mirror of
https://github.com/hackacad/bastille.git
synced 2025-12-18 00:00:40 +01:00
doc: reformat and reflow documentation for consistent 80-column text
This commit is contained in:
Juan David Hurtado G
@@ -18,7 +18,8 @@ RELEASE as args.
|
||||
|
||||
ishmael ~ # bastille convert azkaban myrelease
|
||||
|
||||
This release can then be used to create a thick jail using the ``--no-validate`` flag.
|
||||
This release can then be used to create a thick jail using the ``--no-validate``
|
||||
flag.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
@@ -33,4 +34,4 @@ This release can then be used to create a thick jail using the ``--no-validate``
|
||||
|
||||
-a | --auto Auto mode. Start/stop jail(s) if required.
|
||||
-y | --yes Do not prompt. Just convert.
|
||||
-x | --debug Enable debug mode.
|
||||
-x | --debug Enable debug mode.
|
||||
|
||||
@@ -11,29 +11,30 @@ To add a limit, use ``bastille limits TARGET add OPTION VALUE``.
|
||||
To clear the limits from the system, use ``bastille limits TARGET clear``.
|
||||
|
||||
To clear the limits, and remove the rctl.conf, so that limits will not be loaded
|
||||
on a restart, use ``bastille limits TARGET reset``. This removes the ``rctl.conf`` file,
|
||||
and removes any active limits from the system.
|
||||
on a restart, use ``bastille limits TARGET reset``. This removes the ``rctl.conf``
|
||||
file, and removes any active limits from the system.
|
||||
|
||||
To remove a limit, use ``bastille limits TARGET remove OPTION``.
|
||||
|
||||
This file can be edited manually using ``bastille edit TARGET rctl.conf``.
|
||||
|
||||
Supported actions are ``add``, ``remove``, ``clear``, ``reset``, ``list``, ``show``, and
|
||||
``stats``.
|
||||
Supported actions are ``add``, ``remove``, ``clear``, ``reset``, ``list``,
|
||||
``show``, and ``stats``.
|
||||
|
||||
cpuset
|
||||
------
|
||||
|
||||
Bastille supports limiting CPUs using ``cpuset``. To limit a jail to a specific CPU, use
|
||||
``bastille limits TARGET cpu 2,3,4``` where the value (2,3,4) is a comma-separated list of CPUs on
|
||||
your system. Bastille will validate the CPUs, and error if they are not available to be used.
|
||||
Bastille supports limiting CPUs using ``cpuset``. To limit a jail to a specific
|
||||
CPU, use ``bastille limits TARGET cpu 2,3,4``` where the value (2,3,4) is a
|
||||
comma-separated list of CPUs on your system. Bastille will validate the CPUs, and
|
||||
error if they are not available to be used.
|
||||
|
||||
To adjust the CPU limits, run ``bastille limits TARGET cpu 1,2,3`` again with a new set of CPU
|
||||
values. This will overwrite the ``cpuset.conf`` file. This will restrict the targetted jail(s) to
|
||||
the specified CPUs.
|
||||
To adjust the CPU limits, run ``bastille limits TARGET cpu 1,2,3`` again with a
|
||||
new set of CPU values. This will overwrite the ``cpuset.conf`` file. This will
|
||||
restrict the targetted jail(s) to the specified CPUs.
|
||||
|
||||
CPU limits are cleared when the jail is stopped, and loaded again on jail start, providing the CPU
|
||||
values are present in ``cpuset.conf`` inside the jail directory.
|
||||
CPU limits are cleared when the jail is stopped, and loaded again on jail start,
|
||||
providing the CPU values are present in ``cpuset.conf`` inside the jail directory.
|
||||
|
||||
Supported actions are ``add``, ``remove``, ``reset``, ``list`` and ``show``.
|
||||
|
||||
@@ -51,4 +52,4 @@ This file can be edited manually using ``bastille edit TARGET cpuset.conf``.
|
||||
|
||||
-a | --auto Auto mode. Start/stop jail(s) if required.
|
||||
-l | --log Enable logging for the specified rule (rctl only).
|
||||
-x | --debug Enable debug mode.
|
||||
-x | --debug Enable debug mode.
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
list
|
||||
====
|
||||
|
||||
List jails, ports, releases, templates, logs, limits, exports and imports and much more
|
||||
managed by bastille. See the ``help`` output below.
|
||||
List jails, ports, releases, templates, logs, limits, exports and imports and
|
||||
much more managed by bastille. See the ``help`` output below.
|
||||
|
||||
Using `bastille list` without args will print all jails with the info we feel is most important.
|
||||
Using `bastille list` without args will print all jails with the info we feel is
|
||||
most important.
|
||||
|
||||
Most options can be printed in JSON format by including the ``-j|--json`` flag. Use ``-p|--pretty``
|
||||
to print in columns instead of rows.
|
||||
Most options can be printed in JSON format by including the ``-j|--json`` flag.
