-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathipfs_execute.sh
More file actions
executable file
·56 lines (47 loc) · 937 Bytes
/
ipfs_execute.sh
File metadata and controls
executable file
·56 lines (47 loc) · 937 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/bin/sh
set -e
function rm_very_force {
rm -rf "$1" 2> /dev/null || $(chmod -R u+w "$1" && rm -rf "$1")
}
function cleanup {
# cleanup
fusermount -u input || true
rm_very_force rootfs
rm_very_force input
rm_very_force tmp
rm_very_force output
}
trap cleanup EXIT
# parse args
rootfs="$1"
input="$2"
shift 2
# get and unpack root fs
mkdir rootfs
ipfs cat -- "$rootfs" | tar -xz -C rootfs --warning=no-timestamp
# make required dirs
mkdir input
mkdir tmp
mkdir output
# mount input
ipfs-api-mount --background $(ipfs resolve -r -- "$input") input
# run task in bubblewrap
set +e
env -i `which bwrap` \
--unshare-all \
--as-pid-1 \
--uid 0 \
--gid 0 \
--die-with-parent \
--hostname sandbox \
--bind rootfs / \
--ro-bind input /input \
--bind output /output \
--bind tmp /tmp \
--proc /proc \
--dev /dev \
--remount-ro / \
/sbin/init $@ 1>&2
set -e
# push result to ipfs
ipfs add -r -Q --pin=false -- output