Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-21 01:30:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

docs: Update setup for consistency

Browse Source
This commit is contained in:
tschettervictor
2025-05-16 18:36:09 -06:00
committed by GitHub
parent 0c3e5b1fd7
commit 2d1dfcd5ce
1 changed files with 39 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
docs/chapters/subcommands/setup.rst
View File

@@ -12,53 +12,68 @@ Below is a list of available options that can be used with the ``setup`` command
.. code-block:: shell .. code-block:: shell
ishmael ~ # bastille setup -h ## display setup help ishmael ~ # bastille setup -h
ishmael ~ # bastille setup -b ## configure bridge interface Usage: bastille setup [option(s)] [bridge]
ishmael ~ # bastille setup -f ## configure filesystem/structure [filesystem]
ishmael ~ # bastille setup -l ## configure loopback interface [loopback]
ishmael ~ # bastille setup -p ## configure default pf firewall [pf|firewall]
ishmael ~ # bastille setup -s ## configure shared interface [shared]
ishmael ~ # bastille setup -v ## configure VNET [vnet]
ishmael ~ # bastille setup -z ## configure ZFS storage [storage]
ishmael ~ # bastille setup ## configure -l -p and -z
The ``-l|loopback`` option will configure a loopback interface called ``bastille0`` that Options:
-y | --yes Assume always yes on prompts.
-x | --debug Enable debug mode.
The ``loopback`` option will configure a loopback interface called ``bastille0`` that
will be used as a default when not specifying an interface with the ``create`` command. will be used as a default when not specifying an interface with the ``create`` command.
The ``-s|shared`` option will configure the interface you choose to also be used as the default The ``shared`` option will configure the interface you choose to also be used as the default
when not specifying an interface with the ``create`` command. when not specifying an interface with the ``create`` command.
Please note. You CANNOT run both a loopback and a shared interface with Bastille. Only one Please note. You CANNOT run both a loopback and a shared interface with Bastille. Only one
should be configured. If you configure one, it will disable the other. should be configured. If you configure one, it will disable the other.
The ``-l|loopback`` option is the default, and is enough for most use cases. It is simply an ``lo`` interface The ``loopback`` option is the default, and is enough for most use cases. It is simply an ``lo`` interface
that jails will get linked to on creation. It is not attached to any specific interface. This is the simplest that jails will get linked to on creation. It is not attached to any specific interface. This is the simplest
networking option. The ``-l|loopback`` and ``-s|shared`` options are only for cases where the ``interface`` networking option. The ``loopback`` and ``shared`` options are only for cases where the ``interface``
is not specified during the ``create`` command. If an interface is specified, these options have no effect. is not specified during the ``create`` command. If an interface is specified, these options have no effect.
Instead, the specified interface will be used. Instead, the specified interface will be used.
The ``-f|--filesystem`` option is to ensure the proper datasets/directories are in place The ``filesystem`` option is to ensure the proper datasets/directories are in place
for using Bastille. This should only have to be run once on a new system. for using Bastille. This should only have to be run once on a new system.
The ``-s|shared`` option is for cases where you want an actual interface to use with bastille as The ``shared`` option is for cases where you want an actual interface to use with bastille as
opposed to a loopback. Jails will be linked to the shared interface on creation. opposed to a loopback. Jails will be linked to the shared interface on creation.
The ``-p|pf|firewall`` option will configure the pf firewall by enabling the service and creating the The ``pf|firewall`` option will configure the pf firewall by enabling the service and creating the
default ``pf.conf`` file. Once this is done, you can use the ``rdr`` command to forward traffic into default ``pf.conf`` file. Once this is done, you can use the ``rdr`` command to forward traffic into
a jail. a jail.
The ``-z|zfs|storage`` option will attempt to configure a pool and dataset for Bastille, but only The ``storage`` option will attempt to configure a pool and dataset for Bastille, but only
if ZFS in enabled on your system. if ZFS in enabled on your system. Otherwise it will use UFS.
The ``-v|vnet`` option will configure your system for use with VNET ``-V`` jails. The ``vnet`` option will configure your system for use with VNET ``-V`` jails.
The ``-b|bridge`` options will attempt to configure a bridge interface for use with bridged VNET The ``bridge`` options will attempt to configure a bridge interface for use with bridged VNET
``-B`` jails. ``-B`` jails.
Running ``bastille setup`` without any options will attempt to auto-configure the ``-f``, ``-l``, ``-p`` and Running ``bastille setup`` without any options will attempt to auto-configure the ``filesystem``, ``loopback``, ``firewall`` and
``-z`` options. ``storage`` options.
.. code-block:: shell .. code-block:: shell
ishmael ~ # bastille setup help ishmael ~ # bastille setup -h
Usage: bastille setup [-b|bridge] [-f|--filesystem] [-l|loopback] [-p|pf|firewall] [-s|shared] [-v|vnet] [-z|zfs|storage] Usage: bastille setup [option(s)] [bridge]
[filesystem]
[loopback]
[pf|firewall]
[shared]
[vnet]
[storage]
Options:
-y | --yes Assume always yes on prompts.
-x | --debug Enable debug mode.