#Tag
Will be working on a new build of BastilleBSD .iso images to include the latest advisory fixes and base updates.
In the meantime, here's your reminder to `pkg upgrade` / `freebsd-update fetch install` on your FreeBSD systems.
Will be working on a new build of BastilleBSD .iso images to include the latest advisory fixes and base updates.
In the meantime, here's your reminder to `pkg upgrade` / `freebsd-update fetch install` on your FreeBSD systems.
Want to contribute?
BastilleBSD is open-source.
Docs, testing, templates, feedback—all welcome.
Your expertise can help shape our next release!
Want to contribute?
BastilleBSD is open-source.
Docs, testing, templates, feedback—all welcome.
Your expertise can help shape our next release!
Mini-guide: Deploying a simple nginx proxy jail:
PKG nginx
SERVICE nginx enable
SERVICE nginx start
Simple. Reproducible. Automated.
Mini-guide: Deploying a simple nginx proxy jail:
PKG nginx
SERVICE nginx enable
SERVICE nginx start
Simple. Reproducible. Automated.
In 2000, Poul-Henning Kamp introduced FreeBSD jails.
Fast forward 25 years: BastilleBSD lets you manage dozens (or hundreds) of them with ease.
Same roots, more polish.
We build on the shoulders of giants.
In 2000, Poul-Henning Kamp introduced FreeBSD jails.
Fast forward 25 years: BastilleBSD lets you manage dozens (or hundreds) of them with ease.
Same roots, more polish.
We build on the shoulders of giants.
Want to isolate a DNS resolver?
bastille create dns 14.3-RELEASE 10.0.0.53
bastille pkg dns install unbound
bastille service dns unbound enable
bastille service dns unbound start
You now have a private resolver in a jail, safe from the host.
Bastille networks can be bridged, NAT’d, or VNET’d.
Run jails like mini-VMs, or keep them lean on localhost.
Flexibility is baked in.
Which setup do you prefer?
Did you know Bastillefiles let you declare system configs as code. Example:
PKG nginx
SYSRC nginx_enable=YES
SERVICE nginx start
Infrastructure as text—track it in git, share it with the world.
Want to isolate a DNS resolver?
bastille create dns 14.3-RELEASE 10.0.0.53
bastille pkg dns install unbound
bastille service dns unbound enable
bastille service dns unbound start
You now have a private resolver in a jail, safe from the host.
Quick tip:
> bastille create alcatraz 14.3-RELEASE 10.17.89.63
→ In one command, you’ve got an isolated FreeBSD jail spun up.
Perfect for testing or deploying apps safely and cleanly.
Bastille networks can be bridged, NAT’d, or VNET’d.
Run jails like mini-VMs, or keep them lean on localhost.
Flexibility is baked in.
Which setup do you prefer?
Considering a jump from Docker to Jails?
BastilleBSD gives you a lighter, faster, more secure alternative—no daemon overhead, just native FreeBSD isolation.
Unix philosophy reminder: Do one thing well.
BastilleBSD keeps that spirit alive by automating FreeBSD jails cleanly.
Small tools, composable power.
What’s your favorite "do one thing well" tool?
Did you know Bastillefiles let you declare system configs as code. Example:
PKG nginx
SYSRC nginx_enable=YES
SERVICE nginx start
Infrastructure as text—track it in git, share it with the world.
Quick tip:
> bastille create alcatraz 14.3-RELEASE 10.17.89.63
→ In one command, you’ve got an isolated FreeBSD jail spun up.
Perfect for testing or deploying apps safely and cleanly.
Unix philosophy reminder: Do one thing well.
BastilleBSD keeps that spirit alive by automating FreeBSD jails cleanly.
Small tools, composable power.
What’s your favorite "do one thing well" tool?
Considering a jump from Docker to Jails?
BastilleBSD gives you a lighter, faster, more secure alternative—no daemon overhead, just native FreeBSD isolation.
A space for Bonfire maintainers and contributors to communicate
