#jail #freebsd #create-user #iocage

bin+lib iocage-provision

Creates an iocage based FreeBSD jail

3 unstable releases

0.2.0 Jul 4, 2021
0.1.1 Jul 3, 2021
0.1.0 Jul 3, 2021

#1623 in Command line utilities

MPL-2.0 license

71KB
1.5K SLoC

Rust 649 SLoC // 0.0% comments Shell 613 SLoC // 0.0% comments Pan 216 SLoC // 0.0% comments


iocage-provision

Creates an iocage based FreeBSD jail.

CI CI Status
Bors enabled
Latest Version Latest version
Documentation Documentation
Crate Downloads Crate downloads
GitHub Downloads Github downloads
License Crate license

This program uses iocage to create a VNET networked ZFS-backed FreeBSD jail. Suitable defaults are computed for the default gateway and base release to reduce the number of arguments in the common case. An optional --ssh flag will install and start an SSH service when the jail boots for remote management. Finally, an optional --user option will create a user in the new jail by copying values from the outside/host system.

Table of Contents

CLI

Usage

Example 1 Provisioning a New Jail With a Name and Address

The following command will create a new jail called ferris with an IP address/subnet mask of 192.168.0.100/24.

$ iocage-provision ferris 192.168.0.100/24

Example 2 Provisioning a New Jail With a User and SSH Service

The following command will create a new jail with a running SSH service, and a user called jdoe which is copied from the host system (note that the user must exist on the host system).

$ iocage-provision --user jdoe --ssh homebase 10.0.0.25/24

Example 3 Using a Custom Default Gateway and Base Release

The following command will create a new jail by overriding the default gateway and default base release values.

$ iocage-provision --gateway 10.1.0.254 --release 11.1-RELEASE \
  bespoke 10.1.0.1/24

Installation

install.sh (Pre-Built Binaries)

An installer is provided at https://fnichol.github.io/iocage-provision/install.sh which installs a suitable pre-built binary for FreeBSD. It can be downloaded and run locally or piped into a shell interpreter in the "curl-bash" style as shown below. Note that if you're opposed to this idea, feel free to check some of the alternatives below.

To install the latest release for your system into $HOME/bin:

> curl -sSf https://fnichol.github.io/iocage-provision/install.sh | sh

When the installer is run as root the installation directory defaults to /usr/local/bin:

> curl -sSf https://fnichol.github.io/iocage-provision/install.sh | sudo sh

A nightly release built from HEAD of the main branch is available which can also be installed:

> curl -sSf https://fnichol.github.io/iocage-provision/install.sh \
    | sh -s -- --release=nightly

For a full set of options, check out the help usage with:

> curl -sSf https://fnichol.github.io/iocage-provision/install.sh \
    | sh -s -- --help

GitHub Releasees (Pre-Built Binaries)

Each release comes with binary artifacts published in GitHub Releases. The install.sh program downloads its artifacts from this location so this serves as a manual alternative. Each artifact ships with MD5 and SHA256 checksums to help verify the artifact on a target system.

Cargo Install

If Rust is installed on your system, then installing with Cargo is straight forward with:

> cargo install iocage-provision

From Source

To install from source, you can clone the Git repository, build with Cargo and copy the binary into a destination directory. This will build the project from the latest commit on the main branch, which may not correspond to the latest stable release:

> git clone https://github.com/fnichol/iocage-provision.git
> cd iocage-provision
> cargo build --release
> cp ./target/release/iocage-provision /dest/path/

Library

CI Status

Build (main branch)

Operating System Target Stable Rust
FreeBSD x86_64-unknown-freebsd FreeBSD Build Status

Test (main branch)

Operating System Stable Rust Nightly Rust
FreeBSD FreeBSD Stable Test Status FreeBSD Nightly Test Status

Note: The Minimum Supported Rust Version (MSRV) is also tested and can be viewed in the CI dashboard.

Check (main branch)

Status
Lint Lint Status
Format Format Status

Code of Conduct

This project adheres to the Contributor Covenant code of conduct. By participating, you are expected to uphold this code. Please report unacceptable behavior to fnichol@nichol.ca.

Issues

If you have any problems with or questions about this project, please contact us through a GitHub issue.

Contributing

You are invited to contribute to new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.

Before you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

Release History

See the changelog for a full release history.

Authors

Created and maintained by Fletcher Nichol (fnichol@nichol.ca).

License

Licensed under the Mozilla Public License Version 2.0 (LICENSE.txt).

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the MIT license, shall be licensed as above, without any additional terms or conditions.

Dependencies

~4–13MB
~191K SLoC