Merge pull request #39 from cedwards/master

update README for verify and service

README.md

@@ -37,6 +37,7 @@ Available Commands:
   list        List jails (running and stopped).
   pkg         Manipulate binary packages within targeted jail(s). See pkg(8).
   restart     Restart a running jail.
+  service     Manage services within targeted jail(s).
   start       Start a stopped jail.
   stop        Stop a running jail.
   sysrc       Safely edit rc files within targeted jail(s).
@@ -44,6 +45,8 @@ Available Commands:
   top         Display and update information about the top(1) cpu processes.
   update      Update jail base -pX release.
   upgrade     Upgrade jail release to X.Y-RELEASE.
+  verify      Compare release against a "known good" index.
+  zfs         Manage (get|set) zfs attributes on targeted jail(s).
 
 Use "bastille -v|--version" for version information.
 Use "bastille command -h|--help" for more information about a command.
@@ -300,6 +303,19 @@ folsom: created
 ```
 
 
+bastille service
+----------------
+To restart services inside a jail you can use the `bastille service` command.
+
+```shell
+ishmael ~ # bastille service folsom 'postfix restart'
+[folsom]
+postfix/postfix-script: stopping the Postfix mail system
+postfix/postfix-script: starting the Postfix mail system
+
+```
+
+
 bastille cmd
 ------------
 To execute commands within the jail you can use `bastille cmd`.
@@ -758,6 +774,27 @@ If you see errors or issues here, consider deleting and re-bootstrapping the
 release.
 
 
+bastille zfs
+------------
+This sub-command allows managing zfs attributes for the targeted jail(s).
+Common usage includes setting jail quotas.
+
+** set quota **
+```shell
+ishmael ~ # bastille zfs folsom 'set quota=1G'
+```
+
+** built-in: df **
+```shell
+ishmael ~ # bastille zfs ALL df
+```
+
+** built-in: df **
+```shell
+ishmael ~ # bastille zfs folsom df
+```
+
+
 Example (create, start, console)
 ================================
 This example creates, starts and consoles into the jail.

usr/local/bin/bastille

@@ -32,7 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 ## version
-BASTILLE_VERSION="0.3.20190204"
+BASTILLE_VERSION="0.3.20190623"
 
 usage() {
     cat << EOF
@@ -77,23 +77,19 @@ shift
 # Handle special-case commands first.
 case "${CMD}" in
 version|-v|--version)
-	echo -e "${COLOR_GREEN}${BASTILLE_VERSION}${COLOR_RESET}"
+    echo -e "${COLOR_GREEN}${BASTILLE_VERSION}${COLOR_RESET}"
-	exit 0
+    exit 0
-	;;
+    ;;
 help|-h|--help)
-	usage
+    usage
-	;;
+    ;;
 esac
 
 # Filter out all non-commands
 case "${CMD}" in
-cmd|cp|create|destroy|list|pkg|restart|start|stop|sysrc|template|verify)
+bootstrap|cmd|console|cp|create|destroy|htop|list|pkg|restart|service)
     ;;
-update|upgrade)
+start|stop|sysrc|template|top|update|upgrade|verify|zfs)
-    ;;
-console|bootstrap|htop|top)
-    ;;
-bootstrap|update|upgrade)
     ;;
 *)
 usage

usr/local/etc/bastille/bastille.conf

@@ -1,17 +1,30 @@
+#####################
 ## [ BastilleBSD ] ##
 #####################
 
 ## default paths
-bastille_prefix=/usr/local/bastille
+bastille_prefix=/usr/local/bastille                     ## default: "/usr/local/bastille"
-bastille_cachedir=${bastille_prefix}/cache
+bastille_cachedir=${bastille_prefix}/cache              ## default: ${bastille_prefix}/cache
-bastille_jailsdir=${bastille_prefix}/jails
+bastille_jailsdir=${bastille_prefix}/jails              ## default: ${bastille_prefix}/jails
