Skip to content

mjakob-gh/jailer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

101 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
usr/local
usr/local
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
jailer.sh
jailer.sh
 
 

Repository files navigation

jailer

A script to build FreeBSD jails from pkgbase (see https://github.com/mjakob-gh/build-freebsd-system) or basecore (see https://github.com/mjakob-gh/create-basecore-pkg) package(s).

Installation

Make sure, you have access to a pkgbase and/or basecore repository and it is/they are enabled (pkg -vv). You can, of course, change the names of paths, names, etc. but dont forget to use the correct ones in /usr/local/etc/jailer.conf

clone the repository to the directory jailer:

git clone https://github.com/mjakob-gh/jailer.git jailer

copy files an directories to their places:

cd jailer
cp jailer.sh /usr/local/sbin/jailer
chown root:root /usr/local/sbin/jailer
chmod 755 /usr/local/sbin/jailer
cp ./usr/local/etc/jailer.conf  /usr/local/etc/jailer.conf
cp -a ./usr/local/share/jailer/ /usr/local/share/jailer/

create a "starter" /etc/jail.conf with these default values, jailer will add the jails to this file

# set default configuration values
mount.devfs = true;
exec.clean = true;
allow.chflags = 1;

devfs_ruleset = 5;

exec.system_user  = "root";
exec.jail_user    = "root";

exec.timeout = 30;
stop.timeout = 30;

#########
# Jails #
#########

create a dataset for the jails (you can use option compress=lz4 on systems before FreeBSD 13, on newer systems you can use compress=zstd for better performing compression)

zfs create -o compress=zstd -o mountpoint=/jails zroot/jails

optional: set a sizelimit for the jail dataset

zfs set quota=250G zroot/jails

edit the configuration file and adapt the entries to your environment:

vi /usr/local/etc/jailer.conf

Usage

for a list of commands and arguments see

jailer help

Examples

Create jails

  • create a pkgbase jail with the IP and start it directly (-s):
jailer create j1 -i 192.168.0.101 -s
  • create another pkbase jail with a VNET network (-v):
jailer create j2 -i 192.168.0.102 -s -v
  • create and start a jail with the basecore (-m) pkg:
jailer create j3 -i 192.168.0.103 -s -m
  • create and start a basecore jail (-m), install (-P) and enable (-e) the nginx webserver:
jailer create j4 -i 192.168.0.104 -s -m -P "nginx" -e "nginx"
  • create and start a basecore jail (-m), with a VNET network (-v) and the SSH server enabled (-o):
jailer create j5 -i 192.168.0.105 -s -v -m -o

Update jails

  • update a jail base (-b), the installed packages (-p) and restart it:
jailer update j1 -b -p -s

Destroy jails

  • remove a created jail
jailer destroy j4
  • list running jails
jailer list

control jails (start|stop|restart [jailname])

  • stop all jails
jailer stop
  • stop jail j1
jailer stop j1
  • restart jail j2
jailer restart j2

About

Create and manage FreeBSD jails from a pkgbase repository

Topics

freebsd jails freebsd-jail-manager pkgbase

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages