SYNOPSIS
bastille tags [-x] TARGET add|delete tag1,tag2
bastille tags [-x] TARGET list [tag]
DESCRIPTION
The bastille tags sub-command add, remove and list tags for jails.
EXAMPLES
Add 'prod' tag to myjail and yourjail:
# bastille tags 'myjail yourjail' add prod
Show jails with the tag 'web':
# bastille tags ALL list web
I've got a Lenovo M93p Tiny with 16GB RAM and a Haswell Xeon. It's a great little unit that I used to use as my Haiku build box.
I'm thinking about using it as a #Forgejo (and maybe eventually #Codeberg) Actions runner, with a handful of lightweight VMs (Alpine, FreeBSD, NetBSD, OpenBSD, Haiku), each using no more than a gig or two of memory.
Does anyone have any tips on doing this? I'm guessing #Proxmox would be a good start, but I wonder if #FreeBSD with #bhyve and #BastilleBSD might also do a good job.
SYNOPSIS
bastille setup [-ax]
bastille setup [-ax]
bridge|linux|loopback|netgraph|firewall|shared|storage|vnet
DESCRIPTION
The bastille setup sub-command will attempt to configure different options for your environment.
NAME
bastille etcupdate – Update /etc for jail(s).
SYNOPSIS
bastille etcupdate [-fx] bootstrap RELEASE
bastille etcupdate [-dx] TARGET update RELEASE
bastille etcupdate [-x] TARGET diff|resolve
DESCRIPTION
The bastille etcupdate sub-command will bootstrap a tarball from RELEASE which can then be used to update the contents of /etc inside jails after performing an upgrade.
😈 Jailrun is moving fast!
Our open-source project for orchestrating FreeBSD jails has just received a major update.
The latest version brings the kind of modern CLI experience you’d expect in 2026 — interactive shell, command autocomplete, and a polished look and feel.
Check it out 👉 https://github.com/hyphatech/jailrun
Thanks to the @FreeBSDFoundation for supporting the continued development of FreeBSD, and to the maintainers of #bastilleBSD, #ansible, #qemu, and #monit for the wonderful tools.
Testing as an alternative to base jails and BastilleBSD this weekend ✌️
https://sylve.io/guides/advanced-topics/jailing-sylve/
SYNOPSIS
bastille clone [-alx] TARGET NEW_NAME IP
The bastille clone sub-command will create an exact duplicate of the targeted jail, giving it the specified NEW_NAME and IP address.
EXAMPLES
Clone myjail to newjail:
# bastille clone myjail newjail 10.23.3.4/24
Clone myjail to newjail with DHCP (VNET only):
# bastille clone myjail newjail DHCP
Clone myjail to newjail while running, with debug mode:
# bastille clone -xl myjail newjail 10.23.3.4/24
I'm pleased to report that I've just submitted the final capstone paper for my master's degree in cybersecurity!
#cybersecurity #infosec #freebsd #bastillebsd #learning #education
Current task - cloning a prod server to a dev one:
zfs send -vRc zroot/bastille@toSend00 | mbuffer -m 2G | ssh root@VPNIP "zfs receive zroot/bastille"
Done.
The bastille convert sub-command will convert a thin jail to a thick jail if only the TARGET argument is given.
If a TARGET and RELEASE is specified, it will convert the jail into a custom release. The jail will remain intact, and you will have a duplicate of it to use a a release base for any new jails.
EXAMPLES
Convert myjail from thin to thick:
# bastille convert myjail
Create myrelease from myjail:
# bastille convert myjail myrelease
BastilleBSD 
The Last Psion | Alex
Hypha
Ricardo Martín 
Stefano Marinelli