# configuring jails



## laktech (Jun 25, 2022)

hello, i am accustomed to using puppet to configure systems and docker files to configure docker containers. both of these technologies are a source of truth as to how my system and containers should behave. what is the best practice technique for configuring jails for reproducibility and maintenance?

my current setup is very manual. i have various hard-coded pf rules to enable networking into the jails and a text document to help document some of operations that were performed on the jail. it's very manual and i'd like to move away from that. i'm not sure if i should just maintain a bash script per jail or if there is a more mature solution.


----------



## Ole (Jun 25, 2022)

Why don't you want to keep using the puppet to manage jails? This is a very good tool.


----------



## laktech (Jun 26, 2022)

of course, thanks! nice to have validation that this is a sane option!


----------



## hardworkingnewbie (Jun 26, 2022)

I'm using ezjail-admin to administer my jails. Works like a charm.


----------



## laktech (Jul 10, 2022)

ended up going with bastille. used it's templating capability to install and configure puppet. now i have configurable jails. thanks!


----------



## Lamia (Jul 11, 2022)

Hardcore ezjail user here; slowly migrating to cbsd. But for granularity sake, I would keep ezjail, and preferably step into jail.conf, at reach on servers that need getting behind the hood - e.g. networking between jails and vms in bhyve.


----------



## laktech (Jul 12, 2022)

I'm hitting limits of bastille already. rdr configurations are very limited.


----------



## wolffnx (Jul 15, 2022)

hardworkingnewbie said:


> I'm using ezjail-admin to administer my jails. Works like a charm.



same here,over the years works like a charm


----------

