exec.prebuild: - focker volume remove --force gateway-cookiecutter exec.postbuild: - python3 getmetadata.py - | focker jail oneshot -m `pwd`/files:/cookiecutter/input/meta \ `pwd`/nginx-http/files:/cookiecutter/input/nginx-http \ `pwd`/nginx-https/files:/cookiecutter/input/nginx-https \ gateway-cookiecutter:/cookiecutter/output \ -- \ gateway-cookiecutter \ /cookiecutter/scripts/run.sh volumes: certbot-data: chown: 65534:65534 chmod: 0750 zfs: quota: 1G certbot-webroot: chown: 65534:80 chmod: 0750 zfs: quota: 1G gateway-cookiecutter: chmod: 0750 zfs: quota: 1G images: gateway-cookiecutter: ./gateway-cookiecutter nginx-http: ./nginx-http nginx-https: ./nginx-https certbot: ./certbot jails: nginx-http: image: nginx-http mounts: certbot-webroot: /certbot/webroot gateway-cookiecutter: /cookiecutter ip4.addr: 127.0.12.1 exec.start: | cp -v /cookiecutter/nginx-http/nginx.conf \ /usr/local/etc/nginx/nginx.conf && \ /bin/sh /etc/rc certbot: image: certbot depend: nginx-http mounts: certbot-data: /usr/local/etc/letsencrypt certbot-webroot: /certbot/webroot gateway-cookiecutter: /cookiecutter exec.start: | cp -v /cookiecutter/meta/cookiecutter.json \ /certbot/data/metadata.json && \ if [ ! -f /certbot/data/.ready ]; then rm -vf /usr/local/etc/letsencrypt/.ready && \ /usr/local/bin/python3 /certbot/scripts/certbot.py && \ touch /usr/local/etc/letsencrypt/.ready && \ touch /certbot/data/.ready; fi && \ /bin/sh /etc/rc ip4.addr: 127.0.13.1 nginx-https: image: nginx-https depend: - certbot - nginx-http mounts: certbot-data: /usr/local/etc/letsencrypt gateway-cookiecutter: /cookiecutter exec.start: | cp -v /cookiecutter/nginx-https/nginx.conf \ /usr/local/etc/nginx/nginx.conf && \ (( until [ -f /usr/local/etc/letsencrypt/.ready ]; do sleep 1; done && \ /bin/sh /etc/rc) &) ip4.addr: 127.0.14.1