Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-19 16:51:00 +01:00
Code Issues Packages Projects Releases Wiki Activity

migrate: Auto creating directory required

Browse Source
This commit is contained in:
tschettervictor
2025-05-06 07:40:08 -06:00
parent 03f26cbb7f
commit c0cd4df6c5
4 changed files with 147 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/chapters/subcommands/setup.rst
View File

@@ -13,12 +13,13 @@ Below is a list of available options that can be used with the ``setup`` command
.. code-block:: shell
ishmael ~ # bastille setup -h ## display setup help
ishmael ~ # bastille setup -l ## configure loopback interface
ishmael ~ # bastille setup -s ## configure shared interface
ishmael ~ # bastille setup -p ## configure default pf firewall
ishmael ~ # bastille setup -z ## configure ZFS storage
ishmael ~ # bastille setup -v ## configure VNET
ishmael ~ # bastille setup -b ## configure bridge interface
ishmael ~ # bastille setup -f ## configure filesystem/structure
ishmael ~ # bastille setup -l ## configure loopback interface
ishmael ~ # bastille setup -p ## configure default pf firewall
ishmael ~ # bastille setup -s ## configure shared interface
ishmael ~ # bastille setup -v ## configure VNET
ishmael ~ # bastille setup -z ## configure ZFS storage
ishmael ~ # bastille setup ## configure -l -p and -z
The ``-l|loopback`` option will configure a loopback interface called ``bastille0`` that
@@ -36,6 +37,9 @@ networking option. The ``-l|loopback`` and ``-s|shared`` options are only for ca
is not specified during the ``create`` command. If an interface is specified, these options have no effect.
Instead, the specified interface will be used.
The ``-f|--filesystem`` option is to ensure the proper datasets/directories are in place
for using Bastille. This should only have to be run once on a new system.
The ``-s|shared`` option is for cases where you want an actual interface to use with bastille as
opposed to a loopback. Jails will be linked to the shared interface on creation.
@@ -51,10 +55,10 @@ The ``-v|vnet`` option will configure your system for use with VNET ``-V`` jails
The ``-b|bridge`` options will attempt to configure a bridge interface for use with bridged VNET
``-B`` jails.
Running ``bastille setup`` without any options will attempt to auto-configure the ``-l``, ``-p`` and
Running ``bastille setup`` without any options will attempt to auto-configure the ``-f``, ``-l``, ``-p`` and
``-z`` options.
.. code-block:: shell
ishmael ~ # bastille setup help
Usage: bastille setup [-p|pf|firewall] [-l|loopback] [-s|shared] [-z|zfs|storage] [-v|vnet] [-b|bridge]
Usage: bastille setup [-b|bridge] [-f|--filesystem] [-l|loopback] [-p|pf|firewall] [-s|shared] [-v|vnet] [-z|zfs|storage]

25
usr/local/share/bastille/bootstrap.sh
View File

@@ -108,6 +108,18 @@ bootstrap_directories() {
chmod 0750 "${bastille_backupsdir}"
fi
## ${bastille_migratedir}
if [ ! -d "${bastille_migratedir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_migratedir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/migrate"
fi
else
mkdir -p "${bastille_migratedir}"
fi
chmod 0750 "${bastille_migratedir}"
fi
## ${bastille_cachedir}
if [ ! -d "${bastille_cachedir}" ]; then
if checkyesno bastille_zfs_enable; then
@@ -182,19 +194,6 @@ bootstrap_directories() {
else
mkdir -p "${bastille_releasesdir}/${RELEASE}"
fi
## ${bastille_migratedir}
if [ ! -d "${bastille_migratedir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_migratedir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/migrate"
fi
else
mkdir -p "${bastille_migratedir}"
fi
chmod 0750 "${bastille_migratedir}"
fi
## create subsequent releases/XX.X-RELEASE datasets
elif [ ! -d "${bastille_releasesdir}/${RELEASE}" ]; then
if checkyesno bastille_zfs_enable; then

12
usr/local/share/bastille/migrate.sh
View File

@@ -130,15 +130,9 @@ migrate_create_export() {
info "\nPreparing jail for migration..."
# Ensure migrate directory is in place
## ${bastille_migratedir}
if [ -z "${bastille_migratedir}" ]; then
if ! grep -oq "bastille_migratedir=" "${BASTILLE_CONFIG}"; then
sed -i '' 's|bastille_backupsdir=.*|&\nbastille_migratedir=\"${bastille_prefix}/migrate\" ## default: \"${bastille_prefix}/migrate\"|' ${BASTILLE_CONFIG}
# shellcheck disable=SC1090
. ${BASTILLE_CONFIG}
fi
fi
# Ensure new migrate directory is created
bastille setup -f
if [ ! -d "${bastille_migratedir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then

