please review your jail.conf file after completion." - warm "VNET jails created without -M will be assigned a new MAC address." + warn "VNET jails created without -M will be assigned a new MAC address." if [ "$(echo -n "e0a_${jail}" | awk '{print length}')" -lt 16 ]; then local new_host_epair=e0a_${jail} @@ -563,7 +563,7 @@ update_jail_syntax_v1() { warn "\n[WARNING]\n" warn "Updating jail.conf file..." warn "Please review your jail.conf file after completion." - warm "VNET jails created without -M will be assigned a new MAC address." + warn "VNET jails created without -M will be assigned a new MAC address." local external_interface="$(grep -Eo "jib addm.*" "${jail_config}" | awk '{print $4}')" diff --git a/usr/local/share/bastille/zfs.sh b/usr/local/share/bastille/zfs.sh index 0e2b42a6..97a7dea1 100644 --- a/usr/local/share/bastille/zfs.sh +++ b/usr/local/share/bastille/zfs.sh @@ -34,7 +34,7 @@ usage() { - error_notify "Usage: bastille zfs [option(s)] TARGET destroy|rollback|snapshot [TAG]" + error_notify "Usage: bastille zfs [option(s)] TARGET destroy|rollback [TAG]|snapshot [TAG]" error_notify " df|usage" error_notify " get|set key=value" error_notify " jail pool/dataset /jail/path"