Stefano Marinelli
boosted
I am back 😋
I successfully update my server and my three #Bastille jails from my iPhone during my bus ride to go back home.
Tip: always use #tmux or similar, it will help if you loose Internet mobile connection.
1. sudo freebsd-update fetch
2. sudo freebsd-update install
3. shutdown -r now
4. sudo bastille update 14.3-RELEASE
5. sudo bastille restart all
Et voilà 
I am back 😋
I successfully update my server and my three #Bastille jails from my iPhone during my bus ride to go back home.
Tip: always use #tmux or similar, it will help if you loose Internet mobile connection.
1. sudo freebsd-update fetch
2. sudo freebsd-update install
3. shutdown -r now
4. sudo bastille update 14.3-RELEASE
5. sudo bastille restart all
Et voilà
Stefano Marinelli
boosted
Awesome. With #FreeBSD if I needed Solr 8 (which is end of life), I just built the package for arm64 and stuck it in the hosts #bastille directory where it could install the package in seconds.
In contrast, Ansible on Linux is set to download the official Solr tarball and run the installation script. It took 16 minutes just to download from Apache's excruciatingly slow distribution web servers. (the tarball is less than 200 MB!)
FreeBSD and it's ports/packages are miles ahead here.
(And before you ask: Ubuntu doesn't have Apache Solr in its official packages)
Awesome. With #FreeBSD if I needed Solr 8 (which is end of life), I just built the package for arm64 and stuck it in the hosts #bastille directory where it could install the package in seconds.
In contrast, Ansible on Linux is set to download the official Solr tarball and run the installation script. It took 16 minutes just to download from Apache's excruciatingly slow distribution web servers. (the tarball is less than 200 MB!)
FreeBSD and it's ports/packages are miles ahead here.
(And before you ask: Ubuntu doesn't have Apache Solr in its official packages)
Michael Dexter
boosted
Started building my entire infrastructure monitoring solution from scratch!
- Powered by FreeBSD! 
- Using Jails and seperation of duty:
- One Jail running Grafana and Prometheus
- One Jail running Netbird Wireguard to connect my infra securely
- One Jail running Nginx and Certbot
All ZFS based for backup / snapshots and rollback options.
Routed and NAT'ed via a seperate dedicated pf jail.
All working fine, I get first metrics and can start slowly improve from here.
Todo:
- Alerts via AlertManager
- Log-Ingestion via promtail
- Log analysis with Grafana Loki
- Adding remaining servers via WireGuard Mesh VPN
- Adding another Jail for Uptime-Kuma
#monitoring #freebsd #grafana #loki #linux #devops #jails #bastille #zfs
Started building my entire infrastructure monitoring solution from scratch!
- Powered by FreeBSD!
- Using Jails and seperation of duty:
- One Jail running Grafana and Prometheus
- One Jail running Netbird Wireguard to connect my infra securely
- One Jail running Nginx and Certbot
All ZFS based for backup / snapshots and rollback options.
Routed and NAT'ed via a seperate dedicated pf jail.
All working fine, I get first metrics and can start slowly improve from here.
Todo:
- Alerts via AlertManager
- Log-Ingestion via promtail
- Log analysis with Grafana Loki
- Adding remaining servers via WireGuard Mesh VPN
- Adding another Jail for Uptime-Kuma
#monitoring #freebsd #grafana #loki #linux #devops #jails #bastille #zfs
Stefano Marinelli
boosted
Serving a simple website from a Jail with Bastille
A great article by @jhx for the BSD Cafe Journal!
https://journal.bsd.cafe/2025/08/13/serving-a-simple-website-from-a-jail-with-bastille/
#FreeBSD#RunBSD#BastilleBSD#Bastille#IT#SysAdmin#BSDCafeJournal
⁂ Article
Serving a simple website from a Jail with Bastille
In this short little howto we will be setting up a simple Jail via Bastille and host a static website.
Beware: The article assumes that sudo is configured. You can of course also use doas or switch to root, if you so desire. Some commands need root rights to work – keep that in mind as you go along!
First, we need to install Bastille itself.
$ sudo pkg install -y bastille
After installing, we enable the bastille service.
$ sudo sysrc bastille_enable=YES
And finally we start it.
$ sudo […]
Stefano Marinelli
boosted
alcinnz
and 1 other
boosted
Stefano Marinelli
boosted
Bastille was born in frustration:
Too many broken tools.
Too much bloat.
FreeBSD deserved better.
So I built it.
Now it powers projects I never imagined.
Bastille was born in frustration:
Too many broken tools.
Too much bloat.
FreeBSD deserved better.
So I built it.
Now it powers projects I never imagined.
Stefano Marinelli
boosted
Bastille, like so many other projects, was built from a place of frustration:
✅ I wanted automation.
✅ I wanted control.
✅ I wanted to leverage in FreeBSD.
I'm glad so many of you tend to agree.
Bastille, like so many other projects, was built from a place of frustration:
✅ I wanted automation.
✅ I wanted control.
✅ I wanted to leverage in FreeBSD.
I'm glad so many of you tend to agree.