diff --git a/NETWORKING.md b/NETWORKING.md
deleted file mode 100644
index 50c2e84..0000000
--- a/NETWORKING.md
+++ /dev/null
@@ -1,63 +0,0 @@
-# Jailmaker
-
-## Advanced Networking
-
-These are notes on advanced networking setup you may want to try. Contributions are welcome!
-
-### Bridge Networking
-
-As an alternative to the default host networking mode, you may want to connect to a bridge interface instead and let the jail obtain its IP address via DHCP (although you may have to be patient for up to 20 seconds after the jail started for networking to work, [assigning the IP address is somehow slow](https://github.com/Jip-Hop/jailmaker/issues/7)).
-
-[![TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video](https://img.youtube.com/vi/uPkoeWUfiHU/0.jpg)
Watch on YouTube](https://www.youtube.com/watch?v=uPkoeWUfiHU "TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video")
-
-The above YouTube video may be helpful when setting up the bridge interface. Note: if done incorrectly, you may lock yourself out... It may take several tries... You may need to connect a monitor and keyboard to the NAS and use `/etc/netcli` to reset the networking interface.
-
-Add the `--network-bridge=br1 --resolv-conf=bind-host` systemd-nspawn flag when asked for `Additional flags` during jail creation, or set it post-creation by [editing](./README.md#edit-jail-config) the `SYSTEMD_NSPAWN_USER_ARGS` variable inside the `config` file.
-
-The TrueNAS host and the jail will be able to communicate with each other as if the jail was just another device on the LAN. It will use the same DNS servers as the TrueNAS host because the `--resolv-conf=bind-host` option bind mounts the `/etc/resolv.conf` file from the host inside the jail. If you want to use the DNS servers advertised via DHCP, then check [DNS via DHCP](#dns-via-dhcp).
-
-To configure a **static IP** with our bridge interface, we need to edit the `80-container-host0.network` file located in `/etc/systemd/network`. Change the `[Network]` section to look like this:
-
-```ini
-[Network]
-DHCP=false
-Address=192.168.0.12/24
-Gateway=192.168.0.1
-LinkLocalAddressing=no
-LLDP=yes
-EmitLLDP=customer-bridge
-```
-Then restart the `systemd-networkd` service and check your network configuration.
-
-```shell
-systemctl restart systemd-networkd
-systemctl status systemd-networkd
-ifconfig
-```
-
-
-### Macvlan Networking
-
-To setup Macvlan Networking you may follow the [Bridge Networking](#bridge-networking) section, but skip the setup of a bridge interface and use these flags instead: `--network-macvlan=eno1 --resolv-conf=bind-host`. By default the TrueNAS host and jail will not be able to communicate with each other via the network if Macvlan Networking mode is used. If that's required it would be better to use [Bridge Networking](#bridge-networking).
-
-### DNS via DHCP
-
-If you're not using host networking, and you're not using the `--resolv-conf=` in case of bridge/macvlan networking, then you have to configure the DNS servers to use.
-
-To get DNS servers via DHCP install and enable `resolvconf`.
-
-```shell
-# Only run this inside the jail!
-
-# Temporarily fix DNS resolution,
-# otherwise we can't install packages
-echo 'nameserver 8.8.8.8' > /etc/resolv.conf
-# On debian based distro
-apt update && apt -y install resolvconf
-```
-
-## References
-
-- [systemd-nspawn](https://manpages.debian.org/bullseye/systemd-container/systemd-nspawn.1.en.html)- [Setting up Systemd-nspawn](https://www.cocode.se/linux/systemd_nspawn.html#orge360318)
-- [Debian Reference - Chapter 5. Network setup](https://www.debian.org/doc/manuals/debian-reference/ch05.en.html#_the_hostname_resolution)
-- [Disabling link-local addressing](https://jerrington.me/posts/2017-08-06-systemd-nspawn-disabling-link-local-addressing.html#disabling-link-local-addressing)
\ No newline at end of file
diff --git a/README.md b/README.md
index cd776ca..68be02d 100644
--- a/README.md
+++ b/README.md
@@ -90,13 +90,15 @@ jlmkr start myjail
### List Jails
+See list of jails (including running, startup state, GPU passthrough, distro, and IP).
