Skip to content

Bastille Day 2020

Pre-release
Pre-release
Compare
Choose a tag to compare
@cedwards cedwards released this 14 Jul 03:50
· 671 commits to master since this release
0.7.20200714
5edf9cb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Bastille 0.7.20200714

Release Highlights

This release matures the project from 0.6.x -> 0.7.x. Continued testing and bug fixes are proving Bastille capable for a range of use-cases. New (experimental) features are examples of innovation from community contribution and feedback. Thank you.

Bastillefile

Bastillefile template syntax now allows for more flexible automation by allowing template hooks to be used in any order. An example:

# Bastillefile
CMD mkdir -p /usr/local/www/myapp
CP /some/files usr/local/www/myapp
PKG nginx-lite
SYSRC nginx_enable=YES
SERVICE nginx start
...

This feature and syntax is new. Please report any issues to our GitHub issue tracker.
See the Bastille README for more info.

Experimental Empty Container

This new (experimental) feature creates an empty container allowing you to try creating Linux containers. Your mileage may vary. Use at your own risk. Did I mention it is experimental? 😄

mount / umount sub-commands

Previously we had support to mount storage into containers using the template automation. This release adds the mount and umount sub-commands allowing you to dynamically add and remove storage from containers. Syntax matches fstab, eg;

bastille mount [TARGET] [HOST_PATH] [CONTAINER_PATH] [FILESYSTEM_TYPE] [OPTIONS] [DUMP]

Example: (mounting "Movies" read-only to the plexmediaserver container)

bastille mount plexmediaserver /storage/Movies /media/Movies nullfs ro 0 0

General Improvements

Bastille's template sub-command now uses native sub-commands to execute automation. This makes the code more re-usable and is a much appreciated community contribution. Thank you.

Documentation

The bastille.conf now describes the bootstrap_archives options. This describes the space-delimited list of components that bootstrap will use. This setting applies to any release at time of bootstrap. The default value remains base.

## bootstrap archives, which components of the OS to install.
## base  - The base OS, kernel + userland
## lib32 - Libraries for compatibility with 32 bit binaries
## ports - The FreeBSD ports (3rd party applications) tree
## src   - The source code to the kernel + userland
## test  - The FreeBSD test suite
## this is a whitespace separated list:
## bastille_bootstrap_archives="base lib32 ports src test"
bastille_bootstrap_archives="base"                                    ## default: "base"

Bug Fixes

  • bastille_logsdir now points to /var/log/bastille; applies to new jails only
  • add Vagrantfile to repo for quick testing
  • fstab entry deduplication and full path validation
  • code cleanup and formatting
Assets 2
Loading