-bastille_logsdir=${bastille_prefix}/logs
+bastille_logsdir=${bastille_prefix}/logs                ## default: ${bastille_prefix}/logs
-bastille_releasesdir=${bastille_prefix}/releases
+bastille_releasesdir=${bastille_prefix}/releases        ## default: ${bastille_prefix}/releases
-bastille_templatesdir=${bastille_prefix}/templates
+bastille_templatesdir=${bastille_prefix}/templates      ## default: ${bastille_prefix}/templates
-bastille_sharedir=/usr/local/share/bastille
+
-bastille_bootstrap_archives="base"
+## bastille scripts directory (assumed by bastille pkg)
-bastille_tzdata="America/Denver"
+bastille_sharedir=/usr/local/share/bastille             ## default: "/usr/local/share/bastille"
-bastille_nameserver1="1.1.1.1"
+
-bastille_nameserver2="1.0.0.1"
+## bootstrap archives (base, lib32, ports, src, test)
-bastille_nameserver3=""
+bastille_bootstrap_archives="base"                      ## default: "base"
-bastille_nameserver_options="options edns0 rotate"
+
+## default timezone
+bastille_tzdata="etc/UTC"                               ## default: "etc/UTC"
+
+## default jail resolv.conf
+bastille_resolv_conf="/etc/resolv.conf"                 ## default: "/etc/resolv.conf"
+
+## ZFS options
+bastille_zfs_enable=""                               ## default: ""
+bastille_zfs_zpool=""                              ## default: ""
+bastille_zfs_prefix="bastille"                          ## default: "${bastille_zfs_zpool}/bastille"
+bastille_zfs_mountpoint=${bastille_prefix}              ## default: "${bastille_prefix}"
+bastille_zfs_options="-o compress=lz4 -o atime=off"     ## default: "-o compress=lz4 -o atime=off"

usr/local/share/bastille/bootstrap.sh

@@ -65,7 +65,7 @@ bootstrap_directories() {
                 mkdir -p ${bastille_cachedir}/${RELEASE}
             fi
         else
-            mkdir -p "${bastille_cachedir}"
+            mkdir -p "${bastille_cachedir}/${RELEASE}"
         fi
     fi
 
@@ -110,7 +110,7 @@ bootstrap_directories() {
                 mkdir -p "${bastille_releasesdir}/${RELEASE}"
 	        fi
         else
-            mkdir -p "${bastille_releasesdir}"
+            mkdir -p "${bastille_releasesdir}/${RELEASE}"
         fi
     fi
 }
@@ -129,16 +129,15 @@ bootstrap_release() {
         fi
     done
 
-
     for _archive in ${bastille_bootstrap_archives}; do
         if [ ! -f "${bastille_cachedir}/${RELEASE}/${_archive}.txz" ]; then
             fetch ${UPSTREAM_URL}/${_archive}.txz -o ${bastille_cachedir}/${RELEASE}/${_archive}.txz
-	fi
+        fi
 
         if [ -f "${bastille_cachedir}/${RELEASE}/${_archive}.txz" ]; then
             echo -e "${COLOR_GREEN}Extracting FreeBSD ${RELEASE} ${_archive}.txz.${COLOR_RESET}"
             /usr/bin/tar -C "${bastille_releasesdir}/${RELEASE}" -xf "${bastille_cachedir}/${RELEASE}/${_archive}.txz"
-	fi
+        fi
     done
     echo
 
@@ -156,9 +155,9 @@ bootstrap_template() {
 
     ## support for non-git
     if [ ! -x /usr/local/bin/git ]; then
-	echo -e "${COLOR_RED}We're gonna have to use fetch. Strap in.${COLOR_RESET}"
+        echo -e "${COLOR_RED}We're gonna have to use fetch. Strap in.${COLOR_RESET}"
-	echo -e "${COLOR_RED}Not yet implemented...${COLOR_RESET}"
+        echo -e "${COLOR_RED}Not yet implemented...${COLOR_RESET}"
-	exit 1
+        exit 1
     fi
 
     ## support for git
@@ -203,7 +202,7 @@ bootstrap_template() {
