alex/Tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Tutorials/freebsd/20_bastille.md
Alexander Bobkov bb86e27490 FreeBSD
2026-01-02 00:41:13 -05:00

2.5 KiB
Raw Permalink Blame History

Working with Bastille Containers (Jails)

FreeBSD uses "jails" as its container technology - lightweight, isolated environments similar to Docker containers. Bastille makes managing these jails simple and efficient. In the following sections, you'll learn how to create and manage containers for various applications.

Note: All commands should be run with sudo unless you're logged in as root.

1. Create a Test Isolated Secure Container

Let's start by creating a simple test environment to verify your Bastille installation is working correctly.

bastille create testenv 14.3-RELEASE 192.168.10.50 bridge0
bastille start textenv

2. Access the Container

bastille console testenv

Deploy Gitea in a Container

Gitea is a lightweight, self-hosted Git service - perfect for managing your code repositories. We'll deploy it in an isolated container for security and easy management.

1. Create the Gitea Container

bastille create gitea 14.3-RELEASE <IP-ADDRESS> bridge0

2. Start the Container

bastille start gitea

3. Enter the Gitea Container Console

bastille console gitea

4. Install Gitea and its Dependencies

pkg update
pkg install gitea git nano

4. Enable Gitea to start on boot

sysrc gitea_enable="YES"

5. Create the Gitea user

pw useradd gitea -c "Gitea" -d /var/db/gitea -s /usr/sbin/nologin
pw groupadd gitea

6. Create Required Directories

mkdir -p /usr/local/etc/gitea
mkdir -p /var/log/gitea
mkdir -p /var/db/gitea

7. Set Proper Ownerships

chown -R gitea:gitea /usr/local/etc/gitea
chown -R gitea:gitea /var/log/gitea
chown -R gitea:gitea /var/db/gitea

chmod 750 /usr/local/etc/gitea
chmod 750 /var/log/gitea
chmod 750 /var/db/gitea

8. Start Gitea

service gitea start

Verify Gitea is running

service gitea status

9. Exit the Container

exit

From your host system or another machine on the network, access Gitea's web interface:

http://<IP-ADDRESS:3000>

10. Create a Buckup Snapshot

Once Gitea is configured and working, create a ZFS snapshot for easy backup.

sudo zfs snapshot zroot/bastille/jails/gitea/root@fresh-install

11. Rollback Buckup Snapshot

⚠️ WARNING: This destroys all changes made after the snapshot was created!

sudo bastille stop gitea

Rollback to the Snapshot

sudo zfs rollback zroot/bastille/jails/gitea/root@fresh-install

Start the Container

sudo bastille start gitea
Reference in New Issue View Git Blame Copy Permalink