diff --git a/README.md b/README.md index c122a839..9156a645 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ sysrc bastille_enable=YES ### Upgrading When upgrading from a previous version of bastille (e.g. 0.10.20230714 to -1.1.3.251130) you will need to update your bastille.conf +1.2.1.251203) you will need to update your bastille.conf Be sure to read the [Breaking Changes](#breaking-changes) below. diff --git a/docs/chapters/configuration.rst b/docs/chapters/configuration.rst index 072ac8c8..909abed0 100644 --- a/docs/chapters/configuration.rst +++ b/docs/chapters/configuration.rst @@ -17,7 +17,7 @@ This is the default `bastille.conf` file. ## [ BastilleBSD ] ## ##################### - ## default paths + ## Default paths bastille_prefix="/usr/local/bastille" ## default: "/usr/local/bastille" bastille_backupsdir="${bastille_prefix}/backups" ## default: "${bastille_prefix}/backups" bastille_cachedir="${bastille_prefix}/cache" ## default: "${bastille_prefix}/cache" @@ -29,20 +29,20 @@ This is the default `bastille.conf` file. ## pf configuration path bastille_pf_conf="/etc/pf.conf" ## default: "/etc/pf.conf" - ## bastille scripts directory (assumed by bastille pkg) + ## Bastille commands directory (assumed by bastille pkg) bastille_sharedir="/usr/local/share/bastille" ## default: "/usr/local/share/bastille" - ## bootstrap archives, which components of the OS to install. + ## Bootstrap archives, which components of the OS to install. ## base - The base OS, kernel + userland ## lib32 - Libraries for compatibility with 32 bit binaries ## ports - The FreeBSD ports (3rd party applications) tree ## src - The source code to the kernel + userland ## test - The FreeBSD test suite - ## this is a whitespace separated list: + ## Whitespace separated list: ## bastille_bootstrap_archives="base lib32 ports src test" bastille_bootstrap_archives="base" ## default: "base" - ## pkgbase package sets (used for FreeBSD 15+) + ## Pkgbase package sets ## Any set with [-dbg] can be installed with debugging ## symbols by adding '-dbg' to the package set ## base[-dbg] - Base system @@ -60,31 +60,34 @@ This is the default `bastille.conf` file. ## bastille_pkgbase_packages="base-jail lib32-dbg src" bastille_pkgbase_packages="base-jail" ## default: "base-jail" - ## default timezone + ## Default timezone bastille_tzdata="" ## default: empty to use host's time zone - ## default jail resolv.conf + ## Default jail resolv.conf bastille_resolv_conf="/etc/resolv.conf" ## default: "/etc/resolv.conf" - ## bootstrap urls - bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/" ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/" - bastille_url_hardenedbsd="https://installers.hardenedbsd.org/pub/" ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/" - bastille_url_midnightbsd="https://www.midnightbsd.org/ftp/MidnightBSD/releases/" ## default: "https://www.midnightbsd.org/pub/MidnightBSD/releases/" + ## Bootstrap URLs + bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/" ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/" + bastille_url_hardenedbsd="https://installers.hardenedbsd.org/pub/" ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/" + bastille_url_midnightbsd="https://www.midnightbsd.org/ftp/MidnightBSD/releases/" ## default: "https://www.midnightbsd.org/pub/MidnightBSD/releases/" ## ZFS options bastille_zfs_enable="NO" ## default: "NO" bastille_zfs_zpool="" ## default: "" bastille_zfs_prefix="bastille" ## default: "bastille" - bastille_zfs_options="-o compress=lz4 -o atime=off" ## default: "-o compress=lz4 -o atime=off" + bastille_zfs_options="-o compress=on -o atime=off" ## default: "-o compress=on -o atime=off" ## Export/Import options bastille_compress_xz_options="-0 -v" ## default "-0 -v" bastille_decompress_xz_options="-c -d -v" ## default "-c -d -v" bastille_compress_gz_options="-1 -v" ## default "-1 -v" bastille_decompress_gz_options="-k -d -c -v" ## default "-k -d -c -v" - bastille_export_options="" ## default "" predefined export options, e.g. "--safe --gz" + bastille_compress_zst_options="-3 -v" ## default "-3 -v" + bastille_decompress_zst_options="-k -d -c -v" ## default "-k -d -c -v" + bastille_export_options="" ## default "" predefined export options, e.g. "--live --gz" ## Networking + bastille_network_vnet_type="if_bridge" ## default: "if_bridge" bastille_network_loopback="bastille0" ## default: "bastille0" bastille_network_pf_ext_if="ext_if" ## default: "ext_if" bastille_network_pf_table="jails" ## default: "jails" diff --git a/docs/chapters/installation.rst b/docs/chapters/installation.rst index eebb969d..08b33501 100644 --- a/docs/chapters/installation.rst +++ b/docs/chapters/installation.rst @@ -5,7 +5,7 @@ Bastille is available in the official FreeBSD ports tree at ``sysutils/bastille``. Binary packages are available in quarterly and latest repositories. -Current version is ``1.2.0.251201``. +Current version is ``1.2.1.251203``. To install from the FreeBSD package repository: diff --git a/docs/chapters/usage.rst b/docs/chapters/usage.rst index f047b982..42c38698 100644 --- a/docs/chapters/usage.rst +++ b/docs/chapters/usage.rst @@ -48,7 +48,7 @@ Usage update Update jail base -pX release. upgrade Upgrade jail release to X.Y-RELEASE. verify Compare release against a "known good" index. - zfs Manage (get|set) ZFS attributes on targeted container(s). + zfs Manage (get|set) ZFS attributes on targeted jail(s). Use "bastille -v|--version" for version information. Use "bastille command -h|--help" for more information about a command. diff --git a/docs/conf.py b/docs/conf.py index 0e56430f..5dc9f2c5 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -5,9 +5,9 @@ copyright = '2018-2025, Christer Edwards' author = 'Christer Edwards' # The short X.Y version -version = '1.2.0' +version = '1.2.1' # The full version, including alpha/beta/rc tags -release = '1.2.0.251201' +release = '1.2.1.251203' # -- General configuration --------------------------------------------------- diff --git a/usr/local/bin/bastille b/usr/local/bin/bastille index e62b5a67..a7688ab2 100755 --- a/usr/local/bin/bastille +++ b/usr/local/bin/bastille @@ -32,7 +32,7 @@ PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin -BASTILLE_VERSION=1.2.0.251201 +BASTILLE_VERSION=1.2.1.251203 # Validate config file # Copy default when 'setup' is called @@ -73,52 +73,51 @@ Bastille is an open-source system for automating deployment and management of containerized applications on FreeBSD. Usage: - bastille command [option(s)] TARGET [option(s)] ARGS + bastille command [options(s)] TARGET [option(s)] [args] Available Commands: - bootstrap Bootstrap a FreeBSD release for container base. - clone Clone an existing container. - cmd Execute arbitrary command on targeted container(s). - config Get or set a config value for the targeted container(s). - console Console into a running container. - convert Convert a Thin container into a Thick container. - cp cp(1) files from host to jail(s). - create Create a new thin container or a thick container if -T|--thick option specified. - destroy Destroy a stopped container or a FreeBSD release. - edit Edit container configuration files (advanced). - etcupdate Update /etc directory to specified release. - export Exports a specified container. + bootstrap Bootstrap a release for jail base. + clone Clone an existing jail. + cmd Execute arbitrary command on targeted jail(s). + config Get, set or remove a config value for the targeted jail(s). + console Console into a jail. + convert Convert thin jail to thick jail, or convert a jail to a custom release. + cp cp(1) files from host to targeted jail(s). + create Create a jail. + destroy Destroy a jail or release. + edit Edit jail configuration files (advanced). + export Export a jail. help Help about any command. htop Interactive process viewer (requires htop). - import Import a specified container. + import Import a jail. jcp cp(1) files from a jail to jail(s). - limits Apply resources limits to targeted container(s). See rctl(8). - list List containers. - migrate Migrate targetted jail(s) to a remote system. - mount Mount a volume inside the targeted container(s). - network Add/remove network interfaces from targeted container. - pkg Manipulate binary packages within targeted container(s). See pkg(8). + limits Apply resources limits to targeted jail(s). See rctl(8) and cpuset(1). + list List jails, releases, templates and more... + migrate Migrate targeted jail(s) to a remote system. + mount Mount a volume inside targeted jail(s). + network Add or remove interfaces from targeted jail(s). + pkg Manipulate binary packages within targeted jail(s). See pkg(8). rcp cp(1) files from a jail to host. - rdr Redirect host port to container port. - rename Rename a container. - restart Restart a running container. - service Manage services within targeted container(s). - setup Attempt to auto-configure network, firewall and storage on new installs. - start Start a stopped container. - stop Stop a running container. - sysrc Safely edit rc files within targeted container(s). - tags Add or remove tags to targeted container(s). - template Apply file templates to targeted container(s). + rdr Redirect host port to jail port. + rename Rename a jail. + restart Restart a jail. + service Manage services within targeted jail(s). + setup Attempt to auto-configure network, firewall and storage and more... + start Start a stopped jail. + stop Stop a running jail. + sysrc Safely edit rc files within targeted jail(s). + tags Add or remove tags to targeted jail(s). + template Apply file templates to targeted jail(s). top Display and update information about the top(1) cpu processes. - umount Unmount a volume from within the targeted container(s). - update Update container base -pX release. - upgrade Upgrade container release to X.Y-RELEASE. + umount Unmount a volume from targeted jail(s). + update Update jail base -pX release. + upgrade Upgrade jail release to X.Y-RELEASE. verify Compare release against a "known good" index. - zfs Manage (get|set) ZFS attributes or snapshots on targeted container(s). + zfs Manage (get|set) ZFS attributes on targeted jail(s). Use "bastille -v|--version" for version information. Use "bastille command -h|--help" for more information about a command. -Use "bastille -c|--config FILE command" to specify a non-default config file. +Use "bastille -c|--config config.conf command" to specify a non-default config file. EOF exit 1