+
```shell
jlmkr list
```
### Execute Command in Jail
-You may want to execute a command inside a jail, for example from a shell script or a CRON job. The example below executes the `env` command inside the jail.
+You may want to execute a command inside a jail, for example manually from the TrueNAS shell, a shell script or a CRON job. The example below executes the `env` command inside the jail.
```shell
jlmkr exec myjail env
@@ -118,6 +120,8 @@ Once you've created a jail, it will exist in a directory inside the `jails` dir
### Remove Jail
+Delete a jail and remove it's files (requires confirmation).
+
```shell
jlmkr remove myjail
```
@@ -136,6 +140,8 @@ jlmkr restart myjail
### Jail Shell
+Switch into the jail's shell.
+
```shell
jlmkr shell myjail
```
@@ -148,6 +154,8 @@ jlmkr status myjail
### Jail Logs
+View a jail's logs.
+
```shell
jlmkr log myjail
```
@@ -158,17 +166,21 @@ Expert users may use the following additional commands to manage jails directly:
## Networking
-By default the jail will have full access to the host network. No further setup is required. You may download and install additional packages inside the jail. Note that some ports are already occupied by TrueNAS SCALE (e.g. 443 for the web interface), so your jail can't listen on these ports. This is inconvenient if you want to host some services (e.g. traefik) inside the jail. To workaround this issue when using host networking, you may disable DHCP and add several static IP addresses (Aliases) through the TrueNAS web interface. If you setup the TrueNAS web interface to only listen on one of these IP addresses, the ports on the remaining IP addresses remain available for the jail to listen on.
+By default a jails will use the same networking namespace, with access to all (physical) interfaces the TrueNAS host has access to. No further setup is required. You may download and install additional packages inside the jail. Note that some ports are already occupied by TrueNAS SCALE (e.g. 443 for the web interface), so your jail can't listen on these ports.
-See [Advanced Networking](./NETWORKING.md) for more.
+Depending on the service this may be o.k. For example Home Assistant will bind to port 8123, leaving the 80 and 443 ports free from clashes for the TrueNAS web interface. You can then either connect to the service on 8123, or use a reverse proxy such as traefik.
+
+But clashes may happen if you want some services (e.g. traefik) inside the jail to listen on port 443. To workaround this issue when using host networking, you may disable DHCP and add several static IP addresses (Aliases) through the TrueNAS web interface. If you setup the TrueNAS web interface to only listen on one of these IP addresses, the ports on the remaining IP addresses remain available for the jail to listen on.
+
+See [the networking docs](./docs/network.md) for more advanced options (bridge and macvlan networking).
## Docker
-Using the [docker config template](./templates/docker/README.md) is recommended if you want to run docker inside the jail. You may of course manually install docker inside a jail. But keep in mind that you need to add `--system-call-filter='add_key keyctl bpf'` (or disable seccomp filtering). It is [not recommended to use host networking for a jail in which you run docker](https://github.com/Jip-Hop/jailmaker/issues/119). Docker needs to manage iptables rules, which it can safely do in its own networking namespace (when using [bridge or macvlan networking](./NETWORKING.md) for the jail).
+Using the [docker config template](./templates/docker/README.md) is recommended if you want to run docker inside the jail. You may of course manually install docker inside a jail. But keep in mind that you need to add `--system-call-filter='add_key keyctl bpf'` (or disable seccomp filtering). It is [not recommended to use host networking for a jail in which you run docker](https://github.com/Jip-Hop/jailmaker/issues/119). Docker needs to manage iptables rules, which it can safely do in its own networking namespace (when using [bridge or macvlan networking](./docs/network.md) for the jail).
## Documentation
-Additional documentation contributed by the community can be found in [the docs directory](./docs/).
+Additional documentation can be found in [the docs directory](./docs/) (contributions are welcome!).
## Comparison
@@ -178,16 +190,6 @@ TODO: write comparison between systemd-nspawn (without `jailmaker`), LXC, VMs, D
The rootfs image `jlmkr.py` downloads comes from the [Linux Containers Image server](https://images.linuxcontainers.org). These images are made for LXC. We can use them with systemd-nspawn too, although not all of them work properly. For example, the `alpine` image doesn't work well. If you stick with common systemd based distros (Debian, Ubuntu, Arch Linux...) you should be fine.
-## Tips & Tricks
-
-### Colorized bash prompt
-
-To visually distinguish between a root shell inside the jail and a root shell outside the jail, it's possible to colorize the shell prompt. When using a debian jail with the bash shell, you may run the following command to get a yellow prompt inside the jail (will be activated the next time you run `jlmkr shell myjail`):
-
-```bash
-echo "PS1='${debian_chroot:+($debian_chroot)}\[\033[01;33m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '" >> ~/.bashrc
-```
-
## Filing Issues and Community Support
When in need of help or when you think you've found a bug in jailmaker, [please start with reading this](https://github.com/Jip-Hop/jailmaker/discussions/135).
diff --git a/docs/README.md b/docs/README.md
index 0c8d31a..f6485cf 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -1,3 +1,5 @@
-Welcome to the jailmaker wiki!
+# Jailmaker Docs
+
+Welcome to the Jailmaker Docs!
Use the sidebar to navigate the topics.
diff --git a/docs/basicconfig.md b/docs/basicconfig.md
index e14435e..e409a5b 100644
--- a/docs/basicconfig.md
+++ b/docs/basicconfig.md
@@ -1,4 +1,8 @@
-# User Management
+# Jailmaker Docs
+
+Anything described on this page is completely optional. You do NOT need to do anything of this in order to start using jailmaker.
+
+## User Management
The root user (also known as the superuser or su) can access any file, make system changes, and lots of room for security vulnerabilities.
For this reason you should aspire to run services as a non-root user.
@@ -10,28 +14,54 @@ Where username can be anything, but should reflect the service/jail's name for d
Then a password should be created as some commands require a non-blank password to be inserted:
`passwd USERNAME`
-If you want the ability to run commands as root, add the user to the sudo group
-`usermod -aG sudo USERNAME`
+If you want the ability to run commands as root, add the user to the sudo group:
+
+```sh
+usermod -aG sudo USERNAME
+```
This WILL require a non-blank password, and any command run with sudo will be run as root not as the user. But it saves time compared to switching users to root to install/change things then switching back.
### Switch to user
-`su -l USERNAME`
+
+```sh
+su -l USERNAME
+```
### Put a password on Root
-While logged in as root run `passwd`
-# Common tweaks
+While logged in as root run `passwd`.
+
+## Common Tweaks
+
### Update repository list
-`sudo apt update`
+
+```sh
+sudo apt update
+```
### Install common services
-`sudo apt install nano wget curl git`
+
+```sh
+sudo apt install nano wget curl git
+```
### Set Static IP
-See `Networking`
+
+See [Networking](./network.md)
+
+### Colorized bash prompt
+
+To visually distinguish between a root shell inside the jail and a root shell outside the jail, it's possible to colorize the shell prompt. When using a debian jail with the bash shell, you may run the following command **inside the jail** to get a yellow prompt inside the jail (will be activated the next time you run `jlmkr shell myjail`):
+
+```bash
+echo "PS1='${debian_chroot:+($debian_chroot)}\[\033[01;33m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '" >> ~/.bashrc
+```
### Install Docker
-```
+
+It's advised to use the [docker config template](../templates/docker/README.md). But you can install it manually like this as well:
+
+```sh
apt install curl && cd /tmp && curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh && cd ~ && docker
```
diff --git a/docs/commands.md b/docs/commands.md
deleted file mode 100644
index 2852032..0000000
--- a/docs/commands.md
+++ /dev/null
@@ -1,35 +0,0 @@
-Create a jail
-`jlmkr create JAILNAME`
-
-Start a jail
-`jlmkr start JAILNAME`
-
-Stop a jail
-`jlmkr stop JAILNAME`
-
-Check jail status
-`jlmkr status JAILNAME`
-
-Delete a jail and remove it's files (requires confirmation)
-`jlmkr remove JAILNAME`
-
-See list of jails (including running, non running, distro, startup state, and IP)
-`jlmkr list`
-
-See list of running jails
-`machinectl list`
-
-Execute a command inside a jail from the TrueNAS shell
-`jlmkr exec JAILNAME COMMAND`
-
-Execute a bash command inside a jail from the TrueNAS shell
-`jlmkr exec JAILNAME bash -c 'BASHCOMMAND'`
-
-Switch into the jail's shell
-`machinectl shell JAILNAME`
-
-View a jail's logs
-`jlmkr log JAILNAME`
-
-Edit a jail's config
-`jlmkr edit JAILNAME`
diff --git a/docs/compatibility.md b/docs/compatibility.md
index e70410b..9b9f6e1 100644
--- a/docs/compatibility.md
+++ b/docs/compatibility.md
@@ -1,4 +1,6 @@
-# TrueNAS Compatibility
+# Jailmaker Docs
+
+## TrueNAS Compatibility
| | |
|---|---|
|TrueNAS Core|❌|
@@ -6,7 +8,7 @@
|TrueNAS 23.10|✅|
|TrueNAS 24.04|✅|
-# Distro Compatibility
+## Distro Compatibility
| | |
|---|---|
|Debian 11 Bullseye|✅|
diff --git a/docs/network.md b/docs/network.md
index 71682e1..7b7134d 100644
--- a/docs/network.md
+++ b/docs/network.md
@@ -1,24 +1,60 @@
-# Host Passthrough (Default network configuration)
-By default jails will use the same physical interface as the TrueNAS host. If a service attempts to bind to port 80 or 443, it will either fail or render both the service and TrueNAS unavailable.
-### Flaws
-Depending on the service this may be ok, for example Home Assistant will bind to port 8123, leaving the 80 and 443 ports free from clashes for the TrueNAS web interface. You can then either connect to the service with the port, or use a reverse proxy such as [nginx](https://www.nginx.com/#).
-### Setup
-No configuration is necessary
+# Jailmaker Docs
-# MAC VLAN Virtual Interface
-Some services require the use of port 80 or 443, or would benefit from a separate IP. For these situations the easiest network configuration is the MAC VLAN configuration. This creates a virtual interface with its own separate randomly generated MAC address and IP.
-The default config uses DHCP by default, but can easily be set to a Static IP.
-### Flaws
-Any services in the jail cannot communicate with the direct host (TrueNAS). The jail can communicate with any other jail or device on the network, besides TrueNAS. This may or not be a benefit (security) or disadvantage (no communication) depending on your service.
-### Setup
-Add the following argument to the "additional flags" prompt of jail creation or the "systemd_nspawn_user_arguments" line of the jail config file:
+## Host Networking
+
+[Notes on the default host networking are in the main README.md file](../README.md#networking).
+
+## Bridge Networking
+
+As an alternative to the default host networking mode, you may want to connect to a bridge interface instead and let the jail obtain its IP address via DHCP.
+
+[![TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video](https://img.youtube.com/vi/uPkoeWUfiHU/0.jpg)
Watch on YouTube](https://www.youtube.com/watch?v=uPkoeWUfiHU "TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video")
+
+The above YouTube video may be helpful when setting up the bridge interface.
+
+### Bridge Flaws
+
+This type of interface takes much longer to set up both in complexity and wait time (you may have to be patient for up to 60 seconds after the jail started for networking to work, [assigning the IP address via DHCP is somehow slow](https://github.com/Jip-Hop/jailmaker/issues/7)). Furthermore, if the configuration is not correct it can render your TrueNAS inaccessible via ssh or the web interface, necessitating a reset using a keyboard and monitor plugged into the TrueNAS server and use `/etc/netcli` to reset the networking interface.
