alex/Tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Tutorials/freebsd/12_post-installation.md
Alexander Bobkov 60c29bb47e FreeBSD
2026-01-01 23:39:55 -05:00

1.5 KiB
Raw Permalink Blame History

Post-Installation Guide (ZFS + BastilleBSD)

A complete, structured, and command-ready template for building a clean, maintainable FreeBSD 14.3 system

1. System Updates

Bring the fresh installed FreeBSD to a known good state.

freebsd-update fetch
freebsd-update install
pkg bootstrap
pkg update
pkg upgrade

Create snapshot of freshly installed and upgraded setup:

zfs snapshot -r zroot@fresh-install

2. Security Hardening

SSH

Edit /etc/ssh/sshd.config:

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

Restart sshd service:

service sshd restart

3. Install Essential Packages

pkg install neovim nano curl wget htop iftop sudo vnstat

4. ZFS Tuning

Set properties

zfs set compression=zstd zroot
zfs set atime=off zroot

5. Networking Configuration

Prepare the host for VNET jails.

Add the following lines to the /etc/rc.conf file

ifconfig_re1="DHCP"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm re1 up"

6. BastilleBSD + ZFS Configuration

Install BastilleBSD

pkg install bastille
sysrc bastille_enable="YES"

Create ZFS dataset for BastilleBSD

zfs create -o mountpoint=/usr/local/bastille zroot/bastille

Edit the following lines in the /usr/local/etc/bastille/bastille.conf file:

bastille_zfs_enable="YES"
bastille_zfs_zpool="zroot"
bastille_zfs_prefix="bastille"

Start Bestille

service bestille start

Install Bootstrap 14.3

bastille bootsrtap 14.3-RELEASE
Reference in New Issue View Git Blame Copy Permalink