Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-16 23:31:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2fbcd21d241792a497b4e28725a33d7deb4602ba
hackacad/docs/chapters/subcommands/setup.rst
tschettervictor 2fbcd21d24 docs: Reference setup in create
2025-04-22 17:09:21 -06:00

58 lines
2.5 KiB
ReStructuredText
Raw Blame History

setup
=====
The ``setup`` sub-command attempts to automatically configure a host system for
Bastille jails. This allows you to configure networking, firewall, storage, vnet
and bridge options for a Bastille host with one command.
Options
-------
Below is a list of available options that can be used with the ``setup`` command.
.. code-block:: shell
ishmael ~ # bastille setup -h ## display setup help
ishmael ~ # bastille setup -l ## configure loopback interface
ishmael ~ # bastille setup -s ## configure shared interface
ishmael ~ # bastille setup -p ## configure default pf firewall
ishmael ~ # bastille setup -z ## configure ZFS storage
ishmael ~ # bastille setup -v ## configure VNET
ishmael ~ # bastille setup -b ## configure bridge interface
ishmael ~ # bastille setup ## configure -l -p and -z
The ``-l|loopback`` option will configure a loopback interface called ``bastille0`` that
will be used when not specifying an interface with the ``create`` command.
The ``-s|shared`` option will configure the interface you choose to also be used as the default
when not specifying an interface with the ``create`` command.
Please note. You CANNOT run both a loopback and a shared interface with Bastille. Only one
should be configured. If you configure one, it will disable the other.
The ``-l|loopback`` option is the default, and is enough for most use cases. It is simply an ``lo`` interface
that jails will get linked to on creation.
The ``-s|shared`` option is for cases where you want a raw interface to use with bastille as
opposed to a loopback. Jails will be linked to the shared interface on creation.
The ``-p|pf|firewall`` option will configure the pf firewall by enabling the service and creating the
default ``pf.conf`` file. Once this is done, you can use the ``rdr`` command to forward traffic into
a jail.
The ``-z|zfs|storage`` option will attempt to configure a pool and dataset for Bastille, but only
if ZFS in enabled on your system.
The ``-v|vnet`` option will configure your system for use with VNET ``-V`` jails.
The ``-b|bridge`` options will attempt to configure a bridge interface for use with bridged VNET
``-B`` jails.
Running ``bastille setup`` without any options will attempt to auto-configure the ``-l``, ``-p`` and
``-z`` options.
.. code-block:: shell
ishmael ~ # bastille setup help
Usage: bastille setup [-p|pf|firewall] [-l|loopback] [-s|shared] [-z|zfs|storage] [-v|vnet] [-b|bridge]
Reference in New Issue View Git Blame Copy Permalink