chore: add dbus-broker

2025-02-20 10:40:53 +01:00 · 2025-02-20 10:40:53 +01:00 · 0dfda7560f
commit 0dfda7560f
parent 0f7958b596
5 changed files with 401 additions and 153 deletions
--- a/utils/qemu-uefi-tpm.nix
+++ b/utils/qemu-uefi-tpm.nix
@ -0,0 +1,50 @@
+{
+  pkgs,
+  ...
+}:
+pkgs.writeShellApplication {
+  name = "qemu-uefi-tpm";
+
+  runtimeInputs = with pkgs; [
+    qemu
+    swtpm
+  ];
+
+  text =
+    let
+      tpmOVMF = pkgs.OVMF.override { tpmSupport = true; };
+    in
+    ''
+      set -ex
+      state="/tmp/patos-qemu-$USER"
+      rm -rf "$state"
+      mkdir -m 700 "$state"
+      truncate -s 1G "$state/disk.raw"
+
+      swtpm socket -d --tpmstate dir="$state" \
+        --ctrl type=unixio,path="$state/swtpm-sock" \
+        --tpm2 \
+        --log level=20
+
+      qemu-system-x86_64 \
+        -enable-kvm \
+        -machine q35,accel=kvm \
+        -cpu host \
+        -smp 8 \
+        -m 4G \
+        -display none \
+        -nographic \
+        -chardev "stdio,id=char0,mux=on,logfile=$state/console.log,signal=off" \
+        -serial chardev:char0 \
+        -mon chardev=char0 \
+        -drive "if=pflash,format=raw,unit=0,readonly=on,file=${tpmOVMF.firmware}" \
+        -drive "if=pflash,format=raw,unit=1,readonly=on,file=${tpmOVMF.variables}" \
+        -chardev socket,id=chrtpm,path="$state/swtpm-sock" \
+        -tpmdev emulator,id=tpm0,chardev=chrtpm \
+        -device tpm-tis,tpmdev=tpm0 \
+        -netdev id=net00,type=user,hostfwd=tcp::2222-:22 \
+        -device virtio-net-pci,netdev=net00 \
+        -drive "file=fat:rw:patos/,format=raw" \
+        -drive "format=raw,file=$state/disk.raw"
+    '';
+}