         echo -e "${COLOR_GREEN}Template validation failed.${COLOR_RESET}"
         echo -e "${COLOR_GREEN}Deleting template.${COLOR_RESET}"
         rm -rf ${_template}
-	exit 1
+        exit 1
     fi
 
     ## if validated; ready to use 
@@ -213,8 +212,6 @@ bootstrap_template() {
     fi
 }
 
-#Usage: bastille bootstrap [release|template].${COLOR_RESET}"
-
 HW_MACHINE=$(sysctl hw.machine | awk '{ print $2 }')
 HW_MACHINE_ARCH=$(sysctl hw.machine_arch | awk '{ print $2 }')
 
@@ -244,7 +241,7 @@ case "${1}" in
     bootstrap_directories
     bootstrap_release
     ;;
-http?://github.com/*/*)
+http?://github.com/*/*|http?://gitlab.com/*/*)
     BASTILLE_TEMPLATE_URL=${1}
     BASTILLE_TEMPLATE_USER=$(echo "${1}" | awk -F / '{ print $4 }')
     BASTILLE_TEMPLATE_REPO=$(echo "${1}" | awk -F / '{ print $5 }')

usr/local/share/bastille/cp.sh

@@ -57,6 +57,6 @@ fi
 for _jail in ${JAILS}; do
     bastille_jail_path="$(jls -j "${_jail}" path)"
     echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
-    cp -a "$2" "${bastille_jail_path}/$3"
+    cp -av "$2" "${bastille_jail_path}/$3"
     echo
 done

usr/local/share/bastille/zfs.sh

@@ -0,0 +1,89 @@
+#!/bin/sh
+# 
+# Copyright (c) 2018-2019, Christer Edwards <christer.edwards@gmail.com>
+# All rights reserved.
+# 
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# 
+# * Redistributions of source code must retain the above copyright notice, this
+#   list of conditions and the following disclaimer.
+# 
+# * Redistributions in binary form must reproduce the above copyright notice,
+#   this list of conditions and the following disclaimer in the documentation
+#   and/or other materials provided with the distribution.
+# 
+# * Neither the name of the copyright holder nor the names of its
+#   contributors may be used to endorse or promote products derived from
+#   this software without specific prior written permission.
+# 
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+. /usr/local/share/bastille/colors.pre.sh
+. /usr/local/etc/bastille/bastille.conf
+
+usage() {
+    echo -e "${COLOR_RED}Usage: bastille zfs [ALL|glob] '[set|get] key=value'${COLOR_RESET}"
+    exit 1
+}
+
+# Handle special-case commands first.
+case "$1" in
+help|-h|--help)
+    usage
+    ;;
+esac
+
+## check ZFS enabled
+if [ ! "${bastille_zfs_enable}" = "YES" ]; then
+        echo -e "${COLOR_RED}ZFS not enabled.'${COLOR_RESET}"
+        exit 1
+fi
+
+## check zpool defined
+if [ -z "${bastille_zfs_zpool}" ]; then
+        echo -e "${COLOR_RED}ZFS zpool not defined.'${COLOR_RESET}"
+        exit 1
+fi
+
+if [ $# -gt 2 ] || [ $# -lt 2 ]; then
+    usage
+fi
+
+if [ "$1" = 'ALL' ]; then
+    JAILS=$(jls name)
+fi
+if [ "$1" != 'ALL' ]; then
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
+fi
+
+if [ "$1" = 'ALL' ]; then
+    if [ "$2" = 'df' ]; then
+        zfs list -o name,used,avail,refer,mountpoint,quota,ratio -r ${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails
+    fi
+fi
+
+if [ "$1" != 'ALL' ]; then
+    if [ "$2" = 'df' ]; then
+        for _jail in ${JAILS}; do
+            zfs list -o name,used,avail,refer,mountpoint,quota,ratio -r ${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${_jail}
+        done
+    fi
+fi
+
+if [ "$2" != 'df' ]; then
+    for _jail in ${JAILS}; do
+        echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
+        zfs $2 ${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${_jail}
+        echo
+    done
+fi