diff --git a/Fockerfile b/Fockerfile index 3389c8d..aa1493e 100644 --- a/Fockerfile +++ b/Fockerfile @@ -9,3 +9,5 @@ steps: - copy: - [ '/tmp/x', '/etc/x' ] - [ 'focker-compose.yml', '/etc/focker-compose.yml' ] + - run: | + pkg install py37-certbot diff --git a/image.py b/image.py index fc29027..174872d 100644 --- a/image.py +++ b/image.py @@ -47,11 +47,11 @@ def build(spec, args): name = root + '/' + st_sha256[:pre] if not zfs_exists(name): break - snap_name = new_snapshot(base, lambda: st.execute(zfs_mountpoint(name), args=args), name) feed = { 'focker:sha256': st_sha256 } - zfs_set_props(name, feed) + snap_name = new_snapshot(base, lambda: st.execute(zfs_mountpoint(name), args=args) and zfs_set_props(name, feed), name) + # zfs_set_props(name, feed) # zfs_set_props(snap_name, feed) base = snap_name base_sha256 = st_sha256 diff --git a/jail.py b/jail.py index d612bbc..5be9d60 100644 --- a/jail.py +++ b/jail.py @@ -7,8 +7,12 @@ import shutil def jail_run(path, command): command = ['jail', '-c', 'host.hostname=' + os.path.split(path)[1], 'mount.devfs=1', 'interface=lo1', 'ip4.addr=127.0.1.0', 'path=' + path, 'command', '/bin/sh', '-c', command] print('Running:', ' '.join(command)) - res = subprocess.run(command) + try: + res = subprocess.run(command) + finally: + subprocess.run(['umount', os.path.join(path, 'dev')]) if res.returncode != 0: + subprocess.run(['umount', os.path.join(path, 'dev')]) raise RuntimeError('Command failed') diff --git a/snapshot.py b/snapshot.py index 72bb32b..94856ca 100644 --- a/snapshot.py +++ b/snapshot.py @@ -11,10 +11,10 @@ def new_snapshot(base, fun, name): zfs_run(['zfs', 'clone', base, name]) try: fun() + zfs_run(['zfs', 'set', 'readonly=on', name]) + snap_name = name + '@1' + zfs_run(['zfs', 'snapshot', snap_name]) except: - zfs_run(['zfs', 'destroy', name]) + zfs_run(['zfs', 'destroy', '-f', name]) raise - zfs_run(['zfs', 'set', 'readonly=on', name]) - snap_name = name + '@1' - zfs_run(['zfs', 'snapshot', snap_name]) return snap_name