History

Bastille has evolved over the years from a small collection of personal shell scripts into a secure container automation toolkit used on hardware ranging from the Raspberry Pi to “The Cloud”.

The early shell scripts evolved into a proof of concept in 2018 which evolved into what we use today.

Many of the automation concepts in Bastille come from lessons learned as a SaltStack contributor and package maintainer since 2011.

Bastille integrates security concepts taken from real-world experience as the Architect of HubbleStack in 2015, (which formed the initial engine for SaltStack SecOps).

Combining these security and automation best practices with FreeBSD’s production tested container solution and you have Bastille.

Fast-forward to today and Bastille has seen improvements from open-source contributors around the world, making it more robust, more mature and better able to handle a wide range of use cases.

To everyone that has contributed to Bastille, thank you!

January 15, 2021 Bug Fix

New Year 2021 Bug Fix (0.8.20210115)

Jan 15, 2021 – Present

This release addresses a few minor issues discovered in the New Year 2021 version.

Bastille 0.8.20210115 improves the dynamic port redirection and empty (experimental) container support..

Note: there is also a change to the bastille.conf in this release.

See the full release notes for details.

January 01, 2021

New Year 2021! (0.8.20210101)

Jan 1, 2021 – Jan 15, 2021

I figured we should start out 2021 with a brand new Bastille release. Happy New Year!

This release increments the version number from 0.7.x to 0.8.x

Note: there is also a change to the bastille.conf in this release.

Bastille 0.8.20210101 brings a number of improvements, bug-fixes and new features.

See the full release notes for details.

July 14, 2020

Bastille Day 2020 (0.7.20200714)

Jul 14, 2020 – Jan 1, 2021

This release matures the project from 0.6.x -> 0.7.x. Continued testing and bug fixes are proving Bastille capable for a range of use-cases. New (experimental) features are examples of innovation from community contribution and feedback. Thank you.

See the full release notes for details.

April 14, 2020

Quarantine 2020: Fixes (0.6.20200414)

Apr 14, 2020 – Jul 14, 2020

Thank you to everyone that submitted bug reports and/or fixes to this release. Your support has been amazing.

Primarily a bug-fix release addressing reported issues.

See the full release notes for details.

April 12, 2020

Quarantine 2020 (0.6.20200412)

Apr 12, 2020 – Apr 14, 2020

Bastille 0.6.20200412 release is dedicated to everyone around the world quarantined by the COVID-19 pandemic.

See the full release notes for details.

February 02, 2020

Groundhog Day (0.6.20200202)

Feb 2, 2020 – Apr 12, 2020

Bastille 0.6.20200202 is easily the biggest update we’ve ever had and it’s all thanks to the generous FreeBSD community. Your contributions have been amazing! I am sincerely thankful.

See the full release notes for details.

November 28, 2019

Thanksgiving 2019 (0.5.20191128)

Nov 28, 2019 – Feb 2, 2020

CHANGELOG: This is a minor bug-fix release that improves the reliability of containers when using loopback-based networking. It also adds some safeguards against invalid network configurations and other minor cosmetic improvements.

November 25, 2019

Captain Jack (0.5.20191125)

Nov 25, 2019 – Nov 28, 2019

Features:

standalone “thick” containers now available (create -T|--thick ...)
Bastille Templates: now tested with GitLab CI/CD
Bastille Documentation has been updated and extended
bootstrap now supports optional update command to auto-patch release
Network config validation added to avoid disconnected containers

Fixes:

#49
#50
#53
#54
container target matching improved

October 25, 2019

Halcyon Days (0.4.20191025)

Oct 25, 2019 – Nov 25, 2019

Features:

Added support for FreeBSD 11.3-RELEASE, 12.1-RC1, 12.1-RC2 and 12.1-RELEASE.
Added option to assign network interface during container creation, if empty bastille obeys config file.
Added NIC validation.
Improved IP validation.
Added ability to destroy regex-matching base releases, cache content not affected.
Added validation for the ZFS parameters.

Fixes:

Fix for container and releases output listing.
Fix for prevent double distfile.txz file extraction on bootstrap.
Fix for missing subsequent directory creation for cache/*-RELEASE.
Fix for missing subsequent directory creation for releases/*-RELEASE.
Fix for chflags removal and container/release directory deletion if exist.
Minor code fixes.

July 14, 2019

Bastille Day (0.3.20190714)

Jul 14, 2019 – Oct 25, 2019

Happy Bastille Day! (Of course we had a release to celebrate)

Features:

[email protected] syntax now (optionally) supported during bastille create.
template system now supports INCLUDE and SERVICE.
/usr/local/bastille now 0750 to avoid unprivileged users from accessing Bastille files, container, releases, etc.
template hook CONFIG renamed to OVERLAY.
support for listing container(s), template(s), log(s), release(s).
only reload firewall on start/stop if loopback networking used.
ZFS sub-command additions of get|set|snapshot.

June 22, 2019

Support ZFS! (0.3.2019062202)

Jun 22, 2019 – Jul 14, 2019

Fixes:

fixes bootstrap regression in non-zfs installs
makes cp sub-command verbose (cp -av)
adds support for cloning templates from GitLab
code cleanup and formatting service sub-command added for managing services within container
verify sub-command documented properly