BastilleBSD :freebsd:

Happy Friday #FreeBSD

Run anything. Trust nothing. #BastilleBSD

Working on a BastilleBSD website refresh this week.

The website has been in it's (mostly) current form for probably six years. A lot has changed since then!

I'll announce here when the new site is ready to view!

#FreeBSD #BastilleBSD

Reviewing DNS logs and noticed that `vuxml.freebsd.org` fails DNSSEC validation but `matrix-dev.freebsd.org` passes.

Can anyone else confirm or is my software buggy?

#FreeBSD #DNSSEC

I am looking for a few more US-based early adopters to provide feedback on a protective DNS service offering aligned with NIST SP 800-81 Rev. 3 (March 2026).

https://csrc.nist.gov/pubs/sp/800/81/r3/final

This service merges Zero Trust and DNS without requiring client-side agents. Supports mobile devices, browsers, server hardware & IoT.

If you're interested in providing feedback on this service as a free beta tester, email me at:

[email protected]

#FreeBSD #BastilleBSD #ZTA #DNS #IOT #NIST #Infosec

This week the FreeBSD project published a number of security advisories and updates.

These include updates for components like: pf, tzdata, amd64, dhclient, libnv, and exec.

Be sure to update your systems using `freebsd-update`, `freebsd-rustdate` (a bit faster) or `pkg update` if you're on pkgbase.

Also patch your jails using `bastille update 15.0-RELEASE`

#FreeBSD #BastilleBSD

Maybe I'm biased, but I'm shocked when I see people still running iocage.

It's not that it's bad software, it just hasn't been maintained in literal years!

How are people still running software that never gets patched? Crazy to me!

For those on iocage that still need a new home, we can import your jails natively. A simple iocage export and bastille import and you're migrated to a supported platform.

#FreeBSD #BastilleBSD #iocage

I'm not getting much traction on a couple of reported issues in #FreeBSD ports.

Can some ports maintainers / committers take a look at these please?

These changes fully BROKE every adguardhome installation and need to be FULLY reverted. I've reported as such, but have not seen any responses.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294574

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294711

#FreeBSD #ports #adguardhome

We may be in the market to hire a part-time FreeBSD and Bastille sysadmin (~20hrs week) specifically in the EMEA or APAC timezones (eventually both).

The roles require experience with FreeBSD, Bastille, nginx, and at least one useful coding language.

Timeline is mid-to-late 2026 to start.

Any of our EU / APAC friends want to come work part-time with the Bastille creator on a cybersecurity startup?

#FreeBSD #BastilleBSD #Cybersecurity

SYNOPSIS
bastille console [-ax] TARGET [USER]

DESCRIPTION
The bastille console sub-command will enter a jails shell. If a user is given, it will enter as that user.

EXAMPLES
Console into myjail:
# bastille console myjail

Console into myjail as bob:
# bastille console myjail bob

Console into a stopped jail as bob:
# bastille console -a myjail bob

#ManpageMonday #BastilleBSD #FreeBSD

SYNOPSIS
bastille config [-x] set|add PROPERTY [VALUE]
bastille config [-x] get|remove PROPERTY

DESCRIPTION
The bastille config sub-command will modify targeted jail(s) configuration and get, set, add or remove properties.

EXAMPLES
Set allow.mlock inside myjail:
# bastille config myjail set allow.mlock 1

Set to priority value of myjail:
# bastille config myjail set priority 10

Set the boot value:
# bastille config myjail set boot off

#ManpageMonday #BastilleBSD #FreeBSD

SYNOPSIS
bastille template [-ax] TARGET|convert TEMPLATE

DESCRIPTION
The bastille template sub-command will apply the specified TEMPLATE to TARGET.

-a, --auto : Auto mode. Start/stop jail(s) if required.

-x, --debug : Enable debug mode.

EXAMPLES
Apply www/nginx to myjail:
bastille template myjail www/nginx

#ManpageMonday #BastilleBSD #FreeBSD

SYNOPSIS
bastille tags [-x] TARGET add|delete tag1,tag2
bastille tags [-x] TARGET list [tag]

DESCRIPTION
The bastille tags sub-command add, remove and list tags for jails.

EXAMPLES
Add 'prod' tag to myjail and yourjail:
# bastille tags 'myjail yourjail' add prod

Show jails with the tag 'web':
# bastille tags ALL list web

#ManpageMonday #BastilleBSD #FreeBSD

SYNOPSIS
bastille setup [-ax]
bastille setup [-ax]
bridge|linux|loopback|netgraph|firewall|shared|storage|vnet

DESCRIPTION
The bastille setup sub-command will attempt to configure different options for your environment.

#ManpageMonday #BastilleBSD #FreeBSD

NAME
bastille etcupdate – Update /etc for jail(s).

SYNOPSIS
bastille etcupdate [-fx] bootstrap RELEASE
bastille etcupdate [-dx] TARGET update RELEASE
bastille etcupdate [-x] TARGET diff|resolve

DESCRIPTION
The bastille etcupdate sub-command will bootstrap a tarball from RELEASE which can then be used to update the contents of /etc inside jails after performing an upgrade.