+
+### Bridge Setup
+
+Add the `--network-bridge=br1 --resolv-conf=bind-host` systemd-nspawn flag when asked for `Additional flags` during jail creation, or set it post-creation by [editing](./README.md#edit-jail-config) the `SYSTEMD_NSPAWN_USER_ARGS` variable inside the `config` file.
+
+The TrueNAS host and the jail will be able to communicate with each other as if the jail was just another device on the LAN. It will use the same DNS servers as the TrueNAS host because the `--resolv-conf=bind-host` option bind mounts the `/etc/resolv.conf` file from the host inside the jail. If you want to use the DNS servers advertised via DHCP, then check [DNS via DHCP](#dns-via-dhcp).
+
+### Bridge Static IP
+To configure a static IP with our bridge interface, we need to edit the `/etc/systemd/network/80-container-host0.network` file. Change the [Network] section to look like this:
+
+```ini
+[Network]
+DHCP=false
+Address=192.168.0.12/24
+Gateway=192.168.0.1
+LinkLocalAddressing=no
+LLDP=yes
+EmitLLDP=customer-bridge
```
---network-macvlan=eno1 --resolv-conf=bind-host
+Then restart the `systemd-networkd` service and check your network configuration.
+
+```shell
+systemctl restart systemd-networkd
+systemctl status systemd-networkd
+ifconfig
```
-### Setting a Static IP
-To set a Static IP you need to disable DHCP in the macvlan config file `/etc/systemd/network/mv-dhcp.network`
-You can do this with a network client like WinSCP by navigating into the jail's filesystem then the path above, or by using a text editing program like nano by running `nano /etc/systemd/network/mv-dhcp.network` in the jail's shell.
+## Macvlan Networking
+
+Some services require the use of port 80 or 443, or would benefit from a separate IP. For these situations the easiest network configuration is the MAC VLAN configuration. This creates a virtual interface with its own separate randomly generated MAC address and IP. The default config uses DHCP by default, but can easily be set to a Static IP.
+
+### Macvlan Flaws
+Any services in the jail cannot communicate with the direct host (TrueNAS). The jail can communicate with any other jail or device on the network, besides TrueNAS or VMs hosted on TrueNAS. This may be a benefit (security) or disadvantage (no communication) depending on your service. If that's required it would be better to use [Bridge Networking](#bridge-networking).
+
+### Macvlan Setup
+
+Add the following argument to the "additional flags" prompt of jail creation or the "systemd_nspawn_user_arguments" line of the jail config file: `--network-macvlan=eno1 --resolv-conf=bind-host`. Where eno1 is the name of your physical network interface.
+
+### Macvlan Static IP
+To set a Static IP you need to disable DHCP in the macvlan config file `/etc/systemd/network/mv-dhcp.network`. You can do this with a network client like WinSCP by navigating into the jail's filesystem then the path above, or by using a text editing program like nano by running `nano /etc/systemd/network/mv-dhcp.network` in the jail's shell.
The DHCP in [Network] needs to be set to false, an Address (static IP) needs to be added, a Gateway needs to be defined (e.g your router such as 192.168.0.1) and the entire DHCP section needs to be removed.
@@ -35,26 +71,24 @@ Gateway=192.168.X.X
```
Then restart the network interface inside the jail `systemctl restart systemd-networkd` or restart the jail by running `jlmkr stop JAILNAME && jlmkr start JAILNAME` from the TrueNAS shell. Use `ifconfig` to verify the interface is up and has the correct IP.
-# Passthrough a TrueNAS Bridge Interface
-By creating a network bridge in the TrueNAS Network page you can bridge the incoming physical network interface to a virtual interface that can be passed to the jail. This type of interface has the benefits of a MAC VLAN interface without the flaws (host to jail networking). Once working the virtual interface can either be assigned a static IP or obtain one automatically via DHCP.
