Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-20 01:02:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #848 from BastilleBSD/tschettervictor-patch-1

Browse Source 
docs: Document missing template hooks
This commit is contained in:
tschettervictor
2025-02-16 17:45:02 -07:00
committed by GitHub
parent 6676544532 d23ba945c9
commit 28dac697d4
1 changed files with 54 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
docs/chapters/template.rst
View File

@@ -6,8 +6,8 @@ Looking for ready made CI/CD validated `Bastille Templates`_?
Bastille supports a templating system allowing you to apply files, pkgs and
execute commands inside the containers automatically.
Currently supported template hooks are: `CMD`, `CP`, `INCLUDE`, `LIMITS`, `MOUNT`,
`PKG`, `RDR`, `SERVICE`, `SYSRC`.
Currently supported template hooks are: `ARG`, `CMD`, `CONFIG`, `CP`, `INCLUDE`,
`LIMITS`, `MOUNT`, `OVERLAY`, `PKG`, `RDR`, `RENDER`, `RESTART`, `SERVICE`, `SYSRC`.
Templates are created in `${bastille_prefix}/templates` and can leverage any of
the template hooks.
@@ -23,27 +23,55 @@ template hook commands.
Template Automation Hooks
-------------------------
+---------+-------------------+-----------------------------------------+
| HOOK | format | example |
+=========+===================+=========================================+
| CMD | /bin/sh command | /usr/bin/chsh -s /usr/local/bin/zsh |
+---------+-------------------+-----------------------------------------+
| CP | path(s) | etc root usr (one per line) |
+---------+-------------------+-----------------------------------------+
| INCLUDE | template path/URL | http?://TEMPLATE_URL or project/path |
+---------+-------------------+-----------------------------------------+
| LIMITS | resource value | memoryuse 1G |
+---------+-------------------+-----------------------------------------+
| MOUNT | fstab syntax | /host/path container/path nullfs ro 0 0 |
+---------+-------------------+-----------------------------------------+
| PKG | port/pkg name(s) | vim-console zsh git-lite tree htop |
+---------+-------------------+-----------------------------------------+
| RDR | tcp port port | tcp 2200 22 (hostport jailport) |
+---------+-------------------+-----------------------------------------+
| SERVICE | service command | 'nginx start' OR 'postfix reload' |
+---------+-------------------+-----------------------------------------+
| SYSRC | sysrc command(s) | nginx_enable=YES |
+---------+-------------------+-----------------------------------------+
+-------------+---------------------+-----------------------------------------+
| HOOK | format | example |
+=============+=====================+=========================================+
| ARG | ARG=VALUE | MINECRAFT_MEMX="1024M" |
+-------------+---------------------+-----------------------------------------+
| CMD | /bin/sh command | /usr/bin/chsh -s /usr/local/bin/zsh |
+-------------+---------------------+-----------------------------------------+
| CONFIG | set property value | set allow.mlock 1 |
+-------------+---------------------+-----------------------------------------+
| CP/OVERLAY | path(s) | etc root usr (one per line) |
+-------------+---------------------+-----------------------------------------+
| INCLUDE | template path/URL | http?://TEMPLATE_URL or project/path |
+-------------+---------------------+-----------------------------------------+
| LIMITS | resource value | memoryuse 1G |
+-------------+---------------------+-----------------------------------------+
| MOUNT | fstab syntax | /host/path container/path nullfs ro 0 0 |
+-------------+---------------------+-----------------------------------------+
| OVERLAY | path(s) | etc root usr (one per line) |
+-------------+---------------------+-----------------------------------------+
| PKG | port/pkg name(s) | vim-console zsh git-lite tree htop |
+-------------+---------------------+-----------------------------------------+
| RDR | tcp port port | tcp 2200 22 (hostport jailport) |
+-------------+---------------------+-----------------------------------------+
| RENDER | /path/file.txt | /usr/local/etc/gitea/conf/app.ini |
+-------------+---------------------+-----------------------------------------+
| RESTART | | (restart jail) |
+-------------+---------------------+-----------------------------------------+
| SERVICE | service command | 'nginx start' OR 'postfix reload' |
+-------------+---------------------+-----------------------------------------+
| SYSRC | sysrc command(s) | nginx_enable=YES |
+-------------+---------------------+-----------------------------------------+
Template Hook Descriptions
--------------------------
ARG - set an ARG value to be used in the template
CMD - run the specified command
CONFIG - set the specified property and value
CP/OVERLAY - copy specified files from template directory to specified path inside jail
INCLUDE - specify a template to include
LIMITS - set the specified resource value for the jail
MOUNT - mount specified files/directories inside the jail
PKG - install specified packages inside jail
RDR - redirect specified ports to the jail
RENDER - replace ARG values inside specified files inside the jail
if a directory is specified, ARGS will be replaced in all files underneath
RESTART - restart the jail
SERVICE - run 'service' command inside the jail with specified arguments
SYSRC - run 'sysrc' inside the jail with specified arguments
Special Hook Cases
------------------
@@ -54,6 +82,9 @@ ie; (`\\"`)
ARG will always treat an ampersand "\&" literally, without the need to escape it.
Escaping it will cause errors.
Template Examples
-----------------
Place these uppercase template hook commands into a `Bastillefile` in any order
and automate container setup as needed.