{"id":13587310,"url":"https://github.com/BastilleBSD/bastille","last_synced_at":"2025-04-07T21:33:35.930Z","repository":{"id":34960937,"uuid":"123662721","full_name":"BastilleBSD/bastille","owner":"BastilleBSD","description":"Bastille is an open-source system for automating deployment and management of containerized applications on FreeBSD.","archived":false,"fork":false,"pushed_at":"2024-02-09T07:17:02.000Z","size":1676,"stargazers_count":741,"open_issues_count":77,"forks_count":121,"subscribers_count":37,"default_branch":"master","last_synced_at":"2024-02-13T01:09:15.301Z","etag":null,"topics":["automation","bastille","bastille-template","bastille-templates","containers","deployment","freebsd","jail","manage-freebsd-jails","zfs"],"latest_commit_sha":null,"homepage":"https://bastillebsd.org","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BastilleBSD.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE-OF-CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"ROADMAP.md","authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-03-03T05:33:29.000Z","updated_at":"2024-06-14T18:36:29.177Z","dependencies_parsed_at":"2023-10-25T23:24:51.325Z","dependency_job_id":"dd487172-85ee-452c-ba42-c68573b1756e","html_url":"https://github.com/BastilleBSD/bastille","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BastilleBSD%2Fbastille","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BastilleBSD%2Fbastille/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BastilleBSD%2Fbastille/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BastilleBSD%2Fbastille/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BastilleBSD","download_url":"https://codeload.github.com/BastilleBSD/bastille/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247732871,"owners_count":20986944,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","bastille","bastille-template","bastille-templates","containers","deployment","freebsd","jail","manage-freebsd-jails","zfs"],"created_at":"2024-08-01T15:06:09.011Z","updated_at":"2025-04-07T21:33:35.916Z","avatar_url":"https://github.com/BastilleBSD.png","language":"Shell","funding_links":[],"categories":["Shell","Jails (configuration and deployment)","Ports and Programs","automation"],"sub_categories":["Security"],"readme":"Bastille\n========\n[Bastille](https://bastillebsd.org/) is an open-source system for automating\ndeployment and management of containerized applications on FreeBSD.\n\n[Bastille Documentation](https://bastille.readthedocs.io/en/latest/)\n\nInstallation\n============\nBastille is available for installation from the official FreeBSD ports tree.\n\n**pkg**\n```shell\npkg install bastille\n```\n\n**ports**\n```shell\nportsnap fetch auto\nmake -C /usr/ports/sysutils/bastille install clean\n```\n\n**Git** (bleeding edge / unstable -- primarily for developers)\n```shell\ngit clone https://github.com/bastillebsd/bastille.git\ncd bastille\nmake install\n```\n\n**enable at boot**\n```shell\nsysrc bastille_enable=YES\n```\n\nUpgrading from a previous version\n---------------------------------\nWhen upgrading from a previous version of bastille (e.g. 0.10.20230714 to \n0.10.20231013) you will need to update your bastille.conf\n\n```shell\ncd /usr/local/etc/bastille\ndiff -u bastille.conf bastille.conf.sample\n```\n\nMerge the lines that are present in the new bastille.conf.sample into\nyour bastille.conf\n\nBasic Usage\n-----------\n```shell\nBastille is an open-source system for automating deployment and management of\ncontainerized applications on FreeBSD.\n\nUsage:\n bastille command TARGET [args]\n\nAvailable Commands:\n bootstrap Bootstrap a FreeBSD release for container base.\n clone Clone an existing container.\n cmd Execute arbitrary command on targeted container(s).\n config Get or set a config value for the targeted container(s).\n console Console into a running container.\n convert Convert a Thin container into a Thick container.\n cp cp(1) files from host or container to host or targeted container(s).\n create Create a new thin container or a thick container if -T|--thick option specified.\n destroy Destroy a stopped container or a FreeBSD release.\n edit Edit container configuration files (advanced).\n export Exports a specified container.\n help Help about any command.\n htop Interactive process viewer (requires htop).\n import Import a specified container.\n jcp cp(1) files from a jail to jail(s).\n limits Apply resources limits to targeted container(s). See rctl(8).\n list List containers (running).\n mount Mount a volume inside the targeted container(s).\n network Add or remove interfaces from targeted jail(s).\n pkg Manipulate binary packages within targeted container(s). See pkg(8).\n rcp cp(1) files from a jail to host.\n rdr Redirect host port to container port.\n rename Rename a container.\n restart Restart a running container.\n service Manage services within targeted container(s).\n setup Attempt to auto-configure network, firewall and storage on new installs.\n start Start a stopped container.\n stop Stop a running container.\n sysrc Safely edit rc files within targeted container(s).\n tags Add or remove tags to targeted container(s).\n template Apply file templates to targeted container(s).\n top Display and update information about the top(1) cpu processes.\n umount Unmount a volume from within the targeted container(s).\n update Update container base -pX release.\n upgrade Upgrade container release to X.Y-RELEASE.\n verify Compare release against a \"known good\" index.\n zfs Manage (get|set) ZFS attributes on targeted container(s).\n\nUse \"bastille -v|--version\" for version information.\nUse \"bastille command -h|--help\" for more information about a command.\nUse \"bastille [-c|--config FILE] command\" to specify a non-default config file.\n\n```\n\n## 0.13-beta\nThis document outlines the basic usage of the Bastille container management\nframework. This release is still considered beta.\n\nSetup Requirements\n==================\nBastille can now (attempt) to configure the networking, firewall and storage\nautomatically. This feature is new since version 0.10.20231013.\n\n**bastille setup**\n\n```shell\nishmael ~ # bastille setup -h\nishmael ~ # Usage: bastille setup [pf|network|zfs|vnet]\n```\n\nOn fresh installations it is likely safe to run `bastille setup` with no\narguments. This will configure the firewall, the loopback interface and attempt\nto determine ZFS vs UFS storage.\n\nIf you have an existing firewall, or customized network design, you may want to\nrun individual options; eg `bastille setup zfs` or `bastille setup vnet`.\n\nNote: The `bastille setup` command can configure and enable PF but it does not\nautomatically reload the firewall. You will still need to manually `service pf\nstart`. At that point you'll likely be disconnected if configuring a remote\nhost. Simply reconnect the ssh session and continue.\n\nThis step only needs to be done once in order to prepare the host.\n\nExample (create, start, console)\n================================\nThis example creates, starts and consoles into the container.\n\n```shell\nishmael ~ # bastille create alcatraz 14.0-RELEASE 10.17.89.10/24\n```\n\n```shell\nishmael ~ # bastille start alcatraz\n[alcatraz]:\nalcatraz: created\n```\n\n```shell\nishmael ~ # bastille console alcatraz\n[alcatraz]:\nFreeBSD 14.0-RELEASE GENERIC\n\nWelcome to FreeBSD!\n\nRelease Notes, Errata: https://www.FreeBSD.org/releases/\nSecurity Advisories: https://www.FreeBSD.org/security/\nFreeBSD Handbook: https://www.FreeBSD.org/handbook/\nFreeBSD FAQ: https://www.FreeBSD.org/faq/\nQuestions List: https://www.FreeBSD.org/lists/questions/\nFreeBSD Forums: https://forums.FreeBSD.org/\n\nDocuments installed with the system are in the /usr/local/share/doc/freebsd/\ndirectory, or can be installed later with: pkg install en-freebsd-doc\nFor other languages, replace \"en\" with a language code like de or fr.\n\nShow the version of FreeBSD installed: freebsd-version ; uname -a\nPlease include that output and any error messages when posting questions.\nIntroduction to manual pages: man man\nFreeBSD directory layout: man hier\n\nTo change this login announcement, see motd(5).\nroot@alcatraz:~ #\n```\n\n```shell\nroot@alcatraz:~ # ps -auxw\nUSER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND\nroot 83222 0.0 0.0 6412 2492 - IsJ 02:21 0:00.00 /usr/sbin/syslogd -ss\nroot 88531 0.0 0.0 6464 2508 - SsJ 02:21 0:00.01 /usr/sbin/cron -s\nroot 6587 0.0 0.0 6912 2788 3 R+J 02:42 0:00.00 ps -auxw\nroot 92441 0.0 0.0 6952 3024 3 IJ 02:21 0:00.00 login [pam] (login)\nroot 92565 0.0 0.0 7412 3756 3 SJ 02:21 0:00.01 -csh (csh)\nroot@alcatraz:~ #\n```\n\nCommunity Support\n=================\nIf you've found a bug in Bastille, please submit it to the [Bastille Issue\nTracker](https://github.com/bastillebsd/bastille/issues/new).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBastilleBSD%2Fbastille","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBastilleBSD%2Fbastille","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBastilleBSD%2Fbastille/lists"}