+## DNS via DHCP
-### Flaws
-This type of interface takes much longer to set up both in complexity and wait time as there is a current flaw in which DHCP can take between 10 seconds and a minute.
-Furthermore, if the configuration is not correct it can render your TrueNAS inaccessible via ssh, necessitating a reset using a keyboard and monitor plugged into the TrueNAS server.
+If you're not using host networking, and you're not using the `--resolv-conf=` in case of bridge/macvlan networking, then you have to configure the DNS servers to use.
-### Setup
-[![TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video](https://img.youtube.com/vi/uPkoeWUfiHU/0.jpg)
Watch on YouTube](https://www.youtube.com/watch?v=uPkoeWUfiHU "TrueNAS Scale: Setting up a Static IP and Network Bridge // Access NAS host from VM - YouTube Video")
+To get DNS servers via DHCP install and enable `resolvconf`.
-The above YouTube video may be helpful when setting up the bridge interface. Note: if done incorrectly, you may lock yourself out... It may take several tries... You may need to connect a monitor and keyboard to the NAS and use `/etc/netcli` to reset the networking interface.
+```shell
+# Only run this inside the jail!
-Add the `--network-bridge=br1 --resolv-conf=bind-host` flag when asked for additional flags during jail creation, or set it post-creation by editing the `SYSTEMD_NSPAWN_USER_ARGS` variable inside the config file.
-
-### Static IP
-To configure a static IP with our bridge interface, we need to edit the `/etc/systemd/network/80-container-host0.network` file. Change the [Network] section to look like this:
+# Temporarily fix DNS resolution,
+# otherwise we can't install packages
+echo 'nameserver 8.8.8.8' > /etc/resolv.conf
+# On debian based distro
+apt update && apt -y install resolvconf
```
-[Network]
-DHCP=false
-Address=192.168.X.XXX/24
-Gateway=192.168.X.X
-```
-Then restart the network interface inside the jail `systemctl restart systemd-networkd` or restart the jail by running `jlmkr stop JAILNAME && jlmkr start JAILNAME` from the TrueNAS shell. Use `ifconfig` to verify the interface is up and has the correct IP.
+
+## References
+
+- [systemd-nspawn](https://manpages.debian.org/bullseye/systemd-container/systemd-nspawn.1.en.html)- [Setting up Systemd-nspawn](https://www.cocode.se/linux/systemd_nspawn.html#orge360318)
+- [Debian Reference - Chapter 5. Network setup](https://www.debian.org/doc/manuals/debian-reference/ch05.en.html#_the_hostname_resolution)
+- [Disabling link-local addressing](https://jerrington.me/posts/2017-08-06-systemd-nspawn-disabling-link-local-addressing.html#disabling-link-local-addressing)
\ No newline at end of file
diff --git a/docs/performance.md b/docs/performance.md
index 92c1e3a..ed86336 100644
--- a/docs/performance.md
+++ b/docs/performance.md
@@ -1,3 +1,5 @@
+# Jailmaker Docs
+
(Anecdotal from observations, actual measurements with resource monitor captures and wall power meter coming soon.)
Kubernetes Server (TrueNAS Apps) with no apps installed:
@@ -16,6 +18,5 @@ Systemd-nspawn container (jailmaker) with 10 apps installed:
* Idle on 7100T: ~4% / 8W
* Idle on 10600K: ~0%
-
Systemd-nspawn container (jailmaker) with 20 apps installed:
* Idle on 10600K: ~1%
diff --git a/docs/storage.md b/docs/storage.md
index b88754f..6f79b3f 100644
--- a/docs/storage.md
+++ b/docs/storage.md
@@ -1,12 +1,14 @@
-# Default storage system
-When creating a jail, an entire Linux filesystem is created in the 'rootfs' folder within the jail's folder of the jailmaker directory E.g `/mnt/tank/vault/jailmaker/jails/jailname/rootfs`. No files from the TrueNAS host will be available.
