template: Implement new functions and redo bastille main exec

docs/chapters/subcommands/verify.rst

@@ -2,12 +2,12 @@
 verify
 ======
 
-This command scans a bootstrapped release and validates that everything looks
-in order. This is not a 100% comprehensive check, but it compares the release
+This command scans a bootstrapped release or template and validates that everything looks
+in order. This is not a 100% comprehensive check, but it compares the release or template
 against a "known good" index.
 
 If you see errors or issues here, consider deleting and re-bootstrapping
-the release.
+the release or template .
 
 .. code-block:: shell
 
@@ -19,3 +19,26 @@ the release.
   Applying metadata patches... done.
   Fetching 1 metadata files... done.
   Inspecting system... done.
+
+  ishmael ~ # bastille verify bastillebsd-templates/jellyfin
+  Detected Bastillefile hook.
+  [Bastillefile]:
+  CMD mkdir -p /usr/local/etc/pkg/repos
+  CMD echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest" }' > 
+  /usr/local/etc/pkg/repos/FreeBSD.conf
+  CONFIG set allow.mlock=1;
+  CONFIG set ip6=inherit;
+  RESTART
+  PKG jellyfin
+  SYSRC jellyfin_enable=TRUE
+  SERVICE jellyfin start
+  Template ready to use.
+
+.. code-block:: shell
+
+  ishmael ~ # bastille verify 11.2-RELEASE
+  Usage: bastille verify [RELEASE|TEMPLATE]
+
+    Options:
+
+    -x | --debug          Enable debug mode.

usr/local/bin/bastille

@@ -59,9 +59,6 @@ bastille_conf_check
 ## we only load this if conf_check passes
 . /usr/local/share/bastille/common.sh
 . /usr/local/etc/bastille/bastille.conf
-# Set default values for config properties added during the current major version:
-: "${bastille_network_pf_ext_if:=ext_if}"
-: "${bastille_network_pf_table:=jails}"
 
 ## bastille_prefix should be 0750
 ## this restricts file system access to privileged users
@@ -134,104 +131,62 @@ EOF
     exit 1
 }
 
-[ $# -lt 1 ] && usage
-
-CMD=$1
-shift
-
-target_all_jails_old() {
-  _JAILS=$(/usr/sbin/jls name)
-  JAILS=""
-  for _jail in ${_JAILS}; do
-      _JAILPATH=$(/usr/sbin/jls -j "${_jail}" path)
-      if [ -z ${_JAILPATH##${bastille_jailsdir}*} ]; then
-          JAILS="${JAILS} ${_jail}"
-      fi
-  done
-}
-
-check_target_is_running_old() {
-  if [ ! "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then
-      error_exit "[${TARGET}]: Not started. See 'bastille start ${TARGET}'."
-  fi
-}
+if [ "$#" -lt 1 ]; then
+    usage
+else
+    CMD="${1}"
+    shift
+fi
 
 # Handle special-case commands first.
 case "${CMD}" in
-version|-v|--version)
-    info "${BASTILLE_VERSION}"
-    exit 0
-    ;;
-help|-h|--help)
-    usage
-    ;;
-bootstrap|clone|cmd|config|console|convert|create|cp|destroy|edit|etcupdate|export|htop|import|jcp|list|mount|pkg|rcp|rdr|rename|restart|service|setup|start|stop|sysrc|top|umount|update|upgrade|verify|zfs)
-    # Nothing "extra" to do for these commands. -- cwells
-    ;;
-template)
-    # Parse the target and ensure it exists. -- cwells
-    if [ $# -eq 0 ]; then # No target was given, so show the command's help. -- cwells
-        PARAMS='help'
-    elif [ "${1}" != 'help' ] && [ "${1}" != '-h' ] && [ "${1}" != '--help' ]; then
-        TARGET="${1}"
-        shift
-
-        # This is needed to handle the special case of 'bastille rcp' and 'bastille cp' with the '-q' or '--quiet'
-        # option specified before the TARGET. Also seems the cp and rcp commands does not support ALL as a target, so
-        # that's why is handled here. Maybe this behaviour needs an improvement later. -- yaazkal
-        if { [ "${CMD}" = 'rcp' ] || [ "${CMD}" = 'cp' ]; } && \
-           { [ "${TARGET}" = '-q' ] || [ "${TARGET}" = '--quiet' ]; }; then
-          TARGET="${1}"
-          JAILS="${TARGET}"
-          OPTION="-q"
-          export OPTION
-          shift
-        fi
-
-        if [ "${TARGET}" = 'ALL' ]; then
-            target_all_jails_old
-        elif [ "${CMD}" = "pkg" ] && [ "${TARGET}" = '-H' ] || [ "${TARGET}" = '--host' ]; then
-            TARGET="${1}"
-            USE_HOST_PKG=1
-            if [ "${TARGET}" = 'ALL' ]; then
-              target_all_jails_old
-            else
-              JAILS="${TARGET}"
-              check_target_is_running_old
-            fi
-            shift
-        elif [ "${CMD}" = 'template' ] && [ "${TARGET}" = '--convert' ]; then
-            # This command does not act on a jail, so we are temporarily bypassing the presence/started
-            # checks. The command will simply convert a template from hooks to a Bastillefile. -- cwells
-            :
-        else
-            JAILS="${TARGET}"
-
-            # Ensure the target exists. -- cwells
-            if [ ! -d "${bastille_jailsdir}/${TARGET}" ]; then
-                error_exit "[${TARGET}]: Not found."
-            fi
-
-            case "${CMD}" in
-            cmd|pkg|service|stop|sysrc|template)
-                check_target_is_running_old
-                ;;
-            convert|rename)
-                # Require the target to be stopped. -- cwells
-                if [ "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then
-                    error_exit "${TARGET} is running. See 'bastille stop ${TARGET}'."
-                fi
-                ;;
-            esac
-        fi
-        export USE_HOST_PKG
-        export TARGET
-        export JAILS
-    fi
-    ;;
-*) # Filter out all non-commands
-    usage
-    ;;
+    version|-v|--version)
+        info "${BASTILLE_VERSION}"
+        exit 0
+        ;;
+    help|-h|--help)
+        usage
+        ;;
+    bootstrap| \
+    clone| \
+    cmd| \
+    config| \
+    console| \
+    convert| \
+    cp| \
+    create| \
+    destroy| \
+    edit| \
+    etcupdate| \
+    export| \
+    htop| \
+    import| \
+    limits| \
+    list| \
+    mount| \
+    network| \
+    pkg| \
+    rcp| \
+    rdr| \
+    rename| \
+    restart| \
+    service| \
+    setup| \
+    start| \
+    stop| \
+    sysrc| \
+    tags| \
+    template| \
+    top| \
+    umount| \
+    update| \
+    upgrade| \
+    verify| \
+    zfs)
+        ;;
+    *)
+        usage
+        ;;
 esac
 
 # shellcheck disable=SC2154