jails

This command from bastille docs doesn't work: doas bastille bootstrap https://github.com/bastillebsd/templates Already up to date. No valid template hooks found. Template discarded. Does anyone know how to fix it?

In this article, we'll deploy both Jellyfin and Jellyseerr using Overlord, a DevOps-oriented tool for FreeBSD that emphasizes a declarative approach. Link: https://dtxdf.github.io/jellyseerr.html

I'm using Tailscale on the router for remote access to hosts inside the LAN, but I would also like to protect a jailed instance of vaultwarden with a reverse proxy in the jail. I've used Caddy on the other OS, and I really like the fact that it manages the certs, but the installer notes for...

GitOps is a modern operational framework that uses Git as the single source of truth. It is often mandatory to use a tool that emphasizes a declarative approach, where you define the desired state and the tool does the hard work. Or, in other words, an "everything is code" philosophy. Link...

Overlord will take care not to destroy the jail with your valuable virtual machine in vmjail deployments. However, this approach does not honor "The Ephemeral Concept" of AppJail, which has many advantages that cannot be ignored, particularly when updating or upgrading the jail and its contents...

https://docs.freebsd.org/en/books/handbook/jails/ I might be missing something - but if I follow this guide and I get to the point where I think I'm supposed to make these symbolic links - since we just moved the directories (usr, var etc) from the "base" to the "skeleton" in the steps before -...

Hey folks, I'm with problems to perform a make on a port on nullfs ports collection. Some LIB_DEPENDS is not built. I explain: I git clone ports into /usr/ports-development/ on my host. After I zfs clone thick jail named jdevelopment. So, I nullfs /usr/ports-development/ into...

Hi, is anybody running bhyve VMs inside of jails and can share experiences? The idea came to my mind because of OmniOS (illumos) is running bhyve VMs inside of a non-global zone: https://omnios.org/info/bhyve_kvm_brand.html When searching the web I've found this article, so it is possible...

Hi! Lately I'm thinking to get more into BSD systems and one of the first steps I want to make is to migrate my relatively simple self hosting setup (a single machine with few applications running on it) from Ubuntu to BSD. I was tempted to migrate this machine many times in the last years but...

I have Classic jail running gitea locally but every time i reboot i have to enter my jail and start gitea web. Is there a way to automate so i wont need to do so ?

i have installed searxng in a jail but havent got it working yet which maybe a pf firewall issue The jail already has Firefox installed so i thought it would make sense to install searxng in the same jail searxng is set to listen on the jails ip address 10.10.0.5 and port 8888 and since...

Hi all, I think I need some hints and tipps from you firewall and network experts here. Currently I have the following working scenario for IPv4: My server has one external IPv4 address. I'm running several jails hosting different services, each having an own 192.168.0.x IP on an internal...

Hi All, Noticed something interesting when creating a jail, if you use a numeric name it will assign that as the JID. Really appreciate it if anyone could help me answer the following questions - - Is this normal for jails or a bug? - Does it create a security risk using numeric names? - Why...

Just a curiousity, but today I realized that the pkg bootstrapper doesn't understand jails: pkg -j newjail -N > /dev/null 2>&1 || { echo "bootstrapping 'pkg' in jail 'newjail'" pkg -j newjail } Somewhat tangential, pkg seems to act correctly on the -y flag, but then claims to not...

Hi everyone, I've recently been working on setting up a Linux Jail with a VNET interface and I've managed to get the VNET interface up and running with a static IP by using copies of ifconfig and route from /rescue. However, I'm facing an issue with getting dhclient to work. I've tried...

Hi All, with an openvpn client on the host (tun0 = 10.8.1.10, em0 = 192.168.1.10) that redirects traffic to the VPN server (10.8.1.1), for some jails, I would like the following: jails can reach out to the internet (ex: pkg install) jails are reachable from the local network (can expose...

hi all, here is the situation: - i'm running 14.1-STABLE and unfortunately qgis in not installable using pkg, and the installation via ports/graphics runs for 12h+ and then stops for some issues with python-modules version... - i really do need qgis... i check and it's in 14.1-RELEASE as a pkg -...

I have two jails: - 104 is a shared IP jail (classic) with an alias on the host's em0 - 115 is a vnet jail on vnet0.192 There is a bridge0 bridge with em0 and vnet0.192 as members I cannot have the two jails talk together. More precisely, 115 -> 104 works, but not 104 -> 115. I did tests with...

Hello, Can someone please help me figure out how to forward ports from inside of a jail? I think I need the pf firewall to do this, but I could be wrong. I have three iocage jails, each on their own VLAN, each running tailscale inside. My goal is to have incoming connections over tailscale...

Hi everyone, I'm doing a pet project where I'm designing the topology of what I'm going to implement on my physical server when I'll buy it. So, right now, I'm working in VMware Fusion, just to play with it and understand how things can be configured. But before exploring the topic, I'll give...