dtxdf / appjail Goto Github PK
View Code? Open in Web Editor NEWSimple and easy-to-use tool for creating portable jails.
Home Page: https://appjail.readthedocs.io
License: BSD 3-Clause "New" or "Revised" License
Simple and easy-to-use tool for creating portable jails.
Home Page: https://appjail.readthedocs.io
License: BSD 3-Clause "New" or "Revised" License
I just saw this port. I'm am (was?) in the process of writing a slim script helper to use for jails. In my case, I'm using nomad with raw_exec to orchestrate jails across a cluster of machines.
At first glance, this looks awesome and seems like it supersede my need to write my own script. One thing I haven't seen yet though, that I do use, is PkgBase instead of distribution archives for the jail world. PkgBase lets me create slimmer jails and also gives me an easier option to reduce surface area on the jail.
Did I miss PkgBase or is that something that still needs to be implemented? I haven't looked at the sources yet, but if I can help, I'd be happy to do so.
it appears installing AppJail does not install doas, which seems to be a dependency.
[bruno@proliant21 ~]$ appjail -h
[00:00:00] [ error ] doas: program not found.
[bruno@proliant21 ~]$ uname -a
FreeBSD proliant21.bschwand.net 14.0-RELEASE-p5 FreeBSD 14.0-RELEASE-p5 #0: Tue Feb 13 23:37:36 UTC 2024
[bruno@proliant21 ~]$ pkg info appjail
appjail-3.0.0
Name : appjail
Version : 3.0.0
Installed on : Wed Feb 14 16:51:47 2024 CET
Origin : sysutils/appjail
Architecture : FreeBSD:14:amd64
Prefix : /usr/local
Categories : sysutils
Licenses : BSD3CLAUSE
Maintainer : [email protected]
WWW : https://github.com/DtxdF/AppJail/
Comment : Simple and easy-to-use tool for creating portable jails
Options :
DEBOOTSTRAP : off
DOAS : off
DOCS : on
GIT : off
Annotations :
FreeBSD_version: 1400097
build_timestamp: 2024-01-09T04:13:30+0000
built_by : poudriere-git-3.4.0
port_checkout_unclean: no
port_git_hash : 756e18783
ports_top_checkout_unclean: no
ports_top_git_hash: 756e18783
repo_type : binary
repository : FreeBSD
Flat size : 1.07MiB
When trying to use the INCLUDE statement in a Makejail file, an error is thrown suggesting that the file does not exist or could not be read. This occurs even when the file exists, is in the correct relative location, and is readable.
INCLUDE options/network.makejail
INCLUDE gh+AppJail-makejails/nginx
COPY usr
SERVICE nginx reload
options/network.makejail
with the following content:OPTION overwrite
appjail makejail -f Makejail -j test
The INCLUDE statement should correctly include and process the specified file.
The program throws an error indicating that the file specified in the INCLUDE statement does not exist or cannot be read.
[00:00:00] [ info ] [test] Building test ...
[00:00:00] [ debug ] [test] Main Makejail: Makejail
[00:00:00] [ debug ] [test] Using method:file (args:Makejail) from Makejail.
[00:00:00] [ debug ] [test] Including /root/makejails/Makejail ...
. from options/network.makejailng method:file (args:options/network.makejail
file does not exist or could not be read.k.makejail
The makejail_include
function in the makejail cmd appears to be responsible for handling the INCLUDE statement. The error might originate from this function.
Please let me know if you need any further information.
Hello,
I don't know if you aware of this or if it's done on purpose but I just wanted to let you know that the documentation isn't downloadable, no pdf or html.
https://readthedocs.org/projects/appjail/downloads/
Though I also noticed you've started to write man pages which is great thank you!
Keep up the good work.
Hi,
I found out about this project from here https://wiki.freebsd.org/Containers , while was searching for a possible "low level container runtime" for FreeBSD, that would be at the same time OCI compatible, so it would work with different "high level container runtimes" like "containerd" or "CRI-o".
As far as i have understood from this project, it is an "low level container runtime"?
Is there any plans on making this utility to support "OCI"/high level "container runtimes"?
Thanks
buckbucks% appjail makejail -f gh+AppJail-makejails/badwolf -j badwolf1 \ /usr/src
-o virtualnet="ajnet:badwolf default"
-o nat
-o copydir=/tmp/files
-o file=/etc/rc.conf
-o x11 \
[00:00:00] [ info ] [badwolf1] Building ...
[00:00:00] [ debug ] [badwolf1] Main Makejail: gh+AppJail-makejails/badwolf
[00:00:01] [ debug ] [badwolf1] Using method:github (args:AppJail-makejails/badwolf) from gh+AppJail-makejails/badwolf.
[00:00:01] [ debug ] [badwolf1] Using global cache directory (git): /usr/local/appjail/cache/git
[00:00:01] [ debug ] [badwolf1] Updating /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072 ...
