Jailman: Automated management of pseudo-custom FreeNAS jails

Jailman: Automated management of pseudo-custom FreeNAS jails v1.2.3

The Old:
Since way before I mostly finished the basics for JailMan 1.3.0 (which moves Jailman to the IX Plugin system), I got more and more notices that basicaly went like this:

Hi,
I'm trying JailMan and I don't know how to use the CLI or config file, so now everything breaks when I start it.

These people aren't wrong: Having to use a CLI to install an application on a storage appliance that is designed around it's nice UI, is PLAIN STUPID. IX/Iocage plugins also aren't the whole solution either: Yes they can be added to the UI, but offer a very limited subset of customisations.

The New:
Since september I took some time off, not for fun... But to spend some dedicated time studying: Docker, Kubernetes and Helm, while waiting for TrueNAS SCALE ALPHA's to drop and the SCALE design to get some form.
Docker/Helm itself would not give a better solution than we currently have with Jailman. yes it has upsides and No it also has downsides. Primarily we would hit exactly the same issues as we had with JailMan on BSD.

However: I'm quite impressed by the current design of SCALE. Mostly the way the "Apps" (Plugins for SCALE) are handled internally. It deserves some praise, because IX has clearly took all feedback they have gotten over the years into account and worked on a WAY more solid backend than we ever had on BSD.
Primarily the following:
- Building Apps follows (mostly) industry standards
- The Apps system supports (or is going to) both NVIDUA and Intel hardware transcoding out of the box
- The Apps system actually opens up the UI, in such a way that App developers will be able to give the user significantly more options to customise their experience.
- The creation of storage for Apps, is way more automated for users that want it automated and just as flexible as it was before.

The bad:
This made me take some steps back on JailMan and evaluate both what we have done and what we could do.

The painfull realisation is: With way less time involvement, is would be possible to give end-users a WAY more solid experience, than they will ever experience with TrueNAS CORE on BSD.

It also would have a lot lower support burden, because we would be able to base our work on the EXCELENT available Helm-Chart work of other people out there.

Hence, with this post I officially End-of-Life JailMan. Not because it's bad, but because both its users and its developers deserve a better experience.

The Good:
However, I've already start on its successor: TrueCharts.

The first goal of which, would be to gain feature parity with JailMan, with appropriatie increase in user experience on SCALE.
At the same time, i've spend the time to push for as much features for community App catalogs as possible. So we don't have to rely on IXsystems to share our personal App projects with our friends, Family or Testers.

If you're interested in projects like there, I highly suggest an upvote for the last big issue remaining: Allowing to set a custom App Catalog from the UI.

Whats Next?

My personal goal for 2021, is to have twice the number of applications as we currently have on Jailman. Completely setup in the UI, with significant options available and full support for Traefik Ingress.
v1.2.2 was still plagued with many small and big things not working as it should.
This hotfix release should fix most issues introduced with v1.2.2.
Also covered are many fixes to the repository layout and documentation

Community Changelog:
  • Added Code Owners
  • Setup clean Issue and PR templates (replaces old templates)
  • Globaly disabled SC2154 checking on PR's
  • Added Security.md
Application Changelog:
  • Fixed update to use the user-set repo (make jailman fork-compatible)
  • Fixed Unifi(-poller) not updating and correctly
  • Fixed not exiting on failed dataset creation
  • Fixed MariaDB not saving into persistence dataset
  • Moved MariaDB database to /config/db (from /var/db/mysql)
  • Fixed silent failure of PHPMyAdmin install
  • Fixed Unifi-Poller influxdb connection
  • Fixed Tautulli not starting with Python3
  • add some missing nextcloud dependencies
  • Move the ports installs to pkg
  • Remove/Disable ports when not required
  • Update all blueprints
  • Remove unused dependancies
  • Remove Nextcloud external database support
  • Remove untested bitwarden database types
Please be aware the repository has been moved to:
jailmanager/jailman
## v1.2.0: Blueprints and Jails

Big update announcement:
Thanks to hardwork with the community, i'm glad to announce v1.2.0 and v1.2.1 have been released.

It's a BIG rewrite of the original code and also includes new principles like seperating Jails from their Blueprints. (and this allowing multiple installs of the same blueprint under different jail names)
This is a big overhaul. It restructures most of the config systems.

* It seperates Jail and Blueprint.
* It introduces config versioning (thus new versions can invalidate outdated config files)
* It allows multiple installs of the same blueprint (previously known as jail)

The Blueprint:
- The install script included in this project.
- Config settings are included with the blueprint, but can be overriden in config.yml

The Jail:
- The actuall jail under FreeNAS, the physical running thing you see in the GUI.
- config is done by the user, no config is included, only an example is included

Also included are a lot bug fixes, such as:
- MariaDB root password is now set correctly (Fixes #91 )
- Caddy now uses a default email adress to prevent silent failure during PHPMyAdmin Install (Fixes #93)

And included are some misc. enhancements:
- Installation of portsnap is now a per-blueprint setting (fixes #89 )
- InfluxDB doesn't install a database anymore by default (Lets install one when needed)
- Made sure all rc.d files use `*.rc` (Fixes #94 )
- Renamed type to db_type and made it optional in bitwarden (Fixes #95 )
- Removal of postgresql from nextcloud (Fixes #96 )
- Removal of external databases from Nextcloud (Fixes #97 )
- Cleaned up certificate/ssl selection variables (Fixes #98 )
- Seperated jail config from blueprint config (For example the pkg lists, Fixes #43)
- Tweaks Plex to enable future Quicksync support
- Moves default jails to "base jail"
- Renames Plexpass to Plex Beta.
- Full rewrite of the Wiki system
- Full redesign of automated testing.
- Lots of documentation updates

Every jail can only have 1 blueprint, but blueprints can be used on multiple jails.

Config versioning is introduced, because the old-config is not forward-compatible and the new config is not backwards compatible. v1.2.0 is a good moment to introduce this, because we are removing pkgs from the jail config (moving to the blueprint config) anyhow.

Besides the above, there are also new features and blueprints added into 1.2.0:
- Adds Unifi (with unifipoller buildin, including support for automatic influxDB DB creation)
- Adds InfluxDB
- Adds shared portsnap, ports directory

All Jails tested working.
V1.1.1 has been pushed. This contains some major bugfixes for the organizr jail creator.

Current users will automatically recieve the new version using the auto-updater.
No breaking changes are included.
After some hard working, I am glad to announce V1.1.0, introducing the following changes and additional services:

  • Restructure of dataset creation and mounting
  • Restructure of Jail creation
  • Nicer readme (Fixes #32 )
  • Add automatic generation of Wiki pages from *.md included in jail (Fixes #39 )
  • Addition of Nextcloud (Fixes #4 )
  • Addition of MariaDB (Fixes #10 )
  • Addition of Bitwarden (Fixes #5 )
  • QA: Remove integrated Database server (Fixes #33 )
  • QA: Move Nextcloud self-signed certs to /config/ssl
  • QA: changed most files into 775 (default now), almost every file is an executable anyway.
Small bugfix for example config has been released.
It seems I forgot to add the lastest version to master when v1.0.0 was created.

Current installs should auto-update as usual!
Top