FreeBSD Manual Pages
bastille.conf(5) File Formats Manual bastille.conf(5) NAME bastille.conf -- Configuration file for Bastille DESCRIPTION Bastille has most options preconfigured with sane defaults. These can be adjusted to fit your environment. The config file also has the de- fault options documented, but the following will outline what the pur- pose is of each one. DEFAULT PATHS bastille_prefix This is the main Bastille prefix. All Bastille directories, ex- cluding 'bastille_logsdir' will start with this prefix. If zfs is enabled, this will become the mount point of the zfs dataset. The following directories, excluding 'bastille_logsdir' will be prefixed by 'bastille_prefix'. If zfs is enabled, they will inherit the mount point of 'bastille_prefix'. bastille_backupsdir Bastille will store backups and exports here. bastille_cachedir Bastille will store cache here. bastille_jailsdir Bastille will store jails here. bastille_releasesdir Bastille will store releases here. bastille_templatesdir Bastille will store templates here. bastille_logsdir Bastille will store jail console logs here. FIREWALL bastille_pf_conf Path to the pf firewall configuration file. SUB-COMMANDS PATH bastille_sharedir This is the path where Bastille expects sub-commands to live at. BOOTSTRAP bastille_bootstrap_archives This is a whitespace-separated list of distribution sets to fetch when bootstrapping a legacy (non-pkgbase) release. bastille_pkgbase_packages This is a whitespace-separated list of package sets to install when bootstrapping a release using PkgBase. bastille_url_freebsd Url from which to fetch legacy distributions sets when boot- strapping a FreeBSD release. bastille_url_hardenedbsd Url from which to fetch legacy distributions sets when boot- strapping a HardenedBSD release. bastille_url_midnightbsd Url from which to fetch legacy distributions sets when boot- strapping a MidnightBSD release. TIMEZONE bastille_tzdata Set the timezone to apply to newly created jails. RESOLV.CONF This file is copied into newly created jails to allow them to reach DNS. ZFS bastille_zfs_enable Whether to enable or disable zfs support. bastille_zfs_zpool Which zpool to use when zfs is enabled. bastille_zfs_prefix Which dataset to use when zfs is enabled. Do not include the zpool here. bastille_zfs_options Zfs options to use when creating any and all datasets for any and all supported actions. EXPORT/IMPORT bastille_compress_xz_options xz specific compress options. bastille_decompress_xz_options xz specific de-compress options. bastille_compress_gz_options gz specific compress options. bastille_decompress_gz_options gz specific de-compress options. bastille_compress_zst_options zst specific compress options. bastille_decompress_zst_options zst specific de-compress options. bastille_export_options Any flags supported by the 'export' command can be defined here to make it slightly more convenient. NETWORKING bastille_network_vnet_type Control whether to use the default 'if_bridge' mode or Net- graph. bastille_network_loopback Set the loopback interface name. bastille_network_shared Set the shared interface name. bastille_network_pf_ext_if Set the external interface for the 'pf' firewall rules. bastille_network_pf_table Set the name of the default table used for NAT jails. bastille_network_gateway Specify a default gateway. bastille_network_gateway6 Specify a defalut Ipv6 gateway. TEMPLATES bastille_template_base The default template that is applied to all jails. bastille_template_empty The default template that is applied to empty jails. bastille_template_thick The default template that is appled to thick jails. bastille_template_clone The default template that is appled to clone jails. bastille_template_thin The default template that is appled to thin jails. bastille_template_vnet The default template that is appled to vnet jails. bastille_template_vlan The default template that is appled to vnet+vlan jails. MONITORING Cron file for automatic monitoring entry. Actual cron entry. The default is to check every 5 minutes. Log storage. This is the monitoring module option. Set to 'healthchecks.io' or 'uptimekuma'. This is the FQDN for optional alerting services. Currently supports 'healthchecks.io' and 'uptimekuma'. SEE ALSO bastille-bootstrap(8), bastille-clone(8), bastille-cmd(8), bastille-config(8), bastille-console(8), bastille-convert(8), bastille-cp(8), bastille-create(8), bastille-destroy(8), bastille-edit(8), bastille-etcupdate(8), bastille-export(8), bastille-htop(8), bastille-import(8), bastille-jcp(8), bastille-limits(8), bastille-list(8), bastille-migrate(8), bastille-mount(8), bastille-network(8), bastille-pkg(8), bastille-rcp(8), bastille-rdr(8), bastille-rename(8), bastille-restart(8), bastille-service(8), bastille-setup(8), bastille-start(8), bastille-stop(8), bastille-sysrc(8), bastille-tags(8), bastille-template(8), bastille-top(8), bastille-umount(8), bastille-update(8), bastille-upgrade(8), bastille-verify(8), bastille-zfs(8) FreeBSD ports 15.quarterly December 6, 2025 bastille.conf(5)
NAME | DESCRIPTION | DEFAULT PATHS | FIREWALL | SUB-COMMANDS PATH | BOOTSTRAP | TIMEZONE | RESOLV.CONF | ZFS | EXPORT/IMPORT | NETWORKING | TEMPLATES | SEE ALSO
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=bastille.conf&sektion=5&manpath=FreeBSD+Ports+15.1.quarterly>