EuroBSDCon 2024

Doing stupid things with FreeBSD jails
09-22, 17:15–18:00 (Europe/Dublin), Stage End

FreeBSD jails arrived on the scene with FreeBSD 4.0 (2000) and Dan Langille has been playing with them since at least FreeBSD 4.1 (also 2000). His first documented usage was creating a jail for Open Source Weekend (OSW) in November 2003. Since then, he's been using jails on a near-daily basis for many simple solutions and for things he recommends you do not try at home.

He started using plain vanilla jails, then went to ezjail, then iocage, and is now back on plain vanilla jails. Topics covered will include:

  • using Let's Encrypt via acme.sh, a hidden DNS master, public DNS servers, and a public website to distribute new certs via anvil
  • how FreshPorts uses three jails for ingesting commits and displaying them on the website
  • a database testing jail which loads each daily database backup to test it works
  • building the packages he needs using poudriere in a jail
  • multiple jails running PostgreSQL
  • running a jail within a jail
  • modifying pkg-audit to ignore certain jails
  • why I had to create a website proxy for all the in-house websites
  • having a portal jail on a hosting provider as a front end for jails running in his basement
  • Time Machines for Apple hardware
  • Using SamDrucker to keep track of what packages are installed where
  • Applications in their own jails include PostgreSQL, gitea, MSQL, LibreNMS, named, Unifi, Mosquitto
  • Why you should use pushover.net

There will be a lot of items covered, it will be fast-paced, and you'll get at least one idea for doing something in your own projects (worst case: you'll know what to avoid doing).

Dan Langille first started with Unix-like operating systems sometime in the early 1980s. In 1998, he discovered FreeBSD on a near-daily basis after needing a firewall for his ADSL connection. From that start, he began several online journals, founded two highly successful open source conferences, and eventually turned his hobby into a profession.

Dan now works as a sysadmin for a widely-known infosec company and is frequently impressed by those he works with.

When not running conferences or working, Dan blogs about this activities. He wishes he did more mountain biking.