From b3a30a895162773ea02a1111c2859d692e5c6061 Mon Sep 17 00:00:00 2001
From: Jose <joserprg@gmail.com>
Date: Sun, 2 Feb 2020 19:55:18 -0400
Subject: [PATCH] Delete cache files on destroy if force option, remove
 alternate urls

---
 usr/local/etc/bastille/bastille.conf  |  6 ++----
 usr/local/share/bastille/bootstrap.sh | 12 +++---------
 usr/local/share/bastille/destroy.sh   | 18 +++++++++++++++---
 3 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/usr/local/etc/bastille/bastille.conf b/usr/local/etc/bastille/bastille.conf
index 8a6240cd..6503ae06 100644
--- a/usr/local/etc/bastille/bastille.conf
+++ b/usr/local/etc/bastille/bastille.conf
@@ -24,10 +24,8 @@ bastille_tzdata="etc/UTC"                                             ## default
 bastille_resolv_conf="/etc/resolv.conf"                               ## default: "/etc/resolv.conf"
 
 ## bootstrap urls
-bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/"              ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/"
-bastille_url_freebsd_alt="ftp://ftp.freebsd.org/pub/FreeBSD/releases/"           ## default: "ftp://ftp.freebsd.org/pub/FreeBSD/releases/"
-bastille_url_hardenedbsd="http://installer.hardenedbsd.org/pub/hardenedbsd/"     ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/"
-bastille_url_hardenedbsd_alt="http://ci-01.nyi.hardenedbsd.org/pub/hardenedbsd/" ## default: "http://ci-01.nyi.hardenedbsd.org/pub/hardenedbsd/"
+bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/"          ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/"
+bastille_url_hardenedbsd="http://installer.hardenedbsd.org/pub/hardenedbsd/" ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/"
 
 ## ZFS options
 bastille_zfs_enable=""                                                ## default: ""
diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh
index d92132b2..c9fb8694 100644
--- a/usr/local/share/bastille/bootstrap.sh
+++ b/usr/local/share/bastille/bootstrap.sh
@@ -67,12 +67,12 @@ if [ "${bastille_zfs_enable}" = "YES" ]; then
 fi
 
