I run several applications in my homelab using FreeBSD jails. This provides an extra measure of isolation, since the services are connected to the internet. I use AppJail to keep the setup declarative and introduce a reasonable measure of reproducibility. It's not NixOS, but it's good enough for me. This short post is because I hit an interesting split between 2 jailed services' needs.

One application (continuwuity) is not yet in the ports tree, but there are great packages available from the community. The package, which isn't part of the ports CI, needs to make a decision about a library it depends on. They chose the quarterly ports tree for simplicity (this is the default on new FreeBSD installations).

Another package I use (marmite) is the static site generator I use for this blog. That is in the ports tree, but I want to always use the bleeding edge release. Most recently because I submitted a patch switching to Arborium for build-time syntax highlighting. I could build it from source, but that means I'd need to take a few minutes to rebuild the jail from scratch. Using packages takes a few seconds.

AppJail releases will use Quarterly by default. The default AppJail release process uses a standard base system, and thus points at the quarterly branch. Changing any specific jail to use the latest is pretty easy! You can basically copy from handbook.

# Use the latest ports branch to get updates faster
CMD mkdir -p /usr/local/etc/pkg/repos
CMD echo 'FreeBSD-ports: { url: "pkg+https://pkg.FreeBSD.org/${ABI}/latest" }' > /usr/local/etc/pkg/repos/FreeBSD.conf

# Update package database
PKG --update

You can put this directly in your Makejail file, or extract it into a separate include file for reusability. And that's it; just make sure this comes before your first PKG instruction. Now any future PKG instructions will use the bleeding edge.