124
usr/local/share/bastille/setup.sh
View File

@@ -33,14 +33,128 @@
. /usr/local/share/bastille/common.sh
usage() {
error_exit "Usage: bastille setup [-p|pf|firewall] [-l|loopback] [-s|shared] [-z|zfs|storage] [-v|vnet] [-b|bridge]"
error_exit "Usage: bastille setup [-b|bridge] [-f|--filesystem] [-l|loopback] [-p|pf|firewall] [-s|shared] [-v|vnet] [-z|zfs|storage]"
}
# Check for too many args
if [ $# -gt 1 ]; then
if [ "$#" -gt 1 ]; then
usage
fi
configure_filesystem() {
# This is so we dont have to introduce breaking
# changes on new variables added to bastille.conf
# Ensure migrate directory is in place
## ${bastille_migratedir}
if [ -z "${bastille_migratedir}" ]; then
if ! grep -oq "bastille_migratedir=" "${BASTILLE_CONFIG}"; then
sed -i '' 's|bastille_backupsdir=.*|&\nbastille_migratedir=\"${bastille_prefix}/migrate\" ## default: \"${bastille_prefix}/migrate\"|' ${BASTILLE_CONFIG}
# shellcheck disable=SC1090
. ${BASTILLE_CONFIG}
fi
fi
## ${bastille_prefix}
if [ ! -d "${bastille_prefix}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_prefix}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}"
fi
else
mkdir -p "${bastille_prefix}"
fi
chmod 0750 "${bastille_prefix}"
# Make sure the dataset is mounted in the proper place
elif [ -d "${bastille_prefix}" ]; then
if ! zfs list "${bastille_zfs_zpool}/${bastille_zfs_prefix}" >/dev/null; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_prefix}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}"
elif [ "$(zfs get -H -o value mountpoint ${bastille_zfs_zpool}/${bastille_zfs_prefix})" != "${bastille_prefix}" ]; then
zfs set mountpoint="${bastille_prefix}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}"
fi
fi
## ${bastille_backupsdir}
if [ ! -d "${bastille_backupsdir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_backupsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/backups"
fi
else
mkdir -p "${bastille_backupsdir}"
fi
chmod 0750 "${bastille_backupsdir}"
fi
## ${bastille_cachedir}
if [ ! -d "${bastille_cachedir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_cachedir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/cache"
fi
else
mkdir -p "${bastille_cachedir}"
fi
fi
## ${bastille_jailsdir}
if [ ! -d "${bastille_jailsdir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_jailsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails"
fi
else
mkdir -p "${bastille_jailsdir}"
fi
fi
## ${bastille_logsdir}
if [ ! -d "${bastille_logsdir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_logsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/logs"
fi
else
mkdir -p "${bastille_logsdir}"
fi
fi
## ${bastille_templatesdir}
if [ ! -d "${bastille_templatesdir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_templatesdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/templates"
fi
else
mkdir -p "${bastille_templatesdir}"
fi
fi
## ${bastille_releasesdir}
if [ ! -d "${bastille_releasesdir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_releasesdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases"
fi
else
mkdir -p "${bastille_releasesdir}"
fi
fi
## ${bastille_migratedir}
if [ ! -d "${bastille_migratedir}" ]; then
if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_migratedir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/migrate"
fi
else
mkdir -p "${bastille_migratedir}"
fi
chmod 0750 "${bastille_migratedir}"
fi
}
# Configure netgraph
configure_netgraph() {
if [ ! "$(kldstat -m netgraph)" ]; then
@@ -236,6 +350,7 @@ configure_zfs() {
# Run all base functions (w/o vnet) if no args
if [ $# -eq 0 ]; then
sysrc bastille_enable=YES
configure_filesystem
configure_loopback_interface
configure_pf
configure_zfs
@@ -248,6 +363,9 @@ case "$1" in
-h|--help|help)
usage
;;
-f|--filesystem)
configure_filesystem
;;
-p|pf|firewall)
configure_pf
;;
@@ -320,4 +438,4 @@ case "$1" in
*)
error_exit "[ERROR]: Unknown option: \"${1}\""
;;
esac
esac