Containers creation and management the easy way!
Bastille on GitHub
Bastille Manager Extension on GitHub
Help with Translations
- Quick basic Jail creation and management.
Thin Jail creation by default saves disk space and easy to backup.
Quickly base upgrade/change on thin containers.
Thick Jail creation option for fully independent containers.
Jail quick rename ability.
Jail images export and import.
Jail conversion from Thinjail to Thickjail.
Zero dependencies, Jails are lightweight, Bastille is too.
The Extension can run as either with the WebGUI or CLI only.
The WebGUI reads Jail data on real-time, CLI changes are reflected in the WebGUI instantly.
Non tied WebGUI, a possible PHP future incompatibility wont stop your Jails from running normally.
Built-in text editor for flexible jail.conf and related configuration files adjustment.
Built-in Container backup and restore within the WebGU(see export/import).
- Full ZFS support for granular management and portability(more on this here).
Template support, create and share Jail templates(CLI for now).
Read-only root, confining the root user.
Isolated Networks, secure Jails behind the firewall(Advanced).
Target Multiple Jails, Execute commands inside one, few, or many Jails(Advanced).
This extension can be easily installed with the OneButtonInstaller
Minimum supported platforms version is 11.2 x64:
How to install:
Create a directory(or a ZFS dataset, advanced) called "bastille" with 750 perms in any permanent data location, then CD into it and execute the fetch command like shown in the example below:
Code: Select all
mkdir -p -m 0750 /mnt/Data/extensions/bastille cd /mnt/Data/extensions/bastille
Code: Select all
fetch --no-verify-peer https://raw.githubusercontent.com/JRGTH/xigmanas-bastille-extension/master/bastille-init && chmod +x bastille-init && ./bastille-init && echo "=> Done!"
Code: Select all
xigmanas: ~# bastille-init -h Usage: bastille-init -[option] | [container] Options: -s Start All Bastille Containers. -p Stop All Bastille Containers. -r Restart All Bastille Containers. -u Upgrade Bastille/Extension packages. -v Display product versions. -g Enables the addon GUI. -t Disable the addon GUI. -B Backup a Bastille container. -R Restore a Bastille container. -Z Activate ZFS for Bastille Extension. -x Reset Bastille/Extension config. -U Uninstall Bastille (Extension files only). -h Display this help message. Advanced Usage: bastille-init [option] [container] [release] | [newrelease] Options: update|--update Update a container to base -pX release. upgrade|--upgrade Upgrade a container release to X.Y-RELEASE. Note: Thick containers update/upgrade may depend on securelevel/allow.chflags. xigmanas: ~#
The extension default behavior is to pick the first active local network interface to quickly start creating shared IP based jails(non vnet) for standard usage, but advanced users can directly edit the config files with the built-in editor for their special networking needs.
The extension default behavior is to create standard jails in its permanent extension location, but advanced ZFS users can also edit "bastille.conf" to set the desired ZFS options regarding their needs before bastille first base release boostrap.
This extension does not use pkg tool to install bastille, it fetch directly from the Bastille devel GitHub master repository so the user will always get the latest bastille fixes and features for convenience.
Thin* jails or compact jails uses the basejail concept based on nullfs mounts and a single FreeBSD base release can be shared across multiples containers, they use low space initially.
Thick** jails or full jails uses a complete FreeBSD base release distribution, they use more space unlike thin jails but are self contained.
*The term "Thin" used here may also refers to the basejail concept based on nullfs mounts.
**The term "Thick" used here may also refers to Full self contained jails/containers.
Credits and Thanks:
Credits to Michael Zoon, Michael Schneider and the XigmaNAS Development Team for keep this project alive and forward.
Thanks to crest for the great support and help on the make of extensions, thanks to Christer Edwards for the BastilleBSD development and bmac2 for the Bastille Templates development.
Disclaimer: This Extension is provided AS-IS, and I'm NOT responsible for any data loss or damage caused by the use of it, use solely at your own risk.