Cloned2Preserve
/
jailmaker
mirror of https://github.com/Jip-Hop/jailmaker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #147 from Jip-Hop/develop 

Update readme and config templates
This commit is contained in:
Jip-Hop 2024-04-28 12:14:46 +02:00 committed by GitHub
parent ea208ba955 98ed986902
commit e6d8f74c51
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -2,6 +2,10 @@
Persistent Linux 'jails' on TrueNAS SCALE to install software (docker-compose, portainer, podman, etc.) with full access to all files via bind mounts. Persistent Linux 'jails' on TrueNAS SCALE to install software (docker-compose, portainer, podman, etc.) with full access to all files via bind mounts.
## Video Tutorial
[![TrueNAS Scale - Setting up Sandboxes with Jailmaker - YouTube Video](https://img.youtube.com/vi/S0nTRvAHAP8/0.jpg)<br>Watch on YouTube](https://www.youtube.com/watch?v=S0nTRvAHAP8 "TrueNAS Scale - Setting up Sandboxes with Jailmaker - YouTube Video")
## Disclaimer ## Disclaimer
**USING THIS SCRIPT IS AT YOUR OWN RISK! IT COMES WITHOUT WARRANTY AND IS NOT SUPPORTED BY IXSYSTEMS.** **USING THIS SCRIPT IS AT YOUR OWN RISK! IT COMES WITHOUT WARRANTY AND IS NOT SUPPORTED BY IXSYSTEMS.**
@ -14,7 +18,7 @@ TrueNAS SCALE can create persistent Linux 'jails' with systemd-nspawn. This scri
- Choosing a distro (Debian 12 strongly recommended, but Ubuntu, Arch Linux or Rocky Linux seem good choices too) - Choosing a distro (Debian 12 strongly recommended, but Ubuntu, Arch Linux or Rocky Linux seem good choices too)
- Will create a ZFS Dataset for each jail if the `jailmaker` directory is a dataset (easy snapshotting) - Will create a ZFS Dataset for each jail if the `jailmaker` directory is a dataset (easy snapshotting)
- Optional: configuring the jail so you can run Docker inside it - Optional: configuring the jail so you can run Docker inside it
- Optional: GPU passthrough (including [nvidia GPU](README.md#nvidia-gpu) with the drivers bind mounted from the host) - Optional: GPU passthrough (including nvidia GPU with the drivers bind mounted from the host)
- Starting the jail with your config applied - Starting the jail with your config applied
## Security ## Security

2
templates/docker/config
View File

@ -1,5 +1,5 @@
startup=0 startup=0
gpu_passthrough_intel=1 gpu_passthrough_intel=0
gpu_passthrough_nvidia=0 gpu_passthrough_nvidia=0
# Turning off seccomp filtering improves performance at the expense of security # Turning off seccomp filtering improves performance at the expense of security
seccomp=1 seccomp=1

2
templates/incus/config
View File

@ -1,6 +1,6 @@
# WARNING: EXPERIMENTAL CONFIG TEMPLATE! # WARNING: EXPERIMENTAL CONFIG TEMPLATE!
startup=0 startup=0
gpu_passthrough_intel=1 gpu_passthrough_intel=0
gpu_passthrough_nvidia=0 gpu_passthrough_nvidia=0
# Turning off seccomp filtering improves performance at the expense of security # Turning off seccomp filtering improves performance at the expense of security
seccomp=1 seccomp=1

2
templates/lxd/config
View File

@ -1,6 +1,6 @@
# WARNING: EXPERIMENTAL CONFIG TEMPLATE! # WARNING: EXPERIMENTAL CONFIG TEMPLATE!
startup=0 startup=0
gpu_passthrough_intel=1 gpu_passthrough_intel=0
gpu_passthrough_nvidia=0 gpu_passthrough_nvidia=0
# Turning off seccomp filtering improves performance at the expense of security # Turning off seccomp filtering improves performance at the expense of security
seccomp=1 seccomp=1