[00:00:01] [ debug ] [badwolf1] Including /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail ...
[00:00:01] [ debug ] [badwolf1] Using method:file (args:options/options.makejail) from options/options.makejail.
[00:00:01] [ debug ] [badwolf1] Including /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options/options.makejail ...
[00:00:02] [ debug ] [badwolf1] Makejail generated:
[00:00:02] [ debug ] [badwolf1] RAW cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail
[00:00:02] [ debug ] [badwolf1] RAW cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options/options.makejail
[00:00:02] [ debug ] [badwolf1] OPTION resolv_conf
[00:00:02] [ debug ] [badwolf1] OPTION tzdata
[00:00:02] [ debug ] [badwolf1] OPTION overwrite=force
[00:00:02] [ debug ] [badwolf1] OPTION start
[00:00:02] [ debug ] [badwolf1] RAW cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail
[00:00:02] [ debug ] [badwolf1] ARG badwolf_tag=13.3
[00:00:02] [ debug ] [badwolf1] FROM --entrypoint gh+AppJail-makejails/badwolf badwolf:${badwolf_tag}
[00:00:02] [ debug ] [badwolf1] CMD pw useradd -n badwolf -c "Minimalist and privacy-oriented WebKitGTK+ browser" -d /home/badwolf -s /bin/sh
[00:00:02] [ debug ] [badwolf1] CMD mkdir -p /home/badwolf/.local/share/badwolf/webkit-web-extension
[00:00:02] [ debug ] [badwolf1] CMD mkdir -p /home/badwolf/.config/badwolf
[00:00:02] [ debug ] [badwolf1] CMD chown -R badwolf:badwolf /home/badwolf
[00:00:02] [ debug ] [badwolf1] COPY usr
[00:00:02] [ debug ] [badwolf1] STOP
[00:00:02] [ debug ] [badwolf1] STAGE custom:badwolf_open
[00:00:02] [ debug ] [badwolf1] ENV DISPLAY=:0
[00:00:02] [ debug ] [badwolf1] USER badwolf
[00:00:02] [ debug ] [badwolf1] RUN badwolf.sh
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/RAW (args:cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/RAW (args:cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options/options.makejail)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/OPTION (args:resolv_conf)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/OPTION (args:tzdata)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/OPTION (args:overwrite=force)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/OPTION (args:start)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/RAW (args:cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail)
[00:00:02] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/ARG (args:badwolf_tag=13.3)
[00:00:03] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/FROM (args:--entrypoint gh+AppJail-makejails/badwolf badwolf:${badwolf_tag})
[00:00:03] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/CMD (args:pw useradd -n badwolf -c "Minimalist and privacy-oriented WebKitGTK+ browser" -d /home/badwolf -s /bin/sh)
[00:00:03] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/CMD (args:mkdir -p /home/badwolf/.local/share/badwolf/webkit-web-extension)
[00:00:03] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/CMD (args:mkdir -p /home/badwolf/.config/badwolf)
[00:00:03] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/CMD (args:chown -R badwolf:badwolf /home/badwolf)
[00:00:04] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/COPY (args:usr)
[00:00:04] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/build/STOP (args:)
[00:00:04] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/ENV (args:DISPLAY=:0)
[00:00:04] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/USER (args:badwolf)
[00:00:04] [ debug ] [badwolf1] Running makejail command (cmd): /usr/local/share/appjail/makejail/cmd/all/RUN (args:badwolf.sh)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/ARG (input:/usr/local/appjail/cache/tmp/.appjail/appjail.ZIY2LP6IPL)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/build/FROM (input:/usr/local/appjail/cache/tmp/.appjail/appjail.k8HQvrHx6o)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/build/OPTION (input:/usr/local/appjail/cache/tmp/.appjail/appjail.446F8Cgkh7)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/RAW (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/0.RAW)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/RAW (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/1.RAW)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/RAW (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/6.RAW)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/CMD (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/9.CMD)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/CMD (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/10.CMD)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/CMD (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/11.CMD)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/CMD (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/12.CMD)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/all/COPY (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/13.COPY)
[00:00:05] [ debug ] [badwolf1] Running makejail command (write): /usr/local/share/appjail/makejail/write/build/STOP (input:/usr/local/appjail/cache/tmp/.appjail/appjail.FLvI6quf1Y/stages/build/14.STOP)
[00:00:05] [ debug ] [badwolf1] Buildscript generated:
[00:00:05] [ debug ] [badwolf1] set -T
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] . "${APPJAIL_CONFIG}"
[00:00:05] [ debug ] [badwolf1] . "${LIBDIR}/load"
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] lib_load "${LIBDIR}/sysexits"
[00:00:05] [ debug ] [badwolf1] lib_load "${LIBDIR}/atexit"
[00:00:05] [ debug ] [badwolf1] lib_load "${LIBDIR}/log"
[00:00:05] [ debug ] [badwolf1] lib_load "${LIBDIR}/check_func"
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] lib_atexit_init
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] trap '' SIGINT
[00:00:05] [ debug ] [badwolf1] set -e
[00:00:05] [ debug ] [badwolf1] badwolf_tag="13.3"
[00:00:05] [ debug ] [badwolf1] lib_load "${LIBDIR}/check_func"
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] while [ $# -gt 0 ]; do
[00:00:05] [ debug ] [badwolf1] case "$1" in
[00:00:05] [ debug ] [badwolf1] --badwolf_tag)
[00:00:05] [ debug ] [badwolf1] badwolf_tag="$2"; shift
[00:00:05] [ debug ] [badwolf1] ;;
[00:00:05] [ debug ] [badwolf1] --)
[00:00:05] [ debug ] [badwolf1] shift
[00:00:05] [ debug ] [badwolf1] break
[00:00:05] [ debug ] [badwolf1] ;;
[00:00:05] [ debug ] [badwolf1] --)
[00:00:05] [ debug ] [badwolf1] lib_err ${EX_USAGE} -- "$1: Invalid option."