|
||||
Use ``-p|--pretty`` to print in columns instead of rows.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
@@ -21,4 +22,4 @@ to print in columns instead of rows.
|
||||
-p | --pretty Print JSON in columns.
|
||||
-s | --sort VALUE Print info in VALUE order.
|
||||
-u | --up List running jails only.
|
||||
-x | --debug Enable debug mode.
|
||||
-x | --debug Enable debug mode.
|
||||
|
||||
@@ -68,8 +68,8 @@ The options can be used together, as seen above.
|
||||
If you have multiple interfaces assigned to your jail, ``bastille rdr`` will
|
||||
only redirect using the default one.
|
||||
|
||||
It is also possible to specify a pf table as the source, providing it exists. Simply use the table
|
||||
name instead of an IP address or subnet.
|
||||
It is also possible to specify a pf table as the source, providing it exists.
|
||||
Simply use the table name instead of an IP address or subnet.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
|
||||
@@ -25,38 +25,41 @@ Below is a list of available options that can be used with the ``setup`` command
|
||||
-y | --yes Assume always yes on prompts.
|
||||
-x | --debug Enable debug mode.
|
||||
|
||||
The ``loopback`` option will configure a loopback interface called ``bastille0`` that
|
||||
will be used as a default when not specifying an interface with the ``create`` command.
|
||||
The ``loopback`` option will configure a loopback interface called ``bastille0``
|
||||
that will be used as a default when not specifying an interface with the
|
||||
``create`` command.
|
||||
|
||||
The ``shared`` option will configure the interface you choose to also be used as the default
|
||||
when not specifying an interface with the ``create`` command.
|
||||
The ``shared`` option will configure the interface you choose to also be used as
|
||||
the default when not specifying an interface with the ``create`` command.
|
||||
|
||||
Please note. You CANNOT run both a loopback and a shared interface with Bastille. Only one
|
||||
should be configured. If you configure one, it will disable the other.
|
||||
Please note. You CANNOT run both a loopback and a shared interface with Bastille.
|
||||
Only one should be configured. If you configure one, it will disable the other.
|
||||
|
||||
The ``loopback`` option is the default, and is enough for most use cases. It is simply an ``lo`` interface
|
||||
that jails will get linked to on creation. It is not attached to any specific interface. This is the simplest
|
||||
networking option. The ``loopback`` and ``shared`` options are only for cases where the ``interface``
|
||||
is not specified during the ``create`` command. If an interface is specified, these options have no effect.
|
||||
Instead, the specified interface will be used.
|
||||
The ``loopback`` option is the default, and is enough for most use cases. It is
|
||||
simply an ``lo`` interface that jails will get linked to on creation. It is not
|
||||
attached to any specific interface. This is the simplest networking option. The
|
||||
``loopback`` and ``shared`` options are only for cases where the ``interface``
|
||||
is not specified during the ``create`` command. If an interface is specified,
|
||||
these options have no effect. Instead, the specified interface will be used.
|
||||
|
||||
The ``shared`` option is for cases where you want an actual interface to use with bastille as
|
||||
opposed to a loopback. Jails will be linked to the shared interface on creation.
|
||||
The ``shared`` option is for cases where you want an actual interface to use with
|
||||
Bastille as opposed to a loopback. Jails will be linked to the shared interface
|
||||
on creation.
|
||||
|
||||
The ``pf|firewall`` option will configure the pf firewall by enabling the service and creating the
|
||||
default ``pf.conf`` file. Once this is done, you can use the ``rdr`` command to forward traffic into
|
||||
a jail.
|
||||
The ``pf|firewall`` option will configure the pf firewall by enabling the service
|
||||
and creating the default ``pf.conf`` file. Once this is done, you can use the
|
||||
``rdr`` command to forward traffic into a jail.
|
||||
|
||||
The ``storage`` option will attempt to configure a pool and dataset for Bastille, but only
|
||||
if ZFS in enabled on your system. Otherwise it will use UFS.
|
||||
The ``storage`` option will attempt to configure a pool and dataset for Bastille,
|
||||
but only if ZFS in enabled on your system. Otherwise it will use UFS.
|
||||
|
||||
The ``vnet`` option will configure your system for use with VNET ``-V`` jails.
|
||||
|
||||
The ``bridge`` options will attempt to configure a bridge interface for use with bridged VNET
|
||||
``-B`` jails.
|
||||
The ``bridge`` options will attempt to configure a bridge interface for use with
|
||||
bridged VNET ``-B`` jails.
|
||||
|
||||
Running ``bastille setup`` without any options will attempt to auto-configure the ``filesystem``, ``loopback``, ``firewall`` and
|
||||
``storage`` options.
|
||||
Running ``bastille setup`` without any options will attempt to auto-configure the
|
||||
``filesystem``, ``loopback``, ``firewall`` and ``storage`` options.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
|
||||
Reference in New Issue
Block a user