History

Bastille has evolved over the years from a small collection of personal shell scripts into a secure container automation toolkit used on hardware ranging from the tiny Raspberry Pi to powerful servers in the Data Center and Cloud.

The early scripts were informed by concepts used in ezjail and iocage, both FreeBSD innovations during their time. Bastille would not exist if it were not for those that came before. Thank you.

Many of the automation concepts in Bastille come from lessons learned over a decade as a SaltStack contributor and FreeBSDs sysutils/py-salt package maintainer (now retired).

These automation concepts evolved into the Bastillefile template system and then into our sister project, Rocinante in 2021.

Bastille integrates security concepts taken from real-world experience and industry best practices.

Combining these security and automation best practices with FreeBSD’s production tested solution and you have Bastille.

Over the past six years Bastille has seen improvements from open-source contributors around the world, making it more robust, more mature and better able to handle a wide range of use cases.

To everyone that has contributed to Bastille, thank you!

CONTRIBUTORS

Lead

Christer Edwards

GitHub Contributors (alphabetical order)

Andreas Diem
Andrew Stevenson
Barry McCormick
Brian Downs
Carsten Bäcker
Chris Wells
Chuck Tuffli
Daniel Ziltener
Dave Cottlehuber
Denis Shaposhnikov
Egor Kuzmichev
Eric Borisch
Eric Hodel
Fabian Peters
Florian Gattermeier
Giacomo Olgeni
Gleb Popov
Götz Salzmann
Jan-Piet Mens
Jason Tubnor
Jose Rivera
Juan David Hurtado G.
Julien Dessaux
Kevet Duncombe
Lars E.
Logan Ellis
Lucas Holt
Marius van Witzenburg
Matt Audesse
Michal Procházka
Niketh Murali
Nikos Chondros
Pat Maddox
Paul C.
Petru T. Garstea
Phil Krylov
Rob Arnold
Robert Gogolok
Romain Tartière
Stefano Marinelli
Sven R.
Théo Bertin
Tobias Tom
and many more!

Special thanks

Software doesn’t happen in a vacuum. Thank you to the following people who may not be found in the commit history but have influenced Bastille’s development in some way.

Carlos Meza
Casandra Woodcox
Clint Savage
G. Clifford Williams
Jack Thomasson
Jun C Park
Justin Desilets
Larry Raab
Nate Taylor
Peter Czanik
Ryan Simpkins
Tim Gelter
Trevor Sharpe

Locations

Bastille has seen contributions from the following places (locations are self-reported):

Amboy, Washington (US)
Austria (AT)
Belgium - Tienen (BE)
Berlin, Germany (DE)
California (US)
Cologne, Germany (DE)
Czech Republic; Olomoucký kraj (CZ)
España (ES)
Faa‘a, Tahiti, French Polynesia (PF)
Ferrara, Italy (IT)
Germany (DE)
Heidelberg (DE)
Lyon, France (FR)
Maine (US)
Medellín, Colombia (CO)
Montreal (CA)
Moscow, Russia (RU)
Phoenix, AZ (US)
Prague (CZ)
Puerto Rico (PR)
Rochester, MN (US)
Russia (RU)
Sacramento, CA (US)
Seattle, WA (US)
Siegburg, Germany (DE)
South Germany (DE)
Switzerland (CH)
The Netherlands (NL)
Utah (US)
Vancouver, WA (US)
Victoria, Australia (AU)
Vienna, Austria (AT)
Viterbo, Italy (IT)
Ypslianti, MI (US)

November 25, 2023

Thanksgiving 2023 (0.10.20231125)

Nov 25, 2023 – Present

Bastille 0.10.20231125 includes improvements for bootstrapping BETA, RC and EOL releases. Additionally, a new bastille_rcorder startup option, a new rcp (reverse-copy) subcommand, bastille setup improvements, and more!

See the full release notes for details.

October 13, 2023

Worth The Wait (0.10.20231013)

Oct 13, 2023 – Nov 25, 2023

Bastille 0.10.20231013 includes long overdue improvements to networking with dual-stack ip4/ip6 support, a new bastille setup command, enhanced Linux support with Debian “bookworm” and Ubuntu “jammy”, bastille tags and more!

See the full release notes for details.

July 14, 2022

Fete Nationale 2022 (0.9.20220714)

Jul 14, 2022 – Oct 13, 2023

Bastille 0.9.20220714 includes fixes for VNET, bootstrap logic, documentation and more!

See the full release notes for details.

February 16, 2022

Random Release (0.9.20220216)

Feb 16, 2022 – Jul 14, 2022

Bastille 0.9.20220216 includes fixes for VNET, fixes for iocage imports and more.

See the full release notes for details.

December 25, 2021

Happy Holidays 2021 (0.9.20211225)

Dec 25, 2021 – Feb 16, 2022

This release includes code from seven new contributors. Thank you!.