[00:00:05] [ debug ] [badwolf1] ;;
[00:00:05] [ debug ] [badwolf1] )
[00:00:05] [ debug ] [badwolf1] break
[00:00:05] [ debug ] [badwolf1] ;;
[00:00:05] [ debug ] [badwolf1] esac
[00:00:05] [ debug ] [badwolf1]
[00:00:05] [ debug ] [badwolf1] shift
[00:00:05] [ debug ] [badwolf1] done
[00:00:05] [ debug ] [badwolf1] if lib_check_empty "$badwolf_tag"; then
[00:00:05] [ debug ] [badwolf1] lib_err ${EX_DATAERR} "option requires an argument -- badwolf_tag"
[00:00:05] [ debug ] [badwolf1] fi
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" image import -a "amd64" -N .ajspec -n "badwolf" -t "${badwolf_tag}" -- "gh+AppJail-makejails/badwolf"
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" image jail -a "amd64" -i "badwolf" -t "${badwolf_tag}" -- "${APPJAIL_JAILNAME}" "resolv_conf" "tzdata" "overwrite=force" "start" "virtualnet=ajnet:badwolf default" "nat" "copydir=/tmp/files" "file=/etc/rc.conf" "x11"
[00:00:05] [ debug ] [badwolf1] cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail
[00:00:05] [ debug ] [badwolf1] cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/options/options.makejail
[00:00:05] [ debug ] [badwolf1] cd -- "/usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072" # Makejail: /usr/local/appjail/cache/git/064c3e3f57c6b08e7a2892ed7cc20a5f8bd0aacfd20e04923099afe576a7c072/Makejail
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" cmd jexec "${APPJAIL_JAILNAME}" env "badwolf_tag=${badwolf_tag}" sh -c "pw useradd -n badwolf -c "Minimalist and privacy-oriented WebKitGTK+ browser" -d /home/badwolf -s /bin/sh"
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" cmd jexec "${APPJAIL_JAILNAME}" env "badwolf_tag=${badwolf_tag}" sh -c "mkdir -p /home/badwolf/.local/share/badwolf/webkit-web-extension"
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" cmd jexec "${APPJAIL_JAILNAME}" env "badwolf_tag=${badwolf_tag}" sh -c "mkdir -p /home/badwolf/.config/badwolf"
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" cmd jexec "${APPJAIL_JAILNAME}" env "badwolf_tag=${badwolf_tag}" sh -c "chown -R badwolf:badwolf /home/badwolf"
[00:00:05] [ debug ] [badwolf1] cp -a -- "usr" "${APPJAIL_JAILDIR}/"
[00:00:05] [ debug ] [badwolf1] "${APPJAIL_SCRIPT}" stop -- "${APPJAIL_JAILNAME}"
[00:00:06] [ debug ] [badwolf1] Cloning https://github.com/AppJail-makejails/badwolf as /usr/local/appjail/cache/tmp/.appjail/appjail.N2sXFepwFz ...
[00:00:06] [ info ] [badwolf] badwolf (arch:amd64, tag:13.3): already up to date.
[00:00:07] [ debug ] [badwolf1] quick parameters: import+root="input:/usr/local/appjail/cache/images/badwolf/13.3-amd64-image.appjail" portable resolv_conf tzdata overwrite=force start virtualnet=ajnet:badwolf default nat copydir=/tmp/files file=/etc/rc.conf x11
[00:00:07] [ warn ] [badwolf1] Trying to remove badwolf1 ...
[00:00:07] [ warn ] [badwolf1] badwolf1 is not running.