+# Jailmaker Docs
+
+## Default storage system
+When creating a jail, an entire Linux filesystem is created in the 'rootfs' folder within the jail's folder of the jailmaker directory. E.g. `/mnt/tank/vault/jailmaker/jails/jailname/rootfs`. No files from the TrueNAS host will be available.
Common locations for services are:
`/home` for user accessible files
`/var/www/` for webpages
`/tmp` for temporary application data such as build files
-# Linking folders to TrueNAS folders
+## Linking folders to TrueNAS folders
To allow file access by either the jail, another jail, or TrueNAS a bind can be made. A bind creates a link between two locations. Think of this as a portal, anything that goes in one side is visible from the other side and vice versa.
Note that creating a file in the jail or TrueNAS will reflect in both binded locations, so be careful of overwrites and corruption.
@@ -21,7 +23,7 @@ And where `/jail/path/to/` is the folder you want those shared files accessible
### Example
A use of this is making files available in a jail for it to use or serve, such as media files in Plex/Jellyfin:
-Example: `--bind='/mnt/tank/content/:/media'` will make any files inside the content dataset of the tank pool available inside the jail's /media folder. To visualise or test this you can copy some files to `/mnt/tank/content/` such as `media1.mp4`, `media2.mkv` and `photo.jpg`. Then change directory to that folder inside the jail `cd /media` and list files in that directory `ls -l` where those files should appear.
+Example: `--bind='/mnt/tank/content/:/media'` will make any files inside the content dataset of the tank pool available inside the jail's /media folder. To visualize or test this you can copy some files to `/mnt/tank/content/` such as `media1.mp4`, `media2.mkv` and `photo.jpg`. Then change directory to that folder inside the jail `cd /media` and list files in that directory `ls -l` where those files should appear.
### Warning
Do not bind your TrueNAS system directories (`/root` `/mnt` `/dev` `/bin` `/etc` `/home` `/var` `/usr` or anything else in the root directory) to your jail as this can cause TrueNAS to lose permissions and render your TrueNAS system unusable.
diff --git a/docs/zfsmigration.md b/docs/zfsmigration.md
index 1c02419..0e7cf54 100644
--- a/docs/zfsmigration.md
+++ b/docs/zfsmigration.md
@@ -1,24 +1,26 @@
-# ZFS Datasets Migration
+# Jailmaker Docs
+
+## ZFS Datasets Migration
From version 1.1.4 ZFS Datasets support was added to jailmaker.
By default starting in v1.1.4, jailmaker will create a separate dataset for each jail if possible. This allows the user to configure snapshots, rollbacks, replications etc.
Jailmaker operates in dual-mode: it supports using both directories and datasets. If the 'jailmaker' directory is a dataset, it will use datasets, if it is a directory, it will use directories.
-___
-## Procedure to migrate from directories to ZFS Datasets
-### Stop all jails
+### Procedure to migrate from directories to ZFS Datasets
+
+#### Stop all jails
`jlmkr stop jail1`
`jlmkr stop jail2`
etc..
-### Move/rename the 'jailmaker' directory
+#### Move/rename the 'jailmaker' directory
`mv jailmaker orig_jailmaker`
-### Create the ZFS datasets for jailmaker
+#### Create the ZFS datasets for jailmaker
Create all the required datasets via GUI or CLI.
@@ -44,8 +46,7 @@ zfs create mypool/jailmaker/jails/jail1
zfs create mypool/jailmaker/jails/jail2
```
-
-### Move the existing jail data into the newly created datasets
+#### Move the existing jail data into the newly created datasets
Now move all the jail data:
@@ -53,7 +54,7 @@ Now move all the jail data:
Warning! It's important that both directories have the `/` at the end to make sure contents are copied correctly. Otherwise you may end up with `jailmaker/jailmaker`
-### Test everything works
+#### Test everything works
If everything works, you should be able to use the `jlmkr` command directly. Try doing a `jlmkr list` to check if the jails are correctly recognized