Bastille 0.9.20211225 includes support for Ubuntu 18.04 and 20.04 plus Debian 9, 10 and 11. We made improvements to the template validation, CMD now returns exit codes, VNET improvements, updates to PKG and more!

See the full release notes for details.

July 14, 2021

Bastille Day 2021 (0.9.20210714)

Jul 14, 2021 – Dec 25, 2021

This release adds a few exciting new features as well as patching a number of reported bugs.

Bastille 0.9.20210714 includes (experimental) support for Ubuntu-based containers, improvements to the import/export commands and an improved bastille list -a output.

See the full release notes for details.

January 15, 2021

New Year 2021 Bug Fix (0.8.20210115)

Jan 15, 2021 – Jul 14, 2021

This release addresses a few minor issues discovered in the New Year 2021 version.

Bastille 0.8.20210115 improves the dynamic port redirection and empty (experimental) container support..

Note: there is also a change to the bastille.conf in this release.

See the full release notes for details.

January 01, 2021

New Year 2021! (0.8.20210101)

Jan 1, 2021 – Jan 15, 2021

I figured we should start out 2021 with a brand new Bastille release. Happy New Year!

This release increments the version number from 0.7.x to 0.8.x

Note: there is also a change to the bastille.conf in this release.

Bastille 0.8.20210101 brings a number of improvements, bug-fixes and new features.

See the full release notes for details.

July 14, 2020

Bastille Day 2020 (0.7.20200714)

Jul 14, 2020 – Jan 1, 2021

This release matures the project from 0.6.x -> 0.7.x. Continued testing and bug fixes are proving Bastille capable for a range of use-cases. New (experimental) features are examples of innovation from community contribution and feedback. Thank you.

See the full release notes for details.

April 14, 2020

Quarantine 2020: Fixes (0.6.20200414)

Apr 14, 2020 – Jul 14, 2020

Thank you to everyone that submitted bug reports and/or fixes to this release. Your support has been amazing.

Primarily a bug-fix release addressing reported issues.

See the full release notes for details.

April 12, 2020

Quarantine 2020 (0.6.20200412)

Apr 12, 2020 – Apr 14, 2020

Bastille 0.6.20200412 release is dedicated to everyone around the world quarantined by the COVID-19 pandemic.

See the full release notes for details.

February 02, 2020

Groundhog Day (0.6.20200202)

Feb 2, 2020 – Apr 12, 2020

Bastille 0.6.20200202 is easily the biggest update we’ve ever had and it’s all thanks to the generous FreeBSD community. Your contributions have been amazing! I am sincerely thankful.

See the full release notes for details.

November 28, 2019

Thanksgiving 2019 (0.5.20191128)

Nov 28, 2019 – Feb 2, 2020

CHANGELOG: This is a minor bug-fix release that improves the reliability of containers when using loopback-based networking. It also adds some safeguards against invalid network configurations and other minor cosmetic improvements.

November 25, 2019

Captain Jack (0.5.20191125)

Nov 25, 2019 – Nov 28, 2019

Features:

standalone “thick” containers now available (create -T|--thick ...)
Bastille Templates: now tested with GitLab CI/CD
Bastille Documentation has been updated and extended
bootstrap now supports optional update command to auto-patch release
Network config validation added to avoid disconnected containers

Fixes:

#49
#50
#53
#54
container target matching improved

October 25, 2019

Halcyon Days (0.4.20191025)

Oct 25, 2019 – Nov 25, 2019

Features:

Added support for FreeBSD 11.3-RELEASE, 12.1-RC1, 12.1-RC2 and 12.1-RELEASE.
Added option to assign network interface during container creation, if empty bastille obeys config file.
Added NIC validation.
Improved IP validation.
Added ability to destroy regex-matching base releases, cache content not affected.
Added validation for the ZFS parameters.

Fixes:

Fix for container and releases output listing.
Fix for prevent double distfile.txz file extraction on bootstrap.
Fix for missing subsequent directory creation for cache/*-RELEASE.
Fix for missing subsequent directory creation for releases/*-RELEASE.
Fix for chflags removal and container/release directory deletion if exist.
Minor code fixes.

July 14, 2019

Bastille Day (0.3.20190714)

Jul 14, 2019 – Oct 25, 2019

Happy Bastille Day! (Of course we had a release to celebrate)

Features:

ip@interface syntax now (optionally) supported during bastille create.
template system now supports INCLUDE and SERVICE.
/usr/local/bastille now 0750 to avoid unprivileged users from accessing Bastille files, container, releases, etc.
template hook CONFIG renamed to OVERLAY.
support for listing container(s), template(s), log(s), release(s).
only reload firewall on start/stop if loopback networking used.
ZFS sub-command additions of get|set|snapshot.

June 22, 2019

Support ZFS! (0.3.2019062202)

Jun 22, 2019 – Jul 14, 2019

Fixes:

fixes bootstrap regression in non-zfs installs
makes cp sub-command verbose (cp -av)
adds support for cloning templates from GitLab
code cleanup and formatting service sub-command added for managing services within container
verify sub-command documented properly