 validate_release_url() {
-    ## check upstream url, else switch to alternate url
+    ## check upstream url, else warn user
     if [ -n "${NAME_VERIFY}" ]; then
         RELEASE="${NAME_VERIFY}"
         if ! fetch -qo /dev/null "${UPSTREAM_URL}/MANIFEST" 2>/dev/null; then
-            ## try an alternate url
-            UPSTREAM_URL="${UPSTREAM_ALT}"
+            echo -e "${COLOR_RED}Unable to fetch MANIFEST, See 'bootstrap urls'.${COLOR_RESET}"
+            exit 1
         fi
         bootstrap_directories
         bootstrap_release
@@ -426,14 +426,12 @@ case "${1}" in
     ## check for FreeBSD releases name
     NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-2])$' | tr '[:lower:]' '[:upper:]')
     UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
-    UPSTREAM_ALT="${bastille_url_freebsd_alt}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
     validate_release_url
     ;;
 *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
     ## check for HardenedBSD releases name(previous infrastructure, keep for reference)
     NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})(-stable-LAST|-STABLE-last|-stable-last|-STABLE-LAST)$' | sed 's/STABLE/stable/g' | sed 's/last/LAST/g')
     UPSTREAM_URL="${bastille_url_hardenedbsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/hardenedbsd-${NAME_VERIFY}"
-    UPSTREAM_ALT="${bastille_url_hardenedbsd_alt}"
     validate_release_url
     ;;
 *-stable-build-[0-9]*|*-STABLE-BUILD-[0-9]*)
@@ -442,7 +440,6 @@ case "${1}" in
     NAME_RELEASE=$(echo ${NAME_VERIFY} | sed 's/-build-[0-9]\{1,2\}//g')
     NAME_BUILD=$(echo ${NAME_VERIFY} | sed 's/[0-9]\{1,2\}-stable-//g')
     UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    UPSTREAM_ALT="${bastille_url_hardenedbsd_alt}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
     validate_release_url
     ;;
 *-stable-build-latest|*-STABLE-BUILD-LATEST)
@@ -451,7 +448,6 @@ case "${1}" in
     NAME_RELEASE=$(echo ${NAME_VERIFY} | sed 's/-BUILD-LATEST//g')
     NAME_BUILD=$(echo ${NAME_VERIFY} | sed 's/[0-9]\{1,2\}-stable-//g')
     UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    UPSTREAM_ALT="${bastille_url_hardenedbsd_alt}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
     validate_release_url
     ;;
 current-build-[0-9]*|*-CURRENT-BUILD-[0-9]*)
@@ -460,7 +456,6 @@ current-build-[0-9]*|*-CURRENT-BUILD-[0-9]*)
     NAME_RELEASE=$(echo ${NAME_VERIFY} | sed 's/current-.*/current/g')
     NAME_BUILD=$(echo ${NAME_VERIFY} | sed 's/current-//g')
     UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    UPSTREAM_ALT="${bastille_url_hardenedbsd_alt}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
     validate_release_url
     ;;
 current-build-latest|*-CURRENT-BUILD-LATEST)
@@ -469,7 +464,6 @@ current-build-latest|*-CURRENT-BUILD-LATEST)
     NAME_RELEASE=$(echo ${NAME_VERIFY} | sed 's/current-.*/current/g')
     NAME_BUILD=$(echo ${NAME_VERIFY} | sed 's/current-//g')
     UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    UPSTREAM_ALT="${bastille_url_hardenedbsd_alt}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
     validate_release_url
     ;;
 http?://github.com/*/*|http?://gitlab.com/*/*)
diff --git a/usr/local/share/bastille/destroy.sh b/usr/local/share/bastille/destroy.sh
index bf170c52..b9b07091 100644
--- a/usr/local/share/bastille/destroy.sh
+++ b/usr/local/share/bastille/destroy.sh
@@ -41,7 +41,7 @@ destroy_jail() {
     bastille_jail_log="${bastille_logsdir}/${TARGET}_console.log"  ## file
 
     if [ "$(jls name | awk "/^${TARGET}$/")" ]; then
-        if [ "${FORCE_STOP}" = "1" ]; then
+        if [ "${FORCE}" = "1" ]; then
             bastille stop ${TARGET}
         else
             echo -e "${COLOR_RED}Jail running.${COLOR_RESET}"
@@ -116,6 +116,11 @@ destroy_rel() {
             if [ "${bastille_zfs_enable}" = "YES" ]; then
                 if [ ! -z "${bastille_zfs_zpool}" ]; then
                     zfs destroy ${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases/${TARGET}
+                    if [ "${FORCE}" = "1" ]; then
+                        if [ -d "${bastille_cachedir}/${TARGET}" ]; then
+                            zfs destroy ${bastille_zfs_zpool}/${bastille_zfs_prefix}/cache/${TARGET}
+                        fi
+                    fi
                 fi
             fi
 
@@ -126,6 +131,13 @@ destroy_rel() {
                 ## remove jail base
                 rm -rf ${bastille_rel_base}
             fi
+
+            if [ "${FORCE}" = "1" ]; then
+                ## remove cache on force
+                if [ -d "${bastille_cachedir}/${TARGET}" ]; then
+                    rm -rf "${bastille_cachedir}/${TARGET}"
+                fi
+            fi
             echo
         else
             echo -e "${COLOR_RED}Cannot destroy base with containers child.${COLOR_RESET}"
@@ -145,11 +157,11 @@ TARGET="${2}"
 
 ## handle additional options
 case "${OPTION}" in
--f|--forcestop)
+-f|--force)
     if [ $# -gt 2 ] || [ $# -lt 2 ]; then
         usage
     fi
-    FORCE_STOP="1"
+    FORCE="1"
     ;;
 -*)
     echo -e "${COLOR_RED}Unknown Option.${COLOR_RESET}"