[00:00:07] [ debug ] [badwolf1] Destroy flags:
[00:00:08] [ debug ] [badwolf1] Removing badwolf1
jail...
[00:00:08] [ debug ] [badwolf1] Using zfs-destroy(8) ...
[00:00:09] [ debug ] [badwolf1] Removing files...
[00:00:09] [ debug ] [badwolf1] badwolf1 was removed.
[00:00:09] [ info ] [badwolf1] Creating an empty jail ...
[00:00:09] [ info ] [badwolf1] Importing /usr/local/appjail/cache/images/badwolf/13.3-amd64-image.appjail as badwolf1 ...
[00:00:28] [ info ] [badwolf1] Done.
[00:00:28] [ debug ] [badwolf1] Adding files ("/etc/rc.conf") to the list of files to copy ...
[00:00:28] [ debug ] [badwolf1] (1/1): Checking /etc/rc.conf ...
[00:00:28] [ debug ] [badwolf1] (1/1): Copying etc/rc.conf ...
[00:00:28] [ debug ] [badwolf1] Copying /etc/localtime as /usr/local/appjail/jails/badwolf1/jail/etc/localtime
[00:00:28] [ debug ] [badwolf1] Copying /usr/local/etc/appjail/resolv.conf as /usr/local/appjail/jails/badwolf1/jail/etc/resolv.conf
[00:00:28] [ debug ] [badwolf1] Reserving an IPv4 address for badwolf1 in ajnet ...
[00:00:29] [ debug ] [badwolf1] VNET Interface:e[ab]_badwolf Description:
[00:00:29] [ debug ] [badwolf1] ajnet is the default router.
[00:00:29] [ debug ] [badwolf1] Creating NAT rules ...
[00:00:29] [ debug ] [badwolf1] Setting NAT rule: network:ajnet ext_if:wlan0 logopts:0 () on_if:wlan0
[00:00:30] [ error ] [badwolf1] The nat command requires appjail-nat/jail/ and appjail-nat/network/ anchors to work.
buckbucks%
I have the anchors in my pf.conf:
buckbucks% cat /etc/pf.conf /usr/src
nat-anchor "appjail-nat/jail/"
nat-anchor "appjail-nat/network/"
rdr-anchor "appjail-rdr/*"
anchor "appjail-nat/jail/"
anchor "appjail-nat/network/"
anchor "appjail-rdr/*"
buckbucks% /usr/src
buckbucks%
pf is running i dont know why i keep getting the errors.
Just created a server on my Hetzner server located at Germany. I self built the kernel to enable bbr and it's now on 14.0-RELEASE-p6.
cpu ARM64
ident HETZNER-CAX
include "std.arm64"
include "std.dev"
# TCP BBR
options TCPHPTS
options RATELIMIT
makeoptions WITH_EXTRA_TCP_STACKS=1
# Include SoC specific configuration
include "std.arm"
include "std.virt"
I followed your document and set pf, virtual networks and dns up, then I create a jail with appjail quick packager virtualnet=":packager"
(nat is enabled on the virtualnet), but when I download ports using gitup I notice extremely slow network speed.
Here's the result if I fetch a 10gb test file outside of jail:
root@fsn00:~ # fetch https://fsn1-speed.hetzner.com/10GB.bin
10GB.bin 19% of 10 GB 408 MBps 20s^C
fetch: transfer interrupted
And here's the result inside the jail:
root@packager:~ # fetch https://fsn1-speed.hetzner.com/10GB.bin
10GB.bin 0% of 10 GB 249 kBps 11h15m^C
fetch: transfer interrupted
It's 1500x times slower.
I'm new to FreeBSD, so I'm not sure where to start with debugging and digging useful information. If there are some specific details required, please inform me, and I will provide them as promptly as possible.
Hello.
I used a modified version of https://github.com/AppJail-makejails/alpine-linux to deploy alpine linux onto my arm64 machine. Things working great but I cannot access other jail in the same virtual network due to alias, but the application I deployed on the linux jail depend on postgresql which is running on a FreeBSD jail.
I tried to combine alias with multiple virtual network but the jail refuse to start, bridge also seems not working on Linux jail either. I tried lots of combination but no one work.
So is there a way make Linux jail using alias communicate with other jails in the same virtual network? Or we still need more develop to achieve that? Or it's even impossible?
Hi,
I installed appjail
(not the devel package) through pkg on FBSD 13.2 and noticed it comes with a README.md
but no manual page.
Do you plan to add man pages in the future release ?
It will be more convenient to read and study, while I appreciate what you've done already with the README.md
, one big file is not as comfortable as few man pages are, though multiple examples you've put are well explained it's nice to have them.
I am aware of the amount of work you've already done, I just wanted to say thank you for the item in your todo
list related to ipfw
, you are right this one need love too.
Anyway congrats for appjail
it looks like a great tool to play with, keep up the good work sir :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.