ansible-role-bastille

An ansible role that helps configure a server as a BastilleBSD host for running containers (jails based) in FreeBSD.

This is a work in progress ansible role. At the moment assuming local interface for networking. Use it at your own risk.

Install this role

Simply run ansible-galaxy install yaazkal.bastille on your machine. Then integrate the role on your own playbook (see the example below).

Requirements

• FreeBSD 11.4, 12.2 or 13.0
• Python installed (3.7 recommended).
• ca_root_nss is also recommended specially on FreeBSD 11.4 in order to not fail when installing custom Bastille version from github tag.

Role variables

This are the role variables and its defaults, set them at your host_vars or host definition as you want it (see example).

Dependencies

None.

Example Playbook

A playbook can look like this:

# File name: bastille_provision.yml
- name: "Initial configuration of the system"
  hosts: bastille
  roles:
    - yaazkal.bastille

An inventory file can look like this (this example overrides all default variables):

# File name: hosts.yml
bastille:
  hosts:
    example.com:
      ansible_user: root
      bastille_version: "0.9.20210714"
      bastille_timezone: "America/Bogota"
      bastille_zfs_enable: "YES"
      bastille_zfs_zpool: "zroot"
      bastille_ext_if: "vtnet0"
      bastille_releases:
        - 13.0-RELEASE
        - 12.2-RELEASE
      bastille_templates:
        - https://gitlab.com/bastillebsd-templates/nginx
        - https://github.com/yaazkal/bastille-postgres
      bastille_jails:
        - name: defaultjail
          release: 13.0-RELEASE
          ip: 10.17.89.1
          templates:
            - "bastillebsd-templates/nginx"
        - name: thickjail
          release: 13.0-RELEASE
          ip: 10.17.89.2
          options: -T

Then you can run:

ansible-playbook -i hosts.yml bastille_provision.yml

License

BSD 3 clause. See LICENSE file.

Author Information

@yaazkal - Juan David Hurtado G.