#ManpageMonday #BastilleBSD #FreeBSD

SYNOPSIS
bastille clone [-alx] TARGET NEW_NAME IP

The bastille clone sub-command will create an exact duplicate of the targeted jail, giving it the specified NEW_NAME and IP address.

EXAMPLES
Clone myjail to newjail:
# bastille clone myjail newjail 10.23.3.4/24

Clone myjail to newjail with DHCP (VNET only):
# bastille clone myjail newjail DHCP

Clone myjail to newjail while running, with debug mode:
# bastille clone -xl myjail newjail 10.23.3.4/24

#ManpageMonday #BastilleBSD #FreeBSD

I'm pleased to report that I've just submitted the final capstone paper for my master's degree in cybersecurity!

#cybersecurity #infosec #freebsd #bastillebsd #learning #education

The bastille convert sub-command will convert a thin jail to a thick jail if only the TARGET argument is given.

If a TARGET and RELEASE is specified, it will convert the jail into a custom release. The jail will remain intact, and you will have a duplicate of it to use a a release base for any new jails.

EXAMPLES
Convert myjail from thin to thick:
# bastille convert myjail

Create myrelease from myjail:
# bastille convert myjail myrelease

#ManpageMonday #BastilleBSD #FreeBSD

NAME
bastille jcp – Copy file(s)/directorie(s) from jail to jail(s).

SYNOPSIS
bastille jcp [-qx] SOURCE_JAIL JAIL_PATH DESTINATION_JAIL JAIL_PATH

DESCRIPTION
The bastille jcp sub-command will copy files and directories from a single jail to any targeted jail(s).

-q, --quiet : Suppress output.

-x, --debug : Enable debug mode.

EXAMPLES
Copy /etc/resolv.conf from myjail to yourjail:
# bastille jcp myjail /etc/resolv.conf yourjail /etc

#ManpageMonday #BastilleBSD #FreeBSD

NAME
bastille rcp – Copy file(s)/directorie(s) from jail to host.

SYNOPSIS
bastille rcp [-qx] TARGET JAIL_PATH HOST_PATH

DESCRIPTION
The bastille rcp sub-command will copy JAIL_PATH to HOST_PATH from inside TARGET.

-q, --quiet : Suppress output.

-x, --debug : Enable debug mode.

EXAMPLES
Copy /etc/resolv.conf.custom to host:
# bastille rcp myjail /etc/resolv.custom /jailstuff/etc

Copy /etc to host quietly:
# bastille rcp -q myjail /etc /jailstuff/etc

#ManpageMonday #BastilleBSD

From `man bastille-restart`:

EXAMPLES
Restart all jails, ignoring stopped jail:
> bastille restart -i all

Restart all jails, but only if boot=on:
> bastille restart -b all

Restart all jails with a 5 second delay between each one:
> bastille restart -d 5 all

#FreeBSD #BastilleBSD #ManpageMonday

If you're curious to see something novel today, check this out.

https://www.youtube.com/live/2tVKonDzLDg?si=Vj4Mcphf6H4Ogxcc

I started live streaming from the remote Arizona desert at sunrise this morning, and the stream has been going all day.

Join me for warmer weather, desert solitude and some dystopian cyberpunk background music.

#Friday #Weekend #Disconnect

Let's do something different today.

Join me for a live-stream of a beautiful desert sunset.

I'm currently exploring wild places in the American Southwest (Arizona), and sharing some of it with you.

Current location: Kofa National Wildlife Refuge

https://youtube.com/@chrisacrossamerica/streams

Take a few minutes for yourself, slow down, and consider joining. See you there. 😎

#BastilleBSD

NAME
bastille service – Manage services within jail(s).

SYNOPSIS
bastille service [-ax] TARGET SERVICE ARGS

DESCRIPTION
The bastille service sub-command can manage services in jails.

-a, --auto
Auto mode. Start/stop jail(s) if required.

-x, --debug
Enable debug mode.

EXAMPLES
Start nginx in myjail:
> bastille service myjail nginx start

Stop caddy in myjail:
> bastille service myjail caddy stop

#BastilleBSD #FreeBSD #ManpageMonday

Did you know that there are historical and literary "easter eggs" in the Bastille documentation?

I can't provide any clues without giving them away, but after eight years I'm starting to think they're too clever.

#FreeBSD #BastilleBSD #EasterEgg #Documentation

Another sneak preview of the in-progress BastilleBSD web interface, powered by the new BastilleBSD API.

The Resources page provides you with a quick overview of the available hardware resources and allows you to manage CPU, MEM and DISK based limits.

What do you think about the Resources page?

Note: these previews are still subject to change before release.

#FreeBSD #BastilleBSD

The `vi` editor, a staple of UNIX-like systems, was first released in 1976 as part of the BSD. What are your favorite `vi`/`vim` tricks?

I regularly use the `gq` command in vim to clean up and format text blocks.

#vi #BSD #UNIX #EditorWars

The /tmp directory, a temporary file storage area, has been a part of UNIX-like systems since the earliest days.

What's the weirdest thing you've ever found in /tmp?

#UNIX #History #tmp #FreeBSD

2026 continues to be a good year for BastilleBSD!

We've onboarded our third training cohort this month, API development continues to mature and the UI is nearly ready for wider testing.

Let us know here if you'd like to help beta test the API and web interface on your Bastille hosts.

#BastilleBSD #FreeBSD #2026 #Training #API

Want to contribute to Rocinante?

It's an open-source project, and new contributors are always welcome. Check out the GitHub repository to get started.

https://github.com/BastilleBSD/rocinante

#FreeBSD #Rocinante #OpenSource #Contribute #Automation

Our FreeBSD training is not just for beginners.

Our courses also include advanced topics like network performance tuning, security hardening, and ZFS administration.

Email [email protected] for details and scheduling.

#TrainingTuesday #FreeBSD #ZFS #Hardening #ProfessionalDevelopment

Observe read-only Friday whenever possible.

Pushing to production on a Friday is a surefire way to ruin your weekend.

#Sysadmi #devops #FreeBSD

Ready to level up your FreeBSD knowledge? Our comprehensive training courses cover everything from the basics to advanced system administration.

Email [email protected] for more details.

#TrainingTuesday #FreeBSD #SysAdmin #getfedihired

Did you know that the iconic "daemon" mascot of FreeBSD was originally designed by John Lasseter, the animator from Pixar?

#FreeBSD #Daemon #Mascot #FunFact #TechHistory

#TrainingTuesday

We've successfully launched our first two cohorts of 2026!

Join our next cohort starting in February.

Are you ready to level up your Bastille skills?

Our comprehensive training covers
everything you need to master Bastille.

15% discounts for teams of 4 or more.

Email [email protected] for course details.

#FreeBSD #SysAdmin #BastilleBSD #Training

Imagine you went to bed last night and somehow woke up in the past.

What year do you *wish* we were waking up to today?

…and what would you do differently this time?

#Rewind #2026

Enjoy your pre-holiday weekend!

I'm sure I will be doing homework toward to my Cybersecurity Master's degree.

Never stop learning.

#OpenSource #Weekend #Friday #NeverStopLearning

FYI we're aware of an issue with bootstrapping Debian-based releases (trixie and bookworm) on recent versions of Bastille.

The source of this issue is found "upstream" of us, but we're looking into some workarounds.

Thank you to everyone that reported the issue and we appreciate your patience.

#FreeBSD #BastilleBSD #Debian #debootstrap

Some info parsed from the bastille git repository.

Highlights:
- 7 years old
- 120 contributors
- 1.37MiB
- 3200+ commits

(check out `onefetch` pkg to query your own repositories)

#FreeBSD #BastilleBSD #onefetch #git

Did you know that we offer customized training courses and that our founder is a former University instructor?

Do you use Bastille at work? Let us help you leverage it to its full potential.

We'll be starting fresh cohorts beginning next year. Email `[email protected]` to reserve your seat.

#FreeBSD #BastilleBSD #TeachingTuesday #TrainingTuesday

#WebWednesday

This week we're showcasing Bastille related content from the web and the topic is…

WINE Gaming in FreeBSD Jails

https://pertho.net/2025/11/07/wine-gaming-freebsd-jails/

#FreeBSD #BastilleBSD #Gaming #WINE

Level up your career by adding FreeBSD expertise to your resume! Our focused training bridges the gap for experienced Linux admins. Invest in skills that power the most stable systems on earth.

https://bastillebsd.org/training/

#SkillUp #FreeBSD #Training

Feeling hesitant about moving to a new OS or container strategy? Don't let fear of the unknown stop you. Start small—try Bastille on a VM this week. Sometimes the biggest security gains come from the smallest decisions.

#MotivationMonday #FreeBSD #BastilleBSD

What music is fueling your late-night Bastille development or sysadmin session? Are you coding to metal, classical, or total silence? Drop your power playlist!

#CodingMusic #OpenSource #Linux #FreeBSD

If you could add one major quality-of-life improvement to Bastille in the next release, what would it be? We value community input!

Drop your ideas below.

#BastilleBSD #FeatureRequest #CommunityFeedback #FreeBSD

Even the biggest problems are solved one step at a time. You can do this!

#MotivationMonday #Tech #FreeBSD #Linux

Infrastructure success isn't built on one heroic effort, but on daily, consistent maintenance. Did you run your system updates this morning?

Keep that momentum going! Small habits, big results.

#MotivationMonday #Consistency #SysAdmin #runBSD

What's your goal this weekend?

Maybe configuring your first hardened application jail? Whatever it is, take a break, but keep the learning light on! Happy coding!

#WeekendVibes #TechGoals #Learning

Manage resources like a pro!

Bastille, paired with robust FreeBSD features, gives you fine-grained control over CPU, memory, and network resources for each isolated jail. Efficiency and control—a powerful combo.

https://bastillebsd.org

#ResourceControl #FreeBSD #Jails #BastilleBSD

Remember that open source is about community.

Don't be afraid to ask for help or share your solutions. Collaboration accelerates progress for everyone using Bastille. Let's build together!

#MotivationMonday #Community #OpenSource #FreeBSD #Linux