An experiment to see if we can minimize the PatOS project even further, and not have to adapt NixOS packages and config for our needs.
This commit is contained in:
parent
4702e0dddb
commit
b784c94d42
SSH key fingerprint:
SHA256:dQy1Xj3UiqJYpKR5ggQ2bxgz4jCH8IF+k3AB8o0kmdI
29 changed files with 2947 additions and 1201 deletions
utils
|
|
@ -1,50 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
pkgs.writeShellApplication {
|
||||
name = "qemu-uefi-tpm";
|
||||
|
||||
runtimeInputs = with pkgs; [
|
||||
qemu
|
||||
swtpm
|
||||
];
|
||||
|
||||
text =
|
||||
let
|
||||
tpmOVMF = pkgs.OVMF.override { tpmSupport = true; };
|
||||
in
|
||||
''
|
||||
set -ex
|
||||
state="/tmp/patos-qemu-$USER"
|
||||
rm -rf "$state"
|
||||
mkdir -m 700 "$state"
|
||||
qemu-img create -f qcow2 -F raw -b "$(readlink -e "$1")" "$state/disk.qcow2" 10G
|
||||
|
||||
swtpm socket -d --tpmstate dir="$state" \
|
||||
--ctrl type=unixio,path="$state/swtpm-sock" \
|
||||
--tpm2 \
|
||||
--log level=20
|
||||
|
||||
qemu-system-x86_64 \
|
||||
-enable-kvm \
|
||||
-machine q35,accel=kvm \
|
||||
-cpu host \
|
||||
-smp 8 \
|
||||
-m 4G \
|
||||
-display none \
|
||||
-virtfs "local,path=/tmp,security_model=mapped,mount_tag=shared" \
|
||||
-chardev "stdio,id=char0,mux=on,logfile=$state/console.log,signal=off" \
|
||||
-serial chardev:char0 \
|
||||
-mon chardev=char0 \
|
||||
-drive "if=pflash,format=raw,unit=0,readonly=on,file=${tpmOVMF.firmware}" \
|
||||
-drive "if=pflash,format=raw,unit=1,readonly=on,file=${tpmOVMF.variables}" \
|
||||
-chardev socket,id=chrtpm,path="$state/swtpm-sock" \
|
||||
-tpmdev emulator,id=tpm0,chardev=chrtpm \
|
||||
-device tpm-tis,tpmdev=tpm0 \
|
||||
-netdev id=net00,type=user,hostfwd=tcp::2222-:22 \
|
||||
-device virtio-net-pci,netdev=net00 \
|
||||
-drive "format=qcow2,file=$state/disk.qcow2"
